Certigo is a utility to examine and validate certificates in a variety of formats.
Currently supported formats are X.509 (DER/PEM), JCEKS/JKS, PKCS7 and PKCS12. Need support for an exotic certificate storage format that's not yet supported? Open an issue on Github and maybe we can add it. We enjoy the challenge!
To install certigo, simply use:
go get -u github.com/square/certigo
On macOS you can also use homebrew to install:
brew install certigo
Note that certigo requires Go 1.5 or later to build.
We use glide for managing vendored dependencies.
Certigo can read certificates/keystores in various formats and dump them to stdout.
Certigo will display information in a human-readable way, and print warnings for common mistakes (such as small key sizes or weak signatures/hash functions). Certigo can also convert any input to a series of PEM blocks, which is useful if you want to e.g. dump the contents of unusual container formats into something more useful.
usage: certigo [<flags>] <command> [<args> ...] A command line certificate examination utility. Flags: --help Show context-sensitive help (also try --help-long and --help-man). --version Show application version. Commands: help [<command>...] Show help. dump [<flags>] [<file>...] Display information about a certificate from a file/stdin. connect [<flags>] [<server:port>] Connect to a server and print its certificate(s). verify --name=NAME [<flags>] [<file>] Verify a certificate chain from file/stdin against a name.
Display information about a certificate (from a file, or from stdin):
Export certificates/keys from a keystore into PEM blocks:
Display information about a certificate from a remote server: