hyper-tls icon indicating copy to clipboard operation
hyper-tls copied to clipboard
verified publisher icon hyperium

How can I get details about the SSL certificate returned by the server?

Open domderen opened this issue 3 years ago • 1 comments

Hey,

I'm wondering if it is possible to obtain details of the SSL certificate returned by the server when using Hyper as an HTTPS client? I've got this example:

#![deny(warnings)]
#![warn(rust_2018_idioms)]
use std::{env};

use hyper::{Client};
use hyper_tls::HttpsConnector;

// A simple type alias so as to DRY.
type Result<T> = std::result::Result<T, Box<dyn std::error::Error + Send + Sync>>;

#[tokio::main]
async fn main() -> Result<()> {
    pretty_env_logger::init();

    // Some simple CLI args requirements...
    let url = match env::args().nth(1) {
        Some(url) => url,
        None => {
            println!("Usage: client <url>");
            return Ok(());
        }
    };

    // HTTPS requires picking a TLS implementation, so give a better
    // warning if the user tries to request an 'https' URL.
    let url = url.parse::<hyper::Uri>().unwrap();
    

    fetch_url(url).await
}

async fn fetch_url(url: hyper::Uri) -> Result<()> {
    let https = HttpsConnector::new();
    let client = Client::builder().build::<_, hyper::Body>(https);

    let res = client.get(url).await?;

    println!("Response: {}", res.status());
    println!("Headers: {:#?}\n", res.headers());

    println!("Extensions: {:#?}\n", res.extensions().len());

    // Stream the body, writing each chunk to stdout as we get it
    // (instead of buffering and printing at the end).
    // while let Some(next) = res.data().await {
    //     let chunk = next?;
    //     io::stdout().write_all(&chunk).await?;
    // }

    println!("\n\nDone!");

    Ok(())
}

And I'm wondering how can I use the https object or the response object to get the details of the server certificate?

I tried following the code, and it seems that the cert value is not exposed in the public API of this package, but I thought I'd ask.

Thanks in advance for your help!

domderen avatar Mar 14 '22 10:03 domderen

The way to access it depends on if the library you're using for a connector includes it in the response extensions. For example, when using the HttpConnector, or one based on it, you can access some of the TCP info using HttpInfo. The hyper-tls library does not seem to include any extra TLS info. Perhaps others do.

seanmonstar avatar Mar 14 '22 17:03 seanmonstar