Skip to content

Instantly share code, notes, and snippets.

@sanmai sanmai/dumpchain.pl
Last active Jul 20, 2018

Embed
What would you like to do?
Dumps the whole certificate chain for a server in purposes of OCSP stapling
#!/usr/bin/perl
use strict;
use warnings;
# install libio-socket-ssl-perl to get this
use IO::Socket::SSL;
my $hostname = shift or die "Usage: $0 www.example.com\n";
IO::Socket::SSL->new(
PeerHost => "$hostname:443",
SSL_verify_callback => sub {
my $cert = $_[4];
my $subject = Net::SSLeay::X509_NAME_oneline(Net::SSLeay::X509_get_subject_name($cert));
print "# $subject\n";
print Net::SSLeay::PEM_get_string_X509($cert),"\n";
return 1;
}
) or die $SSL_ERROR||$!;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.