denis/cert-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b2f8cbdb0ed24de990a990ee1cad56b3a6e6b3f9
cert-tools/README.md
Denis b2f8cbdb0e Initial commit: CertTools SSL certificate toolkit 
Made-with: Cursor
2026-03-26 18:12:39 +03:00

116 lines
3.7 KiB
Markdown
Raw Blame History

# CertTools — SSL Certificate Toolkit
Web service for SSL/TLS certificate processing: decode PFX, analyze PEM certificates, verify certificate chains, match keys to certificates, and decode CSRs.
## Features
- **PFX/PKCS#12 Decoder** — Upload a `.pfx` / `.p12` file with password to extract the full certificate chain and private key
- **Certificate Decoder** — Paste PEM to view subject, issuer, validity, SANs, fingerprints, key usage, and more
- **Key Matcher** — Verify that a private key matches a certificate (RSA modulus comparison)
- **CSR Decoder** — Decode Certificate Signing Requests with signature verification
- **Chain Verifier** — Validate certificate chain order and trust links
## Tech Stack
- **Backend:** Node.js, Express, TypeScript, node-forge
- **Frontend:** React, TypeScript, Vite, Tailwind CSS
- **Icons:** Lucide React
## Quick Start (Development)
```bash
# Install all dependencies
npm run install:all
npm install
# Start both server and client in dev mode
npm run dev
```
Server runs on `http://localhost:3001`, client on `http://localhost:5173` (with API proxy).
## Production Build & Deployment
```bash
# 1. Install dependencies
cd server && npm install --production
cd ../client && npm install && npm run build
cd ..
# 2. Start production server
cd server
NODE_ENV=production PORT=3001 node -e "require('tsx/cjs'); require('./src/index.ts')"
# Or build server first:
cd server && npx tsc && NODE_ENV=production PORT=3001 node dist/index.js
```
In production the Express server serves the built frontend from `client/dist/`.
### Environment Variables
| Variable | Default | Description |
|----------|---------|-------------|
| `PORT` | `3001` | Server port |
| `NODE_ENV` | — | Set to `production` to serve static frontend |
### Reverse Proxy (nginx)
```nginx
server {
listen 443 ssl;
server_name certs.example.com;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://127.0.0.1:3001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 10m;
}
}
```
## Project Structure
```
cert-tools/
├── server/ # Express API
│ └── src/
│ ├── index.ts # Server entry point
│ ├── routes/
│ │ └── certificates.ts # API endpoints
│ └── services/
│ └── certService.ts # Certificate processing logic
├── client/ # React frontend
│ └── src/
│ ├── App.tsx # Main app with tool navigation
│ ├── api.ts # API client
│ ├── types.ts # Shared TypeScript types
│ └── components/
│ ├── Header.tsx
│ ├── FileUpload.tsx
│ ├── CopyButton.tsx
│ ├── CertificateInfo.tsx
│ ├── PfxDecoder.tsx
│ ├── PemDecoder.tsx
│ ├── KeyMatcher.tsx
│ ├── CsrDecoder.tsx
│ └── ChainVerifier.tsx
└── package.json # Root scripts
```
## API Endpoints
| Method | Path | Description |
|--------|------|-------------|
| POST | `/api/decode/pfx` | Decode PFX file (multipart: `file` + `password`) |
| POST | `/api/decode/pem` | Decode PEM certificate(s) (JSON: `{ pem }`) |
| POST | `/api/decode/csr` | Decode CSR (JSON: `{ pem }`) |
| POST | `/api/match` | Match cert & key (JSON: `{ certificate, privateKey }`) |
| POST | `/api/chain/verify` | Verify cert chain (JSON: `{ pem }`) |
Reference in New Issue View Git Blame Copy Permalink