From 07fbb8c8f0b6e2faa50bb959b62d0f4ee336c411 Mon Sep 17 00:00:00 2001 From: Dirk Date: Sun, 15 Feb 2015 12:58:51 +0100 Subject: [PATCH] - certificate sha2 fingerprint added (#59, @@kyhwana) - sha1 fp: removed colons as long serials after it look ugly (lf) --- testssl.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/testssl.sh b/testssl.sh index a910680..3486d04 100755 --- a/testssl.sh +++ b/testssl.sh @@ -1118,7 +1118,8 @@ server_defaults() { # old, but interesting: https://blog.hboeck.de/archives/754-Playing-with-the-EFF-SSL-Observatory.html out " Fingerprint / Serial " - outln "$($OPENSSL x509 -noout -in $HOSTCERT -fingerprint | sed 's/Fingerprint=//' ) / $($OPENSSL x509 -noout -in $HOSTCERT -serial | sed 's/serial=//')" + outln "$($OPENSSL x509 -noout -in $HOSTCERT -fingerprint -sha1 | sed 's/Fingerprint=//' | sed 's/://g' ) / $($OPENSSL x509 -noout -in $HOSTCERT -serial | sed 's/serial=//')" + outln " $($OPENSSL x509 -noout -in $HOSTCERT -fingerprint -sha256 | sed 's/Fingerprint=//' | sed 's/://g' )" out " Common Name (CN) " CN=`$OPENSSL x509 -in $HOSTCERT -noout -subject | sed 's/subject= //' | sed -e 's/^.*CN=//' -e 's/\/emailAdd.*//'` @@ -1133,7 +1134,6 @@ server_defaults() { outln " (CN response to request w/o SNI: '$CN_nosni')" fi - SAN=`$OPENSSL x509 -in $HOSTCERT -noout -text | grep -A3 "Subject Alternative Name" | grep "DNS:" | \ sed -e 's/DNS://g' -e 's/ //g' -e 's/,/\n/g' -e 's/othername://g'` # ^^^ CACert @@ -2852,6 +2852,6 @@ case "$1" in exit $ret ;; esac -# $Id: testssl.sh,v 1.187 2015/02/13 15:01:45 dirkw Exp $ +# $Id: testssl.sh,v 1.188 2015/02/15 11:58:50 dirkw Exp $ # vim:ts=5:sw=5