Socket
Socket
Sign inDemoInstall

ssl-validator

Package Overview
Dependencies
10
Maintainers
7
Versions
12
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

    ssl-validator

Validator for certificates, bundles, and keys

Version published
Weekly downloads
7K
decreased by-9.01%
Maintainers
7
Created
Weekly downloads
 

Changelog

Source

4.0.0 - 2024-02-15

  • Upgraded various dependencies & dev dependencies
  • Only supports node version 18 or higher.
  • New option skipFormatValdiation to be set on validateSSLKey, validateSSL, validateSSLCert to skip header and footer key and certification validation.
  • Add remove Node 16 from travis.yml.

Readme

Source

Node SSL Validator

This module is a validator for SSL Certificates using the PEM node module. You can validate SSL Keys, SSL Certificates, SSL Certificate Domains, SSL Certificate Bundles, etc.

Build Status npm version

Installation

npm install ssl-validator

or

yarn add ssl-validator

API Documentation

All of these functions will throw an error if something is invalid, except the isValid functions, which will return true or false.

Validate SSL

const { validateSSL } = require('ssl-validator');

await validateSSL(cert, options);
OptionTypeDefaultDescription
skipDateValidationBooleanfalseSkip verifying the certificate's and/or bundle's validity period.
keyStringWhen given, validates that the key and certificate are a pair.
domainStringWhen given, verifies the certificate is valid for this domain. e.g. 'github.com'
bundleStringWhen given, verifies the certificate bundle and certificate go together.
skipFormatValidationBooleanfalseWhen true skip validation the format of the certificate and the key.
passwordStringA password that will be given to openssl when verfiying the key.

Validate SSL Cert

This function validates that the certificate is an SSL certificate and checks the validity period.

const { validateSSLCert } = require('ssl-validator');

await validateSSLCert(cert, options);
OptionTypeDefaultDescription
skipDateValidationBooleanfalseSkip verifying the given certificate's validity period.
skipFormatValidationBooleanfalseWhen true, skip validation the format of the certificate.

Validate SSL Key

This function validates that the certificate is an SSL certificate and checks the validity period.

const { validateSSLKey } = require('ssl-validator');

await validateSSLKey(key, options);
OptionTypeDefaultDescription
passwordStringA password that will be given to openssl when verfiying the key.
skipFormatValidationBooleanfalseWhen true, skip validation the format of the key.

Validate Cert Bundle

This function validates that the certificate and the bundle are certificates, and ensures that the bundle and certificate go together.

const { validateCertBundle } = require('ssl-validator');

await validateCertBundle(cert, bundle, options);
OptionTypeDefaultDescription
skipDateValidationBooleanfalseSkip verifying the certificate's and/or bundle's validity period.
keyStringWhen given, validates that the key and certificate are a pair.
domainStringWhen given, verifies the certificate is valid for this domain. e.g. 'github.com'
skipFormatValidationBooleanfalseWhen true skip validation the format of the certificate and the key.
passwordStringA password that will be given to openssl when verfiying the key.

Validate Cert Key Pair

This function validates that the given certificate and key are a matching pair.

const { validateCertKeyPair } = require('ssl-validator');

await validateCertKeyPair(cert, key, options);
OptionTypeDefaultDescription
skipDateValidationBooleanfalseSkip verifying the certificate's and/or bundle's validity period.
domainStringWhen given, verifies the certificate is valid for this domain. e.g. 'github.com'
bundleStringWhen given, verifies the certificate bundle and certificate go together.
skipFormatValidationBooleanfalseWhen true skip validation the format of the certificate and the key.
passwordStringA password that will be given to openssl when verfiying the key.

Validate Cert To Domain

This function validates the given certificate and that it matches the given domain.

const { validateCertToDomain } = require('ssl-validator');

await validateCertToDomain(cert, domain, options);
OptionTypeDefaultDescription
skipDateValidationBooleanfalseSkip verifying the certificate's and/or bundle's validity period.
keyStringWhen given, validates that the key and certificate are a pair.
bundleStringWhen given, verifies the certificate bundle and certificate go together.
skipFormatValidationBooleanfalseWhen true skip validation the format of the certificate and the key.
passwordStringA password that will be given to openssl when verfiying the key.

IsValid Functions

Each of the functions listed above (validateSSL, validateSSLCert, etc.) has a counterpart that will not throw any errors but will return true when valid and false when not valid. All arguments and options are listed above are valid.

Original Function NamePredicate Function Name
validateSSLisValidSSL
validateSSLCertisValidSSLCert
validateSSLKeyisValidSSLKey
validateCertBundleisValidCertBundle
validateCertKeyPairisValidCertKeyPair
validateCertToDomainisValidCertToDomain
const { isValidSSL } = require('ssl-validator');

if (!(await isValidSSL(cert))) {
  return { message: 'Sorry, the certificate supplied is not valid.' };
}

License

The module is available as open source under the terms of the MIT License.

Keywords

FAQs

Last updated on 23 Feb 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

UnitedHealth Group Discloses Protected Health Information Compromised for “Substantial Portion of People in America” in Recent Cyberattack

Security News

UnitedHealth Group Discloses Protected Health Information Compromised for “Substantial Portion of People in America” in Recent Cyberattack

UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.

By Sarah Gooding  -  Apr 24, 2024
The Dark Side of Open Source

Security News

The Dark Side of Open Source

At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.

By Sarah Gooding  -  Apr 19, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc