Obtaining SSL certificate info from SSL object - BUG?

John Nagle nagle at animats.com
Wed Oct 25 06:30:28 CEST 2006

Paul Rubin wrote:
> John Nagle <nagle at animats.com> writes:
>>The reason this now matters is that new "high assurance" certs,
>>the ones that tell you how much a site can be trusted, are now being
> Oh my, I hadn't heard about this.  They come up with new scams all the
> time.  I guess I'll check for info.  It sounds sort of like the terror
> alert system, which tells us how scared to be on any particular day ;-)

Anyway, I've submitted it as a Python bug report:

     [1583946] SSL "issuer" and "server" functions problems - security

And for the record, here's a workaround: do a split with this
regular expression:

pparsecertstringre = re.compile(

You'll get lists of the form

	['', key1, value1, key2, value2 ...]

This isn't totally unspoofable, and won't work for Unicode certs,
but it works for the few dozen common certs I've run through it.

				John Nagle

More information about the Python-list mailing list