{"id":25872056,"url":"https://github.com/launchbynttdata/launch-cert-tool","last_synced_at":"2026-02-24T15:35:27.115Z","repository":{"id":274682142,"uuid":"923242580","full_name":"launchbynttdata/launch-cert-tool","owner":"launchbynttdata","description":"CLI tool to assist with certificate management","archived":false,"fork":false,"pushed_at":"2025-10-27T15:24:47.000Z","size":183,"stargazers_count":0,"open_issues_count":7,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-11-02T10:08:19.673Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/launchbynttdata.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-01-27T21:57:11.000Z","updated_at":"2025-09-11T15:08:35.000Z","dependencies_parsed_at":"2025-01-28T19:32:14.037Z","dependency_job_id":"5cf43de4-117e-4e39-8a65-9cd97ce83cd1","html_url":"https://github.com/launchbynttdata/launch-cert-tool","commit_stats":null,"previous_names":["launchbynttdata/launch-cert-tool"],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/launchbynttdata/launch-cert-tool","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Flaunch-cert-tool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Flaunch-cert-tool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Flaunch-cert-tool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Flaunch-cert-tool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/launchbynttdata","download_url":"https://codeload.github.com/launchbynttdata/launch-cert-tool/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Flaunch-cert-tool/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29788153,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-24T10:45:18.109Z","status":"ssl_error","status_checked_at":"2026-02-24T10:45:09.911Z","response_time":75,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-03-02T07:36:23.327Z","updated_at":"2026-02-24T15:35:27.103Z","avatar_url":"https://github.com/launchbynttdata.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# launch-cert-tool\n\n## Overview\n\nThis CLI tool allows a consistent method of certificate validation, intended for use by Launch engineers when swapping out certificates for our various services.\n\nEventually we'd like to get to the point where we issue and renew certificates directly from ACM, but until that happens, we need to use fully-chained certificates in order to have our services play nicely with certain build systems (e.g. Azure DevOps). This tool can help you verify that you have everything you need before rotating certificates in ACM/CloudFront.\n\n## Installation\n\n### pip\n\nInstalling this tool to the virtual environment of your choice can be accomplished with the following:\n\n```sh\npip install launch-cert-tool\n```\n\n### uv\n\n`uv` handles setting up a virtual environment, you can add this tool to an existing project with:\n\n```sh\nuv add launch-cert-tool\n```\n\n### uvx / run-standalone (recommended)\n\n`uvx` allows you to download the tool and execute it in an isolated throwaway environment without having to install\nany dependencies to your system. Run this tool using the following:\n\n```sh\nuvx --with launch-cert-tool launch-cert-tool [COMMAND] [OPTIONS]\n```\n\nYou can utilize this technique to run a particular version of the tool if required:\n\n```sh\nuvx --with launch-cert-tool@1.0.0 launch-cert-tool [COMMAND] [OPTIONS]\n```\n\n## Usage\n\nOnce installed to a virtual environment, `launch-cert-tool` should be added to your PATH. You may invoke the command without any arguments (or use the --help option) to view the usage page.\n\n### Validating local certificate files\n\nTo validate certificate files prior to import to ACM, you'll need to have the certificates saved to your local machine. Local certificate verification allows you to specify any number of local files to include into a single chain for validation. This means that you could have your leaf certificate for the service separate from the intermediate certificates that make up the chain of trust. The syntax for local validation is demonstrated below:\n\n```sh\nlaunch-cert-tool validate local /path/to/leaf.crt /other/path/to/intermediate.crt\n```\n\n### Validating a chain stored in ACM\n\nACM allows us to pull down an imported certificate and the associated chain to perform the same validation. This ensures that what you uploaded to ACM matches what you tested locally:\n\n```sh\nlaunch-cert-tool validate acm arn:aws:acm:\u003cregion\u003e:\u003caccount id\u003e:certificate/\u003ccertificate id\u003e\n```\n\n### Validating certificates served by a remote host\n\nAs a followup test after switching CloudFront over to your newly-imported ACM certificates, you may also validate the chain of certificates for a certain host, as shown here:\n\n```sh\nlaunch-cert-tool validate remote example.com\n```\n\n## Contributing\n\n### Prerequisites\n\n- [asdf](https://github.com/asdf-vm/asdf) or [mise](https://mise.jdx.dev/) to manage dependencies\n- [make](https://www.gnu.org/software/make/)\n\n### Development Environment\n\nTo configure your local development environment, perform the following steps:\n\n1. Clone this repository to your local machine\n2. `asdf install` (or `mise install`) to set up tool dependencies\n3. `make configure` to pull in platform targets and set up hooks\n4. `uv sync` to synchronize Python dependencies\n\nRun tests with `make test` and review the test coverage report locally using `make coverage`.\n\n### Running a dev version locally\n\nUsing `uv run` to launch your code ensures that your code runs in an isolated environment. For more inforamtion about using `uv run`, see the [official documentation](https://docs.astral.sh/uv/concepts/projects/run/).\n\nTo set up the proper script and environment to be able to run your dev version of `launch-cert-tool` from the command line, you will need to perform an editable installation:\n\n```sh\nuv pip install -e .\n```\n\n## Further reading\n\n- [Set up VSCode](./docs/ide-vscode.md) for an improved development experience\n- [Set up PyPI](./docs/pypi-configuration.md) for package distribution\n- Learn how the [release workflows](./docs/release-workflow.md) operate\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaunchbynttdata%2Flaunch-cert-tool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flaunchbynttdata%2Flaunch-cert-tool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaunchbynttdata%2Flaunch-cert-tool/lists"}