Skip to content

Instantly share code, notes, and snippets.

@charles-dyfis-net
Created July 7, 2011 16:26
Show Gist options
  • Save charles-dyfis-net/1069905 to your computer and use it in GitHub Desktop.
Save charles-dyfis-net/1069905 to your computer and use it in GitHub Desktop.
hashing the certificates in a bundle
reading=0
while read; do
if [[ $REPLY = *BEGIN* ]]; then
current_cert=""
reading=1
fi
if (( reading )) ; then
current_cert+="$REPLY"$'\n'
fi
if [[ $REPLY = *END* ]] ; then
reading=0
hash=$(openssl x509 -subject_hash -noout <<<"$current_cert")
issuer_hash=$(openssl x509 -issuer_hash -noout <<<"$current_cert")
openssl x509 -text >"$hash" <<<"$current_cert"
if [[ $hash = "$issuer_hash" ]] ; then
rm -f "${hash}.issuer"
else
ln -sf "$issuer_hash" "${hash}.issuer"
fi
fi
done </etc/pki/tls/certs/ca-bundle.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment