Skip to content

Instantly share code, notes, and snippets.

@afresh1
Last active Sep 22, 2016
Embed
What would you like to do?
This script replaces the c_rehash perl script from openssl, at least the main functionality of it. From http://man.openbsd.org/SSL_CTX_load_verify_locations
#!/bin/sh
# replaces the c_rehash perl script from openssl.
# by afresh1
rm -f *.[0-9]* *.r[0-9]*
for c in *.pem; do
[ "$c" = "*.pem" ] && continue
hash=$(openssl x509 -noout -hash -in "$c")
if egrep -q -- '-BEGIN( X509 | TRUSTED | )CERTIFICATE-' "$c"; then
suf=0
while [ -e $hash.$suf ]; do suf=$(( $suf + 1 )); done
ln -s "$c" $hash.$suf
fi
if egrep -q -- '-BEGIN X509 CRL-' "$c"; then
suf=0
while [ -e $hash.r$suf ]; do suf=$(( $suf + 1 )); done
ln -s "$c" $hash.r$suf
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment