Snippets

Ricardo Chu Check SSL certs for sha1 hash

Updated by Ricardo Chu
View revision

File sitelist.txt Added

  • Ignore whitespace
  • Hide word diff 
+www.floridashines.org
+test.floridashines.org
+dev.floridashines.org
+www.completeflorida.org
+test.completeflorida.org
+dev.completeflorida.org
+libraries.flvc.org
+libraries.dev.flvc.org
+libraries.test.flvc.org
+dlss.flvc.org
+#xymon.fcla.edu
+#xymon.flvc.org
+status.flvc.org

File sslcheck.sh Modified

  • Ignore whitespace
  • Hide word diff 
 # author: rick chu
 # purpose: checl ssl certs on all flvc sites.
 #
+# https://security.googleblog.com/2015/12/an-update-on-sha-1-certificates-in.html 
 # http://security.stackexchange.com/questions/106358/openssl-check-if-a-ssl-certificate-is-sha-1-or-sha256-signed
 # echo '' | openssl s_client -connect test.floridashines.org:443 -servername test.floridashines.org 2>/dev/null | openssl x509 -noout -text | grep 'Signature Algorithm'
+#
 
 listOfSites='sitelist.txt'
Created by Ricardo Chu
View revision

File sslcheck.sh Added

  • Ignore whitespace
  • Hide word diff 
+#! /bin/bash
+#
+# date: december 2016
+# author: rick chu
+# purpose: checl ssl certs on all flvc sites.
+#
+# http://security.stackexchange.com/questions/106358/openssl-check-if-a-ssl-certificate-is-sha-1-or-sha256-signed
+# echo '' | openssl s_client -connect test.floridashines.org:443 -servername test.floridashines.org 2>/dev/null | openssl x509 -noout -text | grep 'Signature Algorithm'
+
+listOfSites='sitelist.txt'
+
+grep -v '^#' ${listOfSites} | while read p; do
+  echo "${p}"
+  echo '' | openssl s_client -connect ${p}:443 -servername ${p} 2>/dev/null | openssl x509 -noout -text | grep 'Signature Algorithm'
+done
HTTPS SSH

You can clone a snippet to your computer for local editing. Learn more.