Get SSL details thorugh portalpy

1454
11
Jump to solution
12-14-2016 08:16 AM
ADITYAKUMAR1
Occasional Contributor II

Hi team,

  I am working on portal.py. I am trying to get the details of SSL certficates which the portal is using. 

 I have tried with some code but nothing is working. Any suggestion on this will be helpful.

import sys
sys.path.append('..')  
import portalpy    
import csv  
import ssl, socket 
portalUrl           = "https://xxx-xxx.xx.xx.com:7443/arcgis"
portalAdminUser     = "xxxx"
portalAdminPassword = "xxxx"       
portal = portalpy.Portal(portalUrl, portalAdminUser,portalAdminPassword)    
users = portal.search_users('(role:account_admin OR role:account_publisher  OR role:account_user)')  
activeUser = portal.logged_in_user()     
print activeUser['email']    
ctx = ssl.create_default_context()     
s = ctx.wrap_socket(socket.socket(),server_hostname='http://xxx-xxx.xxxx.com/arcgis/home/')    
s.connect((portal, 443))    
cert = s.getpeercert()     
print cert


Thanks

Aditya Kumar

Tags (2)
0 Kudos
1 Solution

Accepted Solutions
RebeccaStrauch__GISP
MVP Esteemed Contributor

Joshua,

I was able to run this in the Pro python window, but had to add ( ) around the print string.  Based on things I've read on one of Dan's /blogs/dan_patterson/2016/05/09/the-links?sr=search&searchId=a1012d53-da1f-4df7-b109-573165a00e62&se...‌ blogs, that is a requirement for the 3.x python flavors.

So, yours is the correct answer, but here it is with the change

import ssl, socket
hostname = 'geonet.esri.com'

ctx = ssl.create_default_context()
s = ctx.wrap_socket(socket.socket(), server_hostname=hostname)
s.connect((hostname, 443))
cert = s.getpeercert()

props = []
props.append(('Valid from', cert['notBefore']))
props.append(('Valid to', cert['notAfter']))
props.append(('Serial number', cert['serialNumber']))

for name,value in props:
     print ("{:<20}{}".format(name, value))

I was able to successfully run this against my own hostname.  thanks.

View solution in original post

11 Replies
RebeccaStrauch__GISP
MVP Esteemed Contributor

I edited your post and formatted the python code to help others to debug.

For future reference, so format your code, in the toolbar for the post/comment,

  • click on the   ... 
  • Select MORE
  • Select Syntax Highlighter
  • Select your programming language
  • post your code.
JoshuaBixby
MVP Esteemed Contributor

Does the following from StackOverflow work:  How can i get Certificate issuer information in python?

import ssl, socket

hostname = 'xxx-xxx.xxxx.com'
ctx = ssl.create_default_context()
s = ctx.wrap_socket(socket.socket(), server_hostname=hostname)
s.connect((hostname, 443))
cert = s.getpeercert()

subject = dict(x[0] for x in cert['subject'])
issued_to = subject['commonName']
issuer = dict(x[0] for x in cert['issuer'])
issued_by = issuer['commonName']
ADITYAKUMAR1
Occasional Contributor II

It failed to connect. Tried the same.

0 Kudos
RebeccaStrauch__GISP
MVP Esteemed Contributor

I tried that and got an error from line 4

import ssl, socket

hostname = 'mySite'
ctx = ssl.create_default_context()

Traceback (most recent call last):
  Python Shell, prompt 6, line 4
AttributeError: 'module' object has no attribute 'create_default_context'

0 Kudos
RandyBurton
MVP Regular Contributor

I used  hostname = 'google.com' in line 3 of bixb0012‌'s code, added a couple of print statements and had no issues obtaining google's info.

I would suggest just using your base domain "xx.com" (from your sample code - with no "https://xxx.x....") for the host in line 3 of Joshua's code.  You may need to use port 7443 instead of 443 in line 6.

ADITYAKUMAR1
Occasional Contributor II

Thanks a lot Randy Butron and Joshua. It really helped and its working.

0 Kudos
RebeccaStrauch__GISP
MVP Esteemed Contributor

For my machine, it must be another issue.  For me, even after importing the ssl, it doesn't find

ssl.create_default_context

and never gets to the next line.  Using Wing Pro 5.1.12-1 python shell and ArcCatalog python window. Somehow I must be getting an incorrect version of ssl ??  the ssl comes up in the intellisense (i.e. other ssl attributes work), but not the create_default_context.  Not critical for my work right now so I won't spend a lot of time figuring it out on my system, but it does sound like a nice tool.

0 Kudos
RandyBurton
MVP Regular Contributor

From github, ssl.create_default_context was added in 2.7.9.  I also received the same error as you when using Python 2.7.5.

ADITYAKUMAR1
Occasional Contributor II

I was able to get al the details. But I am not able to segregate the details. Like expiry date,issued date,serial number.

Any idea?

0 Kudos