kellya/checkcert
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat: add option to display the text version of the x509 cert

Browse source
This commit is contained in:
Alex Kelly 2021-09-28 16:36:12 -04:00
parent f9ea21e94c
commit a01f1575c9
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
checkcert/checkcert.py
View file

@ -6,12 +6,15 @@ import M2Crypto
@click.command() @click.command()
@click.option("--san", is_flag=True, help="Output Subject Alternate Names") @click.option("--san", is_flag=True, help="Output Subject Alternate Names")
@click.option(
"--dump", is_flag=True, help="Dump the full text version of the x509 certificate"
)
@click.option( @click.option(
"--port", default=443, type=int, help="TCP port to connect to (default 443)" "--port", default=443, type=int, help="TCP port to connect to (default 443)"
) )
@click.option("--expires", is_flag=True, help="Display the expiration date") @click.option("--expires", is_flag=True, help="Display the expiration date")
@click.argument("domain") @click.argument("domain")
def main(san, port, expires, domain): def main(san, dump, port, expires, domain):
# handle a domain given with a : in it to specify the port # handle a domain given with a : in it to specify the port
if ":" in domain: if ":" in domain:
uri = domain.split(":") uri = domain.split(":")
@ -19,6 +22,9 @@ def main(san, port, expires, domain):
port = uri[1] port = uri[1]
cert = ssl.get_server_certificate((domain, port)) cert = ssl.get_server_certificate((domain, port))
x509 = M2Crypto.X509.load_cert_string(cert) x509 = M2Crypto.X509.load_cert_string(cert)
if dump:
print(x509.as_text())
sys.exit()
if san: if san:
all_sans = x509.get_ext("subjectAltName").get_value() all_sans = x509.get_ext("subjectAltName").get_value()
sans = all_sans.split(",") sans = all_sans.split(",")