-
Notifications
You must be signed in to change notification settings - Fork 65
/
Copy pathshow-certificate
executable file
·75 lines (70 loc) · 2.1 KB
/
show-certificate
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/bin/bash
#
# show-certificate https://google.com github.com:443
#
# google.com:443 Issuer C=US, O=Google Trust Services, CN=GTS CA 1O1
# google.com:443 Not Before Sep 17 13:30:43 2019 GMT
# google.com:443 Not After Dec 10 13:30:43 2019 GMT
# ...
# github.com:443 Issuer C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 Extended Validation Server CA
# github.com:443 Not Before May 8 00:00:00 2018 GMT
# github.com:443 Not After Jun 3 12:00:00 2020 GMT
# ...
#
PROTOCOLS="https://|ldaps://|smtps://"
TMPDIR="/tmp/uli-war-da.$$"
cleanUp () {
rm -rf "${TMPDIR}"
}
trap cleanUp 0 1 2 3 4 5 6 7 8 9 10 12 13 14 15
TMPDIR="$(mktemp -d)"
while [ $# -gt 0 ]; do
if [ -f "$1" ]; then
case "$1" in
*.crt)
<"$1" openssl x509 -text \
|grep -E "^\s*(Subject:|Issuer:|Not |DNS:)"\
|(\
sed -e "s/^\s*//" -e 's/^\([^:]*\):/\1\t/' -e "s/DNS://g";
echo -e "MD5\t$(openssl x509 -noout -modulus <$1|openssl md5|sed -e "s/^[^ ]* //")"
)|while read l; do echo -e "$1\t$l"; done
;;
*.key)
echo -e "$1\tMD5\t$(openssl rsa -noout -modulus <"$1"|openssl md5|sed -e "s/^[^ ]* //")"
;;
esac
else
H="$1"
PR="https://"
PO=":443"
URL="$(echo "${H}"|grep -oE "(${PROTOCOLS})?[^:/]*(:[0-9]*)?"|head -1)"
HPR="$(echo "${URL}"|grep -oE "${PROTOCOLS}")"
HPO="$(echo "${URL}"|grep -oE ":[0-9]+")"
HO="${URL}"
if [ -n "${HPR}" ]; then
HO="$(echo "${HO}"|sed -e "s,${HPR},,")"
fi
if [ -n "${HPO}" ]; then
HO="$(echo "${HO}"|sed -e "s,${HPO},,")"
PO="${HPO}"
else
case "${HPR}" in
"https://")
PO=":443"
;;
"ldaps://")
PO=":636"
;;
"smtps://")
PO=":587"
;;
esac
fi
openssl </dev/zero s_client 2>/dev/null -connect "${HO}${PO}" -servername "${HO}"\
|openssl x509 -text >"${TMPDIR}/x509_text"
< "${TMPDIR}/x509_text" grep -E "^\s*(Subject:|Issuer:|Not |DNS:)"\
|sed -e "s/^\s*//" -e 's/^\([^:]*\):/\1\t/' -e "s/DNS://g" -e "s/^/${HO}${PO}\t/"
echo -e "${HO}${PO}\tMD5\t$(<"${TMPDIR}/x509_text" openssl x509 -noout -modulus|openssl md5|sed -e "s/^[^ ]* //")"
fi
shift
done