korc/find-certs.sh

## find-certs.sh
#!/bin/sh

remote="$1"

test -d "$2" || {
  echo "Usage: ${0##*/} <host:port> <cert_dirs..>" >&2
  exit 1
}
shift

set -e

fplist="$(mktemp)"
on_exit() { rm -f "$fplist"; }
trap on_exit EXIT
gnutls-cli --print-cert $remote </dev/null | certtool -i  | sed -E -n -e '/sha256:/{s/.*://;p}' -e '/Issuer: /{s/.*:/Subject:/;p}' >"$fplist"

fplist="$fplist" find "$@" \( -name '*.crt' -o -name '*.pem' \) -exec sh -c 'for crt;do grep -q "BEGIN CERTIFICATE" "$crt" || continue; certtool -i <"$crt" | grep -Fqf "$fplist" && echo "$crt";done' a {} +
	#!/bin/sh

	remote="$1"

	test -d "$2" \|\| {
	echo "Usage: ${0##*/} <host:port> <cert_dirs..>" >&2
	exit 1
	}
	shift

	set -e

	fplist="$(mktemp)"
	on_exit() { rm -f "$fplist"; }
	trap on_exit EXIT
	gnutls-cli --print-cert $remote </dev/null \| certtool -i \| sed -E -n -e '/sha256:/{s/.://;p}' -e '/Issuer: /{s/.:/Subject:/;p}' >"$fplist"

	fplist="$fplist" find "$@" \( -name '.crt' -o -name '.pem' \) -exec sh -c 'for crt;do grep -q "BEGIN CERTIFICATE" "$crt" \|\| continue; certtool -i <"$crt" \| grep -Fqf "$fplist" && echo "$crt";done' a {} +