node icon indicating copy to clipboard operation
node copied to clipboard

Published 20 hours ago verified publisher icon nodejs

Add a `valid` property to `X509Certificate`

Open thernstig opened this issue 9 months ago • 0 comments

What is the problem this feature will solve?

I want to verify the validity of an X.509 certificate with a new property x509.valid.

What is the feature you are proposing to solve the problem?

Information about a X.509 certificate can be retrieved via:

import { X509Certificate } = from 'node:crypto';

const x509 = new X509Certificate('{... pem encoded cert ...}');

console.log(x509);

The properties x509.validTo and x509.validFrom prints strings of the datetimes, but they are in a complex format, see https://github.com/openssl/openssl/blob/4a5088259e78127354f497931568de409ac905fc/crypto/asn1/a_time.c#L488-L549, and thus hard to parse into Date objects.

The openssl CLI command has a way to see if a certificate is valid or not:

openssl x509 -noout -checkend 0 -in ./ca.crt

I wish for a new property valid (boolean) to be added to an X509Certificate.

What alternatives have you considered?

Using await execFile('openssl', ...) but that is not ideal as I have to invoke a new process and also make sure that openssl exists in the system which it might not do in e.g. containers.

thernstig avatar May 10 '24 10:05 thernstig