Code Monkey home page Code Monkey logo

Comments (5)

sourishkrout avatar sourishkrout commented on August 18, 2024 1

We should probably included SANs, too.

from certificates.

mmalone avatar mmalone commented on August 18, 2024

Actually maybe we should also distinguished between X.509v3 Root CA (self signed) and X.509v3 Intermediate CA (not self signed) in the first line.

from certificates.

mmalone avatar mmalone commented on August 18, 2024

Add SANs under “Subjects” and just have them indented to the same level, I think:

X.509v3 TLS Certificate (ECDSA P256) [Serial: 3887...5350]
  Subjects:    hello-mtls.default.svc.cluster.local
               foo.bar.cluster.local
               foo.bar.staging.smallstep.com
  Issuer:      Autocert Intermediate CA
  Provisioner: autocert [ID: 7oOZgiEg...]
  Valid from:  Jan 19 01:59:06 2019 UTC
          to:  Jan 20 01:59:06 2019 UTC

from certificates.

maraino avatar maraino commented on August 18, 2024

@mmalone This will be the short version of a CSR:

$ step certificate inspect --short hello.csr
X.509v3 Certificate Signing Request (ECDSA P-256)
  Subject:     hello.smallstep.com

from certificates.

dopey avatar dopey commented on August 18, 2024

This enhancement adds the ability to print a shortened version of a certificate in human readable format. X.509 certificates contain a lot of data that is necessary when computers try to verify cryptographic identities but less useful for most human debugging or information gathering. Most of the time we're only interested in a few fields when we inspect a certificate. So we've added a --short option to step certificate inspect that prints short, human friendly certificate info.

$ bin/step certificate inspect --short https://smallstep.com
X.509v3 TLS Certificate (ECDSA P-256) [Serial: 3263...4954]
  Subject:     smallstep.com
  Issuer:      Let's Encrypt Authority X3
  Valid from:  2019-02-08T13:07:44Z
          to:  2019-05-09T13:07:44Z

Try it out and let us know what you think. Are we missing attributes you think are necessary in a shortened output?
We're also considering making this the default behavior for step certificate inspect and requiring a flag if you'd like to see the more verbose, complete certificate information. If you have opinions one way or the other, we'd love to hear from you.

from certificates.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.