File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ sk-ssl-pem-to-raw (){
2+ sk_help_noarg " Usage: $FUNCNAME <pem cert file>. Strip raw cert from a pem file and output it" " $@ " && return
3+ local certfile=${1:- wibble.pem}
4+ awk ' !/-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----/{printf "%s", $0}' " $certfile "
5+ }
6+
7+ sk-ssl-sig () {
8+ sk_help_noarg " Usage: $FUNCNAME x509cert. Generate fingerprint" " $@ " && return
9+ echo_log_run_logoutput openssl x509 -in ${1} * -fingerprint -noout
10+ }
11+
12+ sk-ssl-ca-list (){
13+ sk_help " Usage: $FUNCNAME </etc/ssl/certs/ca-certificates.crt> List all the subject names of the system wide ca store" " $@ " && return
14+ awk -v cmd=' openssl x509 -noout -subject' '
15+ /BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt
16+ }
17+
18+ sk-ssl-text () {
19+ sk_help_noarg " Usage: $FUNCNAME x509cert (parse x509 certificate and output text format)" " $@ " && return
20+ echo_log_run_logoutput openssl x509 -in ${1} * -text
21+ }
22+
23+ sk-ssl-cipher () {
24+ sk_help_noarg " Usage: $FUNCNAME <server> <port>. Find what ciphers a remote server uses" " $@ " && return
25+ local server=${1:- google.com}
26+ local port=${2:- 443}
27+ for v in ssl2 ssl3 tls1 tls1_1 tls1_2; do
28+ for c in $( openssl ciphers ' ALL:eNULL' | tr ' :' ' ' ) ; do
29+ openssl s_client -connect $server :$port \
30+ -cipher $c -$v < /dev/null > /dev/null 2>&1 && echo -e " $v :\t$c "
31+ done
32+ done
33+ }
34+
You can’t perform that action at this time.
0 commit comments