DEV Community

Yaroslav Polyakov
Yaroslav Polyakov

Posted on

2

showcert: human-friendly openssl

showcert is easy to use CLI tool with to show/verify local (.pem) and remote SSL certificates.

showcert does only (1%) most often-used (99%) functions of openssl, but simple and easy to use.

Install: pip3 install showcert

Usage:

$ showcert github.com
IP: 140.82.121.3
Names: github.com www.github.com
notBefore: 2022-03-15 00:00:00 (182 days old)
notAfter: 2023-03-15 23:59:59 (183 days left)
Issuer: C=US O=DigiCert Inc CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1
Enter fullscreen mode Exit fullscreen mode

Also:

# show certificate from local file, or from stdin if path is -
showcert /etc/ssl/certs/ssl-cert-snakeoil.pem

# check all *.pem files in current directory, and warn if any expires soon. Add `-q` for quiet mode
showcert *.pem -w

# show certificate for gmail POP3 over SSL
showcert pop.gmail.com:995 

# show cert for yandex POP3. Yes, it will do STARTTLS automatically)
showcert pop.yandex.ru:110 

# connect to localhost, but ask to show cert for google.com (SNI)
# -i = insecure, ignore verification error
showcert -i -n google.com localhost 

# 'steal' remote server fullchain.pem (without privkey, obviously)
showcert google.com --chain -o pem > fullchain.pem

#
# LetsEncrypt specific features:
#

# Warn if expire in less then 10 days. Non-zero exit if at least one certificate is expiring.
# same as `showcert -w 10 /etc/letsencrypt/live/*/fullchain.pem

showcert -w 10 :le

# list all names from certificate (as -o names), but each name prepended with -d. 
# e.g. `-d example.com -d www.example.com`
showcert -o dnames example.com

# Useful to use with certbot to generate new certificate from existing cert or site. E.g.:
certbot certonly --webroot /var/www/PATH `showcert -o dnames example.com`
Enter fullscreen mode Exit fullscreen mode

Seem more on GitHub repo: https://github.com/yaroslaff/showcert

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

Top comments (0)

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay