[Go] cert-checker

Showcase
,
1

Hey community,

I’ve written a little certificate checker.

Maybe someone will find it useful, or maybe you have ideas for improvements or additions.

6 Likes
Weekly Forum Summary
Weekly Forum Summary
Weekly Forum Summary
Weekly Forum Summary
2

AUR makes it so easy to install this in seconds. Thanks for sharing.

1 Like
3

Sure thing. I still need to tweak the PKGBUILD script for the AUR. The binary is pretty large, and I want to compress it, just like the version on GitHub.

2 Likes
4

Despite of availability of bulky all-in-one tools, say, openssl for the case, it is often convenient to have laconic single-purpose tool nicely tailored to one’s needs and purposes. :+1:

I can speculate that cert-checker could benefit from the following options:

  • print certificate’s ‘meta’ in human-readable form w/o keys;
  • save original .pem certificate;
  • print and/or save info in structured format (json/xml) to simplify using cert-checker within bash scripts;
  • reflect certificate validity through return codes (+silent mode?);
  • allow for offline operation on saved certificate files.

:man_shrugging:

3 Likes
5

sounds good!
I’ll try to put some of these ideas into practice. Thanks.

4 Likes
6

Unfortunately, I didn’t have much time today. Still, here are two additional pieces of information as requested.

What do you think of a simple version and a version with more information?

image
image1488×765 85.4 KB

Github and AUR are updated

2 Likes
7

Looks very nice to me!

BTW, do you think that ‘chains of trust’ may be a problem that’s worth consideration? E.g.

3 Likes
8

Thanks!

I think Go already provides everything you need. Go is well-suited for things like this without needing extra libraries.

But I’ll look into it; I like the idea.

2 Likes
9

@ugnvs what do you think?

image
image1278×752 87.7 KB

image
image1278×752 88.1 KB

image
image1278×752 60.7 KB

image
image1278×752 69.5 KB

image
image1278×752 89.6 KB

5 Likes
10

I love it when a plan works

image
image1488×765 76.9 KB

3 Likes
11

Excellent! Very well done, @toadie !

4 Likes
12

Thank you. Today I want to code a bit more before tomorrow business starts again :dotted_line_face:

4 Likes
13

Now it’s possible to save the output as a JSON file:

image
image1488×765 74.2 KB

{
  "generated_at": "2026-04-19T22:06:17+02:00",
  "total_count": 4,
  "results": [
    {
      "URL": "archlinux.org",
      "Issuer": "CN=E7,O=Let's Encrypt,C=US",
      "Subject": "archlinux.org",
      "SerialNumber": "501723845572470313389773169616896755109263",
      "NotBefore": "2026-04-13T11:59:12Z",
      "NotAfter": "2026-07-12T11:59:11Z",
      "DaysRemaining": 83,
      "Status": "OK",
      "Error": null,
      "KeyAlgorithm": "ECDSA",
      "KeySize": 256,
      "SignatureAlgorithm": "ECDSA-SHA384",
      "SANs": [
        "archlinux.org"
      ],
      "ThumbprintSHA1": "b36e7e96c849673e16903dd2a17c684a2ac0be02",
      "ThumbprintSHA256": "7b76334e7e52028a90f09baa408f1a2a71a714369902f146d8a2a742150db3a1",
      "ChainLength": 2,
      "IsChainComplete": true,
      "ChainError": "",
      "IsSelfSigned": false,
      "RootIssuer": "ISRG Root X1"
    },
    {
      "URL": "github.com",
      "Issuer": "CN=Sectigo Public Server Authentication CA DV E36,O=Sectigo Limited,C=GB",
      "Subject": "github.com",
      "SerialNumber": "39557711522153605937503944820825465427",
      "NotBefore": "2026-03-06T00:00:00Z",
      "NotAfter": "2026-06-03T23:59:59Z",
      "DaysRemaining": 45,
      "Status": "SOON",
      "Error": null,
      "KeyAlgorithm": "ECDSA",
      "KeySize": 256,
      "SignatureAlgorithm": "ECDSA-SHA256",
      "SANs": [
        "github.com",
        "www.github.com"
      ],
      "ThumbprintSHA1": "ab58ea128ba92ca69a31b36b4e545653eed2a6cf",
      "ThumbprintSHA256": "9716d39441ca651c51be78e969ca385ec213ec17715b8c91f01ee652f90fc62c",
      "ChainLength": 3,
      "IsChainComplete": true,
      "ChainError": "",
      "IsSelfSigned": false,
      "RootIssuer": "USERTrust ECC Certification Authority"
    },
    {
      "URL": "ubuntu.com",
      "Issuer": "CN=R12,O=Let's Encrypt,C=US",
      "Subject": "ubuntu.com",
      "SerialNumber": "588183328622646244879507649310188122479749",
      "NotBefore": "2026-04-17T04:13:36Z",
      "NotAfter": "2026-07-16T04:13:35Z",
      "DaysRemaining": 87,
      "Status": "OK",
      "Error": null,
      "KeyAlgorithm": "RSA",
      "KeySize": 2048,
      "SignatureAlgorithm": "SHA256-RSA",
      "SANs": [
        "ubuntu.com",
        "www.ubuntu.com"
      ],
      "ThumbprintSHA1": "f39b552a2183a34263e8566cc02eece120cc3996",
      "ThumbprintSHA256": "f3a90c7328568d1e032c0202b5ed49c9a5327e6650e0335ce182a81a0896ff0e",
      "ChainLength": 2,
      "IsChainComplete": true,
      "ChainError": "",
      "IsSelfSigned": false,
      "RootIssuer": "ISRG Root X1"
    },
    {
      "URL": "linuxcommunity.io",
      "Issuer": "CN=WE1,O=Google Trust Services,C=US",
      "Subject": "linuxcommunity.io",
      "SerialNumber": "289311228209441141257262774674593578366",
      "NotBefore": "2026-02-23T07:36:54Z",
      "NotAfter": "2026-05-24T08:36:47Z",
      "DaysRemaining": 34,
      "Status": "SOON",
      "Error": null,
      "KeyAlgorithm": "ECDSA",
      "KeySize": 256,
      "SignatureAlgorithm": "ECDSA-SHA256",
      "SANs": [
        "linuxcommunity.io",
        "*.linuxcommunity.io"
      ],
      "ThumbprintSHA1": "5a2ca02b7195d0e978779dae6b07fe6954673e48",
      "ThumbprintSHA256": "aa8534a227cf12c73c0fadbc37530d9d172c5ad21c7477815e80a9eca4cc86d5",
      "ChainLength": 3,
      "IsChainComplete": true,
      "ChainError": "",
      "IsSelfSigned": false,
      "RootIssuer": "GlobalSign Root CA"
    }
  ]
}
5 Likes
14

