Created
February 4, 2025 22:31
-
-
Save JohnLBevan/f240ba2cb7e0465b7e76f529191fe915 to your computer and use it in GitHub Desktop.
Get Site's Certificates
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Given a URI fetches the certificates hosted on that site, then parses the PEM to extract user friendly info (currently just as strings; I've not added logic to convert the output to PSCustomObjects, though may add that soon if I find the need). | |
| $uri = 'example.org' | |
| $output = (echo "" | openssl s_client -connect "$($uri):443" -servername $uri -showcerts 2>$null) -join "`n" | |
| $output | select-string '(?smi)-----BEGIN CERTIFICATE-----(.*?)-----END CERTIFICATE-----' -AllMatches | %{$_.Matches} | %{$_.Value | openssl x509 -issuer -fingerprint -sha256 -enddate -subject -noout;'---'} | |
| <# # Example Output # | |
| issuer=C = US, O = DigiCert Inc, CN = DigiCert Global G3 TLS ECC SHA384 2020 CA1 | |
| SHA256 Fingerprint=85:A1:DF:2F:31:49:6B:1F:D7:04:A8:43:6D:30:9C:DC:5C:1B:4B:B3:95:6F:B3:1A:73:2A:C1:82:4D:AF:CA:C2 | |
| notAfter=Jan 15 23:59:59 2026 GMT | |
| subject=C = US, ST = California, L = Los Angeles, O = Internet Corporation for Assigned Names and Numbers, CN = *.example.org | |
| --- | |
| issuer=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root G3 | |
| SHA256 Fingerprint=05:87:D6:BD:28:19:58:7A:B9:0F:B5:96:48:0A:57:93:BD:9F:75:06:A3:EA:CE:73:F5:EA:B3:66:01:7F:E2:59 | |
| notAfter=Apr 13 23:59:59 2031 GMT | |
| subject=C = US, O = DigiCert Inc, CN = DigiCert Global G3 TLS ECC SHA384 2020 CA1 | |
| --- | |
| #> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment