Local SSL/TLS cert inspection

v0.1.2

Inspect TLS certificates and keys on the local filesystem — find PEMs under a path, dump x509 details, check chain, verify private-key match, inspect PKCS#12. Read-only. Pair with `network-tls` for the remote-side view.

Pack ID

ssl-local

Vendor

emisar

linux

Actions

Required binaries: openssl. Actions that call a missing binary fail at run time — install these on the host before relying on the pack.

Install

emisar pack install validates the pack and verifies its content hash before copying it into /etc/emisar/packs. The --hash below pins the install to the exact bytes on this page — a tampered copy is rejected. After install, reload the runner; it re-reads the catalog and advertises every action.

content hash: sha256:49c0ccc2a8408a94c007735964cb8d0b7e36a61d9f2e56b6209aa0a1a77211e8

on the runner host

sudo emisar pack install ssl-local \
  --hash sha256:49c0ccc2a8408a94c007735964cb8d0b7e36a61d9f2e56b6209aa0a1a77211e8 \
  --dest /etc/emisar/packs

# Reload so the runner re-reads the catalog:
sudo systemctl reload emisar

Actions 7 total

View on GitHub

ssl.cert_expiry exec low

openssl x509 -enddate -subject
ssl.cert_fingerprint exec low

openssl x509 -fingerprint -sha256
ssl.cert_text exec low

openssl x509 -text -noout
ssl.find_certs exec low

find *.pem *.crt *.cer under <path>
ssl.key_modulus exec low

openssl rsa -modulus | sha256
ssl.pkcs12_info exec low

openssl pkcs12 -nokeys -info
ssl.verify_chain exec low

openssl verify -CAfile <bundle> <cert>

← Back to registry

Pack reference Publish your own →