[Cryptography-dev] Download and save certificate chain as single file
Paul Kehrer
paul.l.kehrer at gmail.com
Wed Mar 22 07:11:28 EDT 2023
You can loop over the certs you get and serialize them to a single
file. Either via converting it to a cryptography object (there's a
method on the X509 object for that) and calling public_bytes() (see
https://cryptography.io/en/latest/x509/reference/#cryptography.x509.Certificate.public_bytes)
or the serialize functions in pyOpenSSL itself (see
https://www.pyopenssl.org/en/latest/api/crypto.html#serialization-and-deserialization).
-Paul (reaperhulk)
On Wed, Mar 22, 2023 at 7:07 PM Mikael Stålhammar
<mikael_stalhammar at hotmail.com> wrote:
>
> Hi. In a web browser it is possible to export a certificate chain as a single (pem/crt) file on disk. I wonder if the same is possible using Python and pyOpenSSL? I've played around with the connection.get_peer_cert_chain() method, which returns a list of X509 objects. Not sure how to process those properly and have them saved as a cert chain in a single valid cert file, that later can be passed in as a "verify" param when calling "requests.post(url, verify=<cert file>...)". Does anyone know and can share a code snippet? Thanks!
>
> /Mikael
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
More information about the Cryptography-dev
mailing list