Skip to main content

Library used to check the OCSP revocation status for a x509 digital certificate.

Project description

OCSP-Requester

Overview

OCSP-Requester is a python package based on Alban Diquet's nassl wrapper and the Python Cryptographic Authority's cryptography package. Relying on a web browser to check the revocation status of a x509 digital certificate has been broken from the beginning, and validating certificates outside of the web browser is a manual process. OCSP-Requester aims to solve this by providing an automated means to check the OCSP revocation status for a x509 digital certificate.

Pre-requisites

Python - Python 3.7 (64-bit) and above.

Installation

pip install ocsp-checker

Usage

>>> from ocspchecker import ocspchecker
>>> ocsp_request = ocspchecker.get_ocsp_status("github.com")

Sample Output

Sample output below, let me know if you want to add more fields/information to the output.

['Host: github.com:443', 'OCSP URL: http://ocsp.digicert.com', 'OCSP Status: GOOD']

PLEASE NOTE: If you run this on a network with a MITM SSL proxy, you may receive unintended results (see below):

["Error Type": "Certificate Authority Information Access (AIA) Extension Missing",
 "Message": "No <ObjectIdentifier(oid=1.3.6.1.5.5.7.1.1, name=authorityInfoAccess)> extension was found for netflix.com. Possible MITM SSL Proxy"]

Feedback

Send me mail at joe@metlife.com

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ocsp-checker-1.1.0.tar.gz (4.8 kB view hashes)

Uploaded Source

Built Distribution

ocsp_checker-1.1.0-py3-none-any.whl (8.8 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page