Skip to main content

Library used to check the OCSP revocation status for a x509 digital certificate.

Project description

OCSPChecker

Downloads PyPI Version Python version

Overview

OCSPChecker is a python package based on Alban Diquet's nassl wrapper and the Python Cryptographic Authority's cryptography package. Relying on a web browser to check the revocation status of a x509 digital certificate has been broken from the beginning, and validating certificates outside of the web browser is a manual process. OCSP-Checker aims to solve this by providing an automated means to check the OCSP revocation status for a x509 digital certificate.

Pre-requisites

Python - Python 3.8 (64-bit) and above.

Installation

It is strongly recommended to run ocsp-checker in a virtual environment. This will prevent you from impacting your system python when installing its dependencies. venv is a good option, with an example below:

python -m venv ocsp-checker cd ocsp-checker && source bin/activate

Once your virtual environment is activated, install ocsp-checker as follows:

pip install ocsp-checker

Usage

>>> from ocspchecker import ocspchecker
>>> ocsp_request = ocspchecker.get_ocsp_status("github.com")

Sample Output

Sample output below, let me know if you want to add more fields/information to the output.

['Host: github.com:443', 'OCSP URL: http://ocsp.digicert.com', 'OCSP Status: GOOD']

PLEASE NOTE: If you run this on a network with a MITM SSL proxy, you may receive unintended results (see below):

["Error: Certificate Authority Information Access (AIA) Extension Missing. Possible MITM Proxy."]

Command Line Usage

OCSPChecker can now be used at the command line. The format is:

usage: ocspchecker [-h] --target target [--port port]

Check the OCSP revocation status for a x509 digital certificate.

optional arguments:
  -h, --help            show this help message and exit
  --target target, -t target
                        The target to test
  --port port, -p port  The port to test (default is 443)

For example:

ocspchecker -t github.com

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ocsp_checker-1.9.14.tar.gz (15.2 kB view hashes)

Uploaded Source

Built Distribution

ocsp_checker-1.9.14-py3-none-any.whl (17.2 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page