Version 1.9.2

Fixes

• Fix issues with certificates that have DNS name constraints (b0d0880)

Features

• Display SPIFFE URI names on certificates that have them (#146, #147)
• Add HTTP(S) CONNECT proxy support to the connect command (15a4a95)
• Show OCSP and AIA info when dumping certificates (1929b65)
• Add warning for certs w/o subject alt names (897051b)

Note that this release requires Go 1.9 to build.

Version 1.9.1

Fixed version number reported in --version. Added a new OID in lib/oids.go.

Version 1.9.0

New features

• Support setting SMTP EHLO name via --identity flag in connect (#136)
• Can show requested client certificate info from remote servers (#137)

Fixes

• Fix a bug in the PKCS#7 sub-package and handle errors better (#138)

Version 1.8.0

New features

• Human-readable TLS cipher strings (#124)
• Support Start-TLS for FTPS in explicit mode (#125)
• Make default output less verbose (#127, #130)
• Support timeouts for connect command (#128)

The new default output for dump and connect is less verbose than before, in an effort to make it easier to read for humans. A new --verbose flag will bring back the old, more verbose output with all the details. Text output is not guaranteed to be stable and screen-scraping certigo is not recommended. For scraping, use the --json flag instead.

Version 1.7.0

New features
Show TLS version and cipher suite in connect (#119)
Added support for StartTLS for SMTP (#113)
Added support for StartTLS for LDAP (#115)
Added short options for flags (#123)
Support colored output on Windows (#117)

Note that certigo now requires Go 1.8 to build from source. However, pre-built binaries are available for Linux, macOS (Darwin) and Windows on amd64 (see below).

Version 1.6.0

New features
Support for StartTLS for MySQL (#108)
Support for StartTLS for PostgreSQL (#109)

Fixes
Don't write to stderr in lib (#103)
Better RDN printing, e.g. for EV certs (#104)
Avoid panic in in jceks package (#105)

Version 1.5.0

New features
Support for client certificates in certigo connect (#100, 0fcec90)
Include encoded cert PEM in JSON output (#98, fc82546)

Other changes
Factor out useful functions into library (#99, d9d52c5)

Version 1.4.0

New features
Add JSON output for commands, can be enabled with --json flag (#94, #96)
Add new verify command to allow validating a cert chain from a file (#95)

Other changes
Strip PEM headers when writing PEM blocks, as OpenSSL doesn't like them (#91)
Use Go 1.7 for target build, add more output/layout tests (95965e1)

Version 1.3.0

Notable changes
Support for PKCS7 container format (#87, #88)
Support multiple X.509 certificates in DER streams (#88)
Small changes to make Certigo build with Go 1.5 (#86)

Version 1.2.0

Notable changes
Update connect command to verify server certificates and display results (#77, 69d0b78)
Drop pem command in favor of --pem flag (works for all commands) (#80, c54d766)
Add --password flag to allow automating dumps of PKCS12/JCEKS key stores (#81, c6c7dac)