User Tools

Site Tools


howtos:how_do_i_retrieve_a_remote_certificate

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

howtos:how_do_i_retrieve_a_remote_certificate [d/m/Y H:i] (current)
Line 1: Line 1:
 +This script retrieves the certificate of the site you target:
  
 +<​file>​
 +#!/bin/sh
 +#
 +# usage: retrieve-cert.sh remote.host.name [port]
 +#
 +REMHOST=$1
 +REMPORT=${2:​-443}
 +
 +echo |\
 +openssl s_client -connect ${REMHOST}:​${REMPORT} 2>&1 |\
 +sed -ne '/​-BEGIN CERTIFICATE-/,/​-END CERTIFICATE-/​p'​
 +</​file>​
 +
 +This script checks a list of sites for their expire date:
 +
 +<​file>​
 +#!/bin/sh
 +#
 +for CERT in \
 +  www.yourdomain.com:​443 \
 +  ldap.yourdomain.com:​636 \
 +  imap.yourdomain.com:​993 \
 +do
 +  echo |\
 +  openssl s_client -connect ${CERT} 2>/​dev/​null |\
 +  sed -ne '/​-BEGIN CERTIFICATE-/,/​-END CERTIFICATE-/​p'​ |\
 +  openssl x509 -noout -subject -dates
 +done
 +</​file>​
 + 
howtos/how_do_i_retrieve_a_remote_certificate.txt · Last modified: d/m/Y H:i (external edit)