[GTALUG] Script to show HTTP(S) and TLS details for a website
Giles Orr
gilesorr at gmail.com
Fri Sep 13 09:22:54 EDT 2019
On Sat, 10 Aug 2019 at 11:46, Giles Orr <gilesorr at gmail.com> wrote:
> This may be seen as self-promotion - that's not totally wrong. But I
> think this may also be useful to others and (as I acknowledge in the blog
> post) I'm quite pleased with the resultant script.
>
> Over the past year and a half I've slowly developed a shell script that
> gives a concise summary of the state of TLS and HTTP(S) on a given
> website. It looks like this:
>
> $ tlsdetails google.ca
> Using OpenSSL: /usr/bin/openssl
> Expiry Date: Oct 27 17:27:07 2019 GMT (78 days)
> Issuer: Google Trust Services, CN
> TLS Versions: tls1_3 tls1_2 tls1_1 tls1 (tried but unavailable:
> ssl3 ssl2 )
> HTTP Version: 2
>
> I first started work on it after a couple embarrassing certificate
> expiries. It then grew to check the Issuer, TLS versions, and more
> recently whether or not a site supports HTTP2.
>
> (The pointer to the OpenSSL version is shown because the script will also
> run on Mac, and their version of 'openssl' is problematic at best. That
> line is of course easy to remove if you don't like it.)
>
> If you're interested, you can find the details here:
>
> https://www.gilesorr.com/blog/tls-https-details.html
>
> Any suggestions to improve the script would be most welcome.
>
>
Having solicited suggestions for improvement, I got more than I bargained
for (but it was all good!). It took a while, but I've incorporated most of
the suggestions:
https://www.gilesorr.com/blog/tls-https-details2.html
--
Giles
https://www.gilesorr.com/
gilesorr at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20190913/525d0213/attachment.html>
More information about the talk
mailing list