{"id":46732077,"url":"https://github.com/paepckehh/tlsinfo","last_synced_at":"2026-04-01T19:38:55.252Z","repository":{"id":65314859,"uuid":"579632871","full_name":"paepckehh/tlsinfo","owner":"paepckehh","description":"Tool to analyze and troubleshoot TLS connections (app/lib/api)","archived":false,"fork":false,"pushed_at":"2026-03-20T22:43:42.000Z","size":123,"stargazers_count":4,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-21T01:28:48.159Z","etag":null,"topics":["analyzer","certificate","certificates","command-line","crypto","cryptography","ecdsa","ed25519","go","infosec","infosectools","pki","rsa","ssl","terminal","tls","tls13","x509"],"latest_commit_sha":null,"homepage":"https://paepcke.de/tlsinfo","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/paepckehh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2022-12-18T11:03:43.000Z","updated_at":"2026-03-20T08:36:04.000Z","dependencies_parsed_at":"2024-05-22T05:24:02.431Z","dependency_job_id":"4d16d126-3297-4129-8a03-6b3b92746a80","html_url":"https://github.com/paepckehh/tlsinfo","commit_stats":{"total_commits":78,"total_committers":1,"mean_commits":78.0,"dds":0.0,"last_synced_commit":"ebf82a3de54d76736795dbd0cf880f29fd17162a"},"previous_names":[],"tags_count":46,"template":false,"template_full_name":null,"purl":"pkg:github/paepckehh/tlsinfo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paepckehh%2Ftlsinfo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paepckehh%2Ftlsinfo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paepckehh%2Ftlsinfo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paepckehh%2Ftlsinfo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/paepckehh","download_url":"https://codeload.github.com/paepckehh/tlsinfo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/paepckehh%2Ftlsinfo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31291164,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T13:12:26.723Z","status":"ssl_error","status_checked_at":"2026-04-01T13:12:25.102Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["analyzer","certificate","certificates","command-line","crypto","cryptography","ecdsa","ed25519","go","infosec","infosectools","pki","rsa","ssl","terminal","tls","tls13","x509"],"created_at":"2026-03-09T15:31:39.481Z","updated_at":"2026-04-01T19:38:55.227Z","avatar_url":"https://github.com/paepckehh.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OVERVIEW\n[![Go Reference](https://pkg.go.dev/badge/paepcke.de/tlsinfo.svg)](https://pkg.go.dev/paepcke.de/tlsinfo)\n[![Go Report Card](https://goreportcard.com/badge/paepcke.de/tlsinfo)](https://goreportcard.com/report/paepcke.de/tlsinfo) \n[![Go Build](https://github.com/paepckehh/tlsinfo/actions/workflows/golang.yml/badge.svg)](https://github.com/paepckehh/tlsinfo/actions/workflows/golang.yml)\n[![License](https://img.shields.io/github/license/paepckehh/tlsinfo)](https://github.com/paepckehh/tlsinfo/blob/master/LICENSE)\n[![SemVer](https://img.shields.io/github/v/release/paepckehh/tlsinfo)](https://github.com/paepckehh/tlsinfo/releases/latest)\n\u003cbr\u003e[![built with nix](https://builtwithnix.org/badge.svg)](https://search.nixos.org/packages?channel=unstable\u0026show=tlsinfo\u0026from=0\u0026size=50\u0026sort=relevance\u0026type=packages\u0026query=tlsinfo) \n\n[paepcke.de/tlsinfo](https://paepcke.de/tlsinfo/)\n\n-   tired of remembering all the commandline switches of [openssl|certutil] to analyze an tls session, trust cert chains, ...\n-   validate, parse and clean export certificate chains, keys, pins, cryptographic states by just entering the hostname\n-   get alerts about any anomalies, broken or depricated cryptographic functions\n-   100% pure go, minimal(internal-only) imports, use as app or api (see api.go), compatible with certinfo, dnsinfo, ...\n\n# ⚡️HOW TO RUN VIA GO\n```\ngo run paepcke.de/tlsinfo/cmd/tlsinfo@latest\n\n```\n\n# ⚡️HOW TO INSTALL VIA GO\n```\ngo install paepcke.de/tlsinfo/cmd/tlsinfo@latest\n```\n\n# ⚡️PRE-BUILD BINARIES (DOWNLOAD)\n[https://github.com/paepckehh/tlsinfo/releases](https://github.com/paepckehh/tlsinfo/releases)\n\n\n# ⚡️HOW TO RUN ON NIXOS\n```\nnix-shell -p tlsinfo\n```\n\n# ⚡️HOW TO INSTALL ON NIXOS\n```\nenvironment.systemPackages = [\n  pkgs.tlsinfo\n];\n```\n\n# SHOWTIME \n\n## Get a summary of a single host TLS [connection|handshake].\n\n``` Shell\ntlsinfo github.com\nNET Local Address          : 10.159.67.228\nNET Local Port             : 33536\nNET Remote Address         : 20.27.177.113\nNET Remote Port            : 443\nTLS Handshake Finished     : true\nTLS Version                : TLS1.3 [0x0304] [OK]\nTLS ALPN                   : \nTLS Resumed                : false\nTLS Protocol Mutual        : true\nTLS Server Name            : github.com\nTLS Cipher Suite           : TLS_CHACHA20_POLY1305_SHA256\nTLS Uniq ID               \nTLS Signed Timestamps     \nTLS Verified Cert Chains\nTLS Peer Send Certs     \n\nX509 Cert Subject           : [CN=github.com,O=GitHub\\, Inc.,L=San Francisco,ST=California,C=US] \nX509 Cert Status            : [VALID] [for the next 90 days]\nX509 Cert Signature Algo    : [VALID] [ECDSA-SHA384] \nX509 Cert Public Key        : [VALID] [ECDSA] [prime256v1] \nX509 Cert KeyPin [base64]   : [/3ftdeWqIAONye/CeEQuLGvtlw4MPnQmKgyPLugFbK8=] \nX509 Cert Valid for Host    : [github.com] [www.github.com] \nX509 Cert Key Usage         : [CRITICAL] [Digital Signature] \nX509 Cert Key Usage Ext     : [TLS Web server authentication] [TLS Web client authentication] \nX509 Cert Transparency SCT  : [YES] [RFC6962 SCT] \nX509 CA Authority           : [NO]\nX509 Issuer Signature By    : [CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1,O=DigiCert Inc,C=US] \nX509 Issuer Signature State : [FAIL] [x509: certificate signed by unknown authority] \nX509 Issuer URL             : [http://cacerts.digicert.com/DigiCertTLSHybridECCSHA3842020CA1-1.crt] \nX509 Issuer OCSP            : [http://ocsp.digicert.com] \n\nX509 Cert Subject           : [CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1,O=DigiCert Inc,C=US] \nX509 Cert Status            : [VALID] [for the next 3041 days]\nX509 Cert Signature Algo    : [VALID] [SHA384-RSA] \nX509 Cert Public Key        : [VALID] [ECDSA] [secp384r1] \nX509 Cert KeyPin [base64]   : [e0IRz5Tio3GA1Xs4fUVWmH1xHDiH2dMbVtCBSkOIdqM=] \nX509 Cert Key Usage         : [CRITICAL] [Digital Signature] [Certificate Signing] [CRL Signing] \nX509 Cert Key Usage Ext     : [TLS Web server authentication] [TLS Web client authentication] \nX509 CA Authority           : [YES]\nX509 CA Allows SubCAs       : [NO] [PathLen:0]\nX509 Issuer Signature By    : [CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US] \nX509 Issuer Signature State : [VALID] [trusted via system trust store]\nX509 Issuer URL             : [http://cacerts.digicert.com/DigiCertGlobalRootCA.crt] \nX509 Issuer OCSP            : [http://ocsp.digicert.com] \n[...]\n```\n\n## Same but in ascii only non-color mode for post-processing, logging, ...\n\n``` Shell\nNO_COLOR=true tlsinfo github.com | grep ... \n[...]\n```\n\n## Need full details?\n\n``` Shell\nVERBOSE=true tlsinfo github.com \n[...]\n```\n\n## Need only the base64 encoded keypin(s) of a host? \n\n``` Shell\nPINONLY=true tlsinfo github.com \n[...]\n```\n\n## Fetch, decode, sanitize, clean re-encode a peers certificate\n\n``` Shell\nPEMONLY=true tlsinfo github.com \u003e truststore.pem\n[..]\n```\n\n# API\n\n## Input Objects to Analyze:\n\n-   hostname \n-   net/http/Request\n-   crypto/tls/Connection\n-   crypto/tls/ConnectionState\n-   crypto/ocsp\n\n## Output Format Styles via paepcke.de/reportstyle\n\n-   Plain Text\n-   Ansi Color Console\n-   HTML\n-   Custom \\[get wild\\]\n\n## TLS state report of a single host \n\n``` Golang \npackage main \n\nimport ( \n\t\"os\" \n\t\"paepcke.de/tlsinfo\"\n)\n\nfunc main() { \n\tos.Stdout.Write([]byte(HostReportAnsi(\"github.com\"))) \n}\n\n```\n\n## Get an HTML TLS state report of an client connection within your http handler function\n\n``` Golang\n[...]\nreportPage := HttpRequestReportHTML(q) // q is normally the server http.Request object within http handler\n[...]\n```\n\n# DOCS\n\n[pkg.go.dev/paepcke.de/tlsinfo](https://pkg.go.dev/paepcke.de/tlsinfo)\n\n# 🛡 License\n\n[![License](https://img.shields.io/github/license/paepckehh/tlsinfo)](https://github.com/paepckehh/tlsinfo/blob/master/LICENSE)\n\nThis project is licensed under the terms of the `BSD 3-Clause License` license. See [LICENSE](https://github.com/paepckehh/tlsinfo/blob/master/LICENSE) for more details.\n\n# 📃 Citation\n\n```bibtex\n@misc{tlsinfo,\n  author = {Michael Paepcke},\n  title = {Tool to analyze and troubleshoot TLS connections (app/lib/api)},\n  year = {2022},\n  publisher = {GitHub},\n  journal = {GitHub repository},\n  howpublished = {\\url{https://paepcke.de/tlsinfo}}\n}\n```\n\n# CONTRIBUTION\n\nYes, Please! PRs Welcome! \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaepckehh%2Ftlsinfo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpaepckehh%2Ftlsinfo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpaepckehh%2Ftlsinfo/lists"}