def check_certificate(self, domain):
"""
Download and get information from the TLS certificate
"""
pem = ssl.get_server_certificate((domain, 443))
if self.output:
with open(os.path.join(self.output, 'cert.pem'), 'wb') as f:
f.write(pem)
cert = x509.load_pem_x509_certificate(str(pem), default_backend())
self.log.critical("\tCertificate:")
self.log.critical("\t\tDomain: %s", ",".join(map(lambda x: x.value, cert.subject)))
self.log.critical("\t\tNot After: %s", str(cert.not_valid_after))
self.log.critical("\t\tNot Before: %s", str(cert.not_valid_before))
self.log.critical("\t\tCA Issuer: %s", ", ".join(map(lambda x:x.value, cert.issuer)))
self.log.critical("\t\tSerial: %s", cert.serial_number)
for ext in cert.extensions:
if ext.oid._name == 'basicConstraints':
if ext.value.ca:
self.log.critical("\t\tBasic Constraints: True")
elif ext.oid._name == 'subjectAltName':
self.log.critical("\t\tAlternate names: %s", ", ".join(ext.value.get_values_for_type(x509.DNSName)))
评论列表
文章目录
