|
|
d614c1ff06
|
Turn the exception into a warning
|
2022-07-27 14:53:15 +02:00 |
|
|
|
497c230394
|
There can be a root certificate and a cross signed intermediate certificate with the same subject
|
2022-07-27 14:48:31 +02:00 |
|
|
|
0ec7c8b62c
|
Only load valid certificates
|
2022-07-27 13:39:35 +02:00 |
|
|
|
6dda760ffd
|
instead of finding the issuer of the last certificate, probe in reverse order
This allows for handling of disappeared/expired root certificates which
might still be a dependency for a present cross signed certificate
|
2022-07-27 13:34:11 +02:00 |
|
|
|
5cce5722c5
|
Also find a possible parent, and add it to the end of the list
|
2022-07-27 12:45:10 +02:00 |
|
|
|
5c4f6d2c67
|
Give more information on the current state of processed/remaining certificates
|
2022-07-27 11:51:58 +02:00 |
|
|
|
2931f4809e
|
Be a bit more descriptive in debug output for subject/issuer in the x509 material offered to us
|
2022-07-27 11:47:30 +02:00 |
|
|
|
ba94ceb9cc
|
Improved handling of cross signed intermediates. #1
|
2022-07-27 11:19:35 +02:00 |
|
|
|
ebe467260a
|
Also show exponent
|
2020-09-10 17:44:59 +02:00 |
|
|
|
b0562e1497
|
Report some information on the private key
|
2020-09-10 16:43:32 +02:00 |
|
|
|
4cffe77fa0
|
Remove more 'RSA Only' references
|
2020-09-10 11:15:26 +02:00 |
|
|
|
66f45feea5
|
Show some information about the PEM blocks with -i
|
2020-09-09 15:39:45 +02:00 |
|
|
|
fe5286b8e5
|
The --check option is actually part of the "output group" set of switches
|
2020-09-09 15:38:54 +02:00 |
|
|
|
e4ca594165
|
Add a check only mode
|
2020-09-09 15:31:31 +02:00 |
|
|
|
c866d219cb
|
Note that we handle non RSA as well now
|
2020-09-09 15:30:49 +02:00 |
|
|
|
e22223ba66
|
Please pylint/pep8 etc
|
2020-08-17 12:19:21 +02:00 |
|
|
|
1e5aa31eb8
|
Instead of RSA exclusive moduled, compare public key output from provided certificate and private key. This also enables the use of non RSA cryptography (tested with EC)
|
2020-08-11 13:25:55 +02:00 |
|
|
|
02a83a72a2
|
Merge branch 'master' of gitlab.niet.verweg.com:ruben/sort_certificate
|
2020-04-07 00:22:40 +02:00 |
|
Ruben van Staveren
|
fc3e220d61
|
Process certificate component errors in a more tidy fashion
|
2020-04-06 12:31:42 +02:00 |
|
|
|
2b4bfd70ef
|
Break out argument parsing in seperate routine
|
2020-03-30 11:21:24 +02:00 |
|
|
|
53d97c30c2
|
Add option to also include root certificate, for e.g. ldns-dane processing
|
2020-03-30 11:16:07 +02:00 |
|
|
|
22a2549294
|
refactor to slim down main routine
|
2020-03-20 17:34:04 +01:00 |
|
|
|
ea449a1436
|
Better granularity with exception handling
|
2020-03-20 14:26:38 +01:00 |
|
Ruben van Staveren
|
d415f4786e
|
pylint/pep8 compliancy
|
2020-03-20 11:27:41 +01:00 |
|
Ruben van Staveren
|
fd5b903caa
|
Use certifi to get the mozilla ca bundle
|
2020-03-20 11:27:15 +01:00 |
|
Ruben van Staveren
|
1256d13c42
|
Provide openssl like x509 -subjext -issuer -dates -fingerprint output
|
2019-08-20 14:20:46 +02:00 |
|
Ruben van Staveren
|
ccd93d8027
|
Handle case in when both an intermediate and a root cert with the same name is present in our input
|
2019-08-20 12:13:49 +02:00 |
|
Ruben van Staveren
|
5adfd4ef66
|
Add Ubuntu location of (curl) certificate bundle that we can use
|
2019-05-06 14:20:29 +02:00 |
|
Ruben van Staveren
|
ba984d46a1
|
Use get_issuer, as intended by logging.debug
|
2019-05-06 14:18:53 +02:00 |
|
Ruben van Staveren
|
2ba60dded4
|
Import into VCS
|
2019-05-06 12:13:04 +02:00 |
|
