Skip to content
dweller long gone edited this page May 22, 2026 · 3 revisions

Certificate Gadgets Wiki

Certificate Gadgets is a browser-based certificate investigation tool and reusable TypeScript API. It loads X.509 certificates, displays certificate-focused fields and extensions, embeds the PkiStudioJS ASN.1 viewer, and supports explicit network-assisted validation workflows for AIA, OCSP, and CRL resources.

Certificate Gadgets screenshot

The package is published as:

npm install @pkistudio/certgadgets

Current package version: 0.1.4

What to Read First

  • Getting Started: install, run locally, load certificates, inspect fields, and save DER or PEM output.
  • Browser App: understand the certificate tree, detail pane, Validation pane, API Log, and embedded ASN.1 viewer behavior.
  • Core API: use CertGadgetsCore for certificate parsing, tree models, DER/PEM/HEX/Base64 helpers, and validation plan collection.
  • Validation API: use CertGadgetsValidation for network validation planning, OCSP request preparation, response assessment, and artifacts.
  • Embedding: mount the application in a browser page or Webview host and provide host-owned networking callbacks.
  • Testing: understand what the standard checks cover and where browser verification is still needed.
  • Development: local checks, package entry points, wiki preview, and release notes.

Key Guarantees

  • Certificate parsing and structural inspection run locally in the browser.
  • Loaded certificate data is kept as DER bytes in browser memory.
  • The app keeps one loaded certificate document at a time.
  • X.509 parsing uses PKIjs and ASN.1 support from asn1js.
  • PkiStudioJS is used as the ASN.1 inspection viewer; Certificate Gadgets owns certificate loading, validation actions, and selected-item routing.
  • Network-assisted validation is explicit. The app does not silently fetch CRLs, OCSP responses, AIA resources, or issuer certificates.
  • Host-specific networking, user confirmation, file access, dialogs, and Webview lifecycle remain outside the reusable core package.
  • Browser-hosted validation can use host callbacks or a fetch proxy because many certificate endpoints are HTTP-only or omit CORS headers.

Repository Links

Clone this wiki locally