This is a quick command-line utility for displaying information contained in an SSL certificates and CRLs. It is faster and easier to remember than the OpenSSL commands on which it is based. It allows you specify only a certificate’s filename. It guesses the certificate’s type based on the filename extension. This works with most pem, der, and p12 formatted files using common extension conventions.

Usage

> ce direct.example.com.der

Output

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4861619212740627522 (0x4377f0ea809e8c42)
    Signature Algorithm: sha1WithRSAEncryption

Installation

OpenSSL is a prerequisite. Execute the following commands to ensure that “ce” is on your path and that it executes without invoking Python directly.

> sudo cp ce /usr/bin 
> sudo chmod 755 /usr/bin/ce

Source Code for ce

#!/usr/bin/env python
# -*- coding: utf-8 -*-
# vim: ai ts=4 sts=4 et sw=4
# Copyright 2013 Videntity  
# Freely reuse under the terms of http://www.apache.org/licenses/LICENSE-2.0.html
# Last Updated: September 10 , 2013 

import os, sys
def certificate_explain(certfile):
 
    tmplower = certfile.lower()
    if tmplower.endswith("der"):
        certype = "der"
    elif tmplower.endswith("pem") or tmplower.endswith("crt"):
        certype = "pem"
    elif tmplower.endswith("p12") or tmplower.endswith("pfx"):
        certype="p12"
    elif tmplower.endswith("crl"):
        certype="crl"
    else:
       print "Unrecognized file extension.  The file must end in der, pem, crt, p12, pfx, or crl."
       sys.exit()
 
    if certype in ("pem", "der"):
        shellcmd = "openssl x509 -in %s -inform %s -noout -text" % (certfile,
                                                                    certype)
 
    if certype == "p12":
        shellcmd = "openssl pkcs12 -info -in %s" % (certfile)
    
    if certype == "crl":
        shellcmd = "openssl crl -in %s -noout -text" % (certfile)
    
    os.system(shellcmd)
 
if __name__ == "__main__":
 
    if len(sys.argv)!=2:
        print "Usage: [CERT_FILENAME]"
        sys.exit(1)
 
    certificate_explain(sys.argv[1])