-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfind_ssl_certs.sh
More file actions
220 lines (185 loc) · 8.87 KB
/
Copy pathfind_ssl_certs.sh
File metadata and controls
220 lines (185 loc) · 8.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
#!/usr/bin/env bash
#################################################################
# Date: 4/3/2025 #
# Author: E. Gomez #
# Description: This script will search and find SSL certs #
#################################################################
# variables for httpd
ssl_cert="";
expiration_date="";
# logic to find cert path for https server
if [[ "$(yum list installed | grep -i 'httpd')" || "$(ps -ef | grep -i 'httpd')" ]]
then
# search for ssl.conf file
for file in "$(find / -xdev -type f \( -name "ssl.conf" -o -name "*ssl.conf" -o -name "*ssl*.conf"\))"
do
# TEST #
# grep each finding
#grep 'SSLCertificateFile' "${file}";
# End TEST #
# check if grep isn't empty
if [[ -n $(grep -i 'SSLCertificateFile' "${file}") ]]
then
# set ssl_cert variable
ssl_cert="$(grep -i 'SSLCertificateFile' "${file}" | grep -v '^\s*#' | xargs | tr -d '\r\n')"; # xargs removes beginning whitespace, '^\s*#' removes comments and optional whitespace
# sanitize ssl_cert variable #
# check for equal sign
if [[ "${ssl_cert}" =~ = ]]
then
# remove equal sign
ssl_cert="$(echo $ssl_cert | cut -d '=' -f 2)";
fi
# check for double quotes
if [[ "${ssl_cert}" =~ \" ]]
then
# remove double quotes
ssl_cert="$(echo $ssl_cert | cut -d '"' -f 2)";
fi
# check for single quotes
if [[ "${ssl_cert}" =~ \' ]]
then
# remove single quotes
ssl_cert="$(echo $ssl_cert | cut -d "'" -f 2)";
fi
# TEST #
#echo -e "\n$ssl_cert\n";
# cert info variables
ca="$(openssl x509 -in "$ssl_cert" -noout -issuer | grep -oP 'CN\K.*' | cut -d '=' -f 2 | xargs)"; # grabs CA info from certs
issuing_date="$(openssl x509 -in "$ssl_cert" -noout -startdate)";
expiration_date="$(openssl x509 -in "$ssl_cert" -noout -enddate)";
# display message
echo -e "\nSearching within \e[35m${file}\e[0m ... Will now extract certificate info.";
echo -e "Certificate file: \e[33m${ssl_cert}\e[0m";
echo -e "Issuing CA: \e[36m${ca}\e[0m";
echo -e "Certificate start date: \e[31m${issuing_date}\e[0m";
echo -e "Certificate expiration date: \e[31m${expiration_date}\e[0m\n";
# clean up variables
unset "$ssl_cert";
unset "$issuing_date";
unset "$expiration_date";
fi
done
fi
# variables for Tomcat Apache
tomcat_ssl_cert="";
tomcat_expiration_date="";
keystore_pass="";
keystore_type="";
# Logic to find the cert path for Apache Tomcat
if [[ "$(yum list installed | grep -i 'tomcat')" || "$(ps -ef | grep -i 'tomcat')" ]]
then
# search for server.xml file
for file in $(find / -xdev -type f \( -name 'server.xml' \))
do
# set variable values
tomcat_ssl_cert="$(grep -i 'certificateKeystoreFile' $file)";
keystore_type="$(grep -i 'certificateKeystoreType' $file)";
keystore_pass="$(grep -i 'certificateKeystorePass' $file)";
# sanitize variables #
# check if variable is not empty
if [[ -n "${tomcat_ssl_cert}" ]]
then
