-
Notifications
You must be signed in to change notification settings - Fork 8
/
s_dump_http
executable file
·36 lines (31 loc) · 1.04 KB
/
s_dump_http
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
#! /bin/sh
# s_dump_http (Bourne shell script) -- Connects to an SSL HTTP server and shows info about the X.509 certificate for a given domain
#
# Version: 1.2
# Copyright: (c) 2019 Alastair Irvine <[email protected]>
# Keywords: openssl, SSL, TLS, secure certificate
# Licence: This file is released under the GNU General Public License v2
#
# Uses "Server Name Indication" (SNI)
# Similar to "-nameopt RFC2253" but with semicolons and without dn_rev
OPTS="-nameopt esc_2253,esc_ctrl,esc_msb,utf8,dump_nostr,dump_unknown,dump_der,sep_semi_plus_space,sname"
SELF=$(basename "$0")
if [ "$1" = -P ] ; then
PORT=$2
shift
shift
fi
if [ $# -lt 1 -o $# -gt 3 ] ; then
echo "Usage: $SELF [ -P <port> ] <servername> [ <sitename> ] [ <opts> ]" >&2
exit 1
fi
if [ -z "$SSL_PATH" ] ; then
if [ -d /etc/pki/tls ] ; then
SSL_PATH=/etc/pki/tls
else
SSL_PATH=/etc/ssl
fi
fi
openssl s_client -connect $1:${PORT-443} -servername ${2:-$1} ${3:--no_ssl3} -CApath $SSL_PATH/certs/ < /dev/null |
openssl x509 -text $OPTS -noout |
${PAGER:-less}