Skip to content

Instantly share code, notes, and snippets.

@p3t3r67x0
Last active June 2, 2021 08:08
Show Gist options
  • Save p3t3r67x0/c752466f085a651ee641f27af6b3c800 to your computer and use it in GitHub Desktop.
Save p3t3r67x0/c752466f085a651ee641f27af6b3c800 to your computer and use it in GitHub Desktop.
Simple script to extract the server cert of a given domain
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import ssl
import OpenSSL
cert = ssl.get_server_certificate(('google.de', 443))
x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
print 'Expired: {}'.format(x509.has_expired())
print 'Signature Algorithm: {}\n'.format(x509.get_signature_algorithm())
for item in x509.get_subject().get_components():
print 'Subject {}: {}'.format(item[0], item[1])
print 'Subject Hash: {}\n'.format(x509.get_subject().hash())
for item in x509.get_issuer().get_components():
print 'Issuer {}: {}'.format(item[0], item[1])
print 'Issuer Hash: {}\n'.format(x509.get_issuer().hash())
for i in xrange(x509.get_extension_count()):
print 'Extension {}: {}'.format(x509.get_extension(i).get_short_name(), x509.get_extension(i).__str__())
print '\nPublic Key Bits: {}'.format(x509.get_pubkey().bits())
print 'Public Key Type: {}'.format(x509.get_pubkey().type())
print 'Public Key only public: {}'.format(x509.get_pubkey()._only_public)
print 'Public Key initialized: {}'.format(x509.get_pubkey()._initialized)
aa = x509.get_serial_number()
bb = hex(aa).rstrip('L').lstrip('0x')
print 'Serial Number: {}'.format(x509.get_serial_number())
print 'Serial Number Hex: {}'.format(':'.join(s.encode('hex').upper() for s in bb.decode('hex')))
print 'Serial Number Length: {}\n'.format(x509.get_serial_number().bit_length())
print 'MD5: {}'.format(x509.digest('md5'))
print 'SHA1: {}'.format(x509.digest('sha1'))
print 'SHA224: {}'.format(x509.digest('sha224'))
print 'SHA256: {}'.format(x509.digest('sha256'))
print 'SHA384: {}'.format(x509.digest('sha384'))
print 'SHA512: {}\n'.format(x509.digest('sha512'))
print 'Valid from: {}'.format(x509.get_notBefore())
print 'Valid until: {}'.format(x509.get_notAfter())
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment