Comments (5)
We should probably included SANs, too.
from certificates.
Actually maybe we should also distinguished between X.509v3 Root CA
(self signed) and X.509v3 Intermediate CA
(not self signed) in the first line.
from certificates.
Add SANs under “Subjects” and just have them indented to the same level, I think:
X.509v3 TLS Certificate (ECDSA P256) [Serial: 3887...5350]
Subjects: hello-mtls.default.svc.cluster.local
foo.bar.cluster.local
foo.bar.staging.smallstep.com
Issuer: Autocert Intermediate CA
Provisioner: autocert [ID: 7oOZgiEg...]
Valid from: Jan 19 01:59:06 2019 UTC
to: Jan 20 01:59:06 2019 UTC
from certificates.
@mmalone This will be the short version of a CSR:
$ step certificate inspect --short hello.csr
X.509v3 Certificate Signing Request (ECDSA P-256)
Subject: hello.smallstep.com
from certificates.
This enhancement adds the ability to print a shortened version of a certificate in human readable format. X.509 certificates contain a lot of data that is necessary when computers try to verify cryptographic identities but less useful for most human debugging or information gathering. Most of the time we're only interested in a few fields when we inspect a certificate. So we've added a --short
option to step certificate inspect
that prints short, human friendly certificate info.
$ bin/step certificate inspect --short https://smallstep.com
X.509v3 TLS Certificate (ECDSA P-256) [Serial: 3263...4954]
Subject: smallstep.com
Issuer: Let's Encrypt Authority X3
Valid from: 2019-02-08T13:07:44Z
to: 2019-05-09T13:07:44Z
Try it out and let us know what you think. Are we missing attributes you think are necessary in a shortened output?
We're also considering making this the default behavior for step certificate inspect
and requiring a flag if you'd like to see the more verbose, complete certificate information. If you have opinions one way or the other, we'd love to hear from you.
from certificates.
Related Issues (20)
- [Bug]: step ssh inspect crashes when asked about a symlink to a *.pub file HOT 2
- "Other regions" AWS hardcoded certificate is expired
- Feature request: Environment variables for database setup in container HOT 3
- [Bug]: step ca init ignores --password-file when using an existing root cert
- Possibility to connect to a read-only instance of postgres HOT 1
- [Bug]: Device attestation validation returns 500 for invalid CBOR payload HOT 1
- Step CA in Docker doesn't trust it's self HOT 2
- Supply CGO enabled ARM Package HOT 3
- Subject name is re-encoded upon signing with default or custom templates HOT 4
- [Docs]: Configure / modify certificate for TLS communication HOT 1
- QQ about the releases HOT 2
- [Bug]: Issue starting CA with Yubikey HOT 2
- [Bug]: Issue with SCEP and Intune HOT 3
- [Bug]: gcloud permission denied error HOT 4
- Vault RA mode supports AWS auth method HOT 4
- Add Content-Type header application/json to webhook requests
- [Bug]: step ca certificate <subject> cert.crt cert.key --password-file=<private-key-passphrase-file> fails with the error "failed to decrypt JWE: invalid password" HOT 4
- SCEP webhook HOT 1
- [Docs]: Documentation for `disableIssuedAtCheck` incorrect
- Catch unsupported ACME identifier types earlier in the order flow
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from certificates.