cert-ripper is a command line tools that can be used to aid working with x509 certificates.
Currently, it offers the following features:
- fetch certificate chain from a host
- save certificates in different formats (PEM, DER, P7B, OpenSSL text)
- generate and decode certificate signing requests (CSR)
- generate self-signed certificates
- Fetch certificate chain:
cert-ripper print --url=ervinszilagyi.dev- Generate a CSR:
cert-ripper request create --commonName ervinszilagyi.dev- Decode a CSR:
cert-ripper request decode --path=csr.pem- Generate a self-signed certificate:
cert-ripper generate fromstdio --commonName=ervinszilagyi.dev --validFrom="2023-05-09 15:04:05" --validFor=3600 --isCa- Convert a certificate from .p7b format to .pem:
cert-ripper convert -s certs/pkcs.p7b -t certs/crt.pemFor more details about commands ands functionalities, please visit the documentation page.
Install with homebrew:
brew tap recon-tools/homebrew-recon-tools
brew install cert-ripperppa coming, for now download the executable from the release page
Download the executable from the releases page: https://github.com/recon-tools/cert-ripper-go/releases
Go 1.19 is required.
go build -o target/cert-rippergo build -o target/cert-ripper.exego build -ldflags "-X 'cert-ripper-go/cmd.appVersion=0.0.1'" -o target/cert-ripperRunning tests:
go test ./...