retrieves the SSL certificate from a remote server

showcert.sh

#!/bin/bash

VERSTRING="showcert/v0.2a"
OPENSSL="openssl"

VERBOSE=0
HOST=""
PORT=""
SNI=""

function print_usage () {
cat <<EOF
Usage: showcert [opts] [host port]
	-H|--host: hostname or address
	-p|--port: host port
	--sni: hostname for Server Name Indication
	-V|--verbose: show all output
	-v|--version: 
	-h|--help: print this help
EOF
}

function is_int () {
	[[ $1 =~ ^-?[0-9]+$ ]]
}

function set_port () {
	if is_int "$1"; then
		PORT="$1"
	else
		printf "[showcert] Error: '%s' is not a valid port number\n" >&2
		exit -1
	fi
}

while [[ -n "$1" ]]; do
	case "$1" in
		-V|--verbose)
			VERBOSE=$((! VERBOSE));;
		-v|--version)
			echo "$VERSTRING"
			exit 0
			;;
		-h|--help|-u|--usage)
			print_usage
			exit 0
			;;
		-H|--host)
			HOST="$2"
			shift
			;;
		--sni)
			SNI="-servername $2"
			shift
			;;
		-p|--port)
			set_port "$2"
			shift
			;;
		*)
			if [[ -z "$HOST" ]]; then
				HOST="$1"
			elif [[ -z "$PORT" ]]; then
				set_port "$1"
			else
				print_usage
				exit -1
			fi
			;;
	esac
	
	shift
done

if ((! VERBOSE)); then
	exec 2>/dev/null
fi

printf "[showcert] Host: %s\n" "$HOST" >&2
printf "[showcert] Port: %d\n" $PORT >&2
printf "[showcert] Verbose: %d\n" $VERBOSE >&2

${OPENSSL} s_client -connect "$HOST":"$PORT" ${SNI} -showcerts </dev/null |
(
	if ((VERBOSE)); then
		cat
	else
		openssl x509 -outform PEM
	fi
)

#todo: pipestatus error report