CERTREQCTL

Description

Requests a brief analysis of a certificate from certreqd.

Command

certreqctl [-h|--help] [-B|--background] [-v|--verbose] [-o|--libxo <arg>] [-c|--get-certificate] [-i|--ip-address <arg>] [-p|--port <arg>] [-s|--sni <arg>] [-a|--alpn <arg>] [-r|--reload-config <arg>] [-D|--dump-config] [-t|--timeout <arg>]]
-h: Display this message
-h: Display this message.
-B: Execute in background (will not print the results).
-v: Enable verbose mode.
-o: Specify the output format, arg may be "text|html|xml|json[,pretty]" (default is "text,pretty").
-c: Get the certificate.
-i: Give the IP address for get-certificate.
-p: Give the port for get-certificate.
-s: Give the sni for get-certificate.
-a: Give the ALPN for get-certificate.
-t: Give the timeout (in s) for get-certificate.
-r: Make certreqd reload its configuration. Exclusive with other queries. Arg must be one of: "verbose","all"
-D: Dump certreqd current configuration. Exclusive with other queries.

Results

For a -c command, the SubjectName and AltNames of the certificate with a simple analysis of problems it has.

Example

U2504C099999999999>certreqctl -c -i 157.240.21.35 -p 443 -s facebook.com -a h2,http/1.1,http/0.9
[RequestStatus]
Status="ok"
[Certificate]
Status="ok"
Certificate="/C=US/ST=California/L=Menlo Park/O=Facebook, Inc./CN=*.facebook.com"
AltName="*.facebook.com"
AltName1="*.facebook.net"
AltName2="*.fbcdn.net"
AltName3="*.fbsbx.com"
AltName4="*.m.facebook.com"
AltName5="*.messenger.com"
AltName6="*.xx.fbcdn.net"
AltName7="*.xy.fbcdn.net"
AltName8="*.xz.fbcdn.net"
AltName9="facebook.com"
AltName10="messenger.com"
Diagnostic="OK"
ALPN="h2"