[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Need assistance with BASH script to iterate through SSL certs and convert to human readable format

Posted on 2013-11-22
5
Medium Priority
?
411 Views
Last Modified: 2013-11-25
Hi Team,

  We have hundreds of linux based network appliances in our organization and we constantly need to inventory installed SSL certificates in them.   Most of the appliances can do BASH ,fortunately.   Given a particular directory containing many certs and all of them in PEM format,  if I had something like this:
hostname-a# ls -l
cert1.crt
cert2.crt
cert3.crt
cert4.crt
cert5.crt

Open in new window


I just need a simple bash script to loop through every certificate and aggregate the output to a text file. The command for one file is:
openssl x509 -in cert1.crt -text -noout >> allcerts.txt

Open in new window


Instead of doing this:
openssl x509 -in cert1.crt -text -noout >> allcerts.txt
openssl x509 -in cert2.crt -text -noout >> allcerts.txt
openssl x509 -in cert3.crt -text -noout >> allcerts.txt
openssl x509 -in cert4.crt -text -noout >> allcerts.txt
openssl x509 -in cert5.crt -text -noout >> allcerts.txt

Open in new window


How can I run a bash script that runs a loop and iterates through all files in the directory ending in .crt?

thanks very much for any suggestions
0
Comment
Question by:rleyba828
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 19

Expert Comment

by:xterm
ID: 39670565
This should work:

for cert in *.crt;
do
        openssl x509 -in $cert -text -noout >> allcerts.txt
done

Open in new window

0
 

Author Comment

by:rleyba828
ID: 39673730
hi xterm,

   Thanks for this.  It seems to be working as expected.  Just one minor request though.   Once I do a cat of the accumulated allcerts.txt file, I see all the certs in one long stream but I have no link as to which certificate file is which CN name.  Is there a way we can put anywhere on the output file the filename of which cert is currently being processed?  If the normal output is this.
[me@myhost]# cat allcerts.txt | more
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:0b:00:90:00:00:00:00:00:00
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: DC=PH, DC=COM, DC=MYBANK, DC=MYORG, CN=MYCERTNAME
        Validity

-----------------------output suppressed------------

Open in new window


...can we have this instead (show currently being processed file next to "certificate"), or at least start a new line with the filename, before it starts outputting the contents of the file?

[me@myhost]# cat allcerts.txt | more
Certificate: cert1.crt
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:0b:00:90:00:00:00:00:00:00
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: DC=PH, DC=COM, DC=MYBANK, DC=MYORG, CN=MYCERTNAME
        Validity
-----------output suppressed---------------

Open in new window


Many thanks.
0
 
LVL 19

Expert Comment

by:xterm
ID: 39673755
Sure, that's not a problem, I put a newline after the output of each too:

for cert in *.crt;
do
        echo  "Certificate: $cert"
        openssl x509 -in $cert -text -noout >> allcerts.txt
        echo ""
done

Open in new window

0
 
LVL 19

Accepted Solution

by:
xterm earned 2000 total points
ID: 39675169
Sorry, I made a mistake here.  It should look like this:

for cert in *.crt;
do
        echo  "Certificate: $cert" >> allcerts.txt
        openssl x509 -in $cert -text -noout >> allcerts.txt
        echo "" >> allcerts.txt
done

Open in new window

0
 

Author Closing Comment

by:rleyba828
ID: 39676599
Excellent! Thanks very much.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Batch, VBS, and scripts in general are incredibly useful for repetitive tasks.  Some tasks can take a while to complete and it can be annoying to check back only to discover that your script finished 5 minutes ago.  Some scripts may complete nearly …
The purpose of this article is to demonstrate how we can use conditional statements using Python.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question