melon/ssl-certs-checker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Support for non-443 port

Browse Source
This commit is contained in:
guessi 2020-03-15 22:07:50 +08:00
parent 94deb959c8
commit 781dffefe0
3 changed files with 54 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
README.md
View File

@ -6,7 +6,7 @@
go get -u github.com/guessi/ssl-certs-checker go get -u github.com/guessi/ssl-certs-checker
## Examples ## Examples
install binary to your ${GOPATH} install binary to your ${GOPATH}
go install github.com/ssl-certs-checker go install github.com/ssl-certs-checker
@ -15,39 +15,39 @@ check single target host certificates infomation
${GOPATH}/bin/ssl-certs-checker --hosts "www.google.com" ${GOPATH}/bin/ssl-certs-checker --hosts "www.google.com"
+----------------+----------------+----------------+-------------------------------+-------------------------------+------------+ +--------------------+----------------+----------------+-------------------------------+-------------------------------+------------+
| Host | Common Name | DNS Names | Not Before | Not After | Issuer | | Host | Common Name | DNS Names | Not Before | Not After | Issuer |
+----------------+----------------+----------------+-------------------------------+-------------------------------+------------+ +--------------------+----------------+----------------+-------------------------------+-------------------------------+------------+
| www.google.com | www.google.com | www.google.com | 2020-02-12 11:47:41 +0000 UTC | 2020-05-06 11:47:41 +0000 UTC | GTS CA 1O1 | | www.google.com:443 | www.google.com | www.google.com | 2020-02-12 11:47:41 +0000 UTC | 2020-05-06 11:47:41 +0000 UTC | GTS CA 1O1 |
+----------------+----------------+----------------+-------------------------------+-------------------------------+------------+ +--------------------+----------------+----------------+-------------------------------+-------------------------------+------------+
check multiple target hosts' certificates at once check multiple target hosts' certificates at once
${GOPATH}/bin/ssl-certs-checker --hosts "www.google.com,www.azure.com,www.amazon.com" ${GOPATH}/bin/ssl-certs-checker --hosts "www.google.com,www.azure.com,www.amazon.com"
+----------------+----------------+---------------------------------------+-------------------------------+-------------------------------+-----------------------+ +--------------------+----------------+---------------------------------------+-------------------------------+-------------------------------+-----------------------+
| Host | Common Name | DNS Names | Not Before | Not After | Issuer | | Host | Common Name | DNS Names | Not Before | Not After | Issuer |
+----------------+----------------+---------------------------------------+-------------------------------+-------------------------------+-----------------------+ +--------------------+----------------+---------------------------------------+-------------------------------+-------------------------------+-----------------------+
| www.google.com | www.google.com | www.google.com | 2020-02-12 11:47:41 +0000 UTC | 2020-05-06 11:47:41 +0000 UTC | GTS CA 1O1 | | www.google.com:443 | www.google.com | www.google.com | 2020-02-12 11:47:41 +0000 UTC | 2020-05-06 11:47:41 +0000 UTC | GTS CA 1O1 |
| www.azure.com | *.azure.com | *.azure.com | 2019-12-17 19:51:44 +0000 UTC | 2020-12-17 19:51:44 +0000 UTC | Microsoft IT TLS CA 4 | | www.azure.com:443 | *.azure.com | *.azure.com | 2019-12-17 19:51:44 +0000 UTC | 2020-12-17 19:51:44 +0000 UTC | Microsoft IT TLS CA 4 |
| www.amazon.com | www.amazon.com | amazon.com | 2019-09-18 00:00:00 +0000 UTC | 2020-08-23 12:00:00 +0000 UTC | DigiCert Global CA G2 | | www.amazon.com:443 | www.amazon.com | amazon.com | 2019-09-18 00:00:00 +0000 UTC | 2020-08-23 12:00:00 +0000 UTC | DigiCert Global CA G2 |
| | | amzn.com | | | | | | | amzn.com | | | |
| | | uedata.amazon.com | | | | | | | uedata.amazon.com | | | |
| | | us.amazon.com | | | | | | | us.amazon.com | | | |
| | | www.amazon.com | | | | | | | www.amazon.com | | | |
| | | www.amzn.com | | | | | | | www.amzn.com | | | |
| | | corporate.amazon.com | | | | | | | corporate.amazon.com | | | |
| | | buybox.amazon.com | | | | | | | buybox.amazon.com | | | |
| | | iphone.amazon.com | | | | | | | iphone.amazon.com | | | |
| | | yp.amazon.com | | | | | | | yp.amazon.com | | | |
| | | home.amazon.com | | | | | | | home.amazon.com | | | |
| | | origin-www.amazon.com | | | | | | | origin-www.amazon.com | | | |
| | | buckeye-retail-website.amazon.com | | | | | | | buckeye-retail-website.amazon.com | | | |
| | | huddles.amazon.com | | | | | | | huddles.amazon.com | | | |
| | | p-nt-www-amazon-com-kalias.amazon.com | | | | | | | p-nt-www-amazon-com-kalias.amazon.com | | | |
| | | p-yo-www-amazon-com-kalias.amazon.com | | | | | | | p-yo-www-amazon-com-kalias.amazon.com | | | |
| | | p-y3-www-amazon-com-kalias.amazon.com | | | | | | | p-y3-www-amazon-com-kalias.amazon.com | | | |
+----------------+----------------+---------------------------------------+-------------------------------+-------------------------------+-----------------------+ +--------------------+----------------+---------------------------------------+-------------------------------+-------------------------------+-----------------------+
run with docker run with docker

