如何在python中获取证书颁发者信息？ [英] How can i get Certificate issuer information in python?

问题描述

我希望python证书中的签发信息。我尝试使用SSL和SSLSocket库，但没有发生。

I want the 'issued to' information from certificate in python. I try to use the SSL and SSLSocket library but did not happen.

推荐答案

更新后的答案

如果可以建立到远程服务器的连接，则可以使用 ssl 标准库模块：

If you can establish a connection to the remote server you can use the ssl standard library module:

import ssl, socket

hostname = 'google.com'
ctx = ssl.create_default_context()
with ctx.wrap_socket(socket.socket(), server_hostname=hostname) as s:
    s.connect((hostname, 443))
    cert = s.getpeercert()

subject = dict(x[0] for x in cert['subject'])
issued_to = subject['commonName']
issuer = dict(x[0] for x in cert['issuer'])
issued_by = issuer['commonName']

>>> issued_to
u'*.google.com'
>>> issued_by
u'Google Internet Authority G2'

原始答案

使用 pyOpenSSL 。

from OpenSSL import crypto

cert_file = '/path/to/your/certificate'
cert = crypto.load_certificate(crypto.FILETYPE_PEM, open(cert_file).read())
subject = cert.get_subject()
issued_to = subject.CN    # the Common Name field
issuer = cert.get_issuer()
issued_by = issuer.CN

您还可以访问其他组件，例如组织（ subject.O / issuer.O ），组织单位（ subject.OU / issuer.OU ）。

You can also access additional components, e.g. organisation (subject.O/issuer.O), organisational unit (subject.OU/issuer.OU).

您的证书文件可能采用其他格式，因此您可以尝试使用 crypto.FILETYPE_ASN1 代替 crypto.FILETYPE_PEM 。

Your certificate file might be in another format, so you could try crypto.FILETYPE_ASN1 instead of crypto.FILETYPE_PEM.

这篇关于如何在python中获取证书颁发者信息？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！