diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2016-07-10 23:21:49 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2016-07-10 23:21:49 +0200 |
| commit | 4e347178a85468cb2a6451a3a57c3379f832ca97 (patch) | |
| tree | ddd9a152f1042b9c31678057fa24bd9b3652c26b | |
| parent | d5927fb7247e881655488b850812e8186ae444a4 (diff) | |
gencerts: exclude expired certs in the CRT queries.
| -rwxr-xr-x | certs/gencerts.sh | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/certs/gencerts.sh b/certs/gencerts.sh index 9318e42..f20bba5 100755 --- a/certs/gencerts.sh +++ b/certs/gencerts.sh @@ -21,9 +21,9 @@ x509fpr() { local msg="$1" host cert h spki host="${msg%%,*}"; host="${host%% *}"; host="${host#\`}" cert="$DIR/${host%%:*}.pub" - spki=$(openssl pkey -pubin -outform DER <"$cert" | openssl dgst -sha256 | sed -nr 's/^[^=]+=\s*//p') - [ "$typ" = mdwn ] && printf '\n [%s](https://crt.sh/?spkisha256=%s&iCAID=16418)\n\n' "$msg" "$spki" \ - || printf ' %s\n X.509: https://crt.sh/?spkisha256=%s&iCAID=16418\n SPKI:\n' \ + spki=$(openssl pkey -pubin -outform DER <"$cert" | openssl dgst -sha256 | sed -nr 's/^[^=]+=\s*//p') + [ "$typ" = mdwn ] && printf '\n [%s](https://crt.sh/?spkisha256=%s&iCAID=16418&exclude=expired)\n\n' "$msg" "$spki" \ + || printf ' %s\n X.509: https://crt.sh/?spkisha256=%s&iCAID=16418&exclude=expired\n SPKI:\n' \ "$( echo "$msg" | tr -d '`' )" "$spki" for h in sha1 sha256; do [ "$typ" = mdwn ] || echo -n ' ' |