get-certificate-chain 0.1.8

Project to help use the breadcrumbs that are left by the certificate to build the chain and output it into files.

Get Certificate Chain 🌐🔐

This Python script retrieves the certificate chain from a website, allowing you to analyze and verify the SSL/TLS certificates of the website. This project is a custom fork of the getCertificateChain project, and the overwhelming majority of credit goes to TheScriptGuy.

Table of Contents

• Get Certificate Chain 🌐🔐
  • Table of Contents
  • Requirements 📋
  • Installation
    • PyPi
    • GitHub
  • Usage 🚀
    • Import into script
    • Command Line CLI
      • Arguments
  • Contributing
  • License

Requirements 📋

• Python 3.9+
• Poetry (optional) - Python Poetry

Installation

PyPi

To install the package from PyPi, simply run the appropriate command.

pip install get-certificate-chain

GitHub

To install from the GitHub repository, follow these steps:

1. Clone the repository.
2. Change the directory to the cloned repository.
3. Install the package using pip.

git clone https://github.com/cdot65/get_certificate_chain.git
cd get_certificate_chain
pip install .

Usage 🚀

Import into script

To use the package in your script, simply import the package and create an instance of the SSLCertificateChainDownloader object.

To pass arguments into the object, you can use the argparse library:

1. Import the argparse library.
2. Import the SSLCertificateChainDownloader object from the package.
3. Create a python dictionary with the "host" key and value of the domain.
4. Create an instance of the SSLCertificateChainDownloader object.
5. Run the downloader object with the parsed arguments.

from get_certificate_chain.download import SSLCertificateChainDownloader

downloader = SSLCertificateChainDownloader()
# Use the downloader object for your needs

You can pass the arguments directly into the object:

from get_certificate_chain.download import SSLCertificateChainDownloader

downloader = SSLCertificateChainDownloader()
downloader.run({'host': 'www.google.com'})

Or pass you can use the argparse library to parse the arguments:

import argparse
from get_certificate_chain.download import SSLCertificateChainDownloader

# Add your arguments
args = parser.parse_args()

downloader = SSLCertificateChainDownloader()
downloader.run(args)

You may also specify an output directory when creating an instance of the class:

from get_certificate_chain.download import SSLCertificateChainDownloader

downloader = SSLCertificateChainDownloader(output_directory="/var/tmp")
downloader.run({"host": "www.google.com"})

Command Line CLI

To use the script from the command line, run the following command:

get-certificate-chain --host www.google.com

get-certificate-chain --rm-ca-files

Arguments

• --host: The host:port pair that the script should connect to. Defaults to www.google.com:443.
• --rm-ca-files: Remove the certificate files in the current working directory (*.crt, *.pem).
• --get-ca-cert-pem: Get cacert.pem from the chost.se website to help find Root CA.
• --log-level: Set the log level. Defaults to INFO.
• --output-dir: Set the output directory. Defaults to the current working directory.

Contributing

Contributions are welcome! To contribute, please follow these guidelines:

1. Write tests for your code using pytest. Make sure your tests follow the standards set by the existing tests.
2. Set up a virtual environment using Poetry. You can install Poetry by following the instructions at https://python-poetry.org/docs/#installation.

To set up a new virtual environment for the project, run the appropriate command.

poetry install

To activate the virtual environment, run the appropriate command.

poetry shell

After making your changes and adding tests, ensure that all tests pass by running the appropriate command.

pytest

License

This project is licensed under the MIT License - see the LICENSE file for details.