Commands Reference

Complete list of all SSLens commands with detailed descriptions and usage instructions.

💡

Accessing Commands

All commands can be accessed via the Command Palette. Press Cmd+Shift+P (macOS) or Ctrl+Shift+P (Windows/Linux) and type "SSLens" to see all available commands.

Certificate Fetching

Command Description
SSLens: Fetch Certificate from URL Fetches an SSL certificate from a remote domain. Prompts for the domain name and optional port number. Displays the certificate details in a new panel.
SSLens: Inspect Local Certificate File Opens a file picker to select a local certificate file (.pem, .crt, .cer, .der). Supports certificate chain files (multiple PEM certs in one file). Displays full X.509 details including Subject, Issuer, Validity, Key Info, SANs, and pinning hashes.
SSLens: Bulk Fetch Certificates Fetches certificates from multiple domains at once. Enter domains separated by newlines or commas. Shows a summary view of all certificates.

Fetch Certificate from URL

This is the primary command for fetching SSL certificates. It supports:

  • Simple domains: github.com
  • Subdomains: api.github.com
  • Custom ports: example.com:8443
  • Full URLs: https://api.github.com/v1/users (domain is extracted)

Export & Copy Commands

Command Description
SSLens: Export as PEM Exports the current certificate in PEM format. Opens a save dialog to choose the destination file.
SSLens: Export as DER Exports the current certificate in binary DER format. Useful for Java applications and Windows.
SSLens: Copy Public Key Hash (SHA-256) Copies the Base64-encoded SHA-256 hash of the public key to clipboard. Used for SSL pinning.
SSLens: Copy SPKI Hash Copies the Subject Public Key Info hash to clipboard. Modern pinning format.

Chain Export Commands

Command Description
Export All (PEM) Exports the entire certificate chain as a single PEM bundle file. Each certificate includes identifying comments (Leaf/Intermediate/Root).
Export All (DER) Exports all certificates in the chain as separate DER files to a selected folder. Files are named with domain and type (leaf, intermediate, root).
Individual Chain Export Hover over any certificate in the Chain view to reveal PEM and DER export buttons for that specific certificate.

Export Formats Explained

PEM (Privacy Enhanced Mail): Base64-encoded ASCII format, the most common certificate format. Used by Apache, nginx, and most other servers.

DER (Distinguished Encoding Rules): Binary format commonly used in Java environments and Windows certificate stores.

Pinning Code Commands

Command Description
SSLens: Generate Pinning Code Generates SSL pinning code for the current certificate. Prompts to select a platform (Android, iOS, Flutter, React Native, etc.) and displays the ready-to-use code.

Supported Platforms

When you run the pinning code generator, you can choose from:

  • Android (OkHttp/Retrofit) - Kotlin code with CertificatePinner
  • Android (Network Security Config) - XML configuration file
  • iOS (URLSession) - Swift delegate implementation
  • iOS (Alamofire) - ServerTrustManager configuration
  • Flutter (Dio) - Dart with BadCertificateCallback
  • React Native - SSL pinning library configuration
  • Node.js - HTTPS agent with checkServerIdentity
  • Python (Requests) - Session with certificate verification

Domain Management Commands

Command Description
SSLens: Save Domain to Favorites Adds the current domain to saved favorites for quick access from the sidebar.
SSLens: Remove Domain from Favorites Removes a domain from the saved favorites list.
SSLens: Refresh Saved Domains Refreshes the certificate information for all saved domains.
SSLens: Edit Domain Alias Sets a friendly name/alias for a saved domain (e.g., "Production API").
SSLens: Export Saved Domains Exports all saved domains to a JSON file for backup or sharing.
SSLens: Import Saved Domains Imports domains from a previously exported JSON file.

Analysis & Validation Commands

Command Description
SSLens: Check Certificate Expiry Checks the expiration status of saved domains. Shows remaining days and warning indicators for expiring certificates.
SSLens: Compare Two Certificates Compares certificates from two different domains side-by-side. Useful for comparing staging vs production environments.
SSLens: Validate Certificate Chain Validates the complete certificate chain, checking for proper signing, expiry, and trust chain integrity.

Expiry Status Indicators

The expiry check shows visual indicators:

  • Valid - More than 30 days remaining
  • Warning - Less than 30 days remaining
  • Critical/Expired - Less than 7 days or already expired

Keyboard Shortcuts

SSLens doesn't define default keyboard shortcuts to avoid conflicts with other extensions. However, you can easily add custom shortcuts:

Adding Custom Shortcuts

  1. Open Keyboard Shortcuts (Cmd+K Cmd+S on macOS)
  2. Search for "SSLens"
  3. Click the + icon next to any command
  4. Press your desired key combination

Recommended Shortcuts

Here are some suggested shortcuts for common commands:

Command Suggested Shortcut (macOS) Suggested Shortcut (Windows)
Fetch Certificate from URL Cmd+Shift+S Cmd+F Ctrl+Shift+S Ctrl+F
Generate Pinning Code Cmd+Shift+S Cmd+P Ctrl+Shift+S Ctrl+P
Copy Public Key Hash Cmd+Shift+S Cmd+C Ctrl+Shift+S Ctrl+C

keybindings.json Example

Add these to your keybindings.json file:

JSON 
[
    {
        "key": "cmd+shift+s cmd+f",
        "command": "sslens.fetchCertificate",
        "when": "editorTextFocus"
    },
    {
        "key": "cmd+shift+s cmd+p",
        "command": "sslens.generatePinningCode"
    },
    {
        "key": "cmd+shift+s cmd+c",
        "command": "sslens.copyPublicKeyHash"
    }
]