获取 -enddate 时 Openssl 输出挂起
Openssl output hanging when getting -enddate
我一直在编写一个脚本来获取一些证书的详细信息,而不是我已经在解决格式问题的过程中在我尝试解析 EndDate="openssl s_client -connect $host:$port 2>/dev/null | openssl x509 -enddate -noout | grep "Not After" | awk '{print , , }'" 时脚本挂起。
这是我目前正在编写的完整脚本以供参考,其中大部分内容是一起破解的,因为我刚刚掌握脚本编写的窍门。
# User input for the host or url of the certificate to check
echo "What host IP or URL certificate would you like to check: "
read host
# User input for the port number of the certificate to check
echo "What is the port number for the host's IP or URL: "
read port
# Input Verification post
echo "Host connection information = $host:$port"
# openssl expiration date checks for the week
echo "::Certificate expiration date::"
EndDate=`openssl s_client -connect $host:$port 2>/dev/null | openssl x509 - enddate -noout | grep "Not After" | awk '{print , , }'`
DatePlus7=`date -ud "+7 day" | awk '{print , , }'`
if [ "$EndDate" = "$DatePlus7"]
then
echo "Certificate has expired or will do so within 7 days!"
echo "(or is invalid/not found)"
else
echo "Certificate is good for another week!"
fi
最终我希望能够为管理员输出 echo | openssl s_client -connect $host:$port 2>/dev/null | openssl x509 -enddate -noout,这出现在 fi 语句之后。谁能帮我解决这个问题?
从小处着手并逐步建立比从大处着手并向下调试更容易。
这里有一个更简单的方法来重现您的问题,它也只是挂起:
openssl s_client -connect google.com:443
既然问题如此简单和狭窄,谷歌搜索 "why would openssl s_client hang?" 导致 useful information 向 "give a response to the server, so that the connection is released" 推荐 echo -n | ...。这应该足以让我们走得更远(还有其他问题)。
无论如何,这是一个更短的方法:
if openssl s_client -connect google.com:443 2> /dev/null < /dev/null |
openssl x509 -checkend $((60*60*24*7)) -noout -in /dev/stdin
then
echo "The certificate is good."
else
echo "The certificate expires within a week."
fi
这将在不挂断的情况下打印到期日期:
openssl s_client -连接 google.com:443 2> /dev/null < /dev/null | openssl x509 -enddate -noout -in /dev/stdin
我一直在编写一个脚本来获取一些证书的详细信息,而不是我已经在解决格式问题的过程中在我尝试解析 EndDate="openssl s_client -connect $host:$port 2>/dev/null | openssl x509 -enddate -noout | grep "Not After" | awk '{print , , }'" 时脚本挂起。
这是我目前正在编写的完整脚本以供参考,其中大部分内容是一起破解的,因为我刚刚掌握脚本编写的窍门。
# User input for the host or url of the certificate to check
echo "What host IP or URL certificate would you like to check: "
read host
# User input for the port number of the certificate to check
echo "What is the port number for the host's IP or URL: "
read port
# Input Verification post
echo "Host connection information = $host:$port"
# openssl expiration date checks for the week
echo "::Certificate expiration date::"
EndDate=`openssl s_client -connect $host:$port 2>/dev/null | openssl x509 - enddate -noout | grep "Not After" | awk '{print , , }'`
DatePlus7=`date -ud "+7 day" | awk '{print , , }'`
if [ "$EndDate" = "$DatePlus7"]
then
echo "Certificate has expired or will do so within 7 days!"
echo "(or is invalid/not found)"
else
echo "Certificate is good for another week!"
fi
最终我希望能够为管理员输出 echo | openssl s_client -connect $host:$port 2>/dev/null | openssl x509 -enddate -noout,这出现在 fi 语句之后。谁能帮我解决这个问题?
从小处着手并逐步建立比从大处着手并向下调试更容易。
这里有一个更简单的方法来重现您的问题,它也只是挂起:
openssl s_client -connect google.com:443
既然问题如此简单和狭窄,谷歌搜索 "why would openssl s_client hang?" 导致 useful information 向 "give a response to the server, so that the connection is released" 推荐 echo -n | ...。这应该足以让我们走得更远(还有其他问题)。
无论如何,这是一个更短的方法:
if openssl s_client -connect google.com:443 2> /dev/null < /dev/null |
openssl x509 -checkend $((60*60*24*7)) -noout -in /dev/stdin
then
echo "The certificate is good."
else
echo "The certificate expires within a week."
fi
这将在不挂断的情况下打印到期日期:
openssl s_client -连接 google.com:443 2> /dev/null < /dev/null | openssl x509 -enddate -noout -in /dev/stdin