Giter Site home page Giter Site logo

Comments (5)

InAnimaTe avatar InAnimaTe commented on May 4, 2024 1

In relation to your comment about curl, I did find a command that utilizes curl and awk to pull out cert related information; not clean though:

└[~]> curl --insecure -v https://www.google.com 2>&1 | awk 'BEGIN { cert=0 } /^\* Server certificate:/ { cert=1 } /^\*/ { if (cert) print }'
* Server certificate:
*  subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=www.google.com
*  start date: Jan 18 18:50:00 2017 GMT
*  expire date: Apr 12 18:50:00 2017 GMT
*  issuer: C=US; O=Google Inc; CN=Google Internet Authority G2
*  SSL certificate verify ok.
* Connection #0 to host www.google.com left intact

But yeah, this would be super useful and openssl is most likely the best way to do it. In our case, pyopenssl/cryptography I'd presume would be good goto's

from httpstat.

reorx avatar reorx commented on May 4, 2024

That's a good idea! I always use commands like

openssl s_client -connect reorx.com:443 -servername reorx.com | openssl x509 -noout -dates

to check the expiration date for my website, but that is ridiculously verbose and complex.
If there's a tool that can handle these TLS stuff like what httpstat do to http, life will be much easier.

Because the TLS info could not be get from curl, if we want to do this, we can only wrap around openssl and involve other command(s) in this process. To keep the simplicity and the do one thing and do it well rule, I don't think that add this feature in httpstat main cli is a very good idea, but I think this could be another tool, may be called sslstat or sth, to do this job specificly.

from httpstat.

reorx avatar reorx commented on May 4, 2024

I know a guy who's very familiar with openssl command, he can write out all the commands you mentioned (show issuer info, if valid etc) without a blink in the eye :)

@wzyboy how do you think the idea of making that TLS cli tool?

from httpstat.

wzyboy avatar wzyboy commented on May 4, 2024

Well. curl does show TLS info when being invoked with -v flag (as @InAnimaTe shows). If you do not want to add additional complecity to httpstat, you may parse the output of curl in the current codebase. @reorx

from httpstat.

reorx avatar reorx commented on May 4, 2024

Oops, I find that I was using a curl of version 7.43.0, which only showed very limited TLS info, I tried with the newer version and now see the expire date info. In this case it's possible to make httpstat parse and show these info in a better way.

from httpstat.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.