Is it possible to set a timeout on openssl's s_client command?

Question

I've got a script which uses openssl's s_client command to pull certificates for a big set of hosts. Some of these hosts will inevitably be unreachable because of a firewall. Is it possible to set the s_client timeout to something much shorter than the default? I don't see one in the man page/help file.

That or some sort of wrapper command that will auto-kill the openssl -s_client after X number of seconds.

I'd prefer not to pre-test a host/port for usability if possible.

score 32 · Accepted Answer · edited Jan 18 '16 at 07:41

32

Use timeout command from GNU coreutils package.

timeout <time> <command>

Alternatively look at the first response to this archived blog post for a bash-only answer.

edited Jan 18 '16 at 07:41

Josh Enders

103
2

answered Feb 18 '12 at 14:10

kupson

3,578
20
19

score 2 · Answer 2 · answered Feb 08 '18 at 13:04

2

for the first loop: while read servername;do

timeout 2 bash -c "/dev/tcp/$servername/$Port" && echo Port open. || echo Port closed.

done

But the open ports is more dificult: timeout 1 openssl s_client -showcerts -connect $servername:$Port

answered Feb 08 '18 at 13:04

erik

21
1

Is it possible to set a timeout on openssl's s_client command?

2 Answers2