Squoggle

Mac's tech blog

Monthly Archives: April 2020

Validate a Certificate’s Chain

Leave a comment Posted by on April 30, 2020

You can validate a Certificate’s chain by extracting the Authority Key Identifier from the cert like this:

$ openssl x509 -text -in [cert-name].crt | grep -A 1 "Authority Key Identifier"

You should get a result similar to this:

X509v3 Authority Key Identifier: keyid:FC:8A:50:BA:9E:B9:25:5A:7B:55:85:4F:95:00:63:8F:E9:58:6B:43

This is the Key Identifier from the Intermediate Cert. This should match up with the “Subject Key Identifier” of the Intermediate Cert.

Get the “Subject Key Identifier” of the Intermediate Cert:

$ openssl x509 -text -in [intermediate-cert-name].crt | grep -A 1 "Subject Key Identifier"

You should get a result similar to this:

X509v3 Subject Key Identifier: FC:8A:50:BA:9E:B9:25:5A:7B:55:85:4F:95:00:63:8F:E9:58:6B:43

If the two identifiers match then you have the correct Intermediate Cert for the Cert.

You can now repeat the process with the Intermediate Cert and the root Cert and validate that the root cert you have is the one for the Intermediate.

SSL/TLS/OpenSSL, Sys Admin , ,

The tr command

Leave a comment Posted by on April 1, 2020

The tr command:

It’s short for “translate” but might be easier to remember thinking of it as “truncate”. The man page has this to say about it:

DESCRIPTION
Translate, squeeze, and/or delete characters from standard input, writing to standard output.

There are probably books written on what tr can do. I’m just going to leave some notes here on how I typically use it.

The tr program reads from standard input and writes to standard output.

Convert multiple lines of text into a single line of text:

Consider a file named file containing the following data:

abcde
fghij
klmno
pqrst
uvwxy

You want to convert the multiple lines into a single line of text. You can do that using tr with something like this:

$ cat file | tr -d '\n'

The result of the command is written to standard output as:

abcdefghijklmnopqrstuvwxy

The -d option deletes. In this case we’re deleting the newline character.

Replace comma with newline:

Sometimes you need to convert a single delimited line to multiple lines. Consider the following file named file containing the following data:

abcde,fghij,klmno,pqrst,uvwxy

We can translate the comma in the file into a new line character with the following command:

$ cat file | tr ',' '\n'

The results look like this:

abcde
fghij
klmno
pqrst
uvwxy

 

 

Sys Admin , ,