Login or Register to Ask a Question and Join Our Community


Programming

Extract Common Name (CN) of SSL certificate using perl code

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Programming Extract Common Name (CN) of SSL certificate using perl code
# 1  
Old 07-17-2013
Extract Common Name (CN) of SSL certificate using perl code
Hello folks,

I need a piece of code in perl which can read the file having multiple ssl certificates in text format one after the other as shown below. I need to parse this file and find out the common names of each of ssl certs it contains.

E.g.
Code:
-----BEGIN CERTIFICATE-----
MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCB
                             :
                             :
4NwdzxoQ2KDLX4z6DOW/cf/lXUQdpj6HR/oaToODEj+IZpWYeZqF6wJHzSXj8gYE
TpnKXKBuervdo5AaRTPvvz7SBMS24CqFZUE+ENQ=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
                              :
                              :
                              :
hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
-----END CERTIFICATE-----

# 2  
Old 07-17-2013
This looks like it'll work:

Crypt::X509 - search.cpan.org
This User Gave Thanks to achenle For This Post:
jhamaks
# 3  
Old 07-27-2013
Thank you achenle Smilie

i had to install this module and other dependent modules to make it work.
I'm using rather openssl command in my perl code to get the ssl certificate "subject" to get the CN.

Code:
openssl x509 -in QA.channelnet.us.cer -noout -subject

But now i need the perl code which can extract the individual ssl certs from one single file. The single file looks same as posted earlier.

Code:
--------------------BEGIN CERTIFICATE------------------
MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAME
4NwdzxoQ2KDLX4z6DOW/cf/lXUQdpj6HR/oaToODEj+IZpWYeZqF
                             :                             
                             :
6wJHzSXj8gYETpnKXKBuervdo5AaRTPvvz7SBMS24CqFZUE+ENQ=
--------------------END CERTIFICATE-----------------------
--------------------BEGIN CERTIFICATE----------------------
MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAME
IxCzAJBgNVBAYTAlVTAq45pmp0sdhsdkslswqpywmcperewe
                           :                             
                           :                              
hw4EbNX/3aBd7YdStysV6drE57xNNB6pXE0zX5IJL4hmXXeXx
x12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3=
--------------------END CERTIFICATE-----------------------

I want to extract the individual certs from above file and store it on the disk with some name(may be appending timestamp to some pre-determined file name).
Last edited by jhamaks; 07-27-2013 at 01:24 PM.. Reason: data display not proper
# 4  
Old 07-27-2013
This is a simple example of separating them out to separate files:
Code:
#!/usr/bin/perl -w
# Script: get_certs.pl

use strict;
use warnings;

my @a;
my $fh;
my $i;
my $p;
my $fn;

sub write_to_file;

chomp ( @a=<DATA> );

for $i ( 0 .. $#a ) {
  if ( $a[$i] =~ m/BEGIN CERTIFICATE/ ) {
    $p  = $i + 1;
    $fn = $a[$p] . ".cert";
    open ( $fh, ">$fn" );
    write_to_file( "$a[$i]" );
  } elsif ( $a[$i] =~ m/END CERTIFICATE/ ) {
    write_to_file( "$a[$i]" );
    close $fh;
  } else {
    write_to_file( "$a[$i]" );
  }
}
sub write_to_file {
  print $fh "$_[0]\n";
}

__DATA__
--------------------BEGIN CERTIFICATE------------------
MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAME
4NwdzxoQ2KDLX4z6DOW/cf/lXUQdpj6HR/oaToODEj+IZpWYeZqF
                             :                             
                             :
6wJHzSXj8gYETpnKXKBuervdo5AaRTPvvz7SBMS24CqFZUE+ENQ=
--------------------END CERTIFICATE-----------------------
--------------------BEGIN CERTIFICATE----------------------
MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAME
IxCzAJBgNVBAYTAlVTAq45pmp0sdhsdkslswqpywmcperewe
                           :                             
                           :                              
hw4EbNX/3aBd7YdStysV6drE57xNNB6pXE0zX5IJL4hmXXeXx
x12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3=
--------------------END CERTIFICATE-----------------------

Creates these files:
Code:
$ ls *.cert
MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAME.cert  MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAME.cert

