从“openssl s_client”命令的输出中提取证书

可以使用awk来完成这个任务。我将逐步呈现我的解决方案。

步骤1：提取"BEGAIN CERTIFICATE"和"END CERTIFICATE"之间的所有内容

只将"BEGAIN CERTIFICATE"和"END CERTIFICATE"之间的行写入输出：

awk '
/BEGIN CERTIFICATE/,/END CERTIFICATE/ {
print $0
}
' out.txt

步骤二：提取包含CN的行

选择包含CN的行（例如 0 s:CN = www.openssl.org）

awk '
/^ [0-9]+ s:.*CN = / {
print $0
}
' out.txt

 0 s:CN = www.openssl.org
 1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3

步骤三：提取CN字段的内容

awk '
BEGIN {
# change field separator, so that $2 returns everything after "CN = "
FS="CN = "
}
# selects line which contains CN (e.g.  0 s:CN = www.openssl.org)
/^ [0-9]+ s:.*CN = / {
# use CN (e.g. www.openssl.org) as filename
print $2
}
' out.txt

www.openssl.org
Let's Encrypt Authority X3

步骤四：完整解决方案

这将创建文件Let's Encrypt Authority X3.cer和www.openssl.org.cer：

awk '
BEGIN {
# change field separator, so that $2 returns everything after "CN = "
FS="CN = "
}
# selects line which contains CN (e.g.  0 s:CN = www.openssl.org)
/^ [0-9]+ s:.*CN = / {
# use CN (e.g. www.openssl.org) as filename
filename=$2".cer"
}
# write all lines between "BEGIN CERTIFICATE" and "END CERTIFICATE" to filename
/BEGIN CERTIFICATE/,/END CERTIFICATE/ {
print $0 > filename
}
' out.txt

AWK 文档： https://www.gnu.org/software/gawk/manual/html_node/index.html