Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/amazon-archives/certlint

X.509 certificate linter
https://github.com/amazon-archives/certlint

Last synced: 11 days ago
JSON representation

X.509 certificate linter

Awesome Lists containing this project

README 

        
# certlint

X.509 certificate linter



`certlint` is currently at version 0.9.0.  It does not yet build as a gem.



For now, execute by running:



`ruby -I lib:ext bin/certlint` or `ruby -I lib:ext bin/cablint`



## Required gems



* `public_suffix`

* `simpleidn`



If using less than Ruby 2.3, you also need the `unf` gem.



## Building the asn1validator extension



`certlint` requires that the `asn1validator` extension be available.



See ext/README for instructions on building it.



## Output



Messages will be output one per line.  Each line will start with a single

capital letter, a colon, and a space. The letters indicate the type of message:



* B: Bug. Your certificate has a feature not handled by certlint.

* I: Information.  These are purely informational; no action is needed.

* N: Notice.  These are items known to cause issues with one or more implementations of certificate processing but are not errors according to the standard.

* W: Warning.  These are issues where a standard recommends differently but the standard uses terms such as "SHOULD" or "MAY".

* E: Error.  These are issues where the certificate is not compliant with the standard.

* F: Fatal Error.  These errors are fatal to the checks and prevent most further checks from being executed.  These are extremely bad errors.



## Thanks



Certlint was written by Peter Bowen ([email protected]).



Contributors include Matt Palmer, Rob Stradling, David Keeler, and Karsten Weiss.