Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

ocsp-checker

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

ocsp-checker

Library used to check the OCSP revocation status for a x509 digital certificate.

  • 1.9.14
  • PyPI
  • Socket score

Maintainers
1

OCSPChecker

Downloads PyPI Version Python version

Overview

OCSPChecker is a python package based on Alban Diquet's nassl wrapper and the Python Cryptographic Authority's cryptography package. Relying on a web browser to check the revocation status of a x509 digital certificate has been broken from the beginning, and validating certificates outside of the web browser is a manual process. OCSP-Checker aims to solve this by providing an automated means to check the OCSP revocation status for a x509 digital certificate.

Pre-requisites

Python - Python 3.8 (64-bit) and above.

Installation

It is strongly recommended to run ocsp-checker in a virtual environment. This will prevent you from impacting your system python when installing its dependencies. venv is a good option, with an example below:

python -m venv ocsp-checker cd ocsp-checker && source bin/activate

Once your virtual environment is activated, install ocsp-checker as follows:

pip install ocsp-checker

Usage

>>> from ocspchecker import ocspchecker
>>> ocsp_request = ocspchecker.get_ocsp_status("github.com")

Sample Output

Sample output below, let me know if you want to add more fields/information to the output.

['Host: github.com:443', 'OCSP URL: http://ocsp.digicert.com', 'OCSP Status: GOOD']

PLEASE NOTE: If you run this on a network with a MITM SSL proxy, you may receive unintended results (see below):

["Error: Certificate Authority Information Access (AIA) Extension Missing. Possible MITM Proxy."]

Command Line Usage

OCSPChecker can now be used at the command line. The format is:

usage: ocspchecker [-h] --target target [--port port]

Check the OCSP revocation status for a x509 digital certificate.

optional arguments:
  -h, --help            show this help message and exit
  --target target, -t target
                        The target to test
  --port port, -p port  The port to test (default is 443)

For example:

ocspchecker -t github.com

Keywords

FAQs


Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc