Resolve / obtain the certificate intermediates of a x509 certificate using the CLI or python API.
The CLI writes the full bundle to stdout. The Python API can be used to iterate over the certificates and get additional information on the bundle.
from cert_chain_resolver.api import resolve
with open('cert.pem', 'rb') as f:
fb = f.read()
chain = resolve(fb)
>>>
for cert in chain:
print(cert)
<Cert common_name="cert-chain-resolver.remcokoopmans.com" subject="CN=cert-chain-resolver.remcokoopmans.com" issuer="CN=R3,O=Let's Encrypt,C=US">
<Cert common_name="R3" subject="CN=R3,O=Let's Encrypt,C=US" issuer="CN=DST Root CA X3,O=Digital Signature Trust Co.">
<Cert common_name="DST Root CA X3" subject="CN=DST Root CA X3,O=Digital Signature Trust Co." issuer="CN=DST Root CA X3,O=Digital Signature Trust Co.">
- PKCS7, PEM and DER formats
- LetsEncrypt certificates
- cryptography
Read more on readthedocs
$ pip install cert-chain-resolver
$ cert_chain_resolver certificate.crt > bundle.crt
Or read from stdin
$ cat certificate.crt | cert_chain_resolver > bundle.crt
Install dependencies
$ make
from file:
$ python -m cert_chain_resolver.cli certificate.crt > bundle.crt
from stdin:
$ cat certificate.crt | python -m cert_chain_resolver.cli > bundle.crt
$ cert_chain_resolver cert.pem --info
bootstrap
$ make
Unit testing
$ make tests
Re-run tests on file changes:
$ make tests TEST_ARGS="-- -f"