aiohttp icon indicating copy to clipboard operation
aiohttp copied to clipboard

Feature request: add functionality to retrieve the the server certificate in a client request

Open obeleh opened this issue 6 years ago • 8 comments

Rationale

This request is related to this SO Question where I asked whether or not it is possible to get the peer certificate when running a client request.

It is quite logical that the implemented hack is not going to be supported. I do, however, have use-cases in which it is required to retrieve the peer certificate. And I was hoping on working together to find a clean solution.

In protocols like Kerberos and NTLM the server certificate is used in followup steps of the authentication protocol.

A possible solution

If there is a better solution that would be great as well. Just trying to offer something workable

An extra parameter like retrieve_peer_certificate to the method aiohttp.Client._request which is default False and would make sure that a property like peer_certificate would be set in the response object. It would it be possible internally use a _get_transport that would return the SSLSocket if the connection is SSL/TLS on which you would be able to call getpeercert

obeleh avatar Mar 08 '18 14:03 obeleh