$ cat MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAME.cert
--------------------BEGIN CERTIFICATE------------------
MIID2TCCAsGgAwIBAgIDAjbQMA0GCSqGSIb3DQEBBQUAME
4NwdzxoQ2KDLX4z6DOW/cf/lXUQdpj6HR/oaToODEj+IZpWYeZqF
                             :
                             :
6wJHzSXj8gYETpnKXKBuervdo5AaRTPvvz7SBMS24CqFZUE+ENQ=
--------------------END CERTIFICATE-----------------------

$ cat MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAME.cert
--------------------BEGIN CERTIFICATE----------------------
MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAME
IxCzAJBgNVBAYTAlVTAq45pmp0sdhsdkslswqpywmcperewe
                           :
                           :
hw4EbNX/3aBd7YdStysV6drE57xNNB6pXE0zX5IJL4hmXXeXx
x12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3=
--------------------END CERTIFICATE-----------------------

Moderator's Comments:
Mod Comment Removed FONT tags from within CODE tags again. Please don't use them.
This User Gave Thanks to spacebar For This Post:
jhamaks
# 5  
Old 07-29-2013
Thanks Spacebar :)
Thank you Spacebar. It worked for me when i integrated it in my code and after some tweaking as per my requirements. Smilie
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Web Development

CronJobs issues after SSL certificate

Hello! I had a cron job running on my website, activating a php script every friday. The Php script just activated another photo to add in the gallery. It worked fine until I got an SSL certificate for my website, then everything broke. This was the command before: lynx -source... (0 Replies)
Discussion started by: AGDesign
0 Replies

2. Cybersecurity

SSL Certificate Stores

Hey everyone, I'm trying to get a lay of the land for OS and Application Certificate Stores. Can someone confirm that I have this concept right? If the application you're using say Firefox has it's own trusted CA store, it uses that exclusively. So if you're running firefox in Windows, Firefox... (4 Replies)
Discussion started by: Lost in Cyberia
4 Replies

3. Programming

Perl to extract ssl certs from xml file

HI Guys, I'm a newbie in perl. (4 Replies)
Discussion started by: jhamaks
4 Replies

4. Red Hat

SSL Certificate Renewal on Tomcat

Hi, I want to renew the ssl certificate for one of my application on tomcat without down time. I want to know what would the possible impacts for the users who currently have sessions to the app. Regards, Arumon (1 Reply)
Discussion started by: arumon
1 Replies

5. Web Development

export SSL certificate

we are doing TCP for our systems. I have a working SSL certificate on prodction webserver. Im planning to export it to our DR server for TCP purposes. However when I export based on the procedure below, it doesn't work. When I restart the DR webserver, it still says the certifcate is expired.Any... (1 Reply)
Discussion started by: lhareigh890
1 Replies

6. Cybersecurity

SSL certificate

Hi guys. I have some questions about ssl certificates. I looked at SSL providers and saw that they are providing 2 types of certificates: per server or per domain. my server host name is: srv1.example.com I have a smtp, imap, web server on this box. but all services accessed by different... (1 Reply)
Discussion started by: majid.merkava
1 Replies

7. AIX

Installing SSL certificate on AIX

Hello, I am new in UNIX, and some one asks me to install SSL certificates to allow exchange with an external system. Can someone tell how to install certificate (ex : verisignxxx.cer) on a UNIX server? Many thanks. Tibo (4 Replies)
Discussion started by: tibo51
4 Replies

8. Web Development

SSL certificate

Dear All Anyone know how to issue two different certification on apache virtualhost fyi i have one virtualhost eg 69.192.1.25:443 already signed with verisign how can i configure another virtualhost 69.192.1.25:443 which signing with another certificate which self signing. i search net not... (1 Reply)
Discussion started by: netxus
1 Replies

9. Web Development

SSL Certificate Installation problem

Hello everybody Hope somebody can help me I'm trying to install SSL Certificate on Apache/mod_ssl on Linux with Zend for Oracle. I bought and downloaded certificate from certificate from Network Solutions. Than I followed the instructions to the dot. I created a directory for certificate... (2 Replies)
Discussion started by: Trusevich
2 Replies
Login or Register to Ask a Question