Skip to content

Instantly share code, notes, and snippets.

@JasperWallace
Created December 20, 2014 19:51
Show Gist options
  • Save JasperWallace/5459247f389dd3a3b581 to your computer and use it in GitHub Desktop.
Save JasperWallace/5459247f389dd3a3b581 to your computer and use it in GitHub Desktop.
script to check ssl certs against startcom ocsp thingy.
#!/bin/sh
#
# startcom / startssl ocsp check for class 1 certs
#
if [ ! -e sub.class1.server.ca.pem ] ; then
wget https://www.startssl.com/certs/sub.class1.server.ca.pem
fi
if [ ! -e ca-bundle.pem ] ; then
wget https://www.startssl.com/certs/ca-bundle.pem
fi
for c in *.cert ; do
if [ ! -z ${c} ] ; then
openssl ocsp -no_nonce -url http://ocsp.startssl.com/sub/class1/server/ca \
-issuer sub.class1.server.ca.pem \
-header "HOST" "ocsp.startssl.com" -CAfile ca-bundle.pem -VAfile ca-bundle.pem -cert ${c}
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment