Linux

This command allows you to extract all SSL certificate’s chain from an URL. In order to use it, replace <server_url> with the server address you want to process:

openssl s_client -showcerts -verify 5 -connect <server_URL>:443 < /dev/null | awk '/BEGIN/,/END/{ if(/BEGIN/){a++}; out="cert"a".pem"; print >out}' for cert in *.pem; do newname=$(openssl x509 -noout -subject -in $cert | sed -n 's/^.*CN=$.*$$/\1/; s/[ ,.*]/_/g; s/__/_/g; s/^_//g;p').pem; mv $cert $newname; done

The command will create 3 separates files, each one named with the Common Name of the corresponding certificate.

How to add DNS options to each connected ethernet interface via bash:

for device in $( nmcli device | awk '($2=="ethernet" && $3=="connected") {print $1}'); do printf "1) %s" "$device interface BEFORE value" nmcli con show $device | grep ipv4.dns-options: nmcli con mod $device +ipv4.dns-option rotate,timeout:3 printf "2) %s" "$device interface AFTER value" nmcli con show $device | grep ipv4.dns-options: done printf "3) restarted NetworkManager\n" systemctl restart NetworkManager sleep 1 printf "4) show update /etc/resolv.conf\n\n" cat /etc/resolv.conf

AtomicTAG

All my thoughts about digital technology, robotics and innovation.

Extract all SSL certificate’s chain from an URL

Add DNS options to each ethernet interface

Share this:

Share this: