bash-ssl-checker-tool/ssl

#!/bin/bash

# Check if there is an input
if [[ $1 ]]; then
	validation=$(host $1)
fi

# Check if domain is valid
if [[ $validation == *"NXDOMAIN"* ]]; then
	echo "Please enter a valid domain";
	exit 0
fi

case $1 in
# Sample Usage
help)
        echo "Usage: 
ssl domain.com"
        exit 1
;;
"")
	echo "Usage: 
ssl domain.com"
        exit 1
;;
# If the domain is valid run the following:
*)
		today=$(date +%F)
		expires=$(echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | grep 'notAfter' | sed 's/notAfter=//')
		#echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates

		echo '# The SSL certificate has been issued for: '
		echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -subject | sed 's/subject=/Domain: /'
		#echo | openssl s_client -servername www.$1 -connect www.$1:443 2>/dev/null | openssl x509 -noout -subject
		echo '----'

		echo ''
		echo '# The SSL certificate expires in: '
		echo $(( ( $(date -ud "$expires" +'%s') - $(date -ud "$today" +'%s') )/60/60/24 )) days
		echo '----'

		echo ''
		echo '# Dates: '
		echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | sed 's/notAfter=/Expires On: /' | sed 's/notBefore=/Issued On: /'
		echo '----'

		echo ''
		echo '# The certificate has been issued by: '
		echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -issuer | sed 's/issuer=/Issuer: /'
		echo '----'

		echo ''
		echo '# TLS supported: '
		nmap --script ssl-enum-ciphers -p 443 $1 | grep ':' | grep -i tls
		echo '----'

		echo ''
		echo '# Fingerprint: '
		echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -fingerprint
		echo '----'

		#echo ''
		#echo '##### Decode: '
		#echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -text
		#echo '#################'
	
esac