From 10b51ea2f3f75ce3cbcaf19f0b7f2ecb01ab0bb5 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Wed, 19 Oct 2022 19:53:43 -0700 Subject: feat: get information about a given certificate Read the domain name from the CLI, and get and print information about the certificate to STDOUT. The output looks like this: ``` > ./target/debug/x509-info badssl.com Subject: CN=*.badssl.com O= L= Issuer: CN=R3 O=Let's Encrypt L= DNS Names: *.badssl.com, badssl.com Validity Period Not before: 2022-08-12T07:57:46-07:00 Not After: 2022-11-10T06:57:45-08:00 ``` --- src/x509-info/README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 src/x509-info/README.md (limited to 'src/x509-info/README.md') diff --git a/src/x509-info/README.md b/src/x509-info/README.md new file mode 100644 index 0000000..c8a1090 --- /dev/null +++ b/src/x509-info/README.md @@ -0,0 +1,15 @@ +# x509-info + +At this point it's pretty clear that I'll never remember the syntax for `openssl` to show various information about a certificate. At last I will not have to google for that syntax ever again. + +``` shell +$ x509-info github.com + Subject: CN=github.com O=GitHub, Inc. L=San Francisco + Issuer: CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1 O=DigiCert Inc L= + DNS Names: github.com, www.github.com + Validity Period + Not before: 2022-03-14T17:00:00-07:00 + Not After: 2023-03-15T16:59:59-07:00 +``` + +Could the same be achieved with a wrapper around `openssl` ? yes. -- cgit v1.2.3 From 42a74c6ec5953024faab56bc4651c45c328d2f2d Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Sun, 6 Nov 2022 10:47:48 -0800 Subject: ci: switch from GitHub action to drone I'm running my own CI at ci.fcuny.net using drone for now. I've spare compute capacity at home, and it's way faster than the GHA runners. For now I'm losing the following: - dependabot: that's a GitHub only function, I'll need to figure out something - nix flake update: I'll need to figure out a way to update flakes on a regular basis, probably a custom script to take care of that --- src/x509-info/README.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/x509-info/README.md') diff --git a/src/x509-info/README.md b/src/x509-info/README.md index c8a1090..39fc564 100644 --- a/src/x509-info/README.md +++ b/src/x509-info/README.md @@ -1,5 +1,7 @@ # x509-info +[![Build Status](https://ci.fcuny.net/api/badges/fcuny/x509-info/status.svg)](https://ci.fcuny.net/fcuny/x509-info) + At this point it's pretty clear that I'll never remember the syntax for `openssl` to show various information about a certificate. At last I will not have to google for that syntax ever again. ``` shell -- cgit v1.2.3 From 23f894be98c979d5dbf6fbb9f2ec20fe75b37290 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Sun, 13 Nov 2022 15:20:52 -0800 Subject: doc: update README --- src/x509-info/README.md | 62 +++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 55 insertions(+), 7 deletions(-) (limited to 'src/x509-info/README.md') diff --git a/src/x509-info/README.md b/src/x509-info/README.md index 39fc564..61d450e 100644 --- a/src/x509-info/README.md +++ b/src/x509-info/README.md @@ -4,14 +4,62 @@ At this point it's pretty clear that I'll never remember the syntax for `openssl` to show various information about a certificate. At last I will not have to google for that syntax ever again. +## Usage + ``` shell -$ x509-info github.com - Subject: CN=github.com O=GitHub, Inc. L=San Francisco - Issuer: CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1 O=DigiCert Inc L= - DNS Names: github.com, www.github.com - Validity Period - Not before: 2022-03-14T17:00:00-07:00 - Not After: 2023-03-15T16:59:59-07:00 +> x509-info --help +Usage: x509-info [OPTIONS] + +Arguments: + + Domain to check + +Options: + -p, --port + Port to check + + [default: 443] + + -f, --format + [default: short] + + Possible values: + - short: Format the output as one line of plain text + - long: Format the output as plain text + + -h, --help + Print help