Last active
January 31, 2024 16:31
-
-
Save celesteking/4711f1bd8021dfb189bc7493c685825e to your computer and use it in GitHub Desktop.
vault list /pki/certs but with more info
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Enumerates vault /pki/certs outputting subject and SAN of certificates. | |
| # openssl must be of latest version | |
| vault list -format json /pki/certs | jq -r .[] | while read serial; do data=$(vault read -format=json pki/cert/$serial); (echo "$data" | jq -er '.data.revocation_time > 0 ' >/dev/null) && echo "******REVOKED*******" || echo "-------- OK --------"; echo $serial; echo "$data" | jq -r '.data.certificate' | openssl x509 -noout -nameopt RFC2253 -subject -enddate -ext subjectAltName 2>/dev/null; echo; done | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment