Skip to content

Instantly share code, notes, and snippets.

@Synchro
Forked from aeris/hpkp-tlsa.sh
Last active Sep 12, 2016
Embed
What would you like to do?
Generate HPKP or TLSA fingerprint
#!/bin/bash
# Uses pkey instead of rsa so it also works with ecc certs
case "$1" in
hpkp)
case "$2" in
key)
openssl pkey -in "$3" -outform der -pubout 2>/dev/null | openssl dgst -sha256 -binary | openssl enc -base64
;;
csr)
openssl req -in "$3" -pubkey -noout | openssl pkey -pubin -outform der 2>/dev/null | openssl dgst -sha256 -binary | openssl enc -base64
;;
crt)
openssl x509 -in "$3" -pubkey -noout | openssl pkey -pubin -outform der 2>/dev/null | openssl dgst -sha256 -binary | openssl enc -base64
;;
esac
;;
tlsa)
case "$2" in
key)
openssl pkey -in "$3" -outform der -pubout 2>/dev/null | openssl dgst -sha512 -hex
;;
csr)
openssl req -in "$3" -pubkey -noout | openssl pkey -pubin -outform der 2>/dev/null | openssl dgst -sha512 -hex
;;
crt)
openssl x509 -in "$3" -pubkey -noout | openssl pkey -pubin -outform der 2>/dev/null | openssl dgst -sha512 -hex
;;
esac
;;
esac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment