search

Matty9191 / ssl-cert-check

Send notifications when SSL certificates are about to expire.
GNU General Public License v2.0
719 stars 285 forks source link

Issuer not displayed when using -i option #101

Open tonysgi opened 3 years ago

tonysgi commented 3 years ago

Hi. This latest version does not display the issuer:

Version 4.14:

ssl-cert-check -i -f testssl

Host Issuer Status Expires Days

www.apple.com:443 Valid Oct 8 2021 240 www.google.com:443 Valid Apr 13 2021 62

If I use version 4.10:

ssl-cert-check-4_10 -i -f testssl

Host Issuer Status Expires Days

www.apple.com:443 DigiCert, Inc. Valid Oct 8 2021 240
www.google.com:443 Google Trust Serv Valid Apr 13 2021 62

tonysgi commented 2 years ago

The problem happens depending on the openssl version in use.

Works for openssl 1.0.2k:

    CERTISSUER=$("${OPENSSL}" x509 -in "${CERT_TMP}" -issuer -noout | \
                 "${AWK}" 'BEGIN {RS="/" } $0 ~ /^O=/
                             { print substr($0,3,17)}')

Works for openssl 1.1.1k:

    CERTISSUER=$("${OPENSSL}" x509 -in "${CERT_TMP}" -issuer -noout | \
                 "${AWK}" 'BEGIN {RS=", " } $0 ~ /^O =/
                             { print substr($0,5,17)}')