Awesome Open Source
Awesome Open Source

OCSP-Checker

Downloads PyPI Version Python version

Overview

OCSP-Checker is a python package based on Alban Diquet's nassl wrapper and the Python Cryptographic Authority's cryptography package. Relying on a web browser to check the revocation status of a x509 digital certificate has been broken from the beginning, and validating certificates outside of the web browser is a manual process. OCSP-Checker aims to solve this by providing an automated means to check the OCSP revocation status for a x509 digital certificate.

Pre-requisites

Python - Python 3.7 (64-bit) and above.

Installation

pip install ocsp-checker

Usage

>>> from ocspchecker import ocspchecker
>>> ocsp_request = ocspchecker.get_ocsp_status("github.com")

Sample Output

Sample output below, let me know if you want to add more fields/information to the output.

['Host: github.com:443', 'OCSP URL: http://ocsp.digicert.com', 'OCSP Status: GOOD']

PLEASE NOTE: If you run this on a network with a MITM SSL proxy, you may receive unintended results (see below):

["Error: Certificate Authority Information Access (AIA) Extension Missing. Possible MITM Proxy."]

Command Line Usage

OCSP-Checker can now be used at the command line. The format is:

usage: ocspchecker [-h] --target target [--port port]

Check the OCSP revocation status for a x509 digital certificate.

optional arguments:
  -h, --help            show this help message and exit
  --target target, -t target
                        The target to test
  --port port, -p port  The port to test (default is 443)

For example:

ocspchecker -t github.com



Alternative Project Comparisons
Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Python (819,471
Security (31,781
Certificate (11,224
Digital (7,734
Ssl (7,692
Tls (4,954
X509 (387
Ocsp (185