blob: f043fb16e8a29537ee83ee529a8db7b12384481d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
#!/bin/bash
#
# SSL wrapper scripts
#
# This code is licensed under a Creative Commons License.
# http://creativecommons.org/licenses/by-nc-sa/3.0/
#
#
# show usage
#
function usage {
echo "SSL wrapper scripts"
echo "Based on http://www.madboa.com/geek/openssl/"
}
#
# usage: ssl retrieve remote.host.name [port]
# ssl retrieve remote.host.name [port] -starttls smtp
#
function retrieve {
REMHOST=$1
REMPORT=${2:-443}
shift 2
OPTS="$*"
echo | \
openssl s_client -connect ${REMHOST}:${REMPORT} $OPTS 2>&1 | \
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
}
#
# usage: fingerprint cert
#
function fingerprint {
openssl x509 -noout -in $1 -fingerprint
openssl x509 -noout -in $1 -fingerprint -md5
openssl x509 -noout -in $1 -fingerprint -sha256
}
# Parse option
COMMAND="$1"
shift
if [ "$COMMAND" == "retrieve" ]; then
retrieve $*
elif [ "$COMMAND" == "info" ]; then
openssl x509 -noout -in $1 -text
elif [ "$COMMAND" == "verify" ]; then
openssl verify $*
elif [ "$COMMAND" == "fingerprint" ] || [ "$COMMAND" == "finger" ]; then
fingerprint $*
else
usage
fi
|