[GTALUG] Script to show HTTP(S) and TLS details for a website
Dhaval Giani
dhaval.giani at gmail.com
Sun Aug 11 20:19:07 EDT 2019
On Sat, Aug 10, 2019 at 8:46 AM Giles Orr via talk <talk at gtalug.org> wrote:
>
> This may be seen as self-promotion - that's not totally wrong. But I think this may also be useful to others and (as I acknowledge in the blog post) I'm quite pleased with the resultant script.
>
> Over the past year and a half I've slowly developed a shell script that gives a concise summary of the state of TLS and HTTP(S) on a given website. It looks like this:
>
> $ tlsdetails google.ca
> Using OpenSSL: /usr/bin/openssl
> Expiry Date: Oct 27 17:27:07 2019 GMT (78 days)
> Issuer: Google Trust Services, CN
> TLS Versions: tls1_3 tls1_2 tls1_1 tls1 (tried but unavailable: ssl3 ssl2 )
> HTTP Version: 2
>
> I first started work on it after a couple embarrassing certificate expiries. It then grew to check the Issuer, TLS versions, and more recently whether or not a site supports HTTP2.
>
> (The pointer to the OpenSSL version is shown because the script will also run on Mac, and their version of 'openssl' is problematic at best. That line is of course easy to remove if you don't like it.)
>
> If you're interested, you can find the details here:
>
> https://www.gilesorr.com/blog/tls-https-details.html
>
> Any suggestions to improve the script would be most welcome.
>
This is pretty cool work! My only suggestion would be to slap a
license on it. Even if it is a BSD style one, it makes it very clear
what you believe acceptable use to be.
Thanks!
Dhaval
More information about the talk
mailing list