]>
git.sthu.org Git - shutils.git/blob - dnssec/gentlsa
7 while getopts "hp:" opt
; do
10 echo "Usage: $0 [-p=ports] certificates..."
21 echo "Certificate ${crt}..."
22 digest
=$
(openssl x509
-in "$crt" -noout -pubkey | openssl rsa
-pubin -outform der
2>/dev
/null | sha256sum |
awk '{print $1}')
25 openssl x509
-noout -text < "$crt" |
awk '/X509v3 Subject Alternative Name/ {getline;gsub(/ /, "", $0); print}' |
tr ',' '\n' |
awk -F: '$1=="DNS" {print $2}';
26 openssl x509
-noout -subject < "$crt" |
sed -e 's/^subject.*CN=\([a-zA-Z0-9\.\-\*]*\).*$/\1/'
27 ) |
sort -u |
while read cn
; do
28 for port
in $ports; do
29 printf "_%d._tcp.%-40s IN TLSA 3 1 1 %s\n" "${port}" "${cn}." "${digest}"