Check that a specific website is chained to a specific root certificate (Let's Encrypt for instance).
./bin/check-ssl-anchor.rb -u example.com -a "i:/O=Digital Signature Trust Co./CN=DST Root CA X3"
Checks a CRL has not or is not expiring by inspecting it's next update value.
You can check against a CRL file on disk:
./bin/check-ssl-crl -c 300 -w 600 -u /path/to/crl
or an online CRL:
./bin/check-ssl-crl -c 300 -w 600 -u http://www.website.com/file.crl
Critical and Warning thresholds are specified in minutes.
To run the testing suite, you'll need to have a working
bundler installed. We use
rake to run the
rspec tests automatically.
bundle install bundle update bundle exec rake
bin/check-ssl-host.rb would be good to run in combination with each other to test that the chain is anchored to a specific certificate and each certificate in the chain is correctly signed.
Please describe the reason for reporting this asset. Our moderators will be notified and will disable the asset if it is found to be inappropriate.×