blob: 479771cff36fd09d5cd7149e7f5eeac5e5cd6b2b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
# x509-info
At this point it's pretty clear that I'll never remember the syntax for `openssl` to show various information about a certificate. At last I will not have to google for that syntax ever again.
## Usage
``` shell
Usage:
x509-info [DOMAIN]
x509-info (-f long) [DOMAIN]
Options:
-f, --format Format the result. Valid values: short, long. Default: short
-i, --insecure Skip the TLS validation. Default: false
-p, --port Specify the port. Default: 443
-v, --version Print version information
-h, --help Print this message
```
The default format will print a short message:
``` shell
$ ./bin/x509-info github.com
github.com, valid until Thu, 14 Mar 2024 23:59:59 UTC (86 days left)
```
It's possible to get more details:
``` shell
$ ./bin/x509-info -f long github.com
certificate
version: 3
serial: 17034156255497985825694118641198758684
subject: github.com
issuer: DigiCert TLS Hybrid ECC SHA384 2020 CA1
validity:
not before: Tue, 14 Feb 2023 00:00:00 UTC
not after: Thu, 14 Mar 2024 23:59:59 UTC
validity days: 394
remaining days: 86
SANs:
• github.com
• www.github.com
```
You can also check expired certificates:
``` shell
$ ./bin/x509-info -i expired.badssl.com
*.badssl.com, not valid since Sun, 12 Apr 2015 23:59:59 UTC (expired 3172 days ago)
```
## Notes
Could the same be achieved with a wrapper around `openssl` ? yes.
|
