Outputs lines between (inclusive) -----BEGIN something-----
and -----END something-----
in reverse order. Useful for creation of CA certificates bundles.
Note that start/stop lines must begin with at least one dash and be followed by either BEGIN
or END
, then a space then non-space characters and end the line with at least one dash.
Above format rule will matches usual PEM format items like:
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
[cat file|] ca-bundler.py [file1 [file2 [fileN]]]
Extracts certificates from files in arguments or stdin if none given.
Given SSL/TLS enabled hostname and port fetch certificate(s) with openssl
and pipe them to ca-bundle.py
to output only certificates in reverse order:
openssl s_client -showcerts -connect HOSTNAME:PORT -servername HOSTNAME </dev/null 2>/dev/null | ca-bundler.py > bundle.crt
ca-bundler.py site.crt intermediate.crt root.crt > bundle.crt