Linux Shell Script to Display SHA1 Fingerprint of Remote SSL Certificates

$ ./fingerprint.sh www.torservers.net status.headstrong.de
SHA1 Fingerprint=90:14:6B:74:FC:B8:30:C8:48:06:4F:52:A6:27:C4:0A:EE:D8:C5:6E
SHA1 Fingerprint=19:46:7F:F7:C5:1C:B7:C9:03:58:88:19:46:DC:55:BA:57:49:92:96


This is a small bash script that outputs SHA1 fingerprints of SSL/HTTPS certificates. By default, it queries hostname:443, but you can also supply a port yourself.
#!/bin/sh
#
default=443
if [ -z "$1" ]
then
echo "Usage: `basename $0` hostname [hostname]..."
exit $E_NOARGS
fi
until [ -z "$1" ]
do
host=$1
if [[ $host != *:* ]]
then
host="$host:$default"
fi
echo |\
openssl s_client -connect $host 2>/dev/null |\
openssl x509 -noout -fingerprint
# - date:
# openssl x509 -noout -dates
shift
done

Source: [url=http://www.madboa.com/geek/openssl/#cert-exam]Paul Heinlein: OpenSSL Command-Line HOWTO[/url]

Leave a Reply

Your email address will not be published. Required fields are marked *