1 files changed, 72 insertions, 0 deletions

diff --git a/src/x509-info/README.md b/src/x509-info/README.md
new file mode 100644
index 0000000..a269ee5
--- /dev/null
+++ b/src/x509-info/README.md
@@ -0,0 +1,72 @@
+# x509-info
+
+At this point it's pretty clear that I'll never remember the syntax for `openssl` to show various information about a certificate. At last I will not have to google for that syntax ever again.
+
+## Usage
+
+``` shell
+$ Usage: x509-info [OPTIONS] <DOMAIN>
+
+Arguments:
+  <DOMAIN>
+          Domain to check
+
+Options:
+  -p, --port <PORT>
+          Port to check
+
+          [default: 443]
+
+  -i, --insecure
+          Accept invalid certificate
+
+  -f, --format <FORMAT>
+          [default: short]
+
+          Possible values:
+          - short: Format the output as one line of plain text
+          - long:  Format the output as plain text
+
+  -h, --help
+          Print help information (use `-h` for a summary)
+
+  -V, --version
+          Print version information
+```
+
+The default format will print a short message:
+
+``` shell
+$ x509-info twitter.com
+twitter.com: Mon, 11 Dec 2023 15:59:59 -0800 (257 days left)
+```
+
+It's possible to get more details:
+
+``` shell
+$ x509-info --format=long twitter.com
+certificate
+ version: V3
+ serial: 0a:2c:01:b8:2b:5d:47:73:9a:5a:01:1a:6f:dc:1a:20
+ subject: C=US, ST=California, L=San Francisco, O=Twitter, Inc., CN=twitter.com
+ issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1
+ validity
+  not before    : Sat, 10 Dec 2022 16:00:00 -0800
+  not after     : Mon, 11 Dec 2023 15:59:59 -0800
+  validity days : 365
+  remaining days: 257
+ SANs:
+  DNS:twitter.com
+  DNS:www.twitter.com
+```
+
+You can also check expired certificates:
+
+``` shell
+$ x509-info --insecure expired.badssl.com
+<no name>: Sun, 12 Apr 2015 16:59:59 -0700 (it expired -2907 days ago)
+```
+
+## Notes
+
+Could the same be achieved with a wrapper around `openssl` ? yes.