106 lines
2.3 KiB
Bash
106 lines
2.3 KiB
Bash
|
#!/usr/bin/env bash
|
||
|
|
||
|
# DESCRIPTION:
|
||
|
# get certificate info
|
||
|
#
|
||
|
# DEPENDENCIES:
|
||
|
# - openssl
|
||
|
#
|
||
|
# PARAMETERS:
|
||
|
# 1: "hostname:port | /path/to/cert" - certificate location
|
||
|
# -e - print of the expired date timestamp
|
||
|
# -f - print of the fingerprint
|
||
|
# -r - print of the remaining days
|
||
|
#
|
||
|
# FUNCTIONS:
|
||
|
#
|
||
|
#
|
||
|
# VARIABLES:
|
||
|
#
|
||
|
|
||
|
if ! command -v openssl &> /dev/null; then
|
||
|
printf "%s\n" "Not found dependencies"
|
||
|
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
datetime=$(date +%s)
|
||
|
certdest=$1
|
||
|
|
||
|
#
|
||
|
# MAIN:
|
||
|
#
|
||
|
|
||
|
if [ -n "${certdest}" ]; then
|
||
|
certpath="$(printf "%s" "${certdest}" | cut -d':' -f1)"
|
||
|
|
||
|
if [ -f "${certpath}" ]; then
|
||
|
certdata=$(cat "${certpath}")
|
||
|
|
||
|
else
|
||
|
certport="$(printf "%s" "${certdest}" | cut -d':' -f2 -s)"
|
||
|
if [ -z "${certport}" ]; then
|
||
|
certport=443
|
||
|
fi
|
||
|
certdata=$( \
|
||
|
openssl s_client "${certpath}:${certport}" < /dev/null 2>/dev/null \
|
||
|
)
|
||
|
|
||
|
fi
|
||
|
|
||
|
if [ -n "${certdata}" ]; then
|
||
|
expired=$(date -d \
|
||
|
"$(printf "%s" "${certdata}" | \
|
||
|
openssl x509 -noout -enddate | \
|
||
|
cut -d'=' -f2- \
|
||
|
)" \
|
||
|
+%s
|
||
|
)
|
||
|
subject=$(printf "%s" "${certdata}" | \
|
||
|
openssl x509 -noout -subject | \
|
||
|
cut -d'=' -f3- | cut -d' ' -f2- \
|
||
|
)
|
||
|
release=$(printf "%s" "${certdata}" | \
|
||
|
openssl x509 -noout -startdate | \
|
||
|
cut -d'=' -f2- \
|
||
|
)
|
||
|
fingerp=$(printf "%s" "${certdata}" | \
|
||
|
openssl x509 -noout -fingerprint | \
|
||
|
cut -d'=' -f2- \
|
||
|
)
|
||
|
remains=0; remains=$(( expired-datetime )); remains=$(( remains/60/60/24 ))
|
||
|
|
||
|
if [ -z "${2}" ]; then
|
||
|
printf '%s\n' "certpath: ${certpath}"
|
||
|
printf '%s\n' "certport: ${certport}"
|
||
|
printf '%s\n' "fingerprint: ${fingerp}"
|
||
|
printf '%s\n' "subject name: ${subject}"
|
||
|
printf '%s\n' "release date: ${release}"
|
||
|
printf '%s\n' "expired date: ${expired}"
|
||
|
printf '%s\n' "remains days: ${remains}"
|
||
|
elif [ "${2}" == "-e" ];then
|
||
|
printf '%s\n' "${expired}"
|
||
|
elif [ "${2}" == "-f" ];then
|
||
|
printf '%s\n' "${fingerp}"
|
||
|
elif [ "${2}" == "-r" ];then
|
||
|
printf '%s\n' "${remains}"
|
||
|
else
|
||
|
printf '%s\n' "certdata: ${certdata}"
|
||
|
fi
|
||
|
|
||
|
else
|
||
|
printf "%s\n" "Certificate was not loaded"
|
||
|
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
else
|
||
|
printf "%s\n" "Usage example: ${0} 'name.domain.zone'"
|
||
|
printf "%s\n" "Usage example: ${0} 'name.domain.zone:port' -r"
|
||
|
printf "%s\n" "Usage example: ${0} '/path/to/cert' -f"
|
||
|
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
exit 0
|