writeout: add %{certs} and %{num_certs} by bagder · Pull Request #10019 · curl/curl

bagder · 2022-12-02T12:41:07Z

Let's users get the server certificate chain using the command line

Demo

$ curl -w '%{certs}\n' https://curl.se/ -s -o /dev/null

Subject:CN = curl.se
Issuer:C = US, O = Let's Encrypt, CN = R3
Version:2
Serial Number:03439cffb072ac0cf6e9e08c4cf8b12fca6a
Signature Algorithm:sha256WithRSAEncryption
Public Key Algorithm:rsaEncryption
X509v3 Key Usage:Digital Signature, Key Encipherment
X509v3 Extended Key Usage:TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints:CA:FALSE
X509v3 Subject Key Identifier:C4:48:F1:37:C4:89:B0:28:7E:1F:82:23:B0:F8:4C:D0:D5:A0:50:4D
X509v3 Authority Key Identifier:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
Authority Information Access:OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/
X509v3 Subject Alternative Name:DNS:curl.se
X509v3 Certificate Policies:Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
  CPS: http://cps.letsencrypt.org
CT Precertificate SCTs:Signed Certificate Timestamp:
    Version   : v1 (0x0)
    Log ID    : 7A:32:8C:54:D8:B7:2D:B6:20:EA:38:E0:52:1E:E9:84:
                16:70:32:13:85:4D:3B:D2:2B:C1:3A:57:A3:52:EB:52
    Timestamp : Oct 25 12:46:57.620 2022 GMT
    Extensions: none
    Signature : ecdsa-with-SHA256
                30:45:02:20:30:C9:F1:7F:CF:AD:57:D0:33:EE:36:61:
                A8:80:44:8E:4B:6E:B2:B6:21:7E:EF:5A:FC:7E:8E:7D:
                4B:8B:9C:E8:02:21:00:EF:63:B4:2F:82:AD:56:24:37:
                9E:9D:AC:21:DF:6D:15:86:98:6D:15:25:69:84:CC:FD:
                2B:93:EE:12:A1:D5:19
Signed Certificate Timestamp:
    Version   : v1 (0x0)
    Log ID    : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
                03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
    Timestamp : Oct 25 12:46:57.583 2022 GMT
    Extensions: none
    Signature : ecdsa-with-SHA256
                30:45:02:21:00:A3:3E:B8:B1:3E:37:01:A8:52:8C:A2:
                90:B1:E5:2C:8E:61:1C:57:33:35:BC:50:C5:2B:71:12:
                0A:E1:1C:11:C0:02:20:6B:0E:BC:ED:00:54:99:DD:76:
                2B:52:0E:C2:D3:61:B3:46:3F:A7:E5:46:AA:4E:24:F2:
                4D:CE:29:80:21:2C:4C
Start date:Oct 25 11:46:57 2022 GMT
Expire date:Jan 23 11:46:56 2023 GMT
RSA Public Key:2048
rsa(n):BFE9C1B639787FB6C6A14D3071E5D723E17B870E9268BF10B01052C7644CE2E75F5C6F71220FE842628EE866AD7AFFD9B3390E52FE90225D9F37578162B565C8AE2163FEFA237D719F6F06F665A9E5C952158FD29496A8E5CBD980B1D3004C03CD5E5A2D7FE33D2D23A0CEE97536366778ED564191F995843E35AD4C9D88C3BAE41ECF2609679A7BD72C0EE87CF76B5B0846EA019F7A9E83499B884D0FF0C2A8816CC551BFE730653C1540B3E12ACFCF9735FB1748926BC4277929F3D24035C850A1AC86BE5A46468A13BB6EE5C0334719ABFD3C788F12357FF8A663066378D66B51438A30014211334FE19DD46C18DA51B97E70443D7E9724D41CED860FA49D
rsa(e):10001
Signature:11:93:bc:69:98:ad:ba:64:5c:8b:48:42:a4:03:c0:48:51:ba:d3:67:65:57:4c:5e:28:50:f1:a1:5d:5f:fc:72:b0:cc:56:ac:83:9a:6a:6c:57:b0:71:50:1a:92:22:ca:b9:5f:82:7c:73:45:a8:92:44:da:de:40:64:13:9d:bc:6e:42:3c:12:96:d2:b3:fa:fb:59:43:93:e5:ec:3c:24:93:d5:82:f4:28:49:f6:02:00:8e:9b:68:3f:a1:c3:e7:49:a9:f9:81:75:b9:f0:e3:06:86:dc:ba:06:b7:d5:d8:a2:14:5c:0d:88:13:a9:d6:8d:d3:e5:1c:50:d0:ce:d3:57:67:a6:f7:7c:b5:fa:da:cc:f4:2e:74:3a:12:e5:78:94:fd:72:83:25:32:8e:c7:5f:b8:0f:f1:d3:63:d2:2f:61:f1:65:85:50:5a:dd:2f:5f:65:c4:2a:11:11:12:cc:63:d7:78:6f:18:d0:bf:70:fa:f1:e1:db:02:a4:fb:da:e5:e1:13:6b:5e:cc:34:1c:46:f0:d8:f3:71:6d:b0:91:29:9c:84:2b:39:57:98:a9:9f:2e:fd:be:9c:18:ad:5c:e4:98:80:86:cb:3d:bf:e5:4f:63:2a:00:0f:eb:89:ac:af:c7:d3:8c:42:fb:62:e7:82:73:3a:2a:7e:c7:a6:9f:
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISA0Oc/7ByrAz26eCMTPixL8pqMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMjEwMjUxMTQ2NTdaFw0yMzAxMjMxMTQ2NTZaMBIxEDAOBgNVBAMT
B2N1cmwuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/6cG2OXh/
tsahTTBx5dcj4XuHDpJovxCwEFLHZEzi519cb3EiD+hCYo7oZq16/9mzOQ5S/pAi
XZ83V4FitWXIriFj/vojfXGfbwb2ZanlyVIVj9KUlqjly9mAsdMATAPNXlotf+M9
LSOgzul1NjZneO1WQZH5lYQ+Na1MnYjDuuQezyYJZ5p71ywO6Hz3a1sIRuoBn3qe
g0mbiE0P8MKogWzFUb/nMGU8FUCz4SrPz5c1+xdIkmvEJ3kp89JANchQoayGvlpG
RooTu27lwDNHGav9PHiPEjV/+KZjBmN41mtRQ4owAUIRM0/hndRsGNpRuX5wRD1+
lyTUHO2GD6SdAgMBAAGjggJCMIICPjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFMRI
8TfEibAofh+CI7D4TNDVoFBNMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52L
FMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVu
Y3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBIGA1Ud
EQQLMAmCB2N1cmwuc2UwTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMB
AQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEE
BgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB6MoxU2LcttiDqOOBSHumEFnAyE4VNO9Ir
wTpXo1LrUgAAAYQPLoRUAAAEAwBHMEUCIDDJ8X/PrVfQM+42YaiARI5LbrK2IX7v
Wvx+jn1Li5zoAiEA72O0L4KtViQ3np2sId9tFYaYbRUlaYTM/SuT7hKh1RkAdgDo
PtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYQPLoQvAAAEAwBHMEUC
IQCjPrixPjcBqFKMopCx5SyOYRxXMzW8UMUrcRIK4RwRwAIgaw687QBUmd12K1IO
wtNhs0Y/p+VGqk4k8k3OKYAhLEwwDQYJKoZIhvcNAQELBQADggEBABGTvGmYrbpk
XItIQqQDwEhRutNnZVdMXihQ8aFdX/xysMxWrIOaamxXsHFQGpIiyrlfgnxzRaiS
RNreQGQTnbxuQjwSltKz+vtZQ5Pl7Dwkk9WC9ChJ9gIAjptoP6HD50mp+YF1ufDj
Bobcuga31diiFFwNiBOp1o3T5RxQ0M7TV2em93y1+trM9C50OhLleJT9coMlMo7H
X7gP8dNj0i9h8WWFUFrdL19lxCoRERLMY9d4bxjQv3D68eHbAqT72uXhE2tezDQc
RvDY83FtsJEpnIQrOVeYqZ8u/b6cGK1c5JiAhss9v+VPYyoAD+uJrK/H04xC+2Ln
gnM6Kn7Hpp8=
-----END CERTIFICATE-----
Subject:C = US, O = Let's Encrypt, CN = R3
Issuer:C = US, O = Internet Security Research Group, CN = ISRG Root X1
Version:2
Serial Number:912b084acf0c18a753f6d62e25a75f5a
Signature Algorithm:sha256WithRSAEncryption
Public Key Algorithm:rsaEncryption
