From 12bb9dac8ee7f4bcdf3e74fcbc0455a04be0211f Mon Sep 17 00:00:00 2001 From: Mathias Bynens Date: Fri, 8 Mar 2013 13:56:24 +0100 Subject: .functions: Add `getcertnames` This function shows all the names (CNs and SANs) listed in the SSL certificate for a given domain. As always, improvements and other feedback is welcome! --- .functions | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/.functions b/.functions index db887fa..d3ae860 100644 --- a/.functions +++ b/.functions @@ -118,6 +118,40 @@ function codepoint() { echo # newline } +# Show all the names (CNs and SANs) listed in the SSL certificate +# for a given domain +function getcertnames() { + if [ -z "${1}" ]; then + echo "ERROR: No domain specified." + return 1 + fi + + domain="${1}" + echo "Testing ${domain}…" + echo # newline + + tmp=$(echo -e "GET / HTTP/1.0\nEOT" \ + | openssl s_client -connect "${domain}:443" 2>&1); + + if [[ "${tmp}" = *"-----BEGIN CERTIFICATE-----"* ]]; then + certText=$(echo "${tmp}" \ + | openssl x509 -text -certopt "no_header, no_serial, no_version, \ + no_signame, no_validity, no_issuer, no_pubkey, no_sigdump, no_aux"); + echo "Common Name:" + echo # newline + echo "${certText}" | grep "Subject:" | sed -e "s/^.*CN=//"; + echo # newline + echo "Subject Alternative Name(s):" + echo # newline + echo "${certText}" | grep -A 1 "Subject Alternative Name:" \ + | head -2 | tail -1 | sed "s/DNS://g" | sed "s/ //g" | tr "," "\n" + return 0 + else + echo "ERROR: Certificate not found."; + return 1 + fi +} + # Add note to Notes.app (OS X 10.8) # Usage: `note 'foo'` or `echo 'foo' | note` function note() { -- cgit v1.2.3