X509 certificates

Source: R/cert.R

Read, download, analyze and verify X.509 certificates.

cert_verify(cert, root = ca_bundle())

download_ssl_cert(host = "localhost", port = 443, ipv4_only = FALSE)

ca_bundle()

Arguments

cert

certificate (or certificate-chain) to be verified. Must be cert or list or path.

root

trusted pubkey or certificate(s) e.g. CA bundle.

host

string: hostname of the server to connect to

port

string or integer: port or protocol to use, e.g: 443 or "https"

ipv4_only

do not use IPv6 connections

See also

read_cert

Examples

# \donttest{
# Verify the r-project HTTPS cert
chain <- download_ssl_cert("cran.r-project.org", 443)
print(chain)
#> [[1]]
#> [x509 certificate] *.r-project.org
#> md5: f2fd582020e3edf41afe379efb87e2e9
#> sha1: e5977234e9c41f52fdb346a1d78fbf599641e9e1
#> 
#> [[2]]
#> [x509 certificate] Sectigo RSA Domain Validation Secure Server CA
#> md5: adab5c4df031fb9299f71ada7e18f613
#> sha1: 33e4e80807204c2b6182a3a14b591acd25b5f0db
#> 
#> [[3]]
#> [x509 certificate] USERTrust RSA Certification Authority
#> md5: 285ec909c4ab0d2d57f5086b225799aa
#> sha1: d89e3bd43d5d909b47a18977aa9d5ce36cee184c
#> 
#> [[4]]
#> [x509 certificate] AAA Certificate Services
#> md5: 497904b0eb8719ac47b0bc11519b74d0
#> sha1: d1eb23a46d17d68fd92564c2f1f1601764d8e349
#> 
cert_data <- as.list(chain[[1]])
print(cert_data$pubkey)
#> [2048-bit rsa public key]
#> md5: 6b372d9b5c5759fbb28baf03c609730a
#> sha256: a76811fbe1608aeeb74f077b63e07c8fea82fdf4789c01c7b5b975a8958eb12b
print(cert_data$alt_names)
#> [1] "*.r-project.org" "r-project.org"  
cert_verify(chain, ca_bundle())
#> [1] TRUE

# Write cert in PEM format
cat(write_pem(chain[[1]]))
#> -----BEGIN CERTIFICATE-----
#> MIIGNTCCBR2gAwIBAgIQD8wPMJ8qcbVwLqI6nzpbfzANBgkqhkiG9w0BAQsFADCB
#> jzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
#> A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQD
#> Ey5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB
#> MB4XDTI0MTIwNzAwMDAwMFoXDTI2MDEwNzIzNTk1OVowGjEYMBYGA1UEAwwPKi5y
#> LXByb2plY3Qub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0P3M
#> fB8jFvUgiybAv1Cmk4f0bJEN9y3onMtKa5QXNg5t05P5tQ5+3KcBmUK7EuGpNSGl
#> eVq6HiY1lMxImiR+SsuLyThliWF6F8OUxwxca2mgpOAj3f3ELhZHs2OorhGDkbjW
#> KLpFfcYF4X2hiTeCvBmp+h4vLMmOh6pzokrfPOxlGXJDu00Bd0YrIT5Wy88dBte4
#> p5YYoAxbaBXpxv8dONxMJCBSeqc9YwPIf1LNvUcNfvOdwMDWf5zqbWlBZLult7l4
#> H+Ey2FJ+jcz0imOpSd+IKUqAVUCCFPIY89mN3MJSM4EJ68Nqpcw5hZombYz02jK7
#> wc7OUB37IDgR73OY/wIDAQABo4IC/zCCAvswHwYDVR0jBBgwFoAUjYxexFStiuF3
#> 6Zv5mwXhuAGNYeEwHQYDVR0OBBYEFAnIMghgCgq5FuZgZW2gz333Rr0yMA4GA1Ud
#> DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
#> BgEFBQcDAjBJBgNVHSAEQjBAMDQGCysGAQQBsjEBAgIHMCUwIwYIKwYBBQUHAgEW
#> F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMAgGBmeBDAECATCBhAYIKwYBBQUHAQEE
#> eDB2ME8GCCsGAQUFBzAChkNodHRwOi8vY3J0LnNlY3RpZ28uY29tL1NlY3RpZ29S
#> U0FEb21haW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCMGCCsGAQUFBzAB
#> hhdodHRwOi8vb2NzcC5zZWN0aWdvLmNvbTApBgNVHREEIjAggg8qLnItcHJvamVj
#> dC5vcmeCDXItcHJvamVjdC5vcmcwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2
#> AJaXZL9VWJet90OHaDcIQnfp8DrV9qTzNm5GpD8PyqnGAAABk6N4C7MAAAQDAEcw
#> RQIgUD1mFpuaklb8izQdpzLlZG81d114jy4eT0qnT2QEoH4CIQDgHfJ+mMgtPAnI
#> H1faWXBpD6gG0iyzjopaztiZXTpzsgB2ABmG1Mcoqm/+ugNveCpNAZGqzi1yMQ+u
#> zl1wQS0lTMfUAAABk6N4C70AAAQDAEcwRQIgNTkfmJTzBMsh+YqmfDbbYdN+Fiza
#> kZoGWUkZlO8zfUUCIQC20LHC3tn7oZS8kDGhIhuRQmlYaM40D/XPXqnmm9y5YwB1
#> AMs49xWJfIShRF9bwd37yW7ymlnNRwppBYWwyxTDFFjnAAABk6N4C7wAAAQDAEYw
#> RAIgNJSJ7NBwv+rJZos5IW5iGcTYV33K7vhuVOw6wLUhk2MCIGAsjNbUvSvLp5u9
#> ibGwfCkSoOlDe7Co6YuTOTFXPUrfMA0GCSqGSIb3DQEBCwUAA4IBAQCx9uxyNMl4
#> KzJDM0AD747FRB84wgktAKXOiwJKffO42vQSkUBYnOuf2ncBtSYEQxqT6+VUcv8S
#> WsCyaM6SGkzvauxAtVsiR7aS+Ro9td/0CX0yu/EZOyNtKwqGK0juIEp81Boh5BON
#> +rifYi/dPNepp5guJdFpQT7hW8fBGQjMc6lsiQ2GbMLUV1uT2A9Fo2iveEtEUHhu
#> BtigISzyoQgbBWgsE7DHLscFvVUEJgeEjkiRyQ70RZdFK6MV4YaM7b6QdaLq6s4w
#> O0mz2tUWv72E0lmdDmu29wxu+/jAq9EdyJ+yX9BpikGnx2o4WxErADlH7ll6nMmG
#> ZW/zkMqEW/1I
#> -----END CERTIFICATE-----
# }