Skip to content
Create a gist now

Instantly share code, notes, and snippets.

urllib2 HTTPS connection with proxy and cert verification
import httplib
import urllib2
import ssl
import certifi
from backports.ssl_match_hostname import match_hostname
class CertValidatingHTTPSConnection(httplib.HTTPConnection):
default_port = httplib.HTTPS_PORT
def __init__(self, host, port=None, key_file=None, cert_file=None,
ca_certs=None, strict=None, **kwargs):
httplib.HTTPConnection.__init__(self, host, port, strict, **kwargs)
self.key_file = key_file
self.cert_file = cert_file
self.ca_certs = ca_certs
if self.ca_certs:
self.cert_reqs = ssl.CERT_REQUIRED
self.cert_reqs = ssl.CERT_NONE
def connect(self):
self.sock = ssl.wrap_socket(self.sock, keyfile=self.key_file,
if self.cert_reqs & ssl.CERT_REQUIRED:
cert = self.sock.getpeercert()
hostname =':', 0)[0]
match_hostname(cert, hostname)
class VerifiedHTTPSHandler(urllib2.HTTPSHandler):
def __init__(self, **kwargs):
self._connection_args = kwargs
def https_open(self, req):
def http_class_wrapper(host, **kwargs):
full_kwargs = dict(self._connection_args)
return CertValidatingHTTPSConnection(host, **full_kwargs)
return self.do_open(http_class_wrapper, req)
if __name__ == "__main__":
handler = VerifiedHTTPSHandler(ca_certs=certifi.where())
# assuming proxy settings are in environment or set them with:
# urllib2.ProxyHandler({'http_proxy': 'http://', 'https_proxy' = 'http://'})
opener = urllib2.build_opener(handler, urllib2.ProxyHandler())'').read()'').read()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.