Hacker News: phil_rhttps://news.ycombinator.com/user?id=phil_rHacker News RSShttps://hnrss.org/hnrss v2.1.1Mon, 13 Apr 2026 08:19:22 +0000<![CDATA[New comment by phil_r in "Ask HN: What Are You Working On? (April 2026)"]]>I built a desktop X.509 certificate decoder, and a user recently asked for a CLI version that outputs JSON — so I ended up building x509dump.

It’s a command-line tool for decoding certificates and CSRs into structured JSON rather than OpenSSL-style text output.

It decodes the underlying ASN.1/DER structure so fields and extensions are fully expanded, making the output easier to work with programmatically.

I’m planning to expand it to support more PKI artefacts (e.g. CRLs, Keys) over time.

I’m also planning to handle less well-formed inputs (e.g. missing PEM headers/footers, whitespace, or extra surrounding text), which tends to come up in real-world data.

It’s free to download — would be great to get feedback if anyone tries it.

https://www.redkestrel.co.uk/products/x509dump

]]>Mon, 13 Apr 2026 02:05:09 +0000https://news.ycombinator.com/item?id=47746705phil_rhttps://news.ycombinator.com/item?id=47746705https://news.ycombinator.com/item?id=47746705