1.使用python自带的ssl库来获取证书Common Name
由于自带的ssl库功能比较弱,如果指定ca证书时,在获取对应的证书数据时,一般会返回空,因此需要先准备好ca证书,可以使用http://curl.haxx.se/docs/caextract.html上面的
cacert.pem
使用以下脚本来获取CommanName
import socket
import ssl
ip='65.55.85.12'
s = socket.socket()
s.settimeout(10)
c = ssl.wrap_socket(s, cert_reqs=ssl.CERT_REQUIRED, ca_certs='cacert.pem')
c.settimeout(10)
print( "try connect to %s" % (ip))
c.connect((ip, 443))
cert = c.getpeercert()
print cert
如果可以正常连接,结果应该类似下面的结果
try connect to 65.55.85.12
{'notAfter': 'May 22 23:59:59 2015 GMT', 'subjectAltName': (('DNS', 'mail.live.com'), ('DNS', 'm.mail.live.com'), ('DNS', 'contacts.live.com'), ('DNS', 'hotmail.co.jp'), ('DNS', 'hotmail.co.uk'), ('DNS', 'hotmail.com'), ('DNS', 'hotmail.live.com'), ('DNS', 'hotmail.msn.com'), ('DNS', 'people.live.com'), ('DNS', 'www.hotmail.com'), ('DNS', 'www.hotmail.msn.com'), ('DNS', 'www.mail.live.com'), ('DNS', 'home.live.com'), ('DNS', 'www.live.com'), ('DNS', 'dvt.mail.live.com'), ('DNS', 'snt002.afx.ms'), ('DNS', 'snt002.mail.live.com'), ('DNS', 'snt110.afx.ms'), ('DNS', 'snt110.mail.live.com'), ('DNS', 'snt111.afx.ms'), ('DNS', 'snt111.mail.live.com'), ('DNS'