[GH-ISSUE #70] Show TLS Certificate PIN in Verbose Mode #51

New issue

Open

opened 2026-03-14 01:10:10 +03:00 by kerem · 0 comments

kerem commented

2026-03-14 01:10:10 +03:00

Owner

Originally created by @alexh3791 on GitHub (May 29, 2024).
Original GitHub issue: https://github.com/ameshkov/dnslookup/issues/70

If possible, I would like to be able to see the SHA-256 PIN of the TLS certificate (according to RFC 7858, Section 4.2) used by the DoT/DoH server I am querying against when I use dnslookup (either in DEBUG mode or through it’s own option).

An implementation similar to how kdig shows this information when using the “-d” option would be perfect. For example:

Thank you for this utility! It is simple to use and excellent.

Originally created by @alexh3791 on GitHub (May 29, 2024). Original GitHub issue: https://github.com/ameshkov/dnslookup/issues/70 If possible, I would like to be able to see the SHA-256 PIN of the TLS certificate ([according to RFC 7858, Section 4.2](https://www.rfc-editor.org/rfc/rfc7858.html#section-4.2)) used by the DoT/DoH server I am querying against when I use dnslookup (either in DEBUG mode or through it’s own option). An implementation similar to how kdig shows this information when using the “-d” option would be perfect. For example: ![IMG_0608](https://github.com/ameshkov/dnslookup/assets/4922894/8a7be034-ccda-454f-adf6-78a1fff7ba4b) Thank you for this utility! It is simple to use and excellent.