Skip to content
Recued
Menu
← Back to packs

OpenSSL X.509 Pack

by recued-core v1 app_pack

V3 deterministic certificate-inspection capability pack. By-value connector composition (service_kind=cli, no separate ingredient): one local OpenSSL CLI ingredient exposes readiness plus fixed X.509 inspection, subject, issuer/date, and 30-day expiry gate operations. The operations are path-based stdout text because the inspected certificate fields are the requested value output; this intentionally avoids combining file_ref materialization with value capture. Fixed-function and reproducible: no generic OpenSSL passthrough, no key generation, no signing, no certificate conversion, no CA/micro-CA options, no trust mutation, no password/provider/engine inputs, no network, and no arbitrary flags. Requires openssl on PATH (Debian/Ubuntu: apt install openssl; macOS: openssl or LibreSSL is commonly installed with system tools). Local and no-egress.

What this pack installs

  • openssl-x509 Ingredient

Trust & control

What installing this whole pack would let it do. Recued grants these permissions at install — review them there before approving.

Where it runs

Server only Runs on your server.

What it's allowed to do

Read Local CLI openssl read-only
Read: openssl.version · No approvalRead: cert.inspect · No approvalRead: cert.subject_read · No approvalRead: cert.issuer_dates_read · No approvalRead: cert.not_expiring_30d · No approval

Data it touches

SurfacesLocal CLI

About

Tags

pack:openssl-x509opensslx509certificateinspectsubjectexpiryclisecuritydeterministiclocal-servicev3composition