scripts/gmo-pki
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gmo-pki/info-cert.sh
Gilles Mouchet dea7deead6 first commit
2026-04-10 15:53:11 +02:00

123 lines
4.0 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
#############################################################
# Script name: template.sh
# Author: Gilles Mouchet (gilles.mouchet@gmail.com
# Version: v1beta 2026-04-05
# Description: Script template linux
# License: CC BY-NC 4.0 (https://creativecommons.org/licenses/by-nc/4.0/)
#
# This script is provided "as is", WITHOUT ANY WARRANTY OF ANY KIND.
# Commercial use is strictly prohibited without prior authorization.
#
# Changelog
# [1.0.0] - 2026-04-05
# Project initialization
# - initialization by gilles.mouchet@gmail.com
#
############################################################
#
version=v1beta
############################################################
# FUNCTIONS
############################################################
#-----------------------------------------------------------
# Display usage
usage() {
cat << EOF
Usage: ./$(basename "$0") options
Template script
Options:
-a, --all - show all cert information
-c, --list-ca - list all CA name
-h, --help - show this help
-v, --version - show script version
Examples:
List all CA name
./$(basename "$0") --list-ca
Show this help
./$(basename "$0") -h
List
EOF
}
############################################################
# MAIN
############################################################
# var for config file
progName=`echo $0 | sed -e 's|.*/||g' | cut -f1 -d.`
confDir=/etc/own-pki
cfgFile=${confDir}/own-pki.conf
# check if conf file or passphrase file exist
#if [ ! -f $cfgFile ]; then
# echo "$progName not installed correctly. Please run install.sh script"
# exit 1
#fi
# read config file
. $cfgFile
# check if param exist
if [ -z "$1" ]; then
usage
exit 1
fi
# read cli parameters
while [[ "$#" -gt 0 ]]; do
case "$1" in
-a|--all)
files=( $certPath/*.crt )
for f in "${files[@]}"; do
openssl x509 -in $f -text -noout | grep "CA:TRUE" > /dev/null
if [ "$?" == "1" ]; then
filename=$(basename "$f" .crt)
#echo "CA name: $filename"
commonName=$(openssl x509 -in $f -noout -subject -nameopt RFC2253 | sed -n 's/^.*CN=\([^,]*\).*$/\1/p')
# Infos principales
#subject=$(openssl x509 -in "$f" -noout -subject -nameopt RFC2253 | sed 's/^subject=//')
issuer=$(openssl x509 -in "$f" -noout -issuer -nameopt RFC2253 | sed 's/^issuer=//')
startdate=$(openssl x509 -in "$f" -noout -startdate | cut -d= -f2)
enddate=$(openssl x509 -in "$f" -noout -enddate | cut -d= -f2)
# SAN brut
san_raw=$(openssl x509 -in "$f" -noout -text \
| awk '/Subject Alternative Name/ {getline; print}')
# dns and ip extraction
dns_list=$(echo "$san_raw" | grep -o 'DNS:[^,]*' | sed 's/DNS://g'| tr '\n' ' '| sed 's/ $//')
ip_list=$(echo "$san_raw" | grep -o 'IP Address:[^,]*' | sed 's/IP Address://g'| tr '\n' ' '| sed 's/ $//')
echo "\"$f\";\"$commonName\";\"$issuer'\";\"$dns_list\";\"$ip_list\";\"$startdate\";\"$enddate\""
fi
done
shift
;;
-c|--list-ca)
files=( $certPath/*.crt )
for f in "${files[@]}"; do
openssl x509 -in $f -text -noout | grep "CA:TRUE" > /dev/null
if [ "$?" == "0" ]; then
filename=$(basename "$f" .crt)
echo "CA name: $filename"
fi
done
shift
;;
version|-v|--version)
cat << EOF
$(basename "$0") $version (c) 1990 - $(date +%Y) by Gilles Mouchet
This script is provided "as is", WITHOUT ANY WARRANTY OF ANY KIND.
Non-Commercial Use License See LICENSE for details
EOF
exit
;;
*|help|-h|--help)
usage
exit
;;
esac
done
Reference in New Issue View Git Blame Copy Permalink