kbabioch
commented
4 years ago When entering "ssl-check-cert -h" into the console, I expected a list of orders. Instead I got back "command not found".
Well, that's a problem with incorrect usage, though. Not sure about Kali, but if the script is not within $PATH, then you need to specify an absolute and/or relative path, such as ./ssl-check-cert.
You can get a help overview with:
./ssl-cert-check -h
Usage: ./ssl-cert-check [ -e email address ] [-E sender email address] [ -x days ] [-q] [-a] [-b] [-h] [-i] [-n] [-N] [-v]
{ [ -s common_name ] && [ -p port] } || { [ -f cert_file ] } || { [ -c cert file ] } || { [ -d cert dir ] }
-a : Send a warning message through E-mail
-b : Will not print header
-c cert file : Print the expiration date for the PEM or PKCS12 formatted certificate in cert file
-d cert directory : Print the expiration date for the PEM or PKCS12 formatted certificates in cert directory
-e E-mail address : E-mail address to send expiration notices
-E E-mail sender : E-mail address of the sender
-f cert file : File with a list of FQDNs and ports
-h : Print this screen
-i : Print the issuer of the certificate
-k password : PKCS12 file password
-n : Run as a Nagios plugin
-N : Run as a Nagios plugin and output one line summary (implies -n, requires -f or -d)
-p port : Port to connect to (interactive mode)
-q : Don't print anything on the console
-s commmon name : Server to connect to (interactive mode)
-S : Print validation information
-t type : Specify the certificate type
-V : Print version information
-x days : Certificate expiration interval (eg. if cert_date < days)The most straightforward use-case is this:
./ssl-cert-check -s github.com
Host Status Expires Days
----------------------------------------------- ------------ ------------ ----
github.com:443 Valid May 10, 2022 683You don't need to use a text file containing domains in this case.
The technical requirements are "documented" within the script itself, starting from line 838 or so:
So actually what you asking for is already there. Don't get me wrong, information / documentation can always be improved. However this is a tool for admins (and apparently pen-testers?), they should be able to run commands and read help pages :-).
But as always, I'm pretty sure that @Matty9191 won't mind a merge request with more structured information, etc.
Hi,
I am missing a more detailed documentation about how to start and for example a demo file. This said, I cloned the github to my Kali distribution. I created a text file with 3 domain names.
When entering "ssl-check-cert -h" into the console, I expected a list of orders. Instead I got back "command not found". The same holds for all sample comands listed on the referal documentation page.
It would be great to have at least one example, how to test https://example.com or github.com. It would also be great, If someone could add the technical requirements e.g. OS + Version.
Regards, F.