Package filippo.io/intermediates embeds a bundle of known unexpired, unrevoked intermediate certificates chaining to roots in the Mozilla Root Program

Overview

filippo.io/intermediates

Package intermediates embeds a list of known unexpired, unrevoked intermediate certificates chaining to roots with Websites trust in the Mozilla Root Program.

This dataset is useful to establish connections to misconfigured servers that fail to provide a full certificate chain but provide a valid, publicly trusted end-entity certificate. Some browsers implement similar strategies to successfully establish connections to these sites.

https://pkg.go.dev/filippo.io/intermediates

This is not an official or supported Google product, just some code that happens to be owned by Google.

You might also like...
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe

Epaper - Driver and example program for tri-color 7.5" 880x528 waveshare eink display

epaper Driver and example program for tri-color 7.5" 880x528 waveshare eink display It's a work in progress, which lacks a lot of safeguarding (meanin

A simple program able to listen to the pending transactions of the Ethereum mempool. Written in Go.

eth-mempool-listener-go A simple program able to listen to the pending transactions of the Ethereum mempool. How does it work ? It creates a set of cl

A simple, semantic and developer-friendly golang package for encoding&decoding and encryption&decryption

A simple, semantic and developer-friendly golang package for encoding&decoding and encryption&decryption

Encryption & Decryption package for golang

encdec Encryption & Decryption package for golang func main() { startingTime := time.Now() privKey, pubKey := GenerateRsaKeyPair() fmt.Println("Priva

Package pinentry provides a client to GnuPG's pinentry.

Package pinentry provides a client to GnuPG's pinentry.

ECIES implementation forked of the `crypto/ecies` package from Ethereum

# NOTE This implementation is direct fork of Kylom's implementation. I claim no authorship over this code apart from some minor modifications. Please

Culture - A package that gets a random name from the Culture series' ships Minds.

culture A package that gets a random name from the Culture series' ships Minds. Getting started This project requires Go to be installed. On OS X with

A fully Go userland with Linux bootloaders! u-root can create a one-binary root file system (initramfs) containing a busybox-like set of tools written in Go.

u-root Description u-root embodies four different projects. Go versions of many standard Linux tools, such as ls, cp, or shutdown. See cmds/core for m

Go package to embed the Mozilla Included CA Certificate List

rootcerts Package rootcerts provides an embedded copy of the Mozilla Included CA Certificate List, more specifically the PEM of Root Certificates in M

A multi-pass compiler written in Go comprised of scanner, recursive-descent parser, generation of AST, intermediate representation (ILOC), and code generation (Armv8).

GoLite Project - Go Huskies! This is a project conducted and led in the course MPCS 51300 Compilers at the University of Chicago. In a group of two, w

:file_folder: Embeds static resources into go files for single binary compilation + works with http.FileSystem + symlinks

Package statics Package statics embeds static files into your go applications. It provides helper methods and objects to retrieve embeded files and se

DEPRECATED. Embeds mruby (mini Ruby) VM into Go.

GoMRuby Package gomruby embeds mruby (mini Ruby) VM into Go. Documentation. Installation It's slightly more than just go get: go get -d github.com/Ale

Go Manager - bundle for go

gom - Go Manager Why The go get command is useful. But we want to fix the problem where package versions are different from the latest update. Are you

Bundle k6 with extensions as fast and easily as possible

xk6bundler xk6bundler is a CLI tool and GitHub Action makes bundle k6 with extensions as fast and easily as possible. Features Build for multiple targ

Flashbots utilities in Go: Blocks & Transactions API, and tools to spot bundle and block irregularities

Utilities for Flashbots Go API client for the mev-blocks API for information about Flashbots blocks and transactions Detect bundle errors: (a) out of

Ruleguard ruleset bundle for testify.

Ruleguard ruleset bundle for testify.

asciigrid is a Go package that implements decoder and encoder for the Esri ASCII grid format, also known as ARC/INFO ASCII GRID.

asciigrid asciigrid is a Go package that implements decoder and encoder for the Esri ASCII grid format, also known as ARC/INFO ASCII GRID. Install go

Comments
  • Measure and somewhat optimize binary size overhead

    Measure and somewhat optimize binary size overhead

    The certificates.go file is 2.5MB, so the binary size overhead should be similar.

    There should be an easy win in compressing the data and using the embed package to load it, decompressing on first invocation.

    opened by FiloSottile 0
Owner
Filippo Valsorda
Cryptogopher. Go security lead. @recursecenter alum. RC F'13, F2'17.
Filippo Valsorda
Build a local copy of Known Exploited Vulnerabilities Catalog by CISA. Server mode for easy querying.

go-kev go-kev build a local copy of Known Exploited Vulnerabilities Catalog by CISA. Usage $ go-kev help Go Known Exploited Vulnerabilities Usage:

MaineK00n 14 Oct 30, 2022
Build a local copy of Known Exploited Vulnerabilities Catalog by CISA. Server mode for easy querying.

go-kev go-kev build a local copy of Known Exploited Vulnerabilities Catalog by CISA. Usage $ go-kev help Go Known Exploited Vulnerabilities Usage:

null 14 Oct 30, 2022
Certificate monitoring utility for watching tls certificates and reporting the result as metrics.

cert-checker cert-checker is a certificate monitoring utility for watching tls certificates. These checks get exposed as Prometheus metrics to be view

Frederik Mogensen 88 Dec 6, 2022
mkcert is a simple tool for making locally-trusted development certificates

A simple zero-config tool to make locally trusted development certificates with any names you'd like.

Filippo Valsorda 39k Jan 5, 2023
Tooling to validate HTTPS Certificates and Connections Around Web 🕷️

Cassler - SSL Validator Tool If your read fast, it's sounds like "Cassia Eller" Tooling to validate HTTPS Certificates and Connections Around Web ??️

Matheus Fidelis 55 Sep 14, 2022
gdn is a Go module to get domain name from SSL certificates given an IP address

Get Domain Name gdn is a Go module to get domain name from SSL certificates given an IP address Installation Instructions From Source gdn requires go1

Sai Krishna Kothapalli 16 Nov 9, 2022
Golang Library for automatic LetsEncrypt SSL Certificates

Obtains certificates automatically, and manages renewal and hot reload for your Golang application. It uses the LEGO Library to perform ACME challenges, and the mkcert utility to generate self-signed trusted certificates for local development.

Foomo web framework 183 Dec 23, 2022
Generate and sign TSL certificates with ease.

certctl Manage certificates with ease.

Chen Zhiwei 9 Oct 20, 2022
PKI support for SSH certificates

PKI certificates for SSH Introduction SSH certificates are limited in their usefulness - a certificate can only be signed with a single CA key, so no

Matthew Garrett 43 Nov 1, 2022
For whatever reason you want to transfer TLS certificates in kubernetes to Qiniu CDN

Qiniu Certificate Sync For whatever reason you want to transfer TLS certificates in kubernetes to Qiniu CDN This app will upload provided TLS secrets

null 2 Oct 21, 2021