Skip to content

Commit

Permalink
update doc
Browse files Browse the repository at this point in the history
  • Loading branch information
@nxadm
nxadm committed Jan 17, 2021
1 parent 4cbad9b commit 1188a0b
Show file tree
Hide file tree
Showing 2 changed files with 82 additions and 72 deletions.
152 changes: 81 additions & 71 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ go get github.com/nxadm/certmin
## Help page
```
$ ./certmin
certmin, 0.4.2. A minimalist certificate utility.
certmin, 0.4.3. A minimalist certificate utility.
See https://github.com/nxadm/certmin for more information.
Usage:
Expand Down Expand Up @@ -69,93 +69,103 @@ $ ./certmin skim t/chain.crt
certificate location t/chain.crt:
Subject: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
Issuer: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
Serial number: 1
Version: 3
Public key algorithm: RSA
Signature algorithm: SHA1-RSA
CRL locations: http://crl.comodoca.com/AAACertificateServices.crl, http://crl.comodo.net/AAACertificateServices.crl
Not before: 2004-01-01 00:00:00 +0000 UTC
Not after: 2028-12-31 23:59:59 +0000 UTC
Subject: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
Issuer: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
Serial number: 76359301477803385872276235234032301461
Version: 3
Is CA: true
Public key algorithm: RSA
Signature algorithm: SHA384-RSA
OCSP servers: http://ocsp.comodoca.com
CRL locations: http://crl.comodoca.com/AAACertificateServices.crl
Not before: 2019-03-12 00:00:00 +0000 UTC
Not after: 2028-12-31 23:59:59 +0000 UTC
Subject: CN=GEANT OV RSA CA 4,O=GEANT Vereniging,C=NL
Issuer: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
Serial number: 290123421899608141648701916708796095456
Version: 3
Is CA: true
Public key algorithm: RSA
Signature algorithm: SHA384-RSA
OCSP servers: http://ocsp.usertrust.com
CRL locations: http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
Not before: 2020-02-18 00:00:00 +0000 UTC
Not after: 2033-05-01 23:59:59 +0000 UTC
Subject: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
Issuer: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
Serial number: 1
Version: 3
Is CA: true
Public key algorithm: RSA
Signature algorithm: SHA1-RSA
CRL locations: http://crl.comodoca.com/AAACertificateServices.crl, http://crl.comodo.net/AAACertificateServices.crl
Not before: 2004-01-01 00:00:00 +0000 UTC
Not after: 2028-12-31 23:59:59 +0000 UTC
Subject: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
Issuer: CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB
Serial number: 76359301477803385872276235234032301461
Version: 3
Is CA: true
Public key algorithm: RSA
Signature algorithm: SHA384-RSA
OCSP servers: http://ocsp.comodoca.com
CRL locations: http://crl.comodoca.com/AAACertificateServices.crl
Not before: 2019-03-12 00:00:00 +0000 UTC
Not after: 2028-12-31 23:59:59 +0000 UTC
Subject: CN=GEANT OV RSA CA 4,O=GEANT Vereniging,C=NL
Issuer: CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US
Issuer Certificate URLs: http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt
Serial number: 290123421899608141648701916708796095456
Version: 3
Is CA: true
MaxPathLen is 0: true
Public key algorithm: RSA
Signature algorithm: SHA384-RSA
OCSP servers: http://ocsp.usertrust.com
CRL locations: http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
Not before: 2020-02-18 00:00:00 +0000 UTC
Not after: 2033-05-01 23:59:59 +0000 UTC
---
```

### Skim remote certificate information

```
$ ./certmin skim github.com --remote-chain
Certificate location github.com:
Subject: CN=github.com,O=GitHub\, Inc.,L=San Francisco,ST=California,C=US
Issuer: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
DNS names: github.com, www.github.com
Serial number: 7101927171473588541993819712332065657
Version: 3
Public key algorithm: RSA
Signature algorithm: SHA256-RSA
OCSP servers: http://ocsp.digicert.com
CRL locations: http://crl3.digicert.com/sha2-ha-server-g6.crl, http://crl4.digicert.com/sha2-ha-server-g6.crl
Not before: 2020-05-05 00:00:00 +0000 UTC
Not after: 2022-05-10 12:00:00 +0000 UTC
Subject: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
Issuer: CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
Serial number: 6489877074546166222510380951761917343
Version: 3
Is CA: true
Public key algorithm: RSA
Signature algorithm: SHA256-RSA
OCSP servers: http://ocsp.digicert.com
CRL locations: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl
Not before: 2013-10-22 12:00:00 +0000 UTC
Not after: 2028-10-22 12:00:00 +0000 UTC
certificate location github.com:
Subject: CN=github.com,O=GitHub\, Inc.,L=San Francisco,ST=California,C=US
Issuer: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
Issuer Certificate URLs: http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt
DNS names: github.com, www.github.com
Serial number: 7101927171473588541993819712332065657
Version: 3
Public key algorithm: RSA
Signature algorithm: SHA256-RSA
OCSP servers: http://ocsp.digicert.com
CRL locations: http://crl3.digicert.com/sha2-ha-server-g6.crl, http://crl4.digicert.com/sha2-ha-server-g6.crl
Not before: 2020-05-05 00:00:00 +0000 UTC
Not after: 2022-05-10 12:00:00 +0000 UTC
Subject: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
Issuer: CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US
Serial number: 6489877074546166222510380951761917343
Version: 3
Is CA: true
MaxPathLen is 0: true
Public key algorithm: RSA
Signature algorithm: SHA256-RSA
OCSP servers: http://ocsp.digicert.com
CRL locations: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl
Not before: 2013-10-22 12:00:00 +0000 UTC
Not after: 2028-10-22 12:00:00 +0000 UTC
---
```

### Skim remote certificate information using a URI scheme

```
$ ./certmin skim smtps://smtp.gmail.com
Certificate location smtps://smtp.gmail.com:
Subject: CN=smtp.gmail.com,O=Google LLC,L=Mountain View,ST=California,C=US
Issuer: CN=GTS CA 1O1,O=Google Trust Services,C=US
DNS names: smtp.gmail.com
Serial number: 257235496908235390426179598999401729070
Version: 3
Public key algorithm: ECDSA
Signature algorithm: SHA256-RSA
OCSP servers: http://ocsp.pki.goog/gts1o1core
CRL locations: http://crl.pki.goog/GTS1O1core.crl
Not before: 2020-12-15 14:48:07 +0000 UTC
Not after: 2021-03-09 14:48:06 +0000 UTC
certificate location smtps://smtp.gmail.com:
Subject: CN=smtp.gmail.com,O=Google LLC,L=Mountain View,ST=California,C=US
Issuer: CN=GTS CA 1O1,O=Google Trust Services,C=US
Issuer Certificate URLs: http://pki.goog/gsr2/GTS1O1.crt
DNS names: smtp.gmail.com
Serial number: 257235496908235390426179598999401729070
Version: 3
Public key algorithm: ECDSA
Signature algorithm: SHA256-RSA
OCSP servers: http://ocsp.pki.goog/gts1o1core
CRL locations: http://crl.pki.goog/GTS1O1core.crl
Not before: 2020-12-15 14:48:07 +0000 UTC
Not after: 2021-03-09 14:48:06 +0000 UTC
---
```

### Verify that a certificate and a key match
Expand Down
2 changes: 1 addition & 1 deletion main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
)

const (
version = "0.4.2"
version = "0.4.3"
website = "https://github.com/nxadm/certmin"
)

Expand Down

0 comments on commit 1188a0b

Please sign in to comment.