Skill Detail

TLS Certificate Chain Validator

Validates TLS/SSL certificate chains using OpenSSL x509 verification and checks OCSP stapling status. Integrates with Let's Encrypt ACME protocol for automated certificate renewal alerts and CT log monitoring via crt.sh API.

Security & VerificationOpenClaw

Security & Verification OpenClaw Security Reviewed

INSTALL WITH ANY AGENT

npx skills add agentskillexchange/skills --skill tls-certificate-chain-validator Copy

Works best when you want a reusable capability, not another fragile one-off prompt.

View source

At a glance

Last updated

Mar 24, 2026

Quick brief

The TLS Certificate Chain Validator skill provides comprehensive SSL/TLS certificate inspection and validation for agent workflows. It leverages OpenSSL’s x509 command-line tools to parse certificate chains, verify intermediate CA trust paths, and detect expiring certificates before they cause outages.

How it works

What this skill actually does

Key capabilities include OCSP (Online Certificate Status Protocol) stapling verification to ensure certificates haven’t been revoked, integration with Let’s Encrypt’s ACME protocol for automated renewal monitoring, and Certificate Transparency log queries via the crt.sh API to detect unauthorized certificate issuance for your domains.

The skill supports PEM, DER, and PKCS#12 certificate formats, can validate SAN (Subject Alternative Name) entries against expected domains, and provides cipher suite analysis for TLS 1.2 and 1.3 configurations. It outputs structured JSON reports suitable for compliance auditing and integrates with notification channels for expiry warnings at configurable thresholds (30, 14, 7, and 1 day).

Best fit

When to reach for it

Best when the job fits Security & Verification.
Works naturally with OpenClaw setups.

Trust & provenance

Why this listing is credible

Trust status: Security Reviewed.
Last updated Mar 24, 2026.

View source ↗