From f65c459b51bd1a1e4453a89512508de74f52e5b1 Mon Sep 17 00:00:00 2001
From: Aaron LI <aaronly.me@gmail.com>
Date: Wed, 3 Feb 2016 14:24:07 +0800
Subject: Add _bin/get_cert.sh; Update README.md

---
 _bin/get_cert.sh | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100755 _bin/get_cert.sh

(limited to '_bin')

diff --git a/_bin/get_cert.sh b/_bin/get_cert.sh
new file mode 100755
index 0000000..3cf44d1
--- /dev/null
+++ b/_bin/get_cert.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+#
+# Get the certificate of a server
+#
+# Reference:
+# [1] ArchWiki - Isync
+#     https://wiki.archlinux.org/index.php/Isync
+#
+# Aaron LI
+# Created: 2016-01-30
+#
+
+if [ $# -ne 1 ] && [ $# -ne 2 ]; then
+    echo "Usage:"
+    echo "    `basename $0` <host>:<port> [ output.pem ]"
+    exit 1
+fi
+
+SERVER="$1"
+HOST=`echo "${SERVER}" | cut -d':' -f1`
+PORT=`echo "${SERVER}" | cut -d':' -f2`
+PEM="$2"
+[ -z "${PEM}" ] && PEM="${HOST}.pem"
+
+openssl s_client -connect ${HOST}:${PORT} -showcerts 2>&1 < /dev/null | \
+    sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | \
+    sed -ne '1,/-END CERTIFICATE-/p' > ${PEM}
+
+FINGERPRINT=`openssl x509 -noout -in ${PEM} -fingerprint -sha1 | cut -d'=' -f2`
+FINGERPRINT2=`echo "${FINGERPRINT}" | tr -d ':' | tr '[[:upper:]]' '[[:lower:]]'`
+
+NOT_BEFORE=`openssl x509 -noout -in ${PEM} -dates | grep 'notBefore' | cut -d'=' -f2`
+NOT_AFTER=`openssl x509 -noout -in ${PEM} -dates | grep 'notAfter' | cut -d'=' -f2`
+
+echo "Fingerprint_SHA1: ${FINGERPRINT} / ${FINGERPRINT2}"
+echo "Validity: ${NOT_BEFORE} - ${NOT_AFTER}"
+echo "Certificate save to file: ${PEM}"
+echo "Place the certificate to a cert directory, and rehash with 'c_rehash'"
+
-- 
cgit v1.2.2