X509v3 Key Usage:Digital Signature, Certificate Sign, CRL Sign
X509v3 Extended Key Usage:TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Basic Constraints:CA:TRUE, pathlen:0
X509v3 Subject Key Identifier:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
X509v3 Authority Key Identifier:79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E
Authority Information Access:CA Issuers - URI:http://x1.i.lencr.org/
X509v3 CRL Distribution Points:Full Name:
  URI:http://x1.c.lencr.org/
X509v3 Certificate Policies:Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
Start date:Sep  4 00:00:00 2020 GMT
Expire date:Sep 15 16:00:00 2025 GMT
RSA Public Key:2048
rsa(n):BB021528CCF6A094D30F12EC8D5592C3F882F199A67A4288A75D26AAB52BB9C54CB1AF8E6BF975C8A3D70F4794145535578C9EA8A23919F5823C42A94E6EF53BC32EDB8DC0B05CF35938E7EDCF69F05A0B1BBEC094242587FA3771B313E71CACE19BEFDBE43B45524596A9C153CE34C852EEB5AEED8FDE6070E2A554ABB66D0E97A540346B2BD3BC66EB66347CFA6B8B8F572999F830175DBA726FFB81C5ADD286583D17C7E709BBF12BF786DCC1DA715DD446E3CCAD25C188BC60677566B3F118F7A25CE653FF3A88B647A5FF1318EA9809773F9D53F9CF01E5F5A6701714AF63A4FF99B3939DDC53A706FE48851DA169AE2575BB13CC5203F5ED51A18BDB15
rsa(e):10001
Signature:85:ca:4e:47:3e:a3:f7:85:44:85:bc:d5:67:78:b2:98:63:ad:75:4d:1e:96:3d:33:65:72:54:2d:81:a0:ea:c3:ed:f8:20:bf:5f:cc:b7:70:00:b7:6e:3b:f6:5e:94:de:e4:20:9f:a6:ef:8b:b2:03:e7:a2:b5:16:3c:91:ce:b4:ed:39:02:e7:7c:25:8a:47:e6:65:6e:3f:46:f4:d9:f0:ce:94:2b:ee:54:ce:12:bc:8c:27:4b:b8:c1:98:2f:a2:af:cd:71:91:4a:08:b7:c8:b8:23:7b:04:2d:08:f9:08:57:3e:83:d9:04:33:0a:47:21:78:09:82:27:c3:2a:c8:9b:b9:ce:5c:f2:64:c8:c0:be:79:c0:4f:8e:6d:44:0c:5e:92:bb:2e:f7:8b:10:e1:e8:1d:44:29:db:59:20:ed:63:b9:21:f8:12:26:94:93:57:a0:1d:65:04:c1:0a:22:ae:10:0d:43:97:a1:18:1f:7e:e0:e0:86:37:b5:5a:b1:bd:30:bf:87:6e:2b:2a:ff:21:4e:1b:05:c3:f5:18:97:f0:5e:ac:c3:a5:b8:6a:f0:2e:bc:3b:33:b9:ee:4b:de:cc:fc:e4:af:84:0b:86:3f:c0:55:43:36:f6:68:e1:36:17:6a:8e:99:d1:ff:a5:40:a7:34:b7:c0:d0:63:39:35:39:75:6e:f2:ba:76:c8:93:02:e9:a9:4b:6c:17:ce:0c:02:d9:bd:81:fb:9f:b7:68:d4:06:65:b3:82:3d:77:53:f8:8e:79:03:ad:0a:31:07:75:2a:43:d8:55:97:72:c4:29:0e:f7:c4:5d:4e:c8:ae:46:84:30:d7:f2:85:5f:18:a1:79:bb:e7:5e:70:8b:07:e1:86:93:c3:b9:8f:dc:61:71:25:2a:af:df:ed:25:50:52:68:8b:92:dc:e5:d6:b5:e3:da:7d:d0:87:6c:84:21:31:ae:82:f5:fb:b9:ab:c8:89:17:3d:e1:4c:e5:38:0e:f6:bd:2b:bd:96:81:14:eb:d5:db:3d:20:a7:7e:59:d3:e2:f8:58:f9:5b:b8:48:cd:fe:5c:4f:16:29:fe:1e:55:23:af:c8:11:b0:8d:ea:7c:93:90:17:2f:fd:ac:a2:09:47:46:3f:f0:e9:b0:b7:ff:28:4d:68:32:d6:67:5e:1e:69:a3:93:b8:f5:9d:8b:2f:0b:d2:52:43:a6:6f:32:57:65:4d:32:81:df:38:53:85:5d:7e:5d:66:29:ea:b8:dd:e4:95:b5:cd:b5:56:12:42:cd:c4:4e:c6:25:38:44:50:6d:ec:ce:00:55:18:fe:e9:49:64:d4:4e:ca:97:9c:b4:5b:c0:73:a8:ab:b8:47:c2:
-----BEGIN CERTIFICATE-----
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
nLRbwHOoq7hHwg==
-----END CERTIFICATE-----
