kindwolf.org Git repositories xavierg-snippets / master 3-bash-functions-to-check-tls-x509-certificates / tls-functions.sh
master

Tree @master (Download .tar.gz)

tls-functions.sh @masterraw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# Fetch a remote TLS certificate:
function tlscertget {
	local domain="${1}"
	shift
	openssl s_client \
		-connect "${domain}" \
		-servername "${domain}" \
		"$@" < /dev/null 2> /dev/null |\
		sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
}

# Show (in text form) a certificate passed through stdin; display
# full details (-text) if invoked without any argument. See man x509 for
# possible options.
function tlscertshow {
	if [ $# -eq 0 ]; then
		openssl x509 -noout -text
	else
		openssl x509 -noout "$@"
	fi
}

# Fetch a remote TLS certificate and display its subject, issuer and dates.
function tlscertcheck {
	local domain="${1}"
	shift
	tlscertget "${domain}" | tlscertshow -subject -issuer -dates "$@"
}