x509ls

Text-based SSL certificate viewer (C++03)

MIT License

Stars
8
View Code on GitHub
Ecosystems: C++

A text-based SSL certificate viewer. Shows an SSL server's certificate chain, and the validation path formed by OpenSSL.

Similar to the certificate viewer found in web browsers, only more keyboard friendly.

The flags next to each certificate are:

  • s: Self-signed certificate.
  • t: In the trust store. The trust store can be set with the --capath and --cafile options.
  • v: In the validation path formed by OpenSSL.
  • c: In the server's certificate chain.

alt text Jan 2014 - Save full server chain / validation path to file function.

Requirements

  • ncurses, glibc 2.9+, OpenSSL 1.0.0+.
  • Works with Ubuntu 12.04, RHEL 6 okay.

For Ubuntu run:

 sudo apt-get install cmake make g++ libncurses5-dev libssl-dev

For RHEL/CentOS run:

 sudo yum install cmake gcc-c++ ncurses-devel openssl-devel

Build & test run

 cmake .
 make

 x509ls/x509ls

Install

 sudo make install

Trivia

  • The longest server chain I've found contains some 108 certificates(!). 107 of these certificates are not even required, since the end-entity certificate is self-signed anyway.
Badges
Extracted from project README
Build Status
Related Projects
ssltrace

ssltrace hooks an application's SSL libraries to record keying data of all SSL connections

08 Sep 2013 93