top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

How do I real a SSL certs serial number using Python?

+1 vote
637 views

I am writing a simple tool that needs to read the serial number of a remote SSL certificate. I've poked around Google for a bit but can't find anything that fits the bill.

Is this possible in Python? If so, would someone point me in the general direction of how to do it?

posted Sep 3, 2015 by anonymous

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote
answer Sep 3, 2015 by Satish Mishra
Similar Questions
0 votes

We need to migrate to new address. Some time we need to listen on 2 domains. Is there any way to have two certs for the same service depending on the address?

Currently my SSL config is this:

SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
SSLVerifyClient="none"
SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_RC4_128_SHA"
useServerCipherSuitesOrder="true"
SSLCertificateFile="d:/apache-tomcat8/conf/cert/n/cert.cert"
SSLCertificateKeyFile="d:/apache-tomcat8/conf/cert/n/key.key"
SSLCACertificateFile="d:/apache-tomcat8/conf/cert/n/cacerts.pem"
SSLPassword="XXXX"
unpackWARs="true" autoDeploy="true"
directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b"

Thank you for any help

0 votes

how to manage the secured connection error in HTTPS?

+2 votes

I'm using multi ipaddress setup with virtual hosts to support different certificates.

For one of the hosts we currently don't have DNS pointing to the right IP so I edited my hosts file to point myextended.host.com at the relevant IP. This host has a GlobalSign extended cert. We want to check the setup before going live.

On windows I checked that all the popular browsers see my extended certificate and see green url bars ok.

On linux chromium shows green, but on one machine firefox shows untrusted and on another it shows green.

Is there a way to check the certificate setup from a linux box without having the correct dns in place? I normally use GlobalSign's test stuff, but that won't work without the right dns in place.

0 votes

I am trying to refresh our web site with the latest version of apache. As part of the refresh I want to enforce SSL access to the site. I've setup SSL and the site mostly works with basic authentication, but I have errors when trying to download/view video files from the web site.

I've tried several different clients and 80% of the time I get a window with a big square and if one clicks on the square it says "The specified movie could not be found". Sometime firefox on a Mac will actually play the movie but mostly not.

I can retrieve the movie using wget just fine.

In the error log a debug trace shows it making one request for the web page and the authentication for that suceeds, but then the second request for the video file is rejected because the credentials are not available! Is there an option which tells the client not to send the authentication information? or to clear when requesting?

AH01626: authorization result of Require group svsaccess: granted,
AH01626: authorization result of Require group svsaccess: denied (no authenticated user yet)

BTW, the site works as expected under non-SSL connections.

...