Apkawa/gen_cacert.sh

## gen_cacert.sh
#!/bin/bash
# Usage
# gen_cacert.sh cert /usr/share/ca-certificates/mozilla/ > cacert.pem
# gen_cacert.sh cert example.com > cacert.pem
# gen_cacert.sh cert /usr/share/ca-certificates/mozilla/ example.com > cacert.pem

set -e

function fetch_cert() {
  DOMAIN=$1
  OUT=${2:-/dev/stdout}
  # Maybe domain
  echo -n |
    openssl s_client -servername $CERT_FILE -connect $DOMAIN:443 2>/dev/null |
    sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > "$OUT"
}
function build_cert() {
  CERT_FILE=$1
  CERT_NAME=$2

  CERT_PEM_FILE="/tmp/$(basename $CERT_FILE)"
  openssl x509 -in $CERT_FILE -text -outform PEM -out $CERT_PEM_FILE
  if [[ -z $CERT_NAME ]]; then
    CERT_NAME=$(openssl x509 -noout -subject -in $CERT_FILE | awk -F ' = ' '{print $NF}')
  fi
  CERT_MD5=$(openssl x509 -in $CERT_PEM_FILE -noout -fingerprint -md5)
  CERT_SHA1=$(openssl x509 -in $CERT_PEM_FILE -noout -fingerprint -sha1)
  CERT_SHA256=$(openssl x509 -in $CERT_PEM_FILE -noout -fingerprint -sha256)

  echo $CERT_NAME
  printf '%*s' $(echo -n $CERT_NAME | wc -c) "" | tr ' ' '='
  echo
  echo $CERT_MD5
  echo $CERT_SHA1
  echo $CERT_SHA256
  cat $CERT_PEM_FILE
}

function cert() {
  for var in "$@"; do
    files=$var
    if [[ -d $var ]]; then
      readarray files < <(grep -rlw $var -e '-----BEGIN CERTIFICATE-----')
    elif [[ ! -f $var ]]; then
      files="/tmp/$var.crt"
      fetch_cert $var $files
      build_cert $files "$var"
      echo
      continue
    fi
    for f in "${files[@]}"; do
      build_cert $f
      echo
    done
  done
}

$*
	#!/bin/bash
	# Usage
	# gen_cacert.sh cert /usr/share/ca-certificates/mozilla/ > cacert.pem
	# gen_cacert.sh cert example.com > cacert.pem
	# gen_cacert.sh cert /usr/share/ca-certificates/mozilla/ example.com > cacert.pem

	set -e

	function fetch_cert() {
	DOMAIN=$1
	OUT=${2:-/dev/stdout}
	# Maybe domain
	echo -n \|
	openssl s_client -servername $CERT_FILE -connect $DOMAIN:443 2>/dev/null \|
	sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > "$OUT"
	}
	function build_cert() {
	CERT_FILE=$1
	CERT_NAME=$2

	CERT_PEM_FILE="/tmp/$(basename $CERT_FILE)"
	openssl x509 -in $CERT_FILE -text -outform PEM -out $CERT_PEM_FILE
	if [[ -z $CERT_NAME ]]; then
	CERT_NAME=$(openssl x509 -noout -subject -in $CERT_FILE \| awk -F ' = ' '{print $NF}')
	fi
	CERT_MD5=$(openssl x509 -in $CERT_PEM_FILE -noout -fingerprint -md5)
	CERT_SHA1=$(openssl x509 -in $CERT_PEM_FILE -noout -fingerprint -sha1)
	CERT_SHA256=$(openssl x509 -in $CERT_PEM_FILE -noout -fingerprint -sha256)

	echo $CERT_NAME
	printf '%*s' $(echo -n $CERT_NAME \| wc -c) "" \| tr ' ' '='
	echo
	echo $CERT_MD5
	echo $CERT_SHA1
	echo $CERT_SHA256
	cat $CERT_PEM_FILE
	}

	function cert() {
	for var in "$@"; do
	files=$var
	if [[ -d $var ]]; then
	readarray files < <(grep -rlw $var -e '-----BEGIN CERTIFICATE-----')
	elif [[ ! -f $var ]]; then
	files="/tmp/$var.crt"
	fetch_cert $var $files
	build_cert $files "$var"
	echo
	continue
	fi
	for f in "${files[@]}"; do
	build_cert $f
	echo
	done
	done
	}

	$*