Skip to content

Instantly share code, notes, and snippets.

@ThinGuy

ThinGuy/show-ssl-san-entries

Last active April 13, 2022 21:06
Show Gist options
  • Save ThinGuy/9441ef5a4b0b131fc004ae838f9ed1ae to your computer and use it in GitHub Desktop.
Save ThinGuy/9441ef5a4b0b131fc004ae838f9ed1ae to your computer and use it in GitHub Desktop.
Download ZIP
Print all Subject Alternate Name (SAN) entries in a X509 cert (both hostname and IP addresses)
Raw
show-ssl-san-entries
openssl x509 -in ${CERT} -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV
# Or as a function
show-cert-sans() {
[[ -z ${1} || ${1} =~ ^- ]] && { printf "Usage: ${FUNCNAME} </path/to/ssl/cert>\n";return 2; } || true
[[ -e ${1} ]] || { printf "Can't find SSL Certificate ${1}\n";return 1; }
openssl x509 -in ${1} -noout -text|grep -oP '(?<=DNS:|IP Address:)[^,]+'|sort -uV
}
@ThinGuy
Copy link
Author

ThinGuy commented Jan 20, 2020 

$ show-cert-sans $HOME/airstack.pem
127.0.0.1
127.0.1.1
canonical-archive.orangebox.me
cloud-archive.orangebox.me
cloud-images.orangebox.me
elastic-archive.orangebox.me
fce.orangebox.me
grafana-archive.orangebox.me
jaas.ai
juju-controller.orangebox.me
juju-images.orangebox.me
key-server.orangebox.me
localhost
maas.io
maas-images.orangebox.me
nvidia-archive.orangebox.me
orangebox20.orangebox.me
ppa-archive.orangebox.me
private-ppa.orangebox.me
rocks.canonical.com
security-archive.orangebox.me
snap-proxy.orangebox.me
streams-archive.orangebox.me
ubuntu-archive.orangebox.me
us.cloud-images.ubuntu.com
*.apps.ubuntu.com
*.archive.canonical.com
*.archive.ubuntu.com
*.canonical.com
*.corp
*.developer.ubuntu.com
*.download.nvidia.com
*.elastic.co
*.github.com
*.grafana.com
*.home
*.images.linuxcontainers.org
*.internal
*.intranet
*.jaas.ai
*.jujucharms.com
*.lan
*.launchpad.net
*.linuxcontainers.org
*.maas
*.maas.io
*.orangebox.me
*.private
*.test
*.ubuntu.com
*.cloud-images.ubuntu.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment