3

I am writing a script that calls the command.

openssl s_client -showcerts -connect server:9999 > out.pem -key key.pem -cert cert.pem -pass pass:password

But it displays an output, I tried adding -quiet but with no luck. Is there a way I can get it so that it won't report to the console. If I run the command in terminal I have to type exit to get out of the connection.

I want this to exit automatically within my script. Is there a way to do that?

Chenmunka
  • 685
  • 4
  • 21
  • 25
Matt
  • 2,803
  • 9
  • 33
  • 57
  • 1
    Is the problem that there is output to the console, or that the call doesn't exit automatically? – Jumbogram Mar 02 '11 at 01:21
  • It doesn't call exit automatically, is there a way to make it too that? – Matt Mar 02 '11 at 13:48
  • I am guessing that `openssl s_client` is executing its dashed commands in order (in this case `-showcerts` first, then `-connect X`). I looked for a `-quit` to add to the end, but cannot find one in the help. – halfer Feb 22 '18 at 19:17

2 Answers2

8

For the automatically exit part, you could do this:

echo | openssl s_client -connect www.google.com:443
Peter Ha
  • 321
  • 2
  • 6
  • This seems to work very well. Anyone know why it works? What shell trick does it employ? – halfer Feb 22 '18 at 19:24
  • It's not a shell trick. `openssl s_client` is waiting for user input. It waits for a CR/LF (Enter key). The "echo" piped into `openssl` simulates that. After receiving that, `openssl` exits. – Cheeso Jun 18 '18 at 21:25
  • You can also `openssl s_client -connect www.google.com:443 – Seki Jan 16 '19 at 14:28
1

The output is possibly being sent to stderr (rather than stdout). It should work if you use >& for the redirection.

Mark Wilkins
  • 40,729
  • 5
  • 57
  • 110
  • OK that stopped the output, but is there a way to make it automatically exit as well? – Matt Mar 02 '11 at 13:49
  • @Matt: I am not sure about that and currently don't have the necessary certificates in place to test it. But maybe you can change the command to redirect input from a file with the appropriate command: `< inputresponse.txt` – Mark Wilkins Mar 02 '11 at 16:18
  • This could work what is that command called? Could i use a sting instead of a file? – Matt Mar 02 '11 at 16:33
  • 1
    @Matt: It may may simply work if the input file is empty. Or if [a line begins with a Q apparently](http://www.openssl.org/docs/apps/s_client.html). – Mark Wilkins Mar 02 '11 at 16:58