information (use `-h` for a summary) + + -V, --version + Print version information ``` +The default format will print a short message: + +``` shell +> x509-info twitter.com +twitter.com is valid until Mon, 12 Dec 2022 15:59:59 -0800 (29 days left) +``` + +It's possible to get more details: + +``` shell +> x509-info --format long twitter.com +certificate + version: V3 + serial: 0d:e1:52:69:6b:2f:96:70:d6:c7:db:18:ce:1c:71:a0 + subject: C=US, ST=California, L=San Francisco, O=Twitter, Inc., CN=twitter.com + issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 + validity + not before : Sun, 12 Dec 2021 16:00:00 -0800 + not after : Mon, 12 Dec 2022 15:59:59 -0800 + validity days : 364 + remaining days: 29 + SANs: + DNS:twitter.com + DNS:www.twitter.com +``` + +## Notes + Could the same be achieved with a wrapper around `openssl` ? yes. -- cgit v1.2.3 From 51640af5aa964b8eafa28e06e49528588b937a36 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Tue, 28 Mar 2023 18:48:21 -0700 Subject: add a flag to check expired certificate Add the `--insecure` flag so we can check certificates that are expired. When using the short format for the output (the default), if the certificate has expired, it will report how many days ago. For certificates that have not expired, the remaining number of days will be printed. --- src/x509-info/README.md | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) (limited to 'src/x509-info/README.md') diff --git a/src/x509-info/README.md b/src/x509-info/README.md index 61d450e..f7e9121 100644 --- a/src/x509-info/README.md +++ b/src/x509-info/README.md @@ -7,8 +7,7 @@ At this point it's pretty clear that I'll never remember the syntax for `openssl ## Usage ``` shell -> x509-info --help -Usage: x509-info [OPTIONS] +$ Usage: x509-info [OPTIONS] Arguments: @@ -20,6 +19,9 @@ Options: [default: 443] + -i, --insecure + Accept invalid certificate + -f, --format [default: short] @@ -37,29 +39,36 @@ Options: The default format will print a short message: ``` shell -> x509-info twitter.com -twitter.com is valid until Mon, 12 Dec 2022 15:59:59 -0800 (29 days left) +$ x509-info twitter.com +twitter.com: Mon, 11 Dec 2023 15:59:59 -0800 (257 days left) ``` It's possible to get more details: ``` shell -> x509-info --format long twitter.com +$ x509-info --format=long twitter.com certificate version: V3 - serial: 0d:e1:52:69:6b:2f:96:70:d6:c7:db:18:ce:1c:71:a0 + serial: 0a:2c:01:b8:2b:5d:47:73:9a:5a:01:1a:6f:dc:1a:20 subject: C=US, ST=California, L=San Francisco, O=Twitter, Inc., CN=twitter.com issuer: C=US, O=DigiCert Inc, CN=DigiCert TLS RSA SHA256 2020 CA1 validity - not before : Sun, 12 Dec 2021 16:00:00 -0800 - not after : Mon, 12 Dec 2022 15:59:59 -0800 - validity days : 364 - remaining days: 29 + not before : Sat, 10 Dec 2022 16:00:00 -0800 + not after : Mon, 11 Dec 2023 15:59:59 -0800 + validity days : 365 + remaining days: 257 SANs: DNS:twitter.com DNS:www.twitter.com ``` +You can also check expired certificates: + +``` shell +$ x509-info --insecure expired.badssl.com +: Sun, 12 Apr 2015 16:59:59 -0700 (it expired -2907 days ago) +``` + ## Notes Could the same be achieved with a wrapper around `openssl` ? yes. -- cgit v1.2.3 From 25f7eabb6f3f5d7874b38e013810d26fec7a66f1 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Sun, 28 Apr 2024 19:28:46 -0700 Subject: fix URL to the repository --- src/x509-info/README.md | 2 -- 1 file changed, 2 deletions(-) (limited to 'src/x509-info/README.md') diff --git a/src/x509-info/README.md b/src/x509-info/README.md index f7e9121..a269ee5 100644 --- a/src/x509-info/README.md +++ b/src/x509-info/README.md @@ -1,7 +1,5 @@ # x509-info -[![Build Status](https://ci.fcuny.net/api/badges/fcuny/x509-info/status.svg)](https://ci.fcuny.net/fcuny/x509-info) - At this point it's pretty clear that I'll never remember the syntax for `openssl` to show various information about a certificate. At last I will not have to google for that syntax ever again. ## Usage -- cgit v1.2.3