Skip to main content

A minimalistic X.509 certificate validator

Project description

verify-x509 is a minimalistic implementation of X.509 certificate validation logic. It is intended for use with applications and protocols that use X.509 PKI without TLS/SSL. Its features are:

  • Certificate chain building to the Mozilla trust store

  • Point-in-time validation of not-before/not-after constraints

  • Plugin architecture for X.509 extension processing

  • Offline operation (while OCSP responses and CRLs can be passed by the caller, verify-x509 makes no network calls)

verify-x509 implements elements of the following RFCs RFC 5280

Installation

pip install verify-x509

Synopsis

from verify_x509 import X509Verifier
...

Authors

  • Andrey Kislyuk

License

Copyright 2022-2023, Andrey Kislyuk and verify-x509 contributors. Licensed under the terms of the Apache License, Version 2.0. Distribution of the LICENSE and NOTICE files with source copies of this package and derivative works is REQUIRED as specified by the Apache License.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

verify-x509-0.0.1.tar.gz (10.2 kB view hashes)

Uploaded Source

Built Distribution

verify_x509-0.0.1-py3-none-any.whl (7.1 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page