New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: add functionality to retrieve the the server certificate in a client request #2816
Comments
Maybe add a getpeercert() method is enough. |
Unfortunately no.
|
@asvetlov Maybe we can expose the underlying socket (SSLSocket) object from a specified interface? They can be useful in many ways. |
This feature would be very useful! |
I definitely agree. There are five SSL related things available by Honestly, I have no idea are they valid and available after the transport closing and |
I can retrieve the certificate on aiohttp 3.8.3 with:
so this looks resolved to me. |
I think this should be reopened, as the connection is closed in |
Sure, we can take a look. |
Rationale
This request is related to this SO Question where I asked whether or not it is possible to get the peer certificate when running a client request.
It is quite logical that the implemented hack is not going to be supported. I do, however, have use-cases in which it is required to retrieve the peer certificate. And I was hoping on working together to find a clean solution.
In protocols like Kerberos and NTLM the server certificate is used in followup steps of the authentication protocol.
A possible solution
If there is a better solution that would be great as well. Just trying to offer something workable
An extra parameter like
retrieve_peer_certificate
to the methodaiohttp.Client._request
which is defaultFalse
and would make sure that a property likepeer_certificate
would be set in the response object. It would it be possible internally use a_get_transport
that would return the SSLSocket if the connection is SSL/TLS on which you would be able to callgetpeercert
The text was updated successfully, but these errors were encountered: