Add Connection.get_certificate method (#733) This makes it possible to retrieve the local certificate (if any) for a Connection. An example where this is useful is when negotiating a DTLS-SRTP connection, the fingerprint of the local certificate needs to be communicated to the remote party out-of-band via SDP.

commit: 460a19d45425218c34dcb7d6fde478f80a987fea [log] [tgz]
author: Jeremy Lainé <jeremy.laine@m4x.org> Wed May 16 19:44:19 2018 +0200
committer: Paul Kehrer <paul.l.kehrer@gmail.com> Wed May 16 13:44:19 2018 -0400
tree: 27a774b3666b094b1677aee76539342a6ca1f5e2
parent: e7f334583541e1de98614e76a65b7d04e7be4979 [diff]
diff --git a/src/OpenSSL/SSL.py b/src/OpenSSL/SSL.py
index 4c708ba..e3eddae 100644
--- a/src/OpenSSL/SSL.py
+++ b/src/OpenSSL/SSL.py

@@ -2176,6 +2176,18 @@
         """
         return self._socket.shutdown(*args, **kwargs)
 
+    def get_certificate(self):
+        """
+        Retrieve the local certificate (if any)
+
+        :return: The local certificate
+        """
+        cert = _lib.SSL_get_certificate(self._ssl)
+        if cert != _ffi.NULL:
+            _lib.X509_up_ref(cert)
+            return X509._from_raw_x509_ptr(cert)
+        return None
+
     def get_peer_certificate(self):
         """
         Retrieve the other side's certificate (if any)
commit	460a19d45425218c34dcb7d6fde478f80a987fea	[log] [tgz]
author	Jeremy Lainé <jeremy.laine@m4x.org>	Wed May 16 19:44:19 2018 +0200
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	Wed May 16 13:44:19 2018 -0400
tree	27a774b3666b094b1677aee76539342a6ca1f5e2
parent	e7f334583541e1de98614e76a65b7d04e7be4979 [diff]