Skip to content

Instantly share code, notes, and snippets.

@jamesyonan
jamesyonan / certdate.py
Last active June 29, 2021 01:46
Python 2 script to check X509 certificate for incorrectly formatted validity dates
#!/usr/bin/python
# This Python 2 script analyzes an X509 certificate or
# OpenVPN config file (with inline certs) and reports
# if the embedded date lengths are valid per RFC 5280
# ( https://tools.ietf.org/html/rfc5280#section-4.1.2.5 ).
# Specifically, it looks for the case where the seconds
# field is omitted from the dates or where Zulu time
# is not used. RFC 5280 explicitly demands the use of
# seconds for certificates and CRLs, and requires that
# dates be specified in GMT (Zulu time) with a trailing