How to extract certs from apache ca-bundle.crt file?
Apache web server reads Certificate Authority(CA) certs from ../cert/ca-bundle.crt file for SSL authentication. It has all certs in PEM format and no way to know exactly what they are. I want to get each cert seperated by boundary strings into a file and feed it to "keytool" command to see what each cert is.
I have around 60 of those blocks with different number of lines between each boundary. I want to read each cert block and pass it to keytool command then print it to a diffrent file to know what they are.
can someone help with awk/nawk logic? I am using solaris8 kshell 88i version.
or some other simple split/looping to get each block so that I can feed it to keytool?
Last edited by kchinnam; 01-16-2014 at 05:35 PM..
Reason: version info
Yoda, are you sure that code will work I thought the -file option of keytool required a filesystem file, and I believe ca-bundle.crt will contain encoded keyblocks eg:
This User Gave Thanks to Chubler_XL For This Post:
with awk I am getting syntax error @line#2. So I tried it with "/usr/xpg4/bin/awk", that is creating tmp.crt with only
Then I tried it with nawk, it worked like a charm.
Since there are some certs in a commented state I have added additional condition to filter all commented lines.
If I remove v at the start of second line output shows commented certs, with v at the start of second line output does not show commented lines.
What is that first "v" doing at the second line?
I can pre-filter comments from ca-bundle.crt, but I am curious to know the reason behind behaviour I am noticing with nawk.
Last edited by kchinnam; 01-18-2014 at 12:19 AM..
Reason: updated current status
The line v{v=v"\n"$0} translates to: if v has a value assigned then append current line to v
This causes the script to ignore all lines until a "-----BEGIN" line is seen, at which point v is set to "------BEGIBN CERTIFICATE-------" and will be appended with each line from the input until "------END" is seen.
This User Gave Thanks to Chubler_XL For This Post:
Can someone help in writing some script through which I can transfer file (scp) from root user in abc server to crt user in hfg server and can give the crt user password in script itself so that it doesn't prompt me every time for password (4 Replies)
Hi,
I have an issue with openssl. Basically I have a ca certificate which has expired and I have regenerated a new ca.cert from the ca.key file and I have concatenated the output of the new ca.crt file and ca-bundle.crt to a new ca-bundle.crt.
Have restarted apache, however I still get the... (1 Reply)
First, let me openly admit that I am a dummy when it comes to openssl. I've never used it before.
I am running SunOS 5.10. I am trying to install the certs for openssl but have no idea how to do that.
What I have done so far:
1. Created a CSR using the following command:
openssl req... (2 Replies)
Hello
I'm new in sun and i have a liitle problem.
I buy sun enterprise 420r and connect keyboard and monitor crt (non Sun).
But when i start server i have blank screen on crt. I'm new in sun servers and i dont know why its doin this. (11 Replies)
i want to be cne certified. how good are certmagic preps for novell exams ?.
i have heared they r very close to real exams .
any comments ? (0 Replies)
Hello
a few Q's that if anyone knows the answer to i would be grateful:
:confused: when exiting a terminal session run through a windows environment i can either type exit or use ctrl +D. I was wondering if one way was a 'cleaner' method to exit then the other or whether it is executed the... (2 Replies)
Hi,
when I make a mistake and then try to backspace I am unable to do so . Can someone please suggest How I can correct this on my session
For Eg:
pwd^H^H^H
Thanks
rooh (2 Replies)
Hi all
can anyone tell me how i can discover the strength of encryption in an ssl cert. I have used various methods ie apps and verisign web page but they just give me general info. I need to know the encryption level. The cert in question is used in Weblogic application for Solaris 8
any... (1 Reply)
Hello
I want change my CRT resolution from 1152x900x** to 1280x1024x75 on a Solaris platform but I try "/usr/sbin/m64config" and "/usr/sbin/ffbconfig" command, the both commands failed :-(
In the /dev/fbs/ directory there is juste one file : cgsix0
have you got a solution to my customer... (1 Reply)