parent
1d1371943d
commit
c6b971e521
|
@ -58,23 +58,21 @@ for cert_file in ../certs/*; do
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Certificate public key (SPKI) fingerprint
|
# Certificate public key (SPKI) fingerprint
|
||||||
echo "$cert" \
|
fingerprint=$(echo "$cert" \
|
||||||
| openssl x509 -pubkey -noout \
|
| openssl x509 -pubkey -noout \
|
||||||
| openssl pkey -pubin -outform der \
|
| openssl pkey -pubin -outform der \
|
||||||
| openssl dgst -sha256 -binary \
|
| openssl dgst -sha256 -binary \
|
||||||
| openssl enc -base64 -A \
|
| openssl enc -base64 -A)
|
||||||
> "$pinning_file"
|
|
||||||
echo >> "$pinning_file" # newline
|
|
||||||
|
|
||||||
# Expiry date
|
# Expiry date
|
||||||
enddate=$(echo "$cert" | openssl x509 -enddate -noout | cut -d '=' -f 2)
|
enddate=$(echo "$cert" | openssl x509 -enddate -noout | cut -d '=' -f 2)
|
||||||
enddate=$(date -d "$enddate" +"%Y-%m-%dT%H:%M:%SZ" --utc)
|
enddate=$(date -d "$enddate" +"%Y-%m-%dT%H:%M:%SZ" --utc)
|
||||||
echo "$enddate" >> "$pinning_file"
|
|
||||||
|
|
||||||
# Start date
|
# Start date
|
||||||
startdate=$(echo "$cert" | openssl x509 -startdate -noout | cut -d '=' -f 2)
|
startdate=$(echo "$cert" | openssl x509 -startdate -noout | cut -d '=' -f 2)
|
||||||
startdate=$(date -d "$startdate" +"%Y-%m-%dT%H:%M:%SZ" --utc)
|
startdate=$(date -d "$startdate" +"%Y-%m-%dT%H:%M:%SZ" --utc)
|
||||||
echo "$startdate" >> "$pinning_file"
|
|
||||||
|
printf "%s\n%s\n%s\n" "$fingerprint" "$enddate" "$startdate" > "$pinning_file"
|
||||||
|
|
||||||
done
|
done
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue