Skip to main content

Use this tool get information about recent CRLite runs

Project description

NOTE: This tool is unmaintained, though at least somewhat still works. The official mechanism for querying CRLite is now the rust-query-crlite tool:

See the Wiki

Query CRLite Status

This tool reads public data from the CRLite service to provide some useful status pertaining to recent runs.

It maintains a local database in your ~/.crlitedb/audits folder, which is the same general place as the moz_crlite_query tool defaults.

Install from PyPi:

pip install crlite_status

Calling with only a number will show basic details of that many recent runs:

→ crlite_status 6
                                                          Data sizes
┏━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━┓
┃ Run ID     ┃ Run Time          ┃ Filter   ┃ Filter Layers ┃ Stash      ┃ Known Revoked ┃ Known Not        ┃ Period Covered ┃
┃            ┃                   ┃          ┃               ┃            ┃               ┃ Revoked          ┃                ┃
┡━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━┩
│ 20200715-0 │ 2020-07-15 23:30Z │ 4.716 MB │ 27            │ 241.846 kB │ 3,627,091     │ 85,411,848       │ 1 day, 5:29:37 │
│ 20200714-3 │ 2020-07-14 18:00Z │ 4.713 MB │ 27            │ 42.293 kB  │ 3,624,884     │ 85,318,616       │ 5:59:55        │
│ 20200714-2 │ 2020-07-14 12:00Z │ 4.715 MB │ 27            │ 52.959 kB  │ 3,625,239     │ 85,279,722       │ 6:00:15        │
│ 20200714-1 │ 2020-07-14 06:00Z │ 4.715 MB │ 28            │ 20.627 kB  │ 3,625,180     │ 85,340,063       │ 5:59:46        │
│ 20200714-0 │ 2020-07-14 00:00Z │ 4.716 MB │ 27            │ 86.515 kB  │ 3,625,935     │ 85,282,318       │ 6:00:15        │
│ 20200713-3 │ 2020-07-13 18:00Z │ 4.712 MB │ 27            │ 46.512 kB  │ 3,623,297     │ 85,239,760       │                │
└────────────┴───────────────────┴──────────┴───────────────┴────────────┴───────────────┴──────────────────┴────────────────┘

You can also dig into CRL audit data with the --crl flag:

→ crlite_status 2 --crl
                                                          Data sizes
┏━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━┳━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━┓
┃ Run ID     ┃ Run Time          ┃ Filter   ┃ Filter Layers ┃ Stash      ┃ Known Revoked ┃ Known Not        ┃ Period Covered ┃
┃            ┃                   ┃          ┃               ┃            ┃               ┃ Revoked          ┃                ┃
┡━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━━╇━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━┩
│ 20200715-0 │ 2020-07-15 23:30Z │ 4.716 MB │ 27            │ 241.846 kB │ 3,627,091     │ 85,411,848       │ 1 day, 5:29:37 │
│ 20200714-3 │ 2020-07-14 18:00Z │ 4.713 MB │ 27            │ 42.293 kB  │ 3,624,884     │ 85,318,616       │ 5:59:55        │
└────────────┴───────────────────┴──────────┴───────────────┴────────────┴───────────────┴──────────────────┴────────────────┘
                                   20200715-0 audit entries
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━┓
┃ Issuer                                                       ┃ Kind                ┃ Count ┃
┡━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━┩
│ CN=Dodo Sign TLS ICA RSA R1,O=Dodo Sign                      │ Older Than Previous │ 1     │
│ Ltd,L=Ebene,ST=Plaines Wilhems,C=MU                          │                     │       │
│ CN=Domain The Net Technologies Ltd CA for EV SSL R2,O=Domain │ Older Than Previous │ 1     │
│ The Net Technologies Ltd,C=IL                                │                     │       │
│ CN=Go Daddy Secure Certificate Authority -                   │ Older Than Previous │ 66    │
│ G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\,   │                     │       │
│ Inc.,L=Scottsdale,ST=Arizona,C=US                            │                     │       │
│ CN=TeleSec Business CA 1,OU=T-Systems Trust                  │ Failed Download     │ 1     │
│ Center,O=T-Systems International GmbH,C=DE                   │                     │       │
│ CN=Starfield Secure Certificate Authority -                  │ Older Than Previous │ 16    │
│ G2,OU=http://certs.starfieldtech.com/repository/,O=Starfield │                     │       │
│ Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US             │                     │       │
│ CN=Domain The Net Technologies Ltd CA for SSL R2,O=Domain    │ Older Than Previous │ 1     │
│ The Net Technologies Ltd,C=IL                                │                     │       │
│ CN=Amazon,OU=Server CA 3B,O=Amazon,C=US                      │ Older Than Previous │ 1     │
│ CN=Starfield Root Certificate Authority -                    │ Very Old, Blocked   │ 1     │
│ G2,OU=https://certs.starfieldtech.com/repository/,O=Starfie… │                     │       │
│ Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US             │                     │       │
│ OU=醫事憑證管理中心,O=行政院,C=TW                               │ Failed Download     │ 1     │
│ CN=SSL.com EV SSL Intermediate CA ECC R2,O=SSL               │ Older Than Previous │ 1     │
│ Corp,L=Houston,ST=Texas,C=US                                 │                     │       │
└──────────────────────────────────────────────────────────────┴─────────────────────┴───────┘
                                   20200714-3 audit entries
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━┳━━━━━━━┓
┃ Issuer                                                           ┃ Kind            ┃ Count ┃
┡━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━╇━━━━━━━┩
│ CN=Starfield Secure Certificate Authority -                      │ Failed Verify   │ 1     │
│ G2,OU=http://certs.starfieldtech.com/repository/,O=Starfield     │                 │       │
│ Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US                 │                 │       │
│ OU=醫事憑證管理中心,O=行政院,C=TW                                   │ Failed Download │ 1     │
│ CN=Go Daddy Secure Certificate Authority -                       │ Failed Verify   │ 80    │
│ G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\,       │                 │       │
│ Inc.,L=Scottsdale,ST=Arizona,C=US                                │                 │       │
│ CN=TeleSec Business CA 1,OU=T-Systems Trust Center,O=T-Systems   │ Failed Download │ 1     │
│ International GmbH,C=DE                                          │                 │       │
│ CN=SHECA RSA Organization Validation Server CA                   │ Failed Download │ 5     │
│ G3,O=UniTrust,C=CN                                               │                 │       │
│ CN=Starfield Root Certificate Authority -                        │ Old             │ 1     │
│ G2,OU=https://certs.starfieldtech.com/repository/,O=Starfield    │                 │       │
│ Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US                 │                 │       │
└──────────────────────────────────────────────────────────────────┴─────────────────┴───────┘

When using the --crl option, more fine-grained details can be obtained from the JSON files in ~/.crlite_db/audits/, or you can use --crl-details path_to_file.html and get a rich-text version.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

crlite_status-0.0.8.tar.gz (32.1 kB view hashes)

Uploaded Source

Built Distribution

crlite_status-0.0.8-py3-none-any.whl (18.2 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page