ssl.get_server_certificate(addr, ssl_version=PROTOCOL_SSLv23, ca_certs=None)
Given the address addr
of an SSL-protected server, as a (hostname, port-number) pair, fetches the server’s certificate, and returns it as a PEM-encoded string. If ssl_version
is specified, uses that version of the SSL protocol to attempt to connect to the server. If ca_certs
is specified, it should be a file containing a list of root certificates, the same format as used for the same parameter in wrap_socket()
. The call will attempt to validate the server certificate against that set of root certificates, and will fail if the validation attempt fails.
Changed in version 3.3: This function is now IPv6-compatible.
Changed in version 3.5: The default ssl_version is changed from PROTOCOL_SSLv3
to PROTOCOL_SSLv23
for maximum compatibility with modern servers.
Please login to continue.