Links

Ben Laurie blathering


Checking SSL Certificates

I mentioned my work on the Google Certificate Catalog recently. One thing I forgot is a command-line utility I wrote to perform the check for you automatically.

You can find it here.

2 Comments

  1. I am very interested in the Google Certificate Catalog, and have been playing with your command line tool. Some of the results are quite surprising, and lead me to believe you may need to return a 4th value.

    This was the result that surprised me the most
    ./google-certificate-check http://www.mtb.com
    Common name: http://www.mtb.com (pass)
    Certificate hash: 8158447b322606bd3c8c77a06770de82fecaa3ec
    Looking up certificate hash…found 15084 15190 28
    First seen: 20 Apr 2011
    Last seen : 4 Aug 2011
    Times seen: 28/107 (26.1682%)

    that’s M&T bank, and it appears that they may have some shady business going on with their certificate…or do they?
    I’m assuming that the site was only checked 28 times, however, only knowing the first, last, and number of times seen, it’s hard to create a picture of trustworthiness.

    I would suggest adding a 4th value stating how many times the site was checked.

    Comment by Andrew Webster — 7 Aug 2011 @ 8:01

  2. Yeah, that’s an interesting point.

    We had a gap in checks for a while, which probably accounts for this, btw.

    Comment by Ben — 8 Aug 2011 @ 11:12

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress