Python Stand-alone Library to Download SSL Certificate for Any Host™
Project description
Cert Hero
Python Stand-alone Library to Download SSL Certificate for Any Host™
Free software: MIT license
Documentation: https://cert-hero.readthedocs.io.
Rationale
The builtin Python module ssl can be used to retrieve a certificate from a server via getpeercert, but it’ll work only if the certificate of interest can be successfully verified (source).
If, for any reason, verification fails, like, for example, with expired or a self-signed certificate, we’ll get ssl.SSLCertVerificationError instead of the requested info.
We can work around this by asking for the certificate in the binary form:
getpeercert(binary_form=True)
But now we have to convert it, and thus we can use a third party asn1crypto module, instead of the (bulkier) cryptography module.
Usage
Retrieve the certificate for host google.com:
import json
import cert_hero
cert = cert_hero.cert_please('google.com')
print('Cert is Valid Till:', cert.not_after_date.isoformat())
print(f'Cert Details:', json.dumps(cert, indent=2), sep='\n')Output (Sample):
Cert is Valid Till: 2023-10-28
Cert Details:
{
"Serial": "753DD6FF20CB1B4510CB4C1EA27DA2EB",
"Subject Name": {
"Common Name": "*.google.com"
},
"Issuer Name": {
"Country": "US",
"State/Province": "California",
"Organization": "Zscaler Inc.",
"Organization Unit": "Zscaler Inc.",
"Common Name": "Zscaler Intermediate Root CA (zscalerthree.net) (t) "
},
"Validity": {
"Not After": "2023-10-28",
"Not Before": "2023-10-14"
},
"Wildcard": true,
"Signature Algorithm": "SHA256WITHRSA",
"Key Algorithm": "RSA-2048",
"Subject Alt Names": [
"*.google.com",
"*.appengine.google.com",
"youtu.be",
"*.youtube.com",
...
],
"Location": "https://www.google.com/",
"Status": 301
}Usage as a CLI
After the installation step you can use cert-hero just typing ch in your terminal window.
The ch command allows you to retrieve the SSL certificate(s) for one or more given host.
For example:
ch google.com cnn.com
You can get help about the main command using:
ch --help
Credits
This package was created with Cookiecutter and the rnag/cookiecutter-pypackage project template.
History
0.1.0 (2023-10-16)
First release on PyPI.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file cert-hero-0.1.0.tar.gz.
File metadata
- Download URL: cert-hero-0.1.0.tar.gz
- Upload date:
- Size: 14.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | c2ff79882e397da411a857dc64099e82eca47cd0b4c108d12b864d41cc388b90 |
|
| MD5 | 65efc816d387715b4f2cf4134c7fd205 |
|
| BLAKE2b-256 | 94a65c26511c4efc4b4dbedc828a6fc59b30a44b39417ceecfc0a7c93642f269 |
File details
Details for the file cert_hero-0.1.0-py2.py3-none-any.whl.
File metadata
- Download URL: cert_hero-0.1.0-py2.py3-none-any.whl
- Upload date:
- Size: 9.6 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 295884000f27b13c64ebd2be18490656a70d0e5054a971cebac838a0a178684b |
|
| MD5 | f73dab706dc45ec1d5d7daa6e01c2a1a |
|
| BLAKE2b-256 | a39da93543e018e676fabe705394fae60c77f0e7d00bd3b290ef3bce33d9c1e8 |
