Some minor output updates

2020-06-04 14:49:34 +00:00 · 2020-06-04 14:49:34 +00:00 · a536a918ef
commit a536a918ef
parent e3c56d99cb
2 changed files with 152 additions and 48 deletions
--- a/README.md
+++ b/README.md
@ -1,6 +1,62 @@
 # bash-ssl-checker-tool
-This is a very simple bash script that you could use to gain general information for the SSL certificate of a certain domain name. It is based on the functionality of the popular https://sslshopper.com website, but it's a command line tool.
+Very simple bash script which you could use to gain general information for the SSL certificate of a certain domain name. 
+
+It is based on the functionality of the popular https://sslshopper.com website, but it's a command line tool.

 The script has been tested on CentOS, Ubuntu, Mint and Debian.

+The script provides you with the following information:
+
+* The domain name that the SSL certificate has been issued for
+* The number of days the SSL certificate expires in:
+* The dates when the certificate was issued on and expieres on
+* The certificate has been issued by:
+* Supported TLS versions
+* Certificate Fingerprint
+
+Usage:
+
+In order to use the script just download the ssl file, make it executable and run it:
+
+```
+wget https://raw.githubusercontent.com/bobbyiliev/bash-ssl-checker-tool/master/ssl
+chmod +x ssl
+./ssl yourdomain.com
+```
+
+Output:
+
+The output that you would get will look like this:
+
+```
+The bobbyiliev.com domain name seems valid
+
+# The SSL certificate has been issued for:
+Domain: CN = bobbyiliev.com
+----
+
+# The SSL certificate expires in:
+90 days
+----
+
+# Dates:
+Issued On: Jun  4 09:05:19 2020 GMT
+Expires On: Sep  2 09:05:19 2020 GMT
+----
+
+# The certificate has been issued by:
+Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
+----
+
+# TLS supported:
+|   TLSv1.0:
+|   TLSv1.1:
+|   TLSv1.2:
+----
+
+# Fingerprint:
+SHA1 Fingerprint=C1:E1:6C:46:8A:74:94:14:00:94:88:B9:4B:2B:C5:90:79:DE:72:64
+----
+```
+
 Note: You need to have 'openssl' installed.
--- a/142
+++ b/142
@ -1,71 +1,119 @@
 #!/bin/bash

-# Gain some basic information about your SSL certificate
+##
+# Script which let's you gather some basic information about your SSL certificate
+##

-# Make sure that you have openssl installed
+##
+# Colors
+##
+green='\e[32m'
+blue='\e[34m'
+clear='\e[0m'
+orange='\e[33m'
+red='\e[31m'

-# Check if there is an input
-if [[ $1 ]]; then
-	validation=$(host $1)
+##
+# Color Functions
+##
+
+ColorGreen(){
+        echo -ne $green$1$clear
+}
+ColorBlue(){
+        echo -ne $blue$1$clear
+}
+ColorRed(){
+        echo -ne $red$1$clear
+}
+ColorOrange(){
+        echo -ne $orange$1$clear
+}
+
+##
+# Make sure that openssl is installed
+##
+if ! [ -x "$(command -v openssl)" ] ; then
+        echo "The openssl command is required! Please install it and then try again"
+        exit 1
 fi

-# Check if domain is valid
-if [[ $validation == *"NXDOMAIN"* ]]; then
-	echo "Please enter a valid domain";
-	exit 0
+##
+# Check if there is an input
+##
+if [[ $1 ]]; then
+	host $1 > /dev/null
+	if [ $? -eq 0 ]; then
+		echo -ne "The $(ColorGreen $1 ) domain name seems valid
+
+"
+	else
+		echo -ne "Could not resolve the $(ColorGreen ${1}) domain name...
+
+"
+		exit 1
+	fi
 fi

 case $1 in
-# Sample Usage
+# Usage example
 help)
-        echo "Usage: 
-ssl domain.com"
+        echo -ne "Usage:
+$(ColorGreen './ssl domain.com')
+"
        exit 1
 ;;
 "")
-	echo "Usage: 
-ssl domain.com"
+        echo -ne "Usage:
+$(ColorGreen './ssl domain.com')
+"
        exit 1
 ;;
-# If the domain is valid run the following:
 *)
-		today=$(date +%F)
-		expires=$(echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | grep 'notAfter' | sed 's/notAfter=//')
-		#echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates
+	today=$(date +%F)
+	expires=$(echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | grep 'notAfter' | sed 's/notAfter=//')
+	#echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates

-		echo '# The SSL certificate has been issued for: '
-		echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -subject | sed 's/subject=/Domain: /'
-		#echo | openssl s_client -servername www.$1 -connect www.$1:443 2>/dev/null | openssl x509 -noout -subject
-		echo '----'
+	echo -ne "$(ColorRed '#') $(ColorGreen 'The SSL certificate has been issued for:')"
+	echo ''
+	echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -subject | sed 's/subject=/Domain: /'
+	#echo | openssl s_client -servername www.$1 -connect www.$1:443 2>/dev/null | openssl x509 -noout -subject
+	echo '----'

-		echo ''
-		echo '# The SSL certificate expires in: '
-		echo $(( ( $(date -ud "$expires" +'%s') - $(date -ud "$today" +'%s') )/60/60/24 )) days
-		echo '----'
+	echo ''
+        echo -ne "$(ColorRed '#') $(ColorGreen 'The SSL certificate expires in:')"
+	echo ''
+	echo $(( ( $(date -ud "$expires" +'%s') - $(date -ud "$today" +'%s') )/60/60/24 )) days
+	echo '----'

-		echo ''
-		echo '# Dates: '
-		echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | sed 's/notAfter=/Expires On: /' | sed 's/notBefore=/Issued On: /'
-		echo '----'
+	echo ''
+        echo -ne "$(ColorRed '#') $(ColorGreen 'Dates:')"
+	echo ''
+	echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | sed 's/notAfter=/Expires On: /' | sed 's/notBefore=/Issued On: /'
+	echo '----'

-		echo ''
-		echo '# The certificate has been issued by: '
-		echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -issuer | sed 's/issuer=/Issuer: /'
-		echo '----'
+	echo ''
+        echo -ne "$(ColorRed '#') $(ColorGreen 'The certificate has been issued by:')"
+	echo ''
+	echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -issuer | sed 's/issuer=/Issuer: /'
+	echo '----'

-		echo ''
-		echo '# TLS supported: '
-		nmap --script ssl-enum-ciphers -p 443 $1 | grep ':' | grep -i tls
-		echo '----'
+	echo ''
+        echo -ne "$(ColorRed '#') $(ColorGreen 'TLS supported:')"
+	echo ''
+	nmap --script ssl-enum-ciphers -p 443 $1 | grep ':' | grep -i tls
+	echo '----'

-		echo ''
-		echo '# Fingerprint: '
-		echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -fingerprint
-		echo '----'
+	echo ''
+        echo -ne "$(ColorRed '#') $(ColorGreen 'Fingerprint:')"
+	echo ''
+	echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -fingerprint
+	echo '----'
+
+	#echo ''
+        #echo -ne "$(ColorRed '#') $(ColorGreen 'Decode')"
+	#echo ''
+	#echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -text
+	#echo '#################'

-		#echo ''
-		#echo '##### Decode: '
-		#echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -text
-		#echo '#################'
-	
 esac