Library used to check the OCSP revocation status for a x509 digital certificate.
Project description
OCSP-Requester
Overview
OCSP-Requester is a python package based on Alban Diquet's nassl wrapper and the Python Cryptographic Authority's cryptography package. Relying on a web browser to check the revocation status of a x509 digital certificate has been broken from the beginning, and validating certificates outside of the web browser is a manual process. OCSP-Requester aims to solve this by providing an automated means to check the OCSP revocation status for a x509 digital certificate.
Pre-requisites
Python - Python 3.7 (64-bit) and above.
Installation
pip install ocsp-checker
Usage
>>> from ocspchecker import ocspchecker
>>> ocsp_request = ocspchecker.get_ocsp_status("github.com")
Sample Output
Sample output below, let me know if you want to add more fields/information to the output.
['Host: github.com:443', 'OCSP URL: http://ocsp.digicert.com', 'OCSP Status: GOOD']
PLEASE NOTE: If you run this on a network with a MITM SSL proxy, you may receive unintended results (see below):
["Error Type": "Certificate Authority Information Access (AIA) Extension Missing",
"Message": "No <ObjectIdentifier(oid=1.3.6.1.5.5.7.1.1, name=authorityInfoAccess)> extension was found for netflix.com. Possible MITM SSL Proxy"]
Feedback
Send me mail at joe@metlife.com
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for ocsp_checker-1.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | cfca6de1537289d7d14e57861df75815815b0e049db2f8420f8de3424764b7b7 |
|
MD5 | 8ceecb95d31fa61bb3ca5e8bbe6bc048 |
|
BLAKE2b-256 | d99e7a63b5d05a162a93f84e82c9f6960a80bb2c1b8e1ff448ccc18fd6311305 |