Skip to content

Instantly share code, notes, and snippets.

@stevebakh

stevebakh/retrieve-cert.sh

Last active April 9, 2021 16:48
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save stevebakh/5b17ac5a3cd716def2d5cf4a719119af to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save stevebakh/5b17ac5a3cd716def2d5cf4a719119af to your computer and use it in GitHub Desktop.
Download ZIP
Bash script using openssl to download website certificate
Raw
retrieve-cert.sh
#!/bin/sh
#
# usage: retrieve-cert.sh remote.host.name [port]
#
REMHOST=$1
REMPORT=${2:-443}
echo |\
openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
@stevebakh
Copy link
Author

stevebakh commented Nov 10, 2017

This can be useful when working with servers that utilise self-signed certs. Use this script to download the certs, then, for example, add them to a Java truststore to avoid errors.

Useful commands:

retrieve-cert.sh remote.host.name > remote.host.name.cert

keytool \
  -trustcacerts \
  -keystore "$JAVA_HOME/jre/lib/security/cacerts" \
  -storepass changeit \
  -importcert \
  -alias remote.host.name.unsigned -file remote.host.name.cert

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment