Skip to content
/ tlshelpers Public

A collection of shell scripts that help handling X.509 certificate and TLS issues

License

0BSD license
127 stars 26 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hannob/tlshelpers

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
examples
examples
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
create-csr
create-csr
 
 
fakekey
fakekey
 
 
getsubdomain
getsubdomain
 
 
matchcertkey
matchcertkey
 
 
ocspverify
ocspverify
 
 

Repository files navigation

tlshelpers

A collection of shell scripts that help handling X.509 certificate and TLS issues

matchcertkey

Script to check whether a private key belongs to a certificate.

It will check three things:

  • Internal consistency of private key.
  • Does SPKI SHA256 hash match?
  • Can a test signature be verified?

Many existing tools and guides only check whether the public key part of the private key matches and don't really check the private key.

fakekey

Creates a private key for an existing certificate that looks like a real key if not checked properly.

Requires the der2ascii/ascii2der tools by David Benjamin.

ocspverify

Checks OCSP status of certificates with a single command.

It will automatically extract the issuer certificate and OCSP url via AIA.

getsubdomain

Gets all subdomains to a domain by querying the database of the crt.sh Certificate Transparency search engine.

examples

The examples subdirectory contains an existing certificate (from symantec) and a corresponding fake private key.

About

A collection of shell scripts that help handling X.509 certificate and TLS issues

Resources

Readme

License

0BSD license
Activity

Stars

127 stars

Watchers

9 watching

Forks

26 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages