Skip to content

Instantly share code, notes, and snippets.

@str8edgedave

str8edgedave/Rucksack_Recipes.md

Last active February 11, 2022 18:54
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save str8edgedave/f90c08c522c60a8f3dbf2fa8eb40491d to your computer and use it in GitHub Desktop.
Save str8edgedave/f90c08c522c60a8f3dbf2fa8eb40491d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Rucksack_Recipes.md

rucksack recipes

Commandlets/snippets for https://github.com/acritelli/rucksack.

check-ssl-info

Check remote certificate information, including issuer, subject, SAN DNS entries and validity dates.

  • requires openssl (tested with OpenSSL 1.1.1l FIPS 24 Aug 2021)
check-ssl-info:
  command: 'echo | openssl s_client -no_ign_eof -servername {{ server_name }} -connect {{ server_name }}:443 2>/dev/null | openssl x509 -noout -text -dates| grep -e Issuer: -e notBefore -e notAfter -e Subject: -e DNS: | sed "s/^ *//g; s/ DNS:/ /g; s/DNS:/DNS: /; s/\(not.*\)=/\1: /"'
  args:
    - server_name:
        mandatory: True
        default: github.com
        values:
          - google.com
          - redhat.com
          - ubuntu.com

output:

localhost> check-ssl-info server_name redhat.com
Attempting to run echo | openssl s_client -no_ign_eof -servername redhat.com -connect redhat.com:443 2>/dev/null | openssl x509 -noout -text -dates| grep -e Issuer: -e notBefore -e notAfter -e Subject: -e DNS: | sed "s/^ *//g; s/ DNS:/ /g; s/DNS:/DNS: /; s/\(not.*\)=/\1: /"
Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
Subject: C = US, ST = North Carolina, L = Raleigh, O = "Red Hat, Inc.", CN = *.redhat.com
DNS: *.redhat.com, redhat.com
notBefore: Jul 21 00:00:00 2021 GMT
notAfter: Aug 19 23:59:59 2022 GMT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment