Ssl connect

ssl_connect

Open an interactive TLS connection to a remote host, displaying OCSP status.

Arguments

  • $1 (string): Remote hostname or IP
  • $2 (int): Port (default: 443)

Exit codes

  • 0: Connection established (interactive)
  • 1: No host provided

ssl_connect_sni

Connect to a TLS host with an explicit SNI name. Useful for virtual-hosted TLS where the SNI name differs from the connect address.

Example

ssl_connect_sni 192.168.1.10 443 example.com

Arguments

  • $1 (string): Remote host
  • $2 (int): Port (default: 443)
  • $3 (string): SNI hostname (default: same as host)

Exit codes

  • 0: Connection established (interactive)

ssl_connect_starttls

Connect to a STARTTLS service for certificate inspection. Protocol determines the default port; port may be overridden as third argument.

Example

ssl_connect_starttls mail.example.com smtp
ssl_connect_starttls mail.example.com imap 993

Arguments

  • $1 (string): Remote host
  • $2 (string): Protocol: smtp (587), imap (143), pop3 (110), ftp (21), xmpp (5222) (default: smtp)
  • $3 (int): Port override (optional)

Exit codes

  • 0: Connection established (interactive)

ssl_fetch_cert

Retrieve the TLS certificate from a remote host and print it as PEM. Non-interactive: reads from /dev/null so openssl does not wait for input. If an output file is given, writes PEM there instead of stdout.

Example

ssl_fetch_cert example.com > example.pem
ssl_fetch_cert example.com 443 example.pem

Arguments

  • $1 (string): Remote host
  • $2 (int): Port (default: 443)
  • $3 (string): Output file path (optional; default: stdout)

Exit codes

  • 0: Success
  • 1: Connection or parse error

Output on stdout

  • PEM certificate (if no output file given)