scott/cert-deets
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity
No description
24 commits 1 branch 0 tags 86 KiB
Find a file
Exact
Scott Wallace 0c3b328f71
 Update Makefile
2026-03-11 08:37:54 +00:00
.gitignore Add organization field. 2026-02-25 08:43:08 +00:00
Dockerfile Update Dockerfile 2026-02-13 08:52:22 +00:00
go.mod Update the build config 2026-02-10 17:59:05 +00:00
go.sum Rewrite in Go 2026-01-26 17:34:34 +00:00
main.go Don't display the root cert twice 2026-03-11 08:35:17 +00:00
Makefile Update Makefile 2026-03-11 08:37:54 +00:00
README.md Don't display the root cert twice 2026-03-11 08:35:17 +00:00

README.md

Overview

cert-deets is a simple program that connects to a remote port and attempts to negotiate TLS. It takes any certificate it finds and displays the pertinent details.

Its primary use is to check for expired or misconfigured TLS certificates.

$ cert-deets --help
Usage:
  cert-deets <url> [flags]

Arguments:
  url	URL to connect to

Flags:
  -a, --address string   Connect to this address instead and use the URL hostname for the SNI value

Example output

$ cert-deets example.com
Common name  example.com
Organization [not provided: CN=example.com]
SANs (2)     DNS:example.com DNS:*.example.com
Valid from   2026-02-13 18:53:48 UTC
Valid to     2026-05-14 18:57:50 UTC
Fingerprint  3d:b0:e4:bf:7a:32:cd:49:f9:ae:4e:fc:34:53:ce:d1:a5:79:02:db (SHA1)
             7a:70:78:8f:e1:f5:a9:0e:81:f7:ac:bd:c1:64:22:cb:6e:5d:76:4b:e8:d0:f4:da:97:21:ba:96:74:aa:8b:a9 (SHA256)
Issuer       Cloudflare TLS Issuing ECC CA 3 (CN=Cloudflare TLS Issuing ECC CA 3,O=SSL Corporation,C=US)
CA chain     Cloudflare TLS Issuing ECC CA 3 (Issuer: CN=SSL.com TLS Transit ECC CA R2,O=SSL Corporation,C=US)
             Fingerprint:
             	ae:80:1e:d1:c5:5b:b5:79:d7:92:08:b0:d7:72:ac:fb:8c:c3:a2:08 (SHA1)
             	f1:5f:29:ab:ef:73:aa:4d:d9:ab:75:4b:ae:ae:36:85:bd:d3:87:4b:46:b5:25:07:11:77:62:86:85:71:80:26 (SHA256)
             SSL.com TLS Transit ECC CA R2 [UNTRUSTED: root not trusted by system]
             Fingerprint:
             	5c:d5:96:1e:1e:fd:90:ec:72:bb:cc:c9:9a:0f:66:ab:1f:61:d4:64 (SHA1)
             	fe:9f:b0:f7:83:eb:b8:43:10:9a:a3:1d:e9:da:98:64:b6:54:29:40:c3:07:df:23:18:0b:11:f1:f7:e1:08:de (SHA256)

Building

Local binary (static)

make

... or, manually:

CGO_ENABLED=0 go build -v -ldflags="-w -s"

Local Docker container

docker buildx build . -t cert-deets:latest

Pre-built Docker container

A multi-platform container image exists at git.wallace.sh/scott/cert-deets:latest.

Current platforms:

  • linux/am64
  • linux/arm64
  • darwin/arm64

This can be used with a shell alias for the most convenient way to run without too much thinking.

e.g.

alias cert-deets='docker run --rm -t git.wallace.sh/scott/cert-deets:latest'