2

I want a script checking my server's certificate. There are very good answers around here how to get this with openssl s_client or gnutls-cli, which works fine.... but NOT if you are behind a proxy! Doh!

I did not found a possibility to tell these tools to use a proxy. Openssl seems to have added the -proxy option some weeks ago (after 15 years!) but I cannot use this release because it's not yet available in my environment.

I also cannot install some fancy non standard tunneling software like proxytunnel (which I would really like to).

So is there ANY way to download a remote certificate from a web server with any standard tool like curl, wget, openssl or such?

avh
  • 41
  • 1
  • 3
  • If you want "standard" and cannot install stuff then how about telling your OS/version, huh? – kubanczyk Apr 24 '17 at 21:21
  • It's a Debian. I don't know exactly which one because I have no direct access to the system. – avh Apr 25 '17 at 07:21

1 Answers1

1

There are various tools that can be used to make a connection to a remote system through a CONNECT proxy. I am not sure about the best one, but here are a couple examples connect-proxy corkscrew, proxychains, proxytunnel.

connect-proxy looks promising though. Apparently it offers you the option redirect to a local port instead of STDIN/STDOUT like most.

Here are some untested examples based on my reading of the connect-proxy man pages.

# example
connect -H proxyserver:port remoteserver:port -p localport
# so to open a local port 4430 to Google via a squid proxy at 10.1.1.1
connect -H 10.1.1.1:3128 www.google.com:443 -p 4430
Zoredache
  • 130,897
  • 41
  • 276
  • 420