porjo/ssl_CN_lookup_by_IP.sh

## ssl_CN_lookup_by_IP.sh
#!/bin/bash
# Given a list of IP addresses (in file 'ips') find what the SSL CN (subject) is for each one.

echo -en "IP\tSSL CN\n"

for i in `cat ips`; do
       echo -en "$i\t"
       out=`timeout 2 bash -c "openssl s_client -showcerts -connect $i:443 < /dev/null 2> /dev/null | openssl x509 -noout -subject 2> /dev/null | grep 'subject=' | sed -rn 's/.*CN=([^ /]+).*/\1/p'"`
       if [ $? -eq 124 ]; then
	       echo "(timeout)"
       elif [ -z $out ]; then
	       echo "(unknown)"
       else
	       echo $out
       fi
done
	#!/bin/bash
	# Given a list of IP addresses (in file 'ips') find what the SSL CN (subject) is for each one.

	echo -en "IP\tSSL CN\n"

	for i in `cat ips`; do
	echo -en "$i\t"
	out=`timeout 2 bash -c "openssl s_client -showcerts -connect $i:443 < /dev/null 2> /dev/null \| openssl x509 -noout -subject 2> /dev/null \| grep 'subject=' \| sed -rn 's/.CN=([^ /]+)./\1/p'"`
	if [ $? -eq 124 ]; then
	echo "(timeout)"
	elif [ -z $out ]; then
	echo "(unknown)"
	else
	echo $out
	fi
	done