I was looking for a python DNS library that handled CERT records. Although this is defined as dns.rdtypes.ANY.CERT, it the following code does not work:
for rdata in dns.resolver.query('alan.direct.transparenthealth.org', 'CERT')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 770, in query
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 709, in query
File "/usr/lib/python2.7/dist-packages/dns/resolver.py", line 129, in __init__
If I do it using the command line utility, I do indeed get the certificate back.
>dig alan.direct.transparenthealth.org CERT
dig alan.direct.transparenthealth.org CERT +noall +answer
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.8.1-P1 <<>> alan.direct.transparenthealth.org CERT +noall +answer
;; global options: +cmd
alan.direct.transparenthealth.org. 83828 IN CERT PKIX 38725 RSASHA1
Is this functionality possible with this library? Am I doing it wrong? I couldn’t find any examples of doing this in Python
Yep thanks that was it. I was using the version packaged with Ubuntu 12.04, which is 1.9. I just removed it and reinstalled dnspython with pip and it worked! Thanks so much! Any idea how I would print out just the certificate and/or just the just the algorithm instead of the getting everything?
Seems to print a binary version, (that I assume I could write to .der file??). I think i want to just fetch the cert. Is this possible?