added cert-info.sh
This commit is contained in:
parent
d53b26517f
commit
722ee8dec0
31
README.md
31
README.md
|
|
@ -3,6 +3,7 @@
|
||||||
Small tools needed to solve immediate tasks independently or as part of a project
|
Small tools needed to solve immediate tasks independently or as part of a project
|
||||||
|
|
||||||
* [`build-python`.sh](https://git.hmp.today/pavel.muhortov/utils#build-python-sh)
|
* [`build-python`.sh](https://git.hmp.today/pavel.muhortov/utils#build-python-sh)
|
||||||
|
* [`cert-info`.sh](https://git.hmp.today/pavel.muhortov/utils#cert-info-sh)
|
||||||
* [`sendmail`.py](https://git.hmp.today/pavel.muhortov/utils#sendmail-py)
|
* [`sendmail`.py](https://git.hmp.today/pavel.muhortov/utils#sendmail-py)
|
||||||
* [`simplewc`.py](https://git.hmp.today/pavel.muhortov/utils#simplewc-py)
|
* [`simplewc`.py](https://git.hmp.today/pavel.muhortov/utils#simplewc-py)
|
||||||
|
|
||||||
|
|
@ -39,6 +40,36 @@ sudo su - -c "bash <(curl -s https://git.hmp.today/pavel.muhortov/utils/raw/bran
|
||||||
|
|
||||||
____
|
____
|
||||||
|
|
||||||
|
## `cert-info`.sh
|
||||||
|
|
||||||
|
**Description:**
|
||||||
|
> Get certificate info.
|
||||||
|
|
||||||
|
**Dependencies:**
|
||||||
|
>
|
||||||
|
> * [bash](https://www.gnu.org/software/bash/) (tested versions: 4.2.46 on [CentOS 7](https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7.2009))
|
||||||
|
> * [openssl](https://www.openssl.org/) (tested version 1.0.2k on [CentOS 7](https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7.2009))
|
||||||
|
|
||||||
|
| POSITION | PARAMETERS | DESCRIPTION | DEFAULT |
|
||||||
|
|-----------|--------------|------------------------|---------------|
|
||||||
|
| 1 |**[hostname:port \| /path/to/cert]**|certificate location||
|
||||||
|
| 2 |**[-e]**|print of the expired date timestamp||
|
||||||
|
| 2 |**[-f]**|print of the fingerprint||
|
||||||
|
| 2 |**[-r]**|print of the remaining days||
|
||||||
|
|
||||||
|
Example usage in terminal with make the script executable:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# download
|
||||||
|
sudo wget https://git.hmp.today/pavel.muhortov/utils/raw/branch/master/cert-info.sh -O /usr/local/bin/cert-info.sh
|
||||||
|
sudo chmod +x /usr/local/bin/cert-info.sh
|
||||||
|
# check cert
|
||||||
|
cert-info.sh www.hmp.today
|
||||||
|
cert-info.sh /etc/ssl/certs/ca-certificates.crt
|
||||||
|
```
|
||||||
|
|
||||||
|
____
|
||||||
|
|
||||||
## `sendmail`.py
|
## `sendmail`.py
|
||||||
|
|
||||||
**Description:**
|
**Description:**
|
||||||
|
|
|
||||||
105
cert-info.sh
Normal file
105
cert-info.sh
Normal file
|
|
@ -0,0 +1,105 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# DESCRIPTION:
|
||||||
|
# get certificate info
|
||||||
|
#
|
||||||
|
# DEPENDENCIES:
|
||||||
|
# - openssl
|
||||||
|
#
|
||||||
|
# PARAMETERS:
|
||||||
|
# 1: "hostname:port | /path/to/cert" - certificate location
|
||||||
|
# -e - print of the expired date timestamp
|
||||||
|
# -f - print of the fingerprint
|
||||||
|
# -r - print of the remaining days
|
||||||
|
#
|
||||||
|
# FUNCTIONS:
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# VARIABLES:
|
||||||
|
#
|
||||||
|
|
||||||
|
if ! command -v openssl &> /dev/null; then
|
||||||
|
printf "%s\n" "Not found dependencies"
|
||||||
|
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
datetime=$(date +%s)
|
||||||
|
certdest=$1
|
||||||
|
|
||||||
|
#
|
||||||
|
# MAIN:
|
||||||
|
#
|
||||||
|
|
||||||
|
if [ -n "${certdest}" ]; then
|
||||||
|
certpath="$(printf "%s" "${certdest}" | cut -d':' -f1)"
|
||||||
|
|
||||||
|
if [ -f "${certpath}" ]; then
|
||||||
|
certdata=$(cat "${certpath}")
|
||||||
|
|
||||||
|
else
|
||||||
|
certport="$(printf "%s" "${certdest}" | cut -d':' -f2 -s)"
|
||||||
|
if [ -z "${certport}" ]; then
|
||||||
|
certport=443
|
||||||
|
fi
|
||||||
|
certdata=$( \
|
||||||
|
openssl s_client "${certpath}:${certport}" < /dev/null 2>/dev/null \
|
||||||
|
)
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "${certdata}" ]; then
|
||||||
|
expired=$(date -d \
|
||||||
|
"$(printf "%s" "${certdata}" | \
|
||||||
|
openssl x509 -noout -enddate | \
|
||||||
|
cut -d'=' -f2- \
|
||||||
|
)" \
|
||||||
|
+%s
|
||||||
|
)
|
||||||
|
subject=$(printf "%s" "${certdata}" | \
|
||||||
|
openssl x509 -noout -subject | \
|
||||||
|
cut -d'=' -f3- | cut -d' ' -f2- \
|
||||||
|
)
|
||||||
|
release=$(printf "%s" "${certdata}" | \
|
||||||
|
openssl x509 -noout -startdate | \
|
||||||
|
cut -d'=' -f2- \
|
||||||
|
)
|
||||||
|
fingerp=$(printf "%s" "${certdata}" | \
|
||||||
|
openssl x509 -noout -fingerprint | \
|
||||||
|
cut -d'=' -f2- \
|
||||||
|
)
|
||||||
|
remains=0; remains=$(( expired-datetime )); remains=$(( remains/60/60/24 ))
|
||||||
|
|
||||||
|
if [ -z "${2}" ]; then
|
||||||
|
printf '%s\n' "certpath: ${certpath}"
|
||||||
|
printf '%s\n' "certport: ${certport}"
|
||||||
|
printf '%s\n' "fingerprint: ${fingerp}"
|
||||||
|
printf '%s\n' "subject name: ${subject}"
|
||||||
|
printf '%s\n' "release date: ${release}"
|
||||||
|
printf '%s\n' "expired date: ${expired}"
|
||||||
|
printf '%s\n' "remains days: ${remains}"
|
||||||
|
elif [ "${2}" == "-e" ];then
|
||||||
|
printf '%s\n' "${expired}"
|
||||||
|
elif [ "${2}" == "-f" ];then
|
||||||
|
printf '%s\n' "${fingerp}"
|
||||||
|
elif [ "${2}" == "-r" ];then
|
||||||
|
printf '%s\n' "${remains}"
|
||||||
|
else
|
||||||
|
printf '%s\n' "certdata: ${certdata}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
else
|
||||||
|
printf "%s\n" "Certificate was not loaded"
|
||||||
|
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
else
|
||||||
|
printf "%s\n" "Usage example: ${0} 'name.domain.zone'"
|
||||||
|
printf "%s\n" "Usage example: ${0} 'name.domain.zone:port' -r"
|
||||||
|
printf "%s\n" "Usage example: ${0} '/path/to/cert' -f"
|
||||||
|
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
exit 0
|
||||||
Loading…
Reference in New Issue
Block a user