SSL Tools/CLI
โŒจ๏ธ

ssl-tools CLI

Binary ringan untuk Linux, macOS, dan Windows. Output plain text atau JSON โ€” sempurna untuk scripting dan pipeline CI/CD.

Install via Cargo

Butuh Rust toolchain terinstall:

$ cargo install ssl-tools

โš ๏ธ Belum dipublish ke crates.io โ€” gunakan Download Binary di bawah untuk sekarang.

Download Binary

macOS (Apple Silicon)
ssl-tools-aarch64-apple-darwin
arm64
macOS (Intel)
ssl-tools-x86_64-apple-darwin
x86_64
๐Ÿง
Linux (x86_64)
ssl-tools-x86_64-unknown-linux-gnu
x86_64
๐ŸชŸ
Windows (x86_64)
ssl-tools-x86_64-pc-windows-msvc.exe
x86_64

Semua release tersedia di GitHub Releases.

Quick Start

bash
# Cek SSL domain
ssl-tools check google.com

# Decode sertifikat
ssl-tools decode-cert certificate.crt

# Build fullchain.pem
ssl-tools bundle certificate.crt --bundle ca_bundle.crt --key commercial.key

# Build Tomcat keystore
ssl-tools tomcat certificate.crt --key commercial.key --bundle ca_bundle.crt

# Hapus passphrase dari private key
ssl-tools key commercial.key --decrypt --passphrase your_passphrase

# Output JSON untuk scripting
ssl-tools check example.com --json | jq '.validTo'

Referensi Perintah

SSL Checker
Cek status dan detail sertifikat live dari domain.
$ssl-tools check example.com
$ssl-tools check example.com --port 8443
$ssl-tools check example.com --json
CSR Decoder
Decode Certificate Signing Request dari file .csr.
$ssl-tools decode-csr request.csr
$ssl-tools decode-csr request.csr --json
Certificate Decoder
Parse sertifikat X.509 (PEM atau DER).
$ssl-tools decode-cert certificate.crt
$ssl-tools decode-cert certificate.der --json
Key Matcher
Verifikasi apakah private key cocok dengan sertifikat.
$ssl-tools match certificate.crt private.key
$ssl-tools match certificate.crt private.key --json
SSL Converter
Konversi format sertifikat: PEM โ†” DER โ†” PFX, serta baca P7B.
$ssl-tools convert cert.pem --to der
$ssl-tools convert cert.pem --to pfx --key private.key --passphrase secret
$ssl-tools convert bundle.pfx --to pem --passphrase secret
$ssl-tools convert chain.p7b --to pem
Build PEM Bundle
Gabungkan key + cert + CA chain menjadi fullchain.pem (urutan: key โ†’ cert โ†’ intermediate โ†’ rootca).
$ssl-tools bundle certificate.crt --bundle ca_bundle.crt
$ssl-tools bundle certificate.crt --intermediate int.crt --rootca root.crt
$ssl-tools bundle certificate.crt --bundle ca_bundle.crt --key commercial.key
$ssl-tools bundle certificate.crt --bundle ca_bundle.crt -o /etc/nginx/ssl/fullchain.pem
Tomcat Keystore
Build PKCS#12 keystore berisi full chain โ€” siap dipakai di Tomcat 8.5+.
$ssl-tools tomcat certificate.crt --key commercial.key --bundle ca_bundle.crt
$ssl-tools tomcat certificate.crt --key commercial.key --bundle ca_bundle.crt --passphrase changeit
$ssl-tools tomcat certificate.crt --key commercial.key --intermediate int.crt --rootca root.crt
Private Key Convert
Hapus passphrase dari encrypted key, atau tambah passphrase ke unencrypted key.
$ssl-tools key commercial.key --decrypt --passphrase current_pass
$ssl-tools key private.key --encrypt --passphrase new_pass
$ssl-tools key commercial.key --decrypt --passphrase current_pass -o plain.key

Output JSON

Semua perintah mendukung flag --json untuk output machine-readable:

$ ssl-tools check google.com --json | jq .
{
  "domain": "google.com",
  "status": "valid",
  "daysRemaining": 68,
  "issuer": "WR2",
  "validFrom": "2025-04-14",
  "validTo": "2025-07-07",
  "protocol": "TLSv1.3",
  "sans": ["*.google.com", "google.com"]
}
Open Source
Source code tersedia di GitHub. Kontribusi, issue, dan PR selalu welcome.
Lihat di GitHub โ†’