Library used to check the OCSP revocation status for a x509 digital certificate.
Project description
OCSPChecker
Overview
OCSPChecker is a python package based on Alban Diquet's nassl wrapper and the Python Cryptographic Authority's cryptography package. Relying on a web browser to check the revocation status of a x509 digital certificate has been broken from the beginning, and validating certificates outside of the web browser is a manual process. OCSP-Checker aims to solve this by providing an automated means to check the OCSP revocation status for a x509 digital certificate.
Pre-requisites
Python - Python 3.8 (64-bit) and above.
Installation
It is strongly recommended to run ocsp-checker in a virtual environment. This will prevent you from impacting your system python when installing its dependencies. venv is a good option, with an example below:
python -m venv ocsp-checker
cd ocsp-checker && source bin/activate
Once your virtual environment is activated, install ocsp-checker as follows:
pip install ocsp-checker
Usage
>>> from ocspchecker import ocspchecker
>>> ocsp_request = ocspchecker.get_ocsp_status("github.com")
Sample Output
Sample output below, let me know if you want to add more fields/information to the output.
['Host: github.com:443', 'OCSP URL: http://ocsp.digicert.com', 'OCSP Status: GOOD']
PLEASE NOTE: If you run this on a network with a MITM SSL proxy, you may receive unintended results (see below):
["Error: Certificate Authority Information Access (AIA) Extension Missing. Possible MITM Proxy."]
Command Line Usage
OCSPChecker can now be used at the command line. The format is:
usage: ocspchecker [-h] --target target [--port port]
Check the OCSP revocation status for a x509 digital certificate.
optional arguments:
-h, --help show this help message and exit
--target target, -t target
The target to test
--port port, -p port The port to test (default is 443)
For example:
ocspchecker -t github.com
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for ocsp_checker-1.9.14-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3bc0ef9d6d1eb1d748c4a830ef84295be696fc226d1e5d717f629e1ab1e33f12 |
|
MD5 | 07e4aa2af25e2602d4d9fb96fdf6f1c7 |
|
BLAKE2b-256 | 59564b18e08edaac1323f6c6b7f67400b021818b47867060b2ce5af9ba6cf5f4 |