jandd
/
certificate_analysis
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Tools for fetching and analyzing CA certificates
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
48 KiB
Python 100%
 
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
Go to file
Jan Dittberner 9e8e4cc283 Document usage of compare_certs.py 2 years ago
.gitignore Add certificate compare script 2 years ago
README.md Document usage of compare_certs.py 2 years ago
analyze_certs.py Add certificate compare script 2 years ago
compare_certs.py Add certificate compare script 2 years ago
fetch_ca_certs.py CA certificate analysis 2 years ago
helpers.py Add certificate compare script 2 years ago
poetry.lock CA certificate analysis 2 years ago
pyproject.toml CA certificate analysis 2 years ago

README.md

Case study of existing CA certificates

Generating the Markdown/SVG files

  1. Get the CA certificates of the CAs from their corresponding web sites

    poetry run python3 fetch_ca_certs.py

  2. Run the generation script and filter through pandoc for better markdown layout

    for dir in cacert certum dtrust globalsign letsencrypt sectigo
do
  poetry run python3 analyze_certs.py $dir | \
  pandoc -f markdown -t gfm > $dir.md
done

Compare certificates

There is a script compare_certs.py that can be used to compare a certificate with other certificates. The script generates markdown.

Example usage:

poetry run python3 compare_certs.py cacert/root_X0F.crt certum/CA.crt globalsign/root-r6.crt | \
pandoc -f markdown -t gfm > compare_root_cas.m