概述
这是相关的代码:
file = open("list.txt","r") for x in file: server = socket.getaddrinfo(x.rstrip(),"443")[0][4][0] sslsocket = socket.socket() sslsocket.connect((server,443)) sslsocket = ssl.wrap_socket(sslsocket,cert_reqs=ssl.CERT_required,ca_certs="cacerts.txt") certificate = sslsocket.getpeercert()`
import ssl ssl.get_server_certificate(("www.sefaz.ce.gov.br",443))
我认为函数doc字符串比python doc site更清晰:
"""Retrieve the certificate from the server at the specified address,and return it as a PEM-encoded string. If 'ca_certs' is specified,validate the server cert against it. If 'ssl_version' is specified,use it in the connection attempt."""
因此,您可以从二进制DER证书中提取通用名称,以搜索通用名称对象标识符:
def get_commonname(host,port=443): oid='\x06\x03U\x04\x03' # Object Identifier 2.5.4.3 (COMMON NAME) pem=ssl.get_server_certificate((host,port)) der=ssl.PEM_cert_to_DER_cert(pem) i=der.find(oid) # find first common name (certificate authority) if i!=-1: i=der.find(oid,i+1) # skip and find second common name if i!=-1: begin=i+len(oid)+2 end=begin+ord(der[begin-1]) return der[begin:end] return None
总结
以上是编程之家为你收集整理的在Python中禁用SSL证书验证全部内容,希望文章能够帮你解决在Python中禁用SSL证书验证所遇到的程序开发问题。
如果您也喜欢它,动动您的小指点个赞吧