diff --git a/man/certspotter-script.md b/man/certspotter-script.md index 9264a8c..e781a31 100644 --- a/man/certspotter-script.md +++ b/man/certspotter-script.md @@ -152,23 +152,10 @@ The JSON file contains an object with the following fields: : A string containing the hex-encoded SHA-256 digest of the TBSCertificate, as defined in RFC 6962 Section 3.2. Certificates and their corresponding precertificates have the same `tbs_sha256` value. -`cert_sha256` - -: A string containing the hex-encoded SHA-256 digest (sometimes called fingerprint) of the certificate. - The digest is computed over the ASN.1 DER encoding. - `pubkey_sha256` : A string containing the hex-encoded SHA-256 digest of the certificate's Subject Public Key Info. -`issuer_der` - -: A base64 string containing the certificate's DER-encoded issuer distinguished name. - -`subject_der` - -: A base64 string containing the certificate's DER-encoded subject distinguished name. - `dns_names` : An array of strings containing the DNS names for which the @@ -191,10 +178,8 @@ The JSON file contains an object with the following fields: : A string containing the not after (expiration) time of the certificate in RFC3339 format. Null if there was an error parsing the certificate's validity. -`serial_number` - -: A string containing the hex-encoded serial number of the certificate. Prefixed with a minus (-) sign if negative. - Null if there was an error parsing the serial number. +Additional fields will be added in the future based on user feedback. Please open +an issue at if you have a use case for another field. # EXAMPLES @@ -227,18 +212,14 @@ Example JSON file for a discovered certificate: ``` { - "cert_sha256": "3cdc83b3932c194fcdf17aa2bf1abc34e8438b293c3d5c70693e175b38ff128a", "dns_names": [ "sslmate.com", "www.sslmate.com" ], "ip_addresses": [], - "issuer_der": "MIGPMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxNzA1BgNVBAMTLlNlY3RpZ28gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0E=", "not_after": "2024-01-26T03:47:26Z", "not_before": "2023-01-31T03:47:26Z", "pubkey_sha256": "33ac1d9b9e56005ccac045eac2398b3e9dd6b3f5b66ae6260f2d478c7c0d82c8", - "serial_number": "c170fbf3bf27481e5c351a4db6f2dc5f", - "subject_der": "MBYxFDASBgNVBAMTC3NzbG1hdGUuY29t", "tbs_sha256": "2388ee81c6f45cffc73e68a35fa8921e839e20acc9a98e8e6dcaea07cbfbdef8" } ``` diff --git a/monitor/discoveredcert.go b/monitor/discoveredcert.go index 9b39be0..4023597 100644 --- a/monitor/discoveredcert.go +++ b/monitor/discoveredcert.go @@ -52,10 +52,7 @@ func (cert *discoveredCert) pemChain() []byte { func (cert *discoveredCert) json() []byte { object := map[string]any{ "tbs_sha256": hex.EncodeToString(cert.TBSSHA256[:]), - "cert_sha256": hex.EncodeToString(cert.SHA256[:]), "pubkey_sha256": hex.EncodeToString(cert.PubkeySHA256[:]), - "issuer_der": cert.Info.TBS.Issuer.FullBytes, - "subject_der": cert.Info.TBS.Subject.FullBytes, "dns_names": cert.Identifiers.DNSNames, "ip_addresses": cert.Identifiers.IPAddrs, } @@ -68,12 +65,6 @@ func (cert *discoveredCert) json() []byte { object["not_after"] = nil } - if cert.Info.SerialNumberParseError == nil { - object["serial_number"] = fmt.Sprintf("%x", cert.Info.SerialNumber) - } else { - object["serial_number"] = nil - } - jsonBytes, err := json.Marshal(object) if err != nil { panic(fmt.Errorf("encoding certificate as JSON failed unexpectedly: %w", err))