SSL 기한 및 체인인증서 조회
#! /bin/sh
DEBUG=0
if [ $DEBUG -gt 0 ]
then
exec 2>>/tmp/my.log
set -x
fi
f=$1
host=$2
port=$3
sni=$4
proto=$5
if [ -z "$sni" ]
then
servername=$host
else
servername=$sni
fi
if [ -n "$proto" ]
then
starttls="-starttls $proto"
fi
case $f in
-d)
end_date=`openssl s_client -servername $servername -host $host -port $port -showcerts $starttls -prexit </dev/null 2>/dev/null |
sed -n '/BEGIN CERTIFICATE/,/END CERT/p' |
openssl x509 -text 2>/dev/null |
sed -n 's/ *Not After : *//p'`
if [ -n "$end_date" ]
then
end_date_seconds=`date '+%s' --date "$end_date"`
now_seconds=`date '+%s'`
echo "($end_date_seconds-$now_seconds)/24/3600" | bc
fi
;;
-i)
issue_dn=`openssl s_client -servername $servername -host $host -port $port -showcerts $starttls -prexit </dev/null 2>/dev/null |
sed -n '/BEGIN CERTIFICATE/,/END CERT/p' |
openssl x509 -text 2>/dev/null |
sed -n 's/ *Issuer: *//p'`
if [ -n "$issue_dn" ]
then
issuer=`echo $issue_dn | sed -n 's/.*CN=*//p'`
echo $issuer
fi
;;
*)
echo "usage: $0 [-i|-d] hostname port sni"
echo " -i Show Issuer"
echo " -d Show valid days remaining"
;;
esac
'OS > CentOS' 카테고리의 다른 글
| DNS Cache 구성하기 (1) | 2023.11.17 |
|---|---|
| ## Goaccess 설치 (0) | 2023.10.20 |
| dnsmasq 설치 후 질의 통계 확인 하기 (0) | 2023.01.16 |
| dnsmasq를 사용하여 DNS 서버 설정하기 (DNS cache) (0) | 2023.01.13 |
| openssl 버전업 (CentOS 7.x에서 openssl 버전업) (0) | 2022.02.22 |