AI Certificate Sommelier

The world's most useless sommelier. We analyze your domain's SSL certificates and serve up absurdly snobby, AI-generated wine reviews and custom bottle art.

Comment 2

Inspiration

The tech industry often takes itself far too seriously, and hackathon projects are usually racing to solve the world's biggest productivity problems. I wanted to build the exact opposite: something technologically sophisticated but fundamentally, unapologetically useless. I looked at the most invisible, boring piece of internet infrastructure [SSL/TLS certificates] and decided they deserved to be treated with the absurd, pretentious reverence of a $5,000 bottle of wine.

What it does

AI Certificate Sommelier is a high-end tasting experience for your cryptographic appellations. You enter a domain name, and the application opens a secure socket to natively extract its SSL certificate data.

It then goes completely off the rails:

  1. Meaningless Metrics: It extrapolates arbitrary "Tasting Metrics" mathematically derived from the certificate's fingerprint, assigning it an arbitrary Vintage Score, "Hue" (CSS Hex code), and physical "Legs".
  2. Snobby Audio Review: It generates a heavily stylized, elitist review of the encryption keys, concluding with a terrible, unappetizing tech-food pairing (e.g., "pairs well with lukewarm Diet Coke").
  3. Generative Bottle Art: While the review is being read aloud by a deep, snobby voice, an AI pipeline dynamically paints a photorealistic picture of an ancient wine bottle, perfectly integrating the domain's actual favicon into the bottle's label.
  4. The Spit Bucket: Don't like the vintage? Hit the "Spit it out" button to violently reject the certificate.

How I built it

The frontend and backend are unified under a Next.js 16 App Router architecture.

  • Certificate Extraction: I used Node.js' native tls module to securely connect to the domain and scrape the peer certificate directly, avoiding third-party APIs.
  • The Sommelier Brain: I utilized the brand new @google/genai SDK. I lean on gemini-3-flash to rapidly synthesize the raw certificate JSON into the pretentious text review.
  • Audio Output: The text is piped into the ElevenLabs API via REST, using the ultra-low latency eleven_turbo_v2_5 model to generate the immersive, snobby voiceover.
  • Dynamic Imagery: I use Nano Banana Pro (Gemini 3.1 Flash Image Preview). I fetch the requested domain's high-res favicon, pass it to Nano Banana as an inlineData reference image, and instruct the model to bake that logo (along with the fake metrics) into a photorealistic visual of a wine bottle sitting in a server rack.

Challenges I ran into

Getting Node's native tls socket to cleanly resolve and reject handshake timeouts without crashing the serverless function took some tweaking. Additionally, prompting Gemini to consistently maintain its character - balancing sophisticated wine vocabulary with accurate cryptographic analysis (and forcing it to recommend awful food) - required some careful prompt engineering. Finally, integrating Nano Banana 2's image generation asynchronously required careful state handling so the user could read the review while waiting for the model to finish "painting" the bottle.

Accomplishments that I'm proud of

I am incredibly proud of how seamlessly the APIs orchestrate together. Pulling a real favicon, passing it into Gemini 3.1 Flash Image Preview as a reference image, and getting a totally unique, contextually-accurate wine bottle back feels like magic. I'm also proud of the bespoke frontend - I opted out of standard component libraries and built a custom "Vintage Paper" UI with CSS noise, custom typography, and Framer Motion to make the experience feel truly premium.

What I learned

I gained hands-on experience orchestrating multiple multimodal AI models in a single serverless flow. I learned the precise payload structures for the new @google/genai SDK, specifically how to pass base64 image references into the Nano Banana 2 (gemini-3.1-flash-image-preview) generation pipeline.

What's next for AI Certificate Sommelier

Hardware integration. I plan to build a physical "Spit Bucket" wired to an Arduino that triggers the UI to reject the certificate when you physically kick the bucket. Additionally, I'd like to implement an internal leaderboard tracking the worst, most "corked" certificates discovered by users globally!

Built With

Share this project:

Updates