I wanted to avoid RSI checking the browser’s padlock on every site I’d just updated a SSL cert for:
[lemon@core ~ ] 0 $ for z in 4 5 6 7 8 9 10 11 12 ; do echo 'GET /' | openssl s_client -connect devgateway${z}.foo.co.uk:443 2>&1 | openssl x509 -text | grep -i 'Not Before' ; done
Not Before: May 9 11:24:00 2006 GMT
Not Before: May 9 11:54:05 2006 GMT
Not Before: May 9 11:54:05 2006 GMT
Not Before: May 9 11:24:00 2006 GMT
Not Before: May 9 11:24:01 2006 GMT
Not Before: May 9 11:24:01 2006 GMT
Not Before: May 9 11:54:06 2006 GMT
Not Before: May 9 11:24:01 2006 GMT
Not Before: May 9 11:24:01 2006 GMT
Ugly, but it works. the ssl_client(1) man page contains this apology:
BUGS
Because this program has a lot of options and also because some of the
techniques used are rather old, the C source of s_client is rather hard
to read and not a model of how things should be done. A typical SSL
client program would be much simpler.
Leave a Reply
Recent articles
- pf on OS X 10.7
(Wednesday, 14. 09. 2011 – 3 Comments) - Cyrus saslauthd and passwords containing quote marks
(Saturday, 11. 06. 2011 – No Comments) - Competing webserver workloads
(Thursday, 17. 02. 2011 – No Comments) - Timeouts and failing fast
(Sunday, 23. 01. 2011 – No Comments)
Archives
- September 2011
- June 2011
- February 2011
- January 2011
- October 2010
- September 2010
- February 2010
- September 2009
- August 2009
- January 2009
- September 2008
- August 2008
- July 2008
- May 2008
- April 2008
- February 2008
- January 2008
- November 2007
- October 2007
- September 2007
- August 2007
- December 2006
- November 2006
- August 2006
- June 2006
- May 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
Meta
