1

I want to fetch the certificate details of the webpage seen in chrome browser. Details such as:

  • Issued to
  • Issued by
  • Validity

enter image description here

I am unsure how to proceed further or where to look for the certificate. I tried to look for the same in network request but I suppose certificate details are not stored in network requests. I tried the below code:

from seleniumwire import webdriver
import pytest
from selenium.webdriver.chrome.options import Options
import time
import allure

class Test_main():

    @pytest.fixture()
    def test_setup(self):
        # initiating browser
        chrome_options = Options()
        chrome_options.binary_location=\
            r"C:\Users\libin.thomas\AppData\Local\Google\Chrome\Application\chrome.exe"
        chrome_options.add_argument('--start-maximized')
        chrome_options.add_argument('--headless')

        self.driver = webdriver.Chrome(executable_path=r"D:/Python/Sel_python/drivers/chromedriverv86/chromedriver.exe",options=chrome_options)
       

        # terminate script
        yield
        self.driver.close()
        self.driver.quit()
        print("Test completed")

    @allure.severity(allure.severity_level.BLOCKER)
    def testcase_01(self, test_setup):
        self.driver.get("https://lifesciences.cactusglobal.com/")
        title = self.driver.title
        print("Page title: "+title)

        #Capturing network requests
        for request in self.driver.requests:
            if request.response:
              print(
                  request.url,
                  request.response.status_code,
                  request.response.headers
              )

Is there anyway I can get details of SSL certificate using selenium or any Pypi package?

Libin Thomas
  • 829
  • 9
  • 18
  • Can you inspect SSL certificate windows ? – cruisepandey Jul 06 '21 at 05:39
  • @cruisepandey No, I can't do that in windows :( – Libin Thomas Jul 06 '21 at 05:41
  • 1
    so Selenium is ruled out. – cruisepandey Jul 06 '21 at 05:42
  • Argh! Is there any other way? Like using only python script, fetch the details, store it in an array and then print it out – Libin Thomas Jul 06 '21 at 05:45
  • *"... using selenium or any Pypi package"* - I'm not sure about your question. Do you want to specifically get the information shown by the browser or do you just want to get the information about the certificate. The latter is much easier, see [getpeercert](https://docs.python.org/3/library/ssl.html#ssl.SSLSocket.getpeercert) – Steffen Ullrich Jul 06 '21 at 05:45
  • I think you can't access the certificate info using selenium webdriver alone. It is not even possible via JS. Otherwise you can achieve it via execute_script(). Check https://stackoverflow.com/questions/2604399/is-there-a-way-to-get-ssl-certificate-details-using-javascript – Rohit Babu Jul 06 '21 at 05:55
  • This not possible in selenium, kindly use ssl standard library or Use pyOpenSSL to get the desired result. Ref: https://stackoverflow.com/a/30863209/5372079 – Abhishek Dhoundiyal Jul 06 '21 at 11:21
  • @SteffenUllrich Can you please show me an example how to use getpeercert in my case? – Libin Thomas Jul 06 '21 at 14:16
  • 1
    @LibinThomas: see https://pastebin.com/7BPyyMNE – Steffen Ullrich Jul 06 '21 at 14:28
  • @SteffenUllrich This solved my problem. Thanks a ton. How do I mark this post as answered? – Libin Thomas Jul 10 '21 at 13:12
  • 1
    @LibinThomas: since this approach helps I made a more elaborate real answer out of it which also points out some problems of this approach – Steffen Ullrich Jul 10 '21 at 13:33

1 Answers1

2

It is probably impossible to get these information using selenium since it is impossible to get these information from inside the browser using Javascript. One can try to access the website though directly using some Python code:

import ssl
 
conn = ssl.create_connection(('google.com',443))
ctx = ssl.create_default_context() 
conn = ctx.wrap_socket(conn, server_hostname = 'google.com')
print(conn.getpeercert())

The dictionary returned by getpeercert has all the necessary information about issuer and validity inside.

Note though that direct access by Python and by the browser (and thus by selenium) behave slightly differently because a different TLS stack and/or different settings regarding ciphers, supported TLS versions etc are used. In some cases this will lead to TLS handshake problems with the Python code which don't happen with the browser.

There are also cases where the certificates in the server are improperly setup and chain certificates are missing. Browser will often successfully work around this, Python not. In this case the code above will fail too and one might need to use more complex code, see Python getting common name from URL using ssl.getpeercert().

Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172