Skip to content

Instantly share code, notes, and snippets.

@hnakamur

hnakamur/show-cert-info-file.sh

Created April 14, 2022 00:16
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save hnakamur/2021a1a42c9d449517240ba2a185cf53 to your computer and use it in GitHub Desktop.
Save hnakamur/2021a1a42c9d449517240ba2a185cf53 to your computer and use it in GitHub Desktop.
Download ZIP
Print dates, subject, issuer, and SANs in a server certificate and intermediate certificates at a server or in a file.
Raw
show-cert-info-file.sh
#!/bin/bash
if [ $# -ne 1 ]; then
>&2 echo "Usage: $0 /path/to/cert_file"
exit 1
fi
cert_file="$1"
certs=$(cat $cert_file)
count=$(echo "$certs" | grep -c '^-----BEGIN CERTIFICATE-----')
i=1
while [ $i -le $count ]; do
echo === cert $i ===
echo "$certs" | awk '/^-----BEGIN CERTIFICATE-----/ {cert_id++}
/^-----BEGIN CERTIFICATE-----/,/^-----END CERTIFICATE-----/ {if (cert_id==target_cert_id) print}' target_cert_id=$i \
| openssl x509 -dates -subject -subject_hash -ext subjectAltName -issuer -issuer_hash -noout
i=$(( $i + 1 ))
done
Raw
show-cert-info-server.sh
#!/bin/bash
if [ $# -ne 1 ]; then
>&2 echo "Usage: $0 server_fqdn"
exit 1
fi
server_fqdn="$1"
certs=$(echo | openssl s_client -connect $server_fqdn:443 -showcerts 2> /dev/null)
count=$(echo "$certs" | grep -c '^-----BEGIN CERTIFICATE-----')
i=1
while [ $i -le $count ]; do
echo === cert $i ===
echo "$certs" | awk '/^-----BEGIN CERTIFICATE-----/ {cert_id++}
/^-----BEGIN CERTIFICATE-----/,/^-----END CERTIFICATE-----/ {if (cert_id==target_cert_id) print}' target_cert_id=$i \
| openssl x509 -dates -subject -subject_hash -ext subjectAltName -issuer -issuer_hash -noout
i=$(( $i + 1 ))
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment