verify_ca_based_cert

This script will verify a private key key.pem and a certificate-authority-based certificate cert.pem.

The following parameter is optional:

d

the directory ($PWD if not given) containing the key and certificate

On macOS, the CA root certificate will be verified in the "System" keychain also.

Ensure that the certificate authority has been created and a private key and certificate have been created before executing this script.

Copy the script into your Node.js project and add it as a custom script to your package.json file:

package.json
{
...
  "scripts": {
    "cert:verify": "scripts/verify_ca_based_cert.sh -d certs"
  }
}
$ node --run cert:verify

Usage

$ scripts/cert/verify_ca_based_cert.sh
$ scripts/cert/verify_ca_based_cert.sh -d ~/.local/secrets/certs/localhost
keychain: "/Library/Keychains/System.keychain"
...
    "labl"<blob>="Easy-RSA CA (2024-08-05, example-host)"
...
/Users/example/.local/secrets/certs/localhost/cert.pem
Certificate:
        Issuer: CN=Easy-RSA CA (2024-08-05, example-host)
        Validity
            Not Before: Aug  5 14:48:36 2024 GMT
            Not After : Sep  4 14:48:36 2024 GMT
        Subject: CN=localhost
...
            X509v3 Authority Key Identifier:
...
                DirName:/CN=Easy-RSA CA (2024-08-05, example-host)
...
            X509v3 Subject Alternative Name:
                DNS:localhost
...

Prerequisites