shell script to retrieve ssl certificate by using openssl s_client

 shell script to retrieve ssl certificate by using openssl client


#!/bin/bash

# Function to retrieve certificate for a given hostname and port

function get_cert {

  HOSTNAME="$1"

  PORT="$2"

  # Retrieve the certificate and extract the end-entity certificate

  CERT=$(echo | openssl s_client -showcerts -servername "$HOSTNAME" -connect "$HOSTNAME":"$PORT" 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sed -n '1,/END CERTIFICATE/p')


  # Save the certificate in PEM format to a file

  echo "$CERT" > site_cert.pem

  echo "Certificate for $HOSTNAME:$PORT saved to site_cert.pem"

}


# Array of sites and corresponding ports

SITES=(

  "example.com:443"

  "google.com:443"

  "yahoo.com:443"

  "github.com:443"

  "reddit.com:443"

  "twitter.com:443"

  "linkedin.com:443"

  "stackoverflow.com:443"

)


# Print the list of sites as options

printf "Select one or more options by number:\n"

for i in "${!SITES[@]}"; do

  printf "%s) %s\n" "$((i+1))" "${SITES[$i]}"

done


# Prompt the user to enter options

printf "Enter one or more options (e.g. 1 3 5): "

read OPTIONS


# Loop through the options and call get_cert for each corresponding hostname and port

for OPT in $OPTIONS; do

  INDEX=$(( $OPT - 1 ))

  if [ $INDEX -ge 0 ] && [ $INDEX -lt ${#SITES[@]} ]; then

    HOSTNAME=$(echo "${SITES[$INDEX]}" | cut -d':' -f1)

    PORT=$(echo "${SITES[$INDEX]}" | cut -d':' -f2)

    get_cert "$HOSTNAME" "$PORT"

  else

    printf "Invalid option: %s\n" "$OPT"

  fi

done


Comments

Post a Comment

Popular posts from this blog

Shell script to find out aliases and their expiration in cacerts

  #!/bin/bash # Set the path to the Java installation directory JAVA_HOME="/opt/java" # Set the password for the keystore KEYSTORE_PASS="keystore_password" # List all aliases in the keystore ALIASES=$(keytool -list -v -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass $KEYSTORE_PASS | grep "Alias name:" | awk '{print $3}') # Loop through the aliases and get the expiration date for each certificate for ALIAS in $ALIASES; do     # Get the expiration date in human-readable format     EXP_DATE=$(keytool -list -v -alias $ALIAS -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass $KEYSTORE_PASS | grep "Valid from" | awk '{print $3 " " $4 " " $7 " " $6}')     # Print the alias name and expiration date     echo "Alias Name: $ALIAS"     echo "Expiration Date: $EXP_DATE"     echo "" done Replace "/path/to/java" with the path to your Java installation directory, ...
Read more

shell script to scp multiple file to multiple destinations

  #!/bin/bash # Prompt the user for the name of the file to transfer using printf and read commands printf "Enter the name of the file to transfer: " read filename # Prompt the user for the IP addresses to transfer the files to using printf and read commands printf "Enter the IP addresses to transfer the file(s) to (separated by spaces): " read -a ips # Define the username to use for the SCP transfer username="user" # Loop through the array of IP addresses and transfer the file to each one for ip in "${ips[@]}" do     # Use printf to display a message before transferring each file     printf "Transferring %s to %s...\n" "$filename" "$ip"         # Use scp to transfer the file to the current IP address     scp "$filename" "${username}@${ip}:~/" done # Use printf to display a summary message when the transfers are complete printf "Transferred %s to %d IP addresses.\n" "$filename"...
Read more

How to resolve port conflict in websphere

 To resolve port conflicts in WebSphere Application Server on Linux, you can follow the below steps: Determine the port that is in conflict: a. Login in server b. Run the command: ./netstat -an | grep <port> where <port> is the port number that is in conflict. Identify the process that is using the port: a. Run the command: ps -ef | grep <PID> where <PID> is the Process ID (PID) of the process that is using the port. Stop the process that is using the port: a. Use the kill command to stop the process: kill -9 <PID> where <PID> is the Process ID of the process that is using the port. b. Change port in serverindex.xml file if required  c.Stop node and sync with dmgr then start node Restart the WebSphere Application Server: a. Go to the WebSphere installation directory: cd /opt/IBM/WebSphere/AppServer/bin b. Run the command: ./stopServer.sh <server_name> where <server_name> is the name of the server that you modified the port number...
Read more