Created
December 20, 2014 19:51
-
-
Save JasperWallace/5459247f389dd3a3b581 to your computer and use it in GitHub Desktop.
script to check ssl certs against startcom ocsp thingy.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# | |
# startcom / startssl ocsp check for class 1 certs | |
# | |
if [ ! -e sub.class1.server.ca.pem ] ; then | |
wget https://www.startssl.com/certs/sub.class1.server.ca.pem | |
fi | |
if [ ! -e ca-bundle.pem ] ; then | |
wget https://www.startssl.com/certs/ca-bundle.pem | |
fi | |
for c in *.cert ; do | |
if [ ! -z ${c} ] ; then | |
openssl ocsp -no_nonce -url http://ocsp.startssl.com/sub/class1/server/ca \ | |
-issuer sub.class1.server.ca.pem \ | |
-header "HOST" "ocsp.startssl.com" -CAfile ca-bundle.pem -VAfile ca-bundle.pem -cert ${c} | |
fi | |
done | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment