Skip to content

Instantly share code, notes, and snippets.

@evansd
Last active August 29, 2015 14:08
Show Gist options
  • Save evansd/c35c206ab4677b088045 to your computer and use it in GitHub Desktop.
Save evansd/c35c206ab4677b088045 to your computer and use it in GitHub Desktop.
Read a SSL certificate issued by StartSSL and bundle intermediate certificates into it so it works everywhere
#!/bin/bash
set -eo pipefail
cert_file="$1"
if [ -z "$cert_file" ]; then
echo "Usage: create-startssl-cert-bundle CERTIFICATE_FILE" >&2
echo >&2
echo "Bundles StartSSL's intermediate certs and writes combined certificate to stdout" >&2
exit 1
fi
matched_url="$(openssl x509 -in "$cert_file" -noout -text \
| grep --only-matching --extended 'http://aia\.startssl\.com/certs/sub\.class(1|2)\.server\.ca\.crt')"
if [ -z "$matched_url" ]; then
echo "This doesn't look like a StartSSL certificate" >&2
exit 1
fi
cert_url="${matched_url:0:-4}.pem"
# Read only first certificate out of file
sed '/--END CERTIFICATE--/q' "$cert_file"
curl --silent "$cert_url"
curl --silent "http://www.startssl.com/certs/ca.pem"
@david50407
Copy link

OUTPUT: ./create-startssl-cert-bundle.sh: line 22: -4: substring expression < 0

@david50407
Copy link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment