letsencrypt-tools/bin/letsencrypt-get.sh

#!/bin/bash
#
# letsencrypt-tools
# https://git.stack-source.com/msb/letsencrypt-tools
# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
#
# must be root
if [ "$USER" != "root" ]; then
  exec sudo -u root $0 $@
fi

help()
{
  thisfilename=$(basename -- "$0")
  echo "$thisfilename"
  echo "Get Let's Encrypt certificate info."
  echo ""
  echo "Usage: $thisfilename [-d <domain>] [-c] [-h]"
  echo ""
  echo "  -h          Print this help."
  echo "  -d <domain> Domain (hostname) to get certificate info for."
  echo "  -c          CVS - Output in cvs format, instead of tabbed table."
  exit
}

# set options
while getopts "hd:c" opt; do
  case "${opt}" in
    h )
      help
      exit;;
    d ) # domain name (hostname) to get cert for
      domain=${OPTARG,,}
      ;;
    c ) # cvs - output in cvs format
      cvs=true
      ;;
    \? )
      echo "Invalid option: $OPTARG" 1>&2
      exit;;
    : )
      echo "Invalid option: $OPTARG requires an argument" 1>&2
      exit;;
  esac
done

# create newline var
NL=$'\n'

if [[ -n $domain ]]; then
  if [[ -f /etc/ssl/letsencrypt/$domain.pem ]]; then
    certificateArray=($domain.pem)
  else
    echo "ERROR: Certificate for $domain not found"
    exit 1
  fi
else
  if [[ -d /etc/ssl/letsencrypt/ ]]; then
    certificateArray=(`ls -1 /etc/ssl/letsencrypt/`)
  else
    echo "ERROR: Certificate directory /etc/ssl/letsencrypt/ does not exist"
    exit 1
  fi
fi

# certificate common start end alternative
output="certificate,common,start,end,alternative"

for certificate in "${certificateArray[@]}"
do
  common=$(openssl x509 -noout -text -in /etc/ssl/letsencrypt/$certificate |grep "Subject: CN ="|cut -d = -f 2|xargs)
  start=$(openssl x509 -noout -text -in /etc/ssl/letsencrypt/$certificate |grep "Not Before:"|cut -d : -f 2-|xargs)
  end=$(openssl x509 -noout -text -in /etc/ssl/letsencrypt/$certificate |grep "Not After"|cut -d : -f 2-|xargs)
  alternative=$(openssl x509 -noout -text -in /etc/ssl/letsencrypt/$certificate |grep "DNS:"|sed 's|DNS:||g'|sed 's|,||g'|xargs)
  output="$output${NL}$certificate,$common,$start,$end,$alternative"
done
if [[ $output != "certificate,common,start,end,alternative" ]]; then
  if [[ $cvs ]]; then
    echo "$output"
  else
    echo "$output" | column -t -s ,
  fi
fi
new script 2023-05-14 14:00:43 -07:00			`#!/bin/bash`
			`#`
			`# letsencrypt-tools`
			`# https://git.stack-source.com/msb/letsencrypt-tools`
			`# Copyright (c) 2022 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>`
			`# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)`
			`#`
			`# must be root`
			`if [ "$USER" != "root" ]; then`
			`exec sudo -u root $0 $@`
			`fi`

			`help()`
			`{`
			`thisfilename=$(basename -- "$0")`
			`echo "$thisfilename"`
			`echo "Get Let's Encrypt certificate info."`
			`echo ""`
			`echo "Usage: $thisfilename [-d <domain>] [-c] [-h]"`
			`echo ""`
			`echo " -h Print this help."`
			`echo " -d <domain> Domain (hostname) to get certificate info for."`
			`echo " -c CVS - Output in cvs format, instead of tabbed table."`
			`exit`
			`}`

			`# set options`
			`while getopts "hd:c" opt; do`
			`case "${opt}" in`
			`h )`
			`help`
			`exit;;`
			`d ) # domain name (hostname) to get cert for`
			`domain=${OPTARG,,}`
			`;;`
			`c ) # cvs - output in cvs format`
			`cvs=true`
			`;;`
			`\? )`
			`echo "Invalid option: $OPTARG" 1>&2`
			`exit;;`
			`: )`
			`echo "Invalid option: $OPTARG requires an argument" 1>&2`
			`exit;;`
			`esac`
			`done`

			`# create newline var`
			`NL=$'\n'`

			`if [[ -n $domain ]]; then`
			`if [[ -f /etc/ssl/letsencrypt/$domain.pem ]]; then`
			`certificateArray=($domain.pem)`
			`else`
			`echo "ERROR: Certificate for $domain not found"`
			`exit 1`
			`fi`
			`else`
			`if [[ -d /etc/ssl/letsencrypt/ ]]; then`
			certificateArray=(`ls -1 /etc/ssl/letsencrypt/`)
			`else`
			`echo "ERROR: Certificate directory /etc/ssl/letsencrypt/ does not exist"`
			`exit 1`
			`fi`
			`fi`

			`# certificate common start end alternative`
			`output="certificate,common,start,end,alternative"`

			`for certificate in "${certificateArray[@]}"`
			`do`
			`common=$(openssl x509 -noout -text -in /etc/ssl/letsencrypt/$certificate \|grep "Subject: CN ="\|cut -d = -f 2\|xargs)`
			`start=$(openssl x509 -noout -text -in /etc/ssl/letsencrypt/$certificate \|grep "Not Before:"\|cut -d : -f 2-\|xargs)`
			`end=$(openssl x509 -noout -text -in /etc/ssl/letsencrypt/$certificate \|grep "Not After"\|cut -d : -f 2-\|xargs)`
			`alternative=$(openssl x509 -noout -text -in /etc/ssl/letsencrypt/$certificate \|grep "DNS:"\|sed 's\|DNS:\|\|g'\|sed 's\|,\|\|g'\|xargs)`
			`output="$output${NL}$certificate,$common,$start,$end,$alternative"`
			`done`
			`if [[ $output != "certificate,common,start,end,alternative" ]]; then`
			`if [[ $cvs ]]; then`
			`echo "$output"`
			`else`
			`echo "$output" \| column -t -s ,`
			`fi`
			`fi`