I have code to walk through my wincertstore and find a certificate by name and/or thumbprint.
if os.name == 'nt':
for storename in ["MY"]: # "ROOT", "CA",
with wincertstore.CertSystemStore(storename) as store:
for cert in store.itercerts(usage=wincertstore.CLIENT_AUTH):
print(cert.get_name())
print(cert.cert_type)
print(cert.enhanced_keyusage_names())
# pem = cert.get_pem()
# encodedDer = ''.join(pem.split("\n")[1:-2])
# cert_bytes = base64.b64decode(encodedDer)
cert_pem = ssl.DER_cert_to_PEM_cert(cert.get_encoded())
cert_details = x509.load_pem_x509_certificate(
cert_pem.encode('utf-8'), default_backend()
)
serial_number = hex(cert_details.serial_number).replace("0x", "")
cert_details.fingerprint
if cert.get_name().lower() == find_name.lower():
pem_data = cert.get_pem()
break
if pem_data:
f = open('./mycert.pem', 'w')
f.write(pem_data)
f.close()
del f
import requests
resp = requests.get(<some url>, cert='./mycert.pem')
This gives an SSL Error:
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='*****.e***.com', port=443): Max retries exceeded with url: /gis/sharing/rest/portals/self/servers?f=json (Caused by SSLError(SSLError(9, '[SSL] PEM lib (_ssl.c:3932)')))
So what else do I need to pull from the window's certificate store to pass the client certificate?
from Use openssl, requests and wincertstore to Get Client Certificates
No comments:
Post a Comment