`step certificate inspect` allow for other url formats

[LecrisUT]

What would you like to be added

Currently the inspect command only detects https:// in order to switch to connecting and downloading the certificates. It does work for non http destination, but it would be convenient to detect other URLs like smtps, ldaps, etc. If it can pull the default ports as well, it would be awesome.

Why this is needed

Just for convenience.

[mmalone]

As a workaround, what happens if you use the https:// scheme + the correct port for those services (e.g., https://<domain>:465 for smtps)? I don't think we actually make an HTTP request... pretty sure we just dial TCP, complete the TLS handshake to obtain the server certificate, then hang up. So I think this should work.

[LecrisUT]

Yes, that indeed works. It just would be more convenient to use other url types and get the default ports for that. If it can work with STARTTLS, that would also be great. The only issue I can think of is the ambiguity if we use the URL as the file's location, e.g. an s3 url.

[maraino]

There are other schemes that you can use as a prefix, tcp://or tls://, and they are more generic.

[dopey]

Given that there are existing workarounds (albeit not as nice as automatically guessing the port), we're not going to prioritize a fix at this time. That said, if someone from the community would like to submit a PR that is careful not to take on any external dependencies (for doing the DB lookup from scheme to port), we'd definitely be interested.

[1984gobrr]

Hi, I would like to work on this issue.

[1984gobrr]

I made a PR

it's now possible to do step certificate inspect smtps://smtp.gmail.com

You can add url prefix and default port easily in
https://github.com/1984gobrr/cli/blob/8f96da645e900326b6fb0e1b19ad43c416bd9767/command/certificate/remote.go#L15-L20

[maraino]

This issue is now solved with #653