summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2016-07-10 23:21:49 +0200
committerGuilhem Moulin <guilhem@fripost.org>2016-07-10 23:21:49 +0200
commit4e347178a85468cb2a6451a3a57c3379f832ca97 (patch)
treeddd9a152f1042b9c31678057fa24bd9b3652c26b
parentd5927fb7247e881655488b850812e8186ae444a4 (diff)
gencerts: exclude expired certs in the CRT queries.
-rwxr-xr-xcerts/gencerts.sh6
1 files changed, 3 insertions, 3 deletions
diff --git a/certs/gencerts.sh b/certs/gencerts.sh
index 9318e42..f20bba5 100755
--- a/certs/gencerts.sh
+++ b/certs/gencerts.sh
@@ -21,9 +21,9 @@ x509fpr() {
local msg="$1" host cert h spki
host="${msg%%,*}"; host="${host%% *}"; host="${host#\`}"
cert="$DIR/${host%%:*}.pub"
- spki=$(openssl pkey -pubin -outform DER <"$cert" | openssl dgst -sha256 | sed -nr 's/^[^=]+=\s*//p')
- [ "$typ" = mdwn ] && printf '\n [%s](https://crt.sh/?spkisha256=%s&iCAID=16418)\n\n' "$msg" "$spki" \
- || printf ' %s\n X.509: https://crt.sh/?spkisha256=%s&iCAID=16418\n SPKI:\n' \
+ spki=$(openssl pkey -pubin -outform DER <"$cert" | openssl dgst -sha256 | sed -nr 's/^[^=]+=\s*//p')
+ [ "$typ" = mdwn ] && printf '\n [%s](https://crt.sh/?spkisha256=%s&iCAID=16418&exclude=expired)\n\n' "$msg" "$spki" \
+ || printf ' %s\n X.509: https://crt.sh/?spkisha256=%s&iCAID=16418&exclude=expired\n SPKI:\n' \
"$( echo "$msg" | tr -d '`' )" "$spki"
for h in sha1 sha256; do
[ "$typ" = mdwn ] || echo -n ' '