473,390 Members | 1,301 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,390 software developers and data experts.

Verify server certificate in HTTPS transaction

Hi,
I'm fetching some files over HTTPS from Python and I want to verify the
server certificate. (Not just the name etc provided in certificate.)

How can I get access to this information?

urllib2 doesn't seem to provide it. Even a raw SSL socket only appears
to provide access to the CN, OU etc in string form (not the raw
certificate).

I tried pycurl, which allows you to setopt(pycurl.SSL_VERIFYPEER) and
VERIFYHOST, but the getinfo(pycurl.SSL_VERIFYRESULT) call always returns
0. Perhaps it's unimplememented?

I couldn't get the M2Crypto API documentation to generate; perhaps it
allows it.

TLS Lite on to of M2Crypto? Something else again?
Thanks
Hamish
Jun 7 '07 #1
1 2859
I struggled with that months ago. The SSL library that ships with
Python is primitive, but M2Crypto can do that. M2Crypto will actually
verify the certificate chain. The documentation is weak, it's hard
to build, and there are bugs, but it's the best Python has right now.

John Nagle

Hamish Moffatt wrote:
Hi,
I'm fetching some files over HTTPS from Python and I want to verify the
server certificate. (Not just the name etc provided in certificate.)

How can I get access to this information?

urllib2 doesn't seem to provide it. Even a raw SSL socket only appears
to provide access to the CN, OU etc in string form (not the raw
certificate).

I tried pycurl, which allows you to setopt(pycurl.SSL_VERIFYPEER) and
VERIFYHOST, but the getinfo(pycurl.SSL_VERIFYRESULT) call always returns
0. Perhaps it's unimplememented?

I couldn't get the M2Crypto API documentation to generate; perhaps it
allows it.

TLS Lite on to of M2Crypto? Something else again?
Thanks
Hamish
Jun 8 '07 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: John Hanauer | last post by:
I'm getting my own SSL certificate soon because it is the right thing to do, but until then I have this shopping cart on an ISP that gives me free shared SSL. The cart breaks in HTTPS because of...
1
by: Leonard Danao | last post by:
I get this error when i run my code below "An unhandled exception of type 'System.Net.WebException' occurred in system.dll Additional information: The remote server returned an error: (401)...
4
by: Christopher D. Wiederspan | last post by:
I've got a simple problem. Currently, I have a .Config setting called SupportsSSL that I use within an ASP.NET web application to determine whether I redirect to an HTTP or HTTPS connection (for...
2
by: Mike Malter | last post by:
I am having problems using https when calling a page on my local machine. I am running XP professional. All I get is a general error page telling me there are problems with my page. I have...
6
by: JIM.H. | last post by:
Hello, I am trying to create a certificate for our internet for our employees so that they can login to system from home. Do I have to go, for example, VeriSign to get a certificate? Can I create...
8
by: Daniel Crespo | last post by:
Hello everybody, I'm trying to implement a secure xmlrpc server with basis on http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/496786 recipe. The thing that I'm concerned about is how can...
7
by: pthomet | last post by:
Another formulation of the message tittle could be : is it really "safe" (in the business sense) to embed a SSL webservice consumer into any given software, given that any time a proxy server will...
5
by: jitsu | last post by:
Hi all, I have a problem. I need to connect to Web Server, send a xml string (query) to it and receive another xml string (result). I have the location of the Web Server like:...
1
by: tmaple | last post by:
I hope someone can help. I am running IIS 6.0 with PHP 5 installed and Active Fox Pages. I am trying to run SSL but cannot view the pages. I created and installed the certificate and that went...
0
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
0
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
0
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
0
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
1
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
0
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
0
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
0
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
0
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.