-
-
Save 7error/42fd46f8789bfd749968afa518b6212c to your computer and use it in GitHub Desktop.
Revisions
-
WimObiwan revised this gist
Jul 17, 2018 . No changes.There are no files selected for viewing
-
Jul 17, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,81 @@ #!/bin/bash function test-ssl { # $1: descr # $2: server:port # $3: (optional) StartTLS indicator: [pop3|smtp] echo "(certificate" echo "-\\n" echo "(type" echo "-$1" echo ")type" echo "(server" echo "-$2" echo ")server" if [[ -z $3 ]]; then local CERT=`echo | openssl s_client -connect $2 -servername $2 2>/tmp/run-xml.err` else local CERT=`echo | openssl s_client -connect $2 -servername $2 -starttls $3 2>/tmp/run-xml.err` fi if [[ "$CERT" =~ '-----BEGIN CERTIFICATE-----' ]]; then local OPENSSL=`echo "$CERT" | openssl x509 -noout -issuer -dates -subject` else echo "Certificate load failed for $2 ($3)" >&2 cat /tmp/run-xml.err >&2 fi local NOTBEFORE=`echo "$OPENSSL" | grep 'notBefore' | sed "s/^notBefore=\(.*\)$/\1/g"` local NOTAFTER=`echo "$OPENSSL" | grep 'notAfter' | sed "s/^notAfter=\(.*\)$/\1/g"` local NOTAFTER_SEC=`date -d "$NOTAFTER" +%s` local NOW_SEC=`date +%s` local DIFF_SEC=$(($NOTAFTER_SEC-$NOW_SEC)) local ISSUER=`echo "$OPENSSL" | grep "issuer" | sed "s/^issuer=\(.*\)$/\1/g"` local SUBJECT=`echo "$OPENSSL" | grep "subject" | sed "s/^subject=\(.*\)$/\1/g"` echo "(notbefore" echo "-$NOTBEFORE" echo ")notbefore" echo "(notafter" echo "-$NOTAFTER" echo ")notafter" echo "(notafter_sec" echo "-$DIFF_SEC" echo ")notafter_sec" echo "(issuer" echo "-$ISSUER" echo ")issuer" echo "(subject" echo "-$SUBJECT" echo ")subject" echo "-\\n" echo ")certificate" } echo "(certificates" echo "-\\n" test-ssl 'SMTP transfer' mail.foxinnovations.be:995 test-ssl 'SMTP submission' mail.foxinnovations.be:587 smtp test-ssl 'POP3' mail.foxinnovations.be:110 pop3 test-ssl 'HTTPS' filmoptv.be:443 test-ssl 'HTTPS' www.filmoptv.be:443 test-ssl 'HTTPS' mon.foxinnovations.be:443 for f in /etc/letsencrypt/live/*; do test-ssl 'HTTPS' "$(basename $f):443" done echo "-\\n" echo ")certificates"