Subject:C = US, O = Internet Security Research Group, CN = ISRG Root X1
Issuer:O = Digital Signature Trust Co., CN = DST Root CA X3
Version:2
Serial Number:4001772137d4e942b8ee76aa3c640ab7
Signature Algorithm:sha256WithRSAEncryption
Public Key Algorithm:rsaEncryption
X509v3 Basic Constraints:CA:TRUE
X509v3 Key Usage:Certificate Sign, CRL Sign
Authority Information Access:CA Issuers - URI:http://apps.identrust.com/roots/dstrootcax3.p7c
X509v3 Authority Key Identifier:C4:A7:B1:A4:7B:2C:71:FA:DB:E1:4B:90:75:FF:C4:15:60:85:89:10
X509v3 Certificate Policies:Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
  CPS: http://cps.root-x1.letsencrypt.org
X509v3 CRL Distribution Points:Full Name:
  URI:http://crl.identrust.com/DSTROOTCAX3CRL.crl
X509v3 Subject Key Identifier:79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E
Start date:Jan 20 19:14:03 2021 GMT
Expire date:Sep 30 18:14:03 2024 GMT
RSA Public Key:4096
rsa(n):ADE82473F41437F39B9E2B57281C87BEDCB7DF38908C6E3CE657A078F775C2A2FEF56A6EF6004F28DBDE68866C4493B6B163FD14126BBF1FD2EA319B217ED1333CBA48F5DD79DFB3B8FF12F1219A4BC18A8671694A66666C8F7E3C70BFAD292206F3E4C0E680AEE24B8FB7997E94039FD347977C99482353E838AE4F0A6F832ED149578C8074B6DA2FD0388D7B0370211B75F2303CFA8FAEDDDA63ABEB164FC28E114B7ECF0BE8FFB5772EF4B27B4AE04C12250C708D0329A0E15324EC13D9EE19BF10B34A8C3F89A36151DEAC870794F46371EC2EE26F5B9881E1895C34796C76EF3B906279E6DBA49A2F26C5D010E10EDED9108E16FBB7F7A8F7C7E50207988F360895E7E237960D36759EFB0E72B11D9BBC03F94905D881DD05B42AD641E9AC0176950A0FD8DFD5BD121F352F28176CD298C1A80964776E4737BACEAC595E689D7F72D689C50641293E593EDD26F524C911A75AA34C401F46A199B5A73A516E863B9E7D72A712057859ED3E5178150B038F8DD02F05B23E7B4A1C4B730512FCC6EAE050137C439374B3CA74E78E1F0108D030D45B7136B407BAC130305C48B7823B98A67D608AA2A32982CCBABD83041BA2830341A1D605F11BC2B6F0A87C863B46A8482A88DC769A76BF1F6AA53D198FEB38F364DEC82B0D0A28FFF7DBE21542D422D0275DE179FE18E77088AD4EE6D98B3AC6DD27516EFFBC64F533434F
rsa(e):10001
Signature:0a:73:00:6c:96:6e:ff:0e:52:d0:ae:dd:8c:e7:5a:06:ad:2f:a8:e3:8f:bf:c9:0a:03:15:50:c2:e5:6c:42:bb:6f:9b:f4:b4:4f:c2:44:88:08:75:cc:eb:07:9b:14:62:6e:78:de:ec:27:ba:39:5c:f5:a2:a1:6e:56:94:70:10:53:b1:bb:e4:af:d0:a2:c3:2b:01:d4:96:f4:c5:20:35:33:f9:d8:61:36:e0:71:8d:b4:b8:b5:aa:82:45:95:c0:f2:a9:23:28:e7:d6:a1:cb:67:08:da:a0:43:2c:aa:1b:93:1f:c9:de:f5:ab:69:5d:13:f5:5b:86:58:22:ca:4d:55:e4:70:67:6d:c2:57:c5:46:39:41:cf:8a:58:83:58:6d:99:fe:57:e8:36:0e:f0:0e:23:aa:fd:88:97:d0:e3:5c:0e:94:49:b5:b5:17:35:d2:2e:bf:4e:85:ef:18:e0:85:92:eb:06:3b:6c:29:23:09:60:dc:45:02:4c:12:18:3b:e9:fb:0e:de:dc:44:f8:58:98:ae:ea:bd:45:45:a1:88:5d:66:ca:fe:10:e9:6f:82:c8:11:42:0d:fb:e9:ec:e3:86:00:de:9d:10:e3:38:fa:a4:7d:b1:d8:e8:49:82:84:06:9b:2b:e8:6b:4f:01:0c:38:77:2e:f9:dd:e7:39:
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
-----END CERTIFICATE-----

