Ping a Specific Port

Question

Adam Matan

Asked: 2014-04-18 02:50:33 +0800 CST2014-04-18 02:50:33 +0800 CST 2014-04-18 02:50:33 +0800 CST

Command line tool for fetching and analyzing SSL certificate

772

Following the heartbleed vulnerability in openSSL, all the SSH certificate on our servers were re-issued and re-installed.

Since it is likely that we've missed something on a server (for example, restarting Apache), we are checking the servers manually by clicking the key logo in Chrome:

enter image description here

This is slow and error prone. Is there a command line tool that can fetch the certificate ID/Serial number from a server?

Update

I ended up using a variation on MichelZ's answer:

echo "" | openssl s_client -showcerts -status -verify 0 \
        -connect www.mydomain.com:443 2>&1 | \
        egrep "Verify return|subject=/serial"

echo is necessary for openssl to exit (it waits for input otherwise).
-verify 0 verifies the certificate.
2>&1 redirects standard error to standard output
egrep shows only the validation status and the serial number.

1 Answers

Voted

MichelZ · Answer 1 · 2014-04-18T02:57:40+08:00

Best Answer

MichelZ

2014-04-18T02:57:40+08:002014-04-18T02:57:40+08:00

You can use OpenSSL to retrieve the certificate:

openssl s_client -showcerts -connect some_server:server_port

16

Command line tool for fetching and analyzing SSL certificate

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?