Enter Key:

Supported are X.509 certificates (CRT), Certificate Signing Requests (CSR), PEM public and private keys according to PKCS #1 and PKCS #8, and SSH public keys. (While supported, uploading private keys is obviously discouraged for production keys.)

Fill with test data

Success Stories


The badkeys service checks for these vulnerabilities:

Furthermore, the following discouraged practices are checked:

This project was created by Hanno Böck. The code checking for vulnerable keys is available on Github.

This work was funded in part by Industriens Fond through the CIDI project (Cybersecure IOT in Danish Industry) and in part by the Center for Information Security and Trust (CISAT) at the IT University of Copenhagen, Denmark.