ETOOBUSY 🚀 minimal blogging for the impatient

Easy dumping of OpenSSL "stuff"

· #openssl #shell

TL;DR

I was tired of always typing the same stuff with openssl ... and here’s a small simplification.

When working with certificates in OpenSSL, I keep writing this over and over:

openssl x509 -text -noout -in whatevah.crt

Sometimes it’s a certificate request instead, which takes pretty much the same parameters but has a different subcommand:

openssl req -text -noout -in whatevah.csr

So why don’t make the shell do what it does best?

ssldump 605 B
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 
#!/bin/sh

__ssldump() {
   openssl "$1" -noout -text -in "$2"
}

_ssldump() {
   local input="$1"
   local type="$(sed -n '/^-*BEGIN/{s/-*BEGIN *//;s/--*//;p;q}' "$input")"
   case "$type" in
      (CERTIFICATE)
         __ssldump x509 "$input"
         ;;
      (CERTIFICATE\ REQUEST)
         __ssldump req "$input"
         ;;
      (PRIVATE\ KEY)
         __ssldump rsa "$input"
         ;;
      (*)
         printf >&2 '%s\n' "unhandled type '$type'"
         return 1
         ;;
   esac
   return 0
}

main() {
   local input
   for input in "$@"; do
      _ssldump "$input"
   done
}

main "$@"

Local version here

Comments? Octodon, , GitHub, Reddit, or drop me a line!

ETOOBUSY © 2025 by polettix ― Powered by Jekyll and the TextLog theme