how to get all certificates of a log ?
305 views
Skip to first unread message
Ghost
Jul 6, 2023, 4:23:10 PM7/6/23
to certificate-transparency
hello, I'm new here.
I'd like to know how I can obtain a list of all certificates in the log.
Can I achieve this by utilizing the following resource: https://github.com/google/certificate-transparency-go ?
OR
if there are any simpler methods available, kindly provide the details.
thanks
I'd like to know how I can obtain a list of all certificates in the log.
Can I achieve this by utilizing the following resource: https://github.com/google/certificate-transparency-go ?
OR
if there are any simpler methods available, kindly provide the details.
thanks
Roger Ng
Jul 6, 2023, 4:26:23 PM7/6/23
to certificate-transparency
Thanks for your interest in certificate transparency. Please read the following related conversations.
Cheers,
Roger
Daniel Gorbe
Jul 6, 2023, 4:51:37 PM7/6/23
to certificate-...@googlegroups.com
Hi!
Check the scanner/scanlog subfolder (https://github.com/google/certificate-transparency-go/tree/master/scanner/scanlog).
It is a CLI tool to scan a specific CT Log.
thanks --
You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/certificate-transparency/30436f4d-6729-4a0a-bab9-e904b44ed32en%40googlegroups.com.
-- Daniel Gorbe
Matt Palmer
Jul 6, 2023, 9:03:33 PM7/6/23
to certificate-...@googlegroups.com
On Thu, Jul 06, 2023 at 01:13:18PM -0700, Ghost wrote:
> hello, I'm new here.
> I'd like to know how I can obtain a list of all certificates in the log.
While a CT log is accessible via HTTP(S), there's no resource you can
> hello, I'm new here.
> I'd like to know how I can obtain a list of all certificates in the log.
request that will return all of the certificates -- or even one certificate,
by itself. Instead, you can request ranges of log entries, which have the
certificates as one part of a larger data structure.
There is the `scanlog` tool that has been previously linked, and I've
written a CLI program in Rust that is intended to fetch certificates as
quickly and efficiently as possible, available from
https://github.com/mpalmer/scrape-ct-log.
- Matt
Ghost
Jul 8, 2023, 8:37:53 AM7/8/23
to certificate-transparency
hello Matt thanks for your great tool
I tested your tool and "certificate" value I think is encoded.. is there a way to get certificate value in plain text ?
I tested your tool and "certificate" value I think is encoded.. is there a way to get certificate value in plain text ?
Matt Palmer
Jul 9, 2023, 11:00:34 PM7/9/23
to certificate-...@googlegroups.com
On Sat, Jul 08, 2023 at 05:36:24AM -0700, Ghost wrote:
> On Friday, 7 July 2023 at 04:33:33 UTC+3:30 Matt Palmer wrote:
>
> > On Thu, Jul 06, 2023 at 01:13:18PM -0700, Ghost wrote:
> > > hello, I'm new here.
> > > I'd like to know how I can obtain a list of all certificates in the log.
> >
> > While a CT log is accessible via HTTP(S), there's no resource you can
> > request that will return all of the certificates -- or even one
> > certificate,
> > by itself. Instead, you can request ranges of log entries, which have the
> > certificates as one part of a larger data structure.
> >
> > There is the `scanlog` tool that has been previously linked, and I've
> > written a CLI program in Rust that is intended to fetch certificates as
> > quickly and efficiently as possible, available from
> > https://github.com/mpalmer/scrape-ct-log.
>
> On Friday, 7 July 2023 at 04:33:33 UTC+3:30 Matt Palmer wrote:
>
> > On Thu, Jul 06, 2023 at 01:13:18PM -0700, Ghost wrote:
> > > hello, I'm new here.
> > > I'd like to know how I can obtain a list of all certificates in the log.
> >
> > While a CT log is accessible via HTTP(S), there's no resource you can
> > request that will return all of the certificates -- or even one
> > certificate,
> > by itself. Instead, you can request ranges of log entries, which have the
> > certificates as one part of a larger data structure.
> >
> > There is the `scanlog` tool that has been previously linked, and I've
> > written a CLI program in Rust that is intended to fetch certificates as
> > quickly and efficiently as possible, available from
> > https://github.com/mpalmer/scrape-ct-log.
>
> hello Matt thanks for your great tool
> I tested your tool and "certificate" value I think is encoded.. is there a
> way to get certificate value in plain text ?
The certificate is presented as the DER-encoded certificate that can be
> I tested your tool and "certificate" value I think is encoded.. is there a
> way to get certificate value in plain text ?
parsed by basically any tool that works with certificates (`openssl x509
-inform DER -noout -text` for example). If you're using the JSON output
format, the DER-encoded certificate is further encoded using base64, since
JSON can't represent binary data.
- Matt
0 new messages