1
config.go
View File

@ -4,5 +4,6 @@ import "time"
const ( const (
dialerTimeout = 10 * time.Second dialerTimeout = 10 * time.Second
defaultPort = 443
protocol = "tcp" protocol = "tcp"
) )

30
utils.go
View File

@ -3,6 +3,7 @@ package main
import ( import (
"crypto/tls" "crypto/tls"
"crypto/x509" "crypto/x509"
"fmt"
"net" "net"
"os" "os"
"strconv" "strconv"
@ -33,9 +34,10 @@ func getPeerCertificates(h string, port int) ([]*x509.Certificate, error) {
return conn.ConnectionState().PeerCertificates, nil return conn.ConnectionState().PeerCertificates, nil
} }
func getCells(t table.Writer, h string) { func getCells(t table.Writer, host string, port int) {
certs, err := getPeerCertificates(h, 443) certs, err := getPeerCertificates(host, port)
if err != nil { if err != nil {
fmt.Printf("err: %s\n", err)
return // skip if target host invalid return // skip if target host invalid
} }
@ -43,9 +45,14 @@ func getCells(t table.Writer, h string) {
if c.IsCA { if c.IsCA {
continue continue
} }
t.AppendRows([]table.Row{ t.AppendRows([]table.Row{{
{h, (*c).Subject.CommonName, strings.Join((*c).DNSNames, "\n"), (*c).NotBefore, (*c).NotAfter, (*c).Issuer.CommonName}, host + ":" + strconv.Itoa(port),
}) (*c).Subject.CommonName,
strings.Join((*c).DNSNames, "\n"),
(*c).NotBefore,
(*c).NotAfter,
(*c).Issuer.CommonName,
}})
} }
} }
@ -64,7 +71,18 @@ func prettyPrintCertsInfo(h string) {
}) })
for _, target := range targets { for _, target := range targets {
getCells(t, target) p := defaultPort
ts := strings.Split(target, ":")
if len(ts) == 2 {
tp, err := strconv.Atoi(ts[1])
if err != nil {
fmt.Printf("err: invalid port [%s], assume target port is 443\n", target)
} else {
p = tp
}
}
getCells(t, ts[0], p)
} }
t.Style().Format.Header = text.FormatDefault t.Style().Format.Header = text.FormatDefault