Although IceSSL's native plug-in API is only available to programs written in C++, C#, Java and Swift, you can still obtain some useful information in other languages.
On this page:
Obtaining SSL Connection Information
You can obtain information about any SSL connection using the
getInfo operation on a
Connection object. IceSSL defines the following types in Slice:
For an SSL connection,
getInfo returns an instance of the subclass
certs member contains the peer's certificate chain, represented here as a sequence of strings containing the PEM-encoded certificates. The array is structured so that the first element is the peer's certificate, followed by its signing certificates in the order they appear in the chain, with the root CA certificate as the last element. The array is empty if the peer did not present a certificate chain.
cipher member is a description of the ciphersuite that SSL negotiated for this connection. The
verified member is
IceSSL.VerifyPeer=0 and the certificate can't be trusted or, if
IceSSL.CheckCertName > 0, the host name verification check failed. It's always
underlying data member contains the connection information of the underlying transport (if SSL is based on TCP, this member will contain an instance of
Ice::TCPEndpointInfo which you can use to retrieve the remote and local addresses). The
incoming member indicates whether the connection is inbound (a server connection) or outbound (a client connection). The
connectionId data member matches the connection identifier set on the proxy. Finally, if
incoming is true, the
adapterName member supplies the name of the object adapter that hosts the endpoint.
The code samples below demonstrate how to convert the encoded certificates into certificate objects:
Python doesn't currently have any built-in modules for manipulating certificates, but the
cryptography package offers one solution.