A new version is available.

Detailed documentation will follow in the coming days.

In short, you can do the following:

  • Check a list of URLs
  • Check individual URLs (comma-separated)
  • Check local certificate files
  • Save information as JSON

flag mode

image
image1488×765 67 KB

or interactive

image
image1488×765 33.4 KB

5 Likes
15

Hi everyone,

I received the following email today. What do you think of it? Has anyone else seen this?

PitchHut

Hi Toadie,

I hope this message finds you well! I’m Anar from PitchHut. We came across your project go-check-cert and would love to invite you to showcase it on our platform. To make the process seamless, we have created a temporary preview page for you. You can access it using the link below. Rest assured, we do not publicly share this page anywhere.

Here is what we have highlighted about go-check-cert:

Preview page link: https://pitchhut.com/project/go-check-cert-validator

Tagline: Effortlessly check website certificate validity with a simple tool.

Pitch: Go-check-cert is a straightforward tool designed to verify the validity of website certificates. Whether checking a single URL or processing a batch from a file, this utility simplifies the process, offering clarity on certificate status with easy installation and usage. Enjoy peace of mind about your website’s security.

We would love to have go-check-cert in our growing collection of exceptional projects, and I believe we could help amplify its visibility and reach.

Your project, your control

You have full control over your project’s presence on PitchHut. If you prefer not to have go-check-cert on PitchHut, simply reply ‘Delete’ to this email and we’ll remove the preview page immediately. If we do not hear from you within 30 days, we will permanently delete the preview page. The preview page features only publicly available information about go-check-cert. We respect your preferences and want to ensure you’re comfortable with how your project is shared with our community.

What’s next?

If you’re interested in giving it a try, you can create an account to:

  • use our token system to increase your project’s visibility
  • customize how your project is presented
  • get insights on who’s viewing your project

If you sign up with this email address, you’ll automatically get access to manage your project. Using a different email? Just reply to this email, and we’ll help you claim ownership.

How it works

PitchHut is a gamified project discovery platform where makers showcase their work and connect with potential users and contributors. PitchHut uses a simple token system - you earn contribution tokens by viewing projects from other users, then use those tokens to boost your own project’s visibility. It’s a fair way to help projects find their early users and contributors.

We’d love for you to check out the platform, take control of your project, and start growing your user base with us. Looking forward to having you on board!

Best regards,

Anar

3 Likes
16

A very quick check revealed that

Provided that “Nano Leaps” is a registered entity, which claims to be software publisher and developer, and that its information and “Pitch Hut” refers to the same personalities, I’d conclude that they are probably harmless. (No pro- or contra- warranties, though)

The rest is at your disposition. :man_shrugging:

3 Likes
17

Agreed. Looks like a similar idea to producthunt.com.

You probably accepted because I’m able to access the page they linked to in email.

Looks like a legit new project to me also.

3 Likes
18

I am a bit worried about this sentence:

Ownership will be transferred to the creator upon claiming.

What does that even imply ?

3 Likes
19

Thank you @tkn - I build the tool just for fun and primary for my own needs but I don’t want to give it away

3 Likes
20

Update (I try to write this post without translator - beware of bad english :laughing:)

I wanna share this with you.

Old code (tradional way)

01

Parallel processing or concurrency how it names in Go

02

Both methods are processing the same 20 URLs
The difference is massiv.

4 Likes