Project to help use the breadcrumbs that are left by the certificate to build the chain and output it into files.
Project description
Get Certificate Chain 🌐🔐
This Python script retrieves the certificate chain from a website, allowing you to analyze and verify the SSL/TLS certificates of the website. The original source can be found here, and the overwhelming majority of credit goes to TheScriptGuy.
This repository will operate as a custom fork of that project to act as a customized plugin for the PAN Dashboard project, allowing users to retrieve the certificate chain of a website from within the PAN Dashboard and have it uploaded to a PAN-OS or Panorama appliance.
Table of Contents
Requirements 📋
- Python 3.10+
- Poetry (optional) - Python Poetry
Creating Virtual Environment with Poetry 🌱
To create a virtual environment with Poetry, follow these steps:
-
Install Poetry if you haven't already:
curl -sSL https://install.python-poetry.org | python3 -
-
Create a virtual environment:
poetry install -
Activate the virtual environment:
poetry shell
Creating Virtual Environment without Poetry 🌱
To create a virtual environment without Poetry, follow these steps:
-
Create a virtual environment:
python3 -m venv venv
-
Activate the virtual environment:
source venv/bin/activate
-
Install the required packages:
pip install cryptography argparse pytest
Usage 🚀
To use the script, run the following command:
python get_certificate_chain.py --domain www.google.com
Arguments
--domain: The domain:port pair that the script should connect to. Defaults to www.google.com:443.--rm-ca-files: Remove the certificate files in the current working directory (*.crt, *.pem).--get-ca-cert-pem: Get cacert.pem from the curl.se website to help find Root CA.
Examples
Get the certificate chain for www.example.com:
python get_certificate_chain.py --domain www.example.com
Get the certificate chain for www.example.com:8443:
python get_certificate_chain.py --domain www.example.com:8443
Get the certificate chain for www.example.com:8443 and remove the certificate files in the current working directory (*.crt, *.pem):
python get_certificate_chain.py --domain www.example.com:8443 --rm-ca-files
Get the certificate chain for www.example.com:8443 and get cacert.pem from the curl.se website to help find Root CA:
python get_certificate_chain.py --domain www.example.com:8443 --get-ca-cert-pem
Get the certificate chain for www.example.com:8443, remove the certificate files in the current working directory (*.crt, *.pem), and get cacert.pem from the curl.se website to help find Root CA:
python get_certificate_chain.py --domain www.example.com:8443 --rm-ca-files --get-ca-cert-pem
License
This project is licensed under the MIT License - see the LICENSE file for details.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for get_certificate_chain-0.1.0.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 7510da27776d9e38b22eaa2c0ece5a7b2dccf22b2c84f4ae502d52978584f282 |
|
| MD5 | 84c44c317cfcc9553a151ef482e85672 |
|
| BLAKE2b-256 | ff7e7c5c053186ee687b19b812357d837849f9a31bfc8c6a7cdc2b338840525c |
Hashes for get_certificate_chain-0.1.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 74594d704151ccba1a892a75487b65798aed3ef19e66b1315c756a7479ca273c |
|
| MD5 | 8f92e10d9d80e2ee81b2d858a1fe15bd |
|
| BLAKE2b-256 | f8cc9dce5286d73bfb0ff45671fc8477d6943cfdf64601b05ebadfd07f38f9f1 |
