From f868aff185b2759296ba64f8a0d6ccb79e21da19 Mon Sep 17 00:00:00 2001 From: Jan-Piet Mens Date: Sun, 1 Dec 2019 11:54:28 +0100 Subject: [PATCH 1/3] Convert Certificate S/N to string for JSON "cert_sn": 276326103423802570574354205796199009608 is handled by the very popular jq utility as "cert_sn": 2.7632610342380256e+38 which is inaccurate. By changing the value type to string we avoid that. --- ssl_checker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl_checker.py b/ssl_checker.py index 5a9887d..6496d08 100755 --- a/ssl_checker.py +++ b/ssl_checker.py @@ -116,7 +116,7 @@ def get_cert_info(host, cert): context['issuer_o'] = cert.get_issuer().organizationName context['issuer_ou'] = cert.get_issuer().organizationalUnitName context['issuer_cn'] = cert.get_issuer().commonName - context['cert_sn'] = cert.get_serial_number() + context['cert_sn'] = str(cert.get_serial_number()) context['cert_sha1'] = cert.digest('sha1').decode() context['cert_alg'] = cert.get_signature_algorithm().decode() context['cert_ver'] = cert.get_version() From c1fda041f327adf7549157455aaecf1e4b6b9013 Mon Sep 17 00:00:00 2001 From: Jan-Piet Mens Date: Sat, 7 Mar 2020 20:32:18 +0100 Subject: [PATCH 2/3] add TCP port number used to JSON --- README.md | 2 +- ssl_checker.py | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 56be7ba..636ec81 100644 --- a/README.md +++ b/README.md @@ -194,7 +194,7 @@ Example only with the `-j/--json` argument which shows the JSON only. Perfect fo ``` narbeh@narbeh-xps:~/ssl-checker$ ./ssl_checker.py -j -H narbeh.org:443 test.com -{"narbeh.org": {"issued_to": "narbeh.org", "cert_sans": "DNS:narbeh.org", "valid_till": "2019-12-26", "valid_from": "2019-09-27", "issuer_ou": null, "days_left": 25, "cert_ver": 2, "cert_alg": "sha256WithRSAEncryption", "issued_o": null, "cert_exp": false, "cert_sha1": "05:52:4E:89:1E:98:1D:40:C1:41:F4:DD:F7:51:86:20:27:CF:E7:7F", "issuer_c": "US", "issuer_cn": "Let's Encrypt Authority X3", "issuer_o": "Let's Encrypt", "validity_days": 90, "cert_sn": 293690843427182569577385918507679703674563}} +{"narbeh.org": {"issued_to": "narbeh.org", "cert_sans": "DNS:narbeh.org", "valid_till": "2019-12-26", "valid_from": "2019-09-27", "issuer_ou": null, "days_left": 25, "cert_ver": 2, "tcp_port": 443, "cert_alg": "sha256WithRSAEncryption", "issued_o": null, "cert_exp": false, "cert_sha1": "05:52:4E:89:1E:98:1D:40:C1:41:F4:DD:F7:51:86:20:27:CF:E7:7F", "issuer_c": "US", "issuer_cn": "Let's Encrypt Authority X3", "issuer_o": "Let's Encrypt", "validity_days": 90, "cert_sn": 293690843427182569577385918507679703674563}} ``` diff --git a/ssl_checker.py b/ssl_checker.py index 6496d08..fb7869f 100755 --- a/ssl_checker.py +++ b/ssl_checker.py @@ -200,6 +200,7 @@ def show_result(user_args): try: cert = get_cert(host, port, user_args) context[host] = get_cert_info(host, cert) + context[host]['tcp_port'] = port # Analyze the certificate if enabled if user_args.analyze: From 7b3c4403039ba73864c8b20349ebbe9f34ea7c77 Mon Sep 17 00:00:00 2001 From: Jan-Piet Mens Date: Sat, 7 Mar 2020 20:43:40 +0100 Subject: [PATCH 3/3] cast port to integer --- ssl_checker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl_checker.py b/ssl_checker.py index fb7869f..68c4f98 100755 --- a/ssl_checker.py +++ b/ssl_checker.py @@ -200,7 +200,7 @@ def show_result(user_args): try: cert = get_cert(host, port, user_args) context[host] = get_cert_info(host, cert) - context[host]['tcp_port'] = port + context[host]['tcp_port'] = int(port) # Analyze the certificate if enabled if user_args.analyze: