Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

SSL Decoder
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SSL Decoder

RaymiiRaymii Member
edited November 2014 in General

A new side project I've been working on. A small PHP script which decodes an SSL connection or certificate and displays information.

Features

  • Decodes CSR
  • Decodes Certificates
  • Decodes SSL Connections
  • OCSP validation
  • CRL validation
  • Full certificate chain validation.
  • Issuer validation
  • Date validation

Requirements

  • PHP 5.6+
  • OpenSSL
  • PHP must allow shell_exec and remote fopen.

Demo

See https://z1s.org/ssl/.

image

License

GPLv3

Source

https://github.com/RaymiiOrg/ssl-decoder

Comments, feature requests and questions welcome!

Thanked by 10GIANT_CRAB souen Profforg elijahpaul Blanoz vRozenSch00n howardsl2 Dylan rokok alexvolk

Comments

  • ATHKATHK Member

    Nice one!

  • CFarenceCFarence Member

    Very nice, wish it was a little more mobile friendly :)

    Not sure how that would work with all that info :)

  • RaymiiRaymii Member

    @CFarence said:
    Very nice, wish it was a little more mobile friendly :)

    Not sure how that would work with all that info :)

    It uses bootstrap so it scales to a mobile device. Just a lot of scrolling...

  • CFarenceCFarence Member

    Raymii said: It uses bootstrap so it scales to a mobile device. Just a lot of scrolling...

    It scales nicely, and definitely looks nice, just some of the rows have some scrolling to them... Overall though its really nice.

  • elijahpaulelijahpaul Member
    edited November 2014

    Wow. Very nice. Been working on a PHP script to do the same thing, but as part of an app ( http://i.imgur.com/CFKgkqG.png ) . This will be very helpful. Thank you.

    P.S. Raymii.org: First time I've actually noticed a 4096bit RSA key in use!

  • shyaminayeshshyaminayesh Member

    what about little URL rewrite :) & it's great even without URL rewrite :D

  • RaymiiRaymii Member

    @elijahpaul said:
    Wow. Very nice. Been working on a PHP script to do the same thing, but as part of an app ( http://i.imgur.com/CFKgkqG.png ) . This will be very helpful. Thank you.

    P.S. Raymii.org: First time I've actually noticed a 4096bit RSA key in use!

    That also looks cool! Are you planning to release it under an open source license?

    @shyaminayesh said:
    what about little URL rewrite :) & it's great even without URL rewrite :D

    Why would I want to do that?

  • shyaminayeshshyaminayesh Member

    Raymii said: Why would I want to do that?

    no idea why :D, normally I remember some sites in my mind for query details :)

    ex : whatismyipaddress.com/ip/{IP} , intodns.com/{domain.tld}

    so it's really cool if you add URL rewrite :D

  • rokokrokok Member

    sweet

  • elijahpaulelijahpaul Member

    Raymii said: That also looks cool! Are you planning to release it under an open source license?

    Yep. Got a few features I'm working on before release though, Heartbleed check, result caching, and a bunch of other minor things.

  • RaymiiRaymii Member

    @elijahpaul said:
    Yep. Got a few features I'm working on before release though, Heartbleed check, result caching, and a bunch of other minor things.

    Awesome! I'll be looking forward to it :). I'm deliberately not doing any checks and conclusions. Mostly because PHP sucks with certificate validation and you have to rely on a lot of system(openssl) for actual validation, and to keep it simple. I wanted a nicer overview than just openssl -text.

Sign In or Register to comment.