step certificate lint

NAME

step certificate lint – lint certificate details

USAGE

step certificate lint crt_file [–roots=root-bundle]

DESCRIPTION

step certificate lint checks a certificate for common errors and outputs the result in JSON format.

POSITIONAL ARGUMENTS

crt_file
Path to a certificate or certificate signing request (CSR) to lint.

OPTIONS

–roots=roots
Root certificate(s) that will be used to verify the authenticity of the remote server.

roots is a case-sensitive string and may be one of:

file
Relative or full path to a file. All certificates in the file will be used for path validation.
list of files
Comma-separated list of relative or full file paths. Every PEM encoded certificate from each file will be used for path validation.
directory
Relative or full path to a directory. Every PEM encoded certificate from each file in the directory will be used for path validation.

EXIT CODES

This command returns 0 on success and >0 if any error occurs.

EXAMPLES

$ step certificate lint ./certificate.crt

Lint a remote certificate (using the default root certificate bundle to verify the server):

$ step certificate lint https://smallstep.com

Lint a remote certificate using a custom root certificate to verify the server:

$ step certificate lint https://smallstep.com --roots ./certificate.crt

Lint a remote certificate using a custom list of root certificates to verify the server:

$ step certificate lint https://smallstep.com \
--roots "./certificate.crt,./certificate2.crt,/certificate3.crt"

Lint a remote certificate using a custom directory of root certificates to verify the server:

$ step certificate lint https://smallstep.com --roots "./path/to/certificates/"