bagder · 2022-12-08T13:50:21Z

I have also verified that saving this output for a self-sign host in a file works fine to use with --cacerts in a subsequent invoke

cvengler

I would add at least one new test containing one certificate, because with the current approach, only a fraction of this code gets tested, as several branches are not even entered due to the lack of certificates.

Let users get the server certificate chain using the command line Closes #10019

Also add to FILEFORMAT.md

bagder added TLS cmdline tool feature-window A merge of this requires an open feature window labels Dec 2, 2022

bagder force-pushed the bagder/certs branch from 7f02fe7 to dc00445 Compare December 2, 2022 15:17

bagder force-pushed the bagder/certs branch from dc00445 to 3377960 Compare December 8, 2022 13:51

bagder marked this pull request as ready for review December 8, 2022 13:51

cvengler reviewed Dec 13, 2022

View reviewed changes

Comment thread src/tool_writeout.c

bagder removed the feature-window A merge of this requires an open feature window label Dec 26, 2022

bagder force-pushed the bagder/certs branch from 3377960 to a8a10ce Compare December 26, 2022 10:42

bagder force-pushed the bagder/certs branch from 34c8f5f to 9bfbda5 Compare December 27, 2022 11:00

bagder added 3 commits December 27, 2022 12:05

writeout: add %{certs} and %{num_certs}

b1b8e79

Let users get the server certificate chain using the command line Closes #10019

test417: verify %{certs} output

4af631d

runtests: make 'mbedtls' a testable feature

fd4415a

Also add to FILEFORMAT.md

bagder force-pushed the bagder/certs branch from 9bfbda5 to fd4415a Compare December 27, 2022 11:06

bagder closed this in c6aa19c Dec 27, 2022

bagder deleted the bagder/certs branch December 27, 2022 21:42

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

writeout: add %{certs} and %{num_certs}#10019

writeout: add %{certs} and %{num_certs}#10019
bagder wants to merge 3 commits intomasterfrom
bagder/certs

bagder commented Dec 2, 2022 •

edited

Loading

Uh oh!

bagder commented Dec 8, 2022

Uh oh!

cvengler left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

2 participants

Uh oh!

Conversation

bagder commented Dec 2, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Demo

Uh oh!

bagder commented Dec 8, 2022

Uh oh!

cvengler left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

2 participants

bagder commented Dec 2, 2022 •

edited

Loading