gistfile1.txt

from socket import socket
from OpenSSL import SSL


def callback(conn, cert, errno, depth, result):
    if depth == 0 and (errno == 9 or errno == 10):
        return False  # or raise Exception("Certificate not yet valid or expired")
    return True


def main():
    host_name = "secured1.sni1.altcdn.com"

    context = SSL.Context(SSL.TLSv1_METHOD)
    context.set_options(SSL.OP_NO_SSLv2)
    context.set_verify(SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT,
                       callback)

    sock = socket()
    ssl_sock = SSL.Connection(context, sock)
    ssl_sock.connect((host_name, 443))
    ssl_sock.do_handshake()

    cert = ssl_sock.get_peer_certificate()
    common_name = cert.get_subject().commonName.decode()
    print("Common Name: ", common_name)
    print("Cert number: ", cert.get_serial_number())
    print("Peer subject: ", ssl_sock.get_peer_certificate().get_subject())

    print("")
    print("Peer cert chain 'subjects'")
    for peer in ssl_sock.get_peer_cert_chain():
        print(peer.get_subject())
    # print("Peer cert chain: ", [i.get_issuer() for i in ssl_sock.get_peer_cert_chain()])
    # print("cipher list: ", ssl_sock.get_cipher_list())



if __name__ == "__main__":
    main()