# check for spaces
if [[ "${tomcat_ssl_cert}" =~ ^[[:space:]].* ]]
then
# remove spaces
tomcat_ssl_cert="$(echo $tomcat_ssl_cert | xargs)";
fi
# check for equal sign
if [[ "${tomcat_ssl_cert}" =~ = ]]
then
# remove equal sign
tomcat_ssl_cert="$(echo $tomcat_ssl_cert | cut -d '=' -f 2)";
fi
# check for double quotes
if [[ "${tomcat_ssl_cert}" =~ \" ]]
then
# remove double quotes
tomcat_ssl_cert="$(echo $tomcat_ssl_cert | cut -d '"' -f 2)";
fi
# check for single quotes
if [[ "${tomcat_ssl_cert}" =~ \' ]]
then
# remove single quote
tomcat_ssl_cert="$(echo $tomcat_ssl_cert | cut -d "'" -f 2)";
fi
fi
# check if variable is not empty
if [[ -n "${keystore_pass}" ]]
then
# check for spaces
if [[ "${keystore_pass}" =~ ^[[:space:]].* ]]
then
# remove spaces
keystore_pass="$(echo $keystore_pass | xargs)";
fi
# check for equal sign
if [[ "${keystore_pass}" =~ = ]]
then
# remove equal sign
keystore_pass="$(echo $keystore_pass | cut -d '=' -f 2)";
fi
# check for double quotes
if [[ "${keystore_pass}" =~ \" ]]
then
# remove double quotes
keystore_pass="$(echo $keystore_pass | cut -d '"' -f 2)";
fi
# check for single quotes
if [[ "${keystore_pass}" =~ \' ]]
then
# remove single quote
keystore_pass="$(echo $keystore_pass | cut -d "'" -f 2)";
fi
fi
# check if variable is not empty
if [[ -n "${keystore_type}" ]]
then
# check for spaces
if [[ "${keystore_store}" =~ ^[[:space:]].* ]]
then
# remove spaces
keystore_type="$(echo $keystore_type | xargs)";
fi
# check for equal sign
if [[ "${keystore_type}" =~ = ]]
then
# remove equal sign
keystore_type="$(echo $keystore_type | cut -d '=' -f 2)";
fi
# check for double quotes
if [[ "${keystore_type}" =~ \" ]]
then
# remove double quotes
keystore_type="$(echo $keystore_type | cut -d '"' -f 2)";
fi
# check for single quotes
if [[ "${keystore_type}" =~ \' ]]
then
# remove single quote
keystore_type="$(echo $keystore_type | cut -d "'" -f 2)";
fi
fi
# TEST #
#echo $tomcat_ssl_cert;
#echo $keystore_type;
#echo $keystore_pass;
# cert info variables
ca="$(openssl "${keystore_type,,}" -in "${tomcat_ssl_cert}" -nokeys -clcerts -passin pass:"${keystore_pass}" | openssl x509 -noout -issuer | grep -oP 'CN\K.*' | cut -d '=' -f 2 | xargs)";
tomcat_issuing_date="$(openssl "${keystore_type,,}" -in "${tomcat_ssl_cert}" -nokeys -clcerts -passin pass:"${keystore_pass}" | openssl x509 -noout -startdate)";
tomcat_expiration_date="$(openssl "${keystore_type,,}" -in "${tomcat_ssl_cert}" -nokeys -clcerts -passin pass:"${keystore_pass}" | openssl x509 -noout -enddate)";
# display messages
echo -e "Searching within \e[35m${file}\e[0m ... will now extract certificate info";
echo -e "Certificate file: \e[33m${tomcat_ssl_cert}\e[0m";
echo -e "Issuing CA: \e[36m${ca}\e[0m";
echo -e "Certificate start date: \e[32m${tomcat_issuing_date}\e[0m";
echo -e "Certificate expiration date: \e[31m${tomcat_expiration_date}\e[0m\n";
# unset variables
unset tomcat_ssl_cert;
unset keystore_pass;
unset keystore_type;
unset ca;
unset tomcat_issuing_date;
unset tomcat_expiration_date;
done
fi