tlsquery

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 22, 2026 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CertTypeFromCert 

func CertTypeFromCert(cert *x509.Certificate) string

CertTypeFromCert determines the certificate type based on its properties.

func ParseCertPEM added in v0.7.0 

func ParseCertPEM(pemText string) (*x509.Certificate, error)

func ValidStartTLSProtocol added in v1.0.0 

func ValidStartTLSProtocol(protocol string) bool

ValidStartTLSProtocol returns true if the given protocol name is supported.

Types

type BasicConstraints 

type BasicConstraints struct {
	IsCA       bool `json:"is_ca" yaml:"is_ca"`
	MaxPathLen int  `json:"max_path_len,omitempty" yaml:"max_path_len,omitempty"`
}

BasicConstraints holds CA constraint information.

type CertInfo 

type CertInfo struct {
	Type               string            `json:"type" yaml:"type"`
	Version            int               `json:"version" yaml:"version"`
	SerialNumber       string            `json:"serial_number" yaml:"serial_number"`
	SignatureAlgorithm string            `json:"signature_algorithm" yaml:"signature_algorithm"`
	Issuer             string            `json:"issuer" yaml:"issuer"`
	Subject            string            `json:"subject" yaml:"subject"`
	CommonName         string            `json:"common_name" yaml:"common_name"`
	NotBefore          string            `json:"not_before" yaml:"not_before"`
	NotAfter           string            `json:"not_after" yaml:"not_after"`
	PublicKeyAlgorithm string            `json:"public_key_algorithm" yaml:"public_key_algorithm"`
	KeyUsage           []string          `json:"key_usage,omitempty" yaml:"key_usage,omitempty"`
	ExtKeyUsage        []string          `json:"extended_key_usage,omitempty" yaml:"extended_key_usage,omitempty"`
	BasicConstraints   *BasicConstraints `json:"basic_constraints,omitempty" yaml:"basic_constraints,omitempty"`
	SubjectKeyID       string            `json:"subject_key_id,omitempty" yaml:"subject_key_id,omitempty"`
	AuthorityKeyID     string            `json:"authority_key_id,omitempty" yaml:"authority_key_id,omitempty"`
	SubjectAltNames    []string          `json:"subject_alternative_names,omitempty" yaml:"subject_alternative_names,omitempty"`
	EmailAddresses     []string          `json:"email_addresses,omitempty" yaml:"email_addresses,omitempty"`
	IPAddresses        []string          `json:"ip_addresses,omitempty" yaml:"ip_addresses,omitempty"`
	OCSPServers        []string          `json:"ocsp_servers,omitempty" yaml:"ocsp_servers,omitempty"`
	IssuingCertURL     []string          `json:"issuing_cert_url,omitempty" yaml:"issuing_cert_url,omitempty"`
	CRLDistPoints      []string          `json:"crl_distribution_points,omitempty" yaml:"crl_distribution_points,omitempty"`
	Fingerprint        Fingerprint       `json:"fingerprint" yaml:"fingerprint"`
	PEM                string            `json:"pem,omitempty" yaml:"pem,omitempty"`
	Revocation         *revocation.Info  `json:"revocation,omitempty" yaml:"revocation,omitempty"`
}

CertInfo holds the extracted certificate metadata.

func CertInfoFromCert 

func CertInfoFromCert(cert *x509.Certificate) CertInfo

CertInfoFromCert creates a CertInfo from an x509.Certificate.

func (*CertInfo) DisplayName 

func (ci *CertInfo) DisplayName() string

func (*CertInfo) NotAfterTime 

func (ci *CertInfo) NotAfterTime() (time.Time, error)

func (*CertInfo) NotBeforeTime 

func (ci *CertInfo) NotBeforeTime() (time.Time, error)

type ChainInfo 

type ChainInfo struct {
	Certificates      []CertInfo `json:"certificates" yaml:"certificates"`
	Verified          bool       `json:"verified" yaml:"verified"`
	VerificationError string     `json:"verification_error,omitempty" yaml:"verification_error,omitempty"`
	TLSVersions       []string   `json:"tls_versions,omitempty" yaml:"tls_versions,omitempty"`
}

ChainInfo holds the full certificate chain.

func ParsePEM 

func ParsePEM(data []byte, opts PEMOptions) (*ChainInfo, error)

ParsePEM parses PEM-encoded certificate data and returns certificate information.

func ParsePEMFile 

func ParsePEMFile(path string, opts PEMOptions) (*ChainInfo, error)

ParsePEMFile reads a PEM file and returns certificate information for all certificates found.

func Query 

func Query(endpoint string, opts QueryOptions) (*ChainInfo, error)

Query connects to the given endpoint and retrieves certificate chain information.

func (*ChainInfo) ChainNames 

func (c *ChainInfo) ChainNames() []string

func (*ChainInfo) Leaf 

func (c *ChainInfo) Leaf() (*CertInfo, error)

func (*ChainInfo) WithoutPEM 

func (c *ChainInfo) WithoutPEM() *ChainInfo

type Fingerprint 

type Fingerprint struct {
	SHA1   string `json:"sha1" yaml:"sha1"`
	SHA256 string `json:"sha256" yaml:"sha256"`
}

Fingerprint holds SHA1 and SHA256 fingerprints of a certificate.

type PEMOptions added in v0.6.0 

type PEMOptions struct {
	CACertFile string // Path to custom CA certificate file (PEM format)
}

PEMOptions configures PEM parsing and verification behavior.

type QueryOptions 

type QueryOptions struct {
	CACertFile  string // Path to custom CA certificate file (PEM format)
	Proxy       string // Proxy URL (e.g. http://proxy:8080). If empty, HTTPS_PROXY/HTTP_PROXY env vars are used.
	TLSVersions bool   // Probe and display supported TLS versions.
	ServerName  string // SNI override for TLS handshake (useful when connecting by IP).
	StartTLS    string // STARTTLS protocol: smtp, imap, pop3, ldap.
	Insecure    bool   // Skip TLS certificate verification.
}

QueryOptions configures the TLS query behavior.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.