Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/hannob/tlshelpers

A collection of shell scripts that help handling X.509 certificate and TLS issues
https://github.com/hannob/tlshelpers

Last synced: 3 months ago
JSON representation

A collection of shell scripts that help handling X.509 certificate and TLS issues

Host: GitHub
URL: https://github.com/hannob/tlshelpers
Owner: hannob
License: unlicense
Created: 2017-07-20T12:34:32.000Z (almost 7 years ago)
Default Branch: main
Last Pushed: 2024-01-04T13:41:17.000Z (6 months ago)
Last Synced: 2024-01-21T07:37:03.876Z (5 months ago)
Language: Shell
Size: 26.4 KB
Stars: 126
Watchers: 9
Forks: 28
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Lists

awesome-security-collection - **89**星

README

        # tlshelpers

A collection of shell scripts that help handling X.509 certificate and TLS issues

matchcertkey

============

Script to check whether a private key belongs to a certificate.

It will check three things:

* Internal consistency of private key.

* Does SPKI SHA256 hash match?

* Can a test signature be verified?

Many existing tools and guides only check whether the public key part of the private key

matches and don't really check the private key.

fakekey

=======

Creates a private key for an existing certificate that looks like a real key

if not checked properly.

Requires the [der2ascii/ascii2der](https://github.com/google/der-ascii) tools by David Benjamin.

ocspverify

==========

Checks OCSP status of certificates with a single command.

It will automatically extract the issuer certificate and OCSP url via AIA.

getsubdomain

============

Gets all subdomains to a domain by querying the database of the [crt.sh](https://crt.sh)

Certificate Transparency search engine.

examples

========

The [examples](examples/) subdirectory contains an existing certificate (from symantec) and

a corresponding fake private key.