X.509 Check: A Tool to Check the Safety and Security of Digital Certificates

Digital certificates, the primary mechanism for providing secure communications in the Internet, have been widely deployed. In this paper, we propose X.509 Check, a tool designed to analyze the security properties and the quality of digital certificates. X.509 Check can be used to verify digital certificates and provide a deep analysis on the quality and configuration of any digital certificate using more than 30 security features. It can be useful for auditors, system administrators, and security officers. This paper aims to create a straightforward evaluation approach, allowing auditors and administrators to use the X.509 Check tool to examine any digital certificate without the need to become X.509 standard experts. We also report our findings of using this tool to check against one hundred X.509 digital certificates. Our results reveal the existence of many issues and problems that could lead to serious security risks.