Parse x509 certificate string in node
我需要使用node.js解析x509证书字符串(最好是通过crypto api本地解析)。我需要执行此操作,以便获得包含证书的到期日期的对象,因此我知道何时自动更新它。
我不知道从哪里开始
这是我要解析的示例证书
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | -----BEGIN CERTIFICATE----- MIIDqDCCApCgAwIBAgICKg8wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCVVMx EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxJDAiBgNVBAoT G2dldGFDZXJ0IC0gd3d3LmdldGFjZXJ0LmNvbTAeFw0xOTExMDYwNjMwNDNaFw0y MDAxMDUwNjMwNDNaMIGJMQswCQYDVQQGEwJBVTELMAkGA1UECBMCU0ExGjAYBgNV BAcTEVJvc3RyZXZvciBTQSA1MDAwMRAwDgYDVQQKEwdDb3JzdGV4MRcwFQYDVQQD Ew5BbGJlcnQgTWFyYXNoaTEmMCQGCSqGSIb3DQEJARYXYWxiZXJ0bWFzaHlAb3V0 bG9vay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdPRTB3j6k XeylM4Tf7+s7YtjnGgc8Zseh4nX22xpo+sE+pYvOLu4NexprToJ64Yi/SMmBk9u2 0EkrvhWVkA1n8VyU6Oh57Oeg7cDMkqoabJ2CJBn/Z5AF3xrE9GYoymGsfHThd6nQ JD/HRcErWGyAEwbnNG5CpwySVrMHo2A5va4pDwiDqQAf5rNLP0swtV7Q6UC6eJXs I5Gbv3bhD8i44DLkj6rbY8uWClhns5XSG5R+rTwoYHkLolLPLj6Em7QtJKPyDsp1 6lzsjLsgzmRixFDhqI3HUlGUnAu6gwwxvP53qhSUi88sKe4M37med5HSAxv+U7A9 rr1js4ey84/9AgMBAAGjSDBGMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgTw MAsGA1UdDwQEAwIFIDAZBgNVHREEEjAQgg5BbGJlcnQgTWFyYXNoaTANBgkqhkiG 9w0BAQsFAAOCAQEAnXQAvyYE10bc5V9AsjT4x8xyI5AZ6su9OXEDuBFQi2UGvwtb hhrBZ79Y3KfomXmwtHNVzo6V7dG+9yoDykaKb/Ub72VqF9ZKZArgglMFlGhAk90c msxWGm7sHLBlt2yjkvnAtt1EtnbOtmuPNGOA7yALTN9/uzBPoTgkjuI1Fkb1uHc1 gynJpqrT0r/qJp0aDxO2SokWYzv/SRCfQTeLMZ5dctHWb8UnsEzt578zYmlDwVof tOniZVO5TwnXCaWOPjG9XKbW6wHUyMWbulxM9SJUeIjFI2ipQuW8O7Vd94aEyH8o lc8zFSWoNxamcoX+4ajrs9VbNXythJ91UAtvtA== -----END CERTIFICATE----- |
1 2 3 4 5 | const forge = require('node-forge') const cert = forge.pki.certificateFromPem(pem) cert.validity.notAfter // => 2020-01-05T06:30:43.000Z |
我需要同样的东西,但没有使用任何第三方。似乎可以做到:
1 2 3 4 5 6 7 8 9 10 | let tls = require('tls'); let net = require('net'); let secureContext = tls.createSecureContext({ cert: yourPemCertificateString }); let secureSocket = new tls.TLSSocket(new net.Socket(), { secureContext }); let cert = secureSocket.getCertificate(); |
这应该返回证书对象。
此后可能还应该调用secureSocket.destroy()。