Closed mozkeeler closed 9 years ago
monicachew
commented
9 years ago I was thinking it might be nice to have a second page for examining certs, and the samples should just link to a prefilled version. Is there already a site that lets you examine x509 certs?
mozkeeler
commented
9 years ago I was looking at this: http://kjur.github.io/jsrsasign/api/symbols/X509.html but if there's a site that takes PEM and decodes it nicely, that would probably be better.
monicachew
commented
9 years ago rbarnes didn't know one, so it probably doesn't exist :) He pointed at another JS library:
https://github.com/digitalbazaar/forge#x509
Another thought: we could output a summary directly during processing, but I think that's ultimately less useful than a webpage that can take a PEM directly.
Rather than having to copy/paste the PEM to pipe through openssl, it would be nice to parse and display the parts of the example certificates that violate the BRs we're checking (e.g. display its validity period, the signature algorithm, the RSA key size/exponent (if an RSA key), etc.)