Skip to content
Snippets Groups Projects

Openssl - Affichage de la chaîne de certificat

  • Clone with SSH
  • Clone with HTTPS
  • Embed
  • Share
    The snippet can be accessed without any authentication.
    Authored by erwan.salmon

    Commande SSL permettant de lister la chaîne de certificat transmise par un serveur web.

    Usage :

    • Sans proxy
      • sslchain-check.sh host:port
      • Exemple : sslchain-check.sh www.w3.org:443
    • Avec proxy
      • sslchain-check.sh host:port proxyHost:proxyPort
      • Exemple : sslchain-check.sh www.w3.org:443 mon-proxy:3128
    Edited
    sslchain-check.sh 571 B
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21 
    #!/bin/sh

usage() {
  echo "$0 host:port (proxyHost:proxyPort)"
}

# Le serveur à tester, supprimer le protocol si présent
DESTINATION="${1#*//}"
[ -z "$DESTINATION" ] && usage && exit 1

# Le proxy éventuel, supprimer le protocol si présent
PROXY="$2"
if [ -n "$PROXY" ]; then
   PROXY_OPTS="-proxy ${PROXY#*//}"
   # Bug openssl https://github.com/openssl/openssl/issues/17232
   SNI_OPTS="-servername ${DESTINATION%:*}"
fi

# Connection à la destination
SERVERNAME="-servername"
openssl s_client -showcerts $PROXY_OPTS $SNI_OPTS -connect $DESTINATION </dev/null
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Finish editing this message first!
    Please register or to comment