| ▲ | phil_r 2 hours ago | |
I built a desktop X.509 certificate decoder, and a user recently asked for a CLI version that outputs JSON — so I ended up building x509dump. It’s a command-line tool for decoding certificates and CSRs into structured JSON rather than OpenSSL-style text output. It decodes the underlying ASN.1/DER structure so fields and extensions are fully expanded, making the output easier to work with programmatically. I’m planning to expand it to support more PKI artefacts (e.g. CRLs, Keys) over time. I’m also planning to handle less well-formed inputs (e.g. missing PEM headers/footers, whitespace, or extra surrounding text), which tends to come up in real-world data. It’s free to download — would be great to get feedback if anyone tries it. | ||