A text-based SSL certificate viewer. Shows an SSL server's certificate chain, and the validation path formed by OpenSSL.
Similar to the certificate viewer found in web browsers, only more keyboard friendly.
The flags next to each certificate are:
- s: Self-signed certificate.
- t: In the trust store. The trust store can be set with the --capath and --cafile options.
- v: In the validation path formed by OpenSSL.
- c: In the server's certificate chain.
- ncurses, glibc 2.9+, OpenSSL 1.0.0+.
- Works with Ubuntu 12.04, RHEL 6 okay.
For Ubuntu run:
sudo apt-get install cmake make g++ libncurses5-dev libssl-dev
For RHEL/CentOS run:
sudo yum install cmake gcc-c++ ncurses-devel openssl-devel
cmake .
make
x509ls/x509ls
sudo make install
- The longest server chain I've found contains some 108 certificates(!). 107 of these certificates are not even required, since the end-entity certificate is self-signed anyway.
