-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcert_check.sh
executable file
·33 lines (26 loc) · 1.22 KB
/
cert_check.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/bin/bash
# Pass an IP to this script and it will output the subject and issuer of the certificates installed for the domain on whatever the public name is pointed to and each of the platform endpoints.
# Checks for required input or prompts for it.
if [ "$1" ]; then
site=$1
else
echo "Domain name: "
read site
fi
echo $site:
live_subject=`curl -vik "https://$site" 2>&1 | grep -E 'subject:' | cut -d: -f2 `
live_issuer=`curl -vik "https://$site" 2>&1 | grep -E 'issuer:' | cut -d: -f2`
echo Live cert subject: $live_subject
echo Live cert issuer: $live_issuer
# Loop through platform offsets
for offset in {1,2,3,4,253} ; do
plat_subject=`curl -vik --resolve $site:443:23.185.0.$offset "https://$site" 2>&1 | grep -E 'subject:' | cut -d: -f2 | grep -v pantheonsite.io`
plat_issuer=`curl -vik --resolve $site:443:23.185.0.$offset "https://$site" 2>&1 | grep -E 'issuer:' | cut -d: -f2`
# Check for instances not serving a pantheonsite.io certificate and output the details
if [[ ! $plat_subject == "" ]] ; then
echo Platform IP: 23.185.0.$offset
echo Platform cert subject: $plat_subject
echo Platform cert issuer: $plat_issuer
fi
done
echo