1

I'm trying to write a simple bash script which would check and compare SSL certificate serials (using openssl s_client) from certain sites which are listed in a file called SANS.txt. It's simple file with some addresses listed in similar way as this example:

example.com
stackoverflow.com

The compared serial is static and set as a variable inside the script.

But the script always stops after reading/comparing the first line of SANS.txt. I've been trying to crawl for hours through various posts and examples here and other forums but not been able to fix my script. I suspect that my problem has something to do with pipeing inside a while loop and pipe starts a subshell...

Here's my short script:

#!/bin/bash

while read -r SAN
do

 COMPARED_SERIAL="serial=0E64C5FBC236ADE14B172AEB41C78CB0"
 printf "\\n"
 echo $COMPARED_SERIAL

 ONLINE_SERIAL=`openssl s_client -servername $SAN -connect $SAN:443 2>/dev/null | openssl x509 -noout -serial`

  if [[ "$ONLINE_SERIAL" == "$COMPARED_SERIAL" ]]
    then echo $SAN $COMPARED_SERIAL "matches with" $ONLINE_SERIAL
    else echo $SAN $COMPARED_SERIAL "does NOT match with" $ONLINE_SERIAL
   fi

done < SANS.txt

I'm running bash, version 4.3.48.

Xavier Guihot
  • 54,987
  • 21
  • 291
  • 190
Tuuska
  • 21
  • 1

1 Answers1

1

seems that final \n is missing at the end of file, to workaround instead of checking read exit status, you can check also that san variable is not empty.

while read -r san || [[ $san ]]; do

changed variable name to lowercase, because of convention.

Nahuel Fouilleul
  • 18,726
  • 2
  • 31
  • 36