diff --git a/README.md b/README.md
index 9fe8b68802b259dbec11b7aaec620b6087998132..24dbdbf80c642b1799e63963b035364f50de9bbe 100644
--- a/README.md
+++ b/README.md
@@ -25,11 +25,11 @@ The three certificates can take the form:
cert_base_name.key.pem
cert_base_name.chain.pem
-or
+or one of theses...
- cert_base_name.crt
- cert_base_name.key
- cert_base_name.bundle
+ cert_base_name.crt cert_base_name.cer
+ cert_base_name.key cert_base_name.keystore
+ cert_base_name.bundle cert_base_name.ca-bundle
With the text subcommand, `certcheck` returns the main values
(lifetime, DNS name...) of the public key.
diff --git a/certcheck b/certcheck
index 5c9aebf1422b0106badf08c6ea22dcbc0aed04b5..b80043571c779b17cda18792d16c395c9773f1fa 100755
--- a/certcheck
+++ b/certcheck
@@ -5,14 +5,14 @@
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin
export LANG=C
-export VERSION=0.3.1
+export VERSION=0.3.2
function usage() {
cat <<END_USAGE
certcheck - check certificate chain
- certcheck text cert_base_name.pub.pem
certcheck check cert_base_name
+ certcheck text cert_base_name.pub.pem
certcheck version
certcheck help
END_USAGE
@@ -56,18 +56,18 @@ function call_check() {
function call_cfiles() {
[ -s "${CRT}" ] || CRT="${ARG}"
[ -s "${CRT}" ] || CRT="${ARG}.cer"
- [ -s "${CRT}" ] || CRT="${ARG}.crt"
+ [ -s "${CRT}" ] || CRT="${ARG}.pub.pem"
[ -s "${KEY}" ] || KEY="${ARG}.keystore"
- [ -s "${KEY}" ] || KEY="${ARG}.key"
+ [ -s "${KEY}" ] || KEY="${ARG}.key.pem"
[ -s "${BND}" ] || BND="${ARG}.ca-bundle"
- [ -s "${BND}" ] || BND="${ARG}.bundle"
+ [ -s "${BND}" ] || BND="${ARG}.chain.pem"
}
action=$1; shift
ARG="${1%.}"
-CRT="${ARG}.pub.pem"
-KEY="${ARG}.key.pem"
-BND="${ARG}.chain.pem"
+CRT="${ARG}.crt"
+KEY="${ARG}.key"
+BND="${ARG}.bundle"
call_cfiles
case "${action}" in
@@ -101,7 +101,7 @@ case "${action}" in
exit $ret
;;
- text)
+ text|txt)
[ -s "${CRT}" ] || say_oops "missing ${CRT}"
openssl x509 -noout -text -in "${CRT}" \
| egrep '(Subject|Not Before|Not After[[:space:]]|DNS|Issuer):' \
@@ -133,16 +133,21 @@ certcheck - check certificate chain
=head1 SYNOPSIS
- certcheck text cert_base_name.pub.pem
certcheck check cert_base_name
+ certcheck text cert_base_name.pub.pem
certcheck version
certcheck help
=head1 DESCRIPTION
-The command C<certcheck> checks the certificate chain
+The command C<certcheck> checks a certificate (public, private and
+chain parts).
+
+=head2 <check>
+
+The subcommand C<check> verify the certificate chain
and takes the certificate name base as input.
-The three certificates can take the form:
+The three certificates (public, private and chain parts) can take the form:
cert_base_name.pub.pem
cert_base_name.key.pem
@@ -153,10 +158,21 @@ or one of theses...
cert_base_name.crt cert_base_name.cer
cert_base_name.key cert_base_name.keystore
cert_base_name.bundle cert_base_name.ca-bundle
-
-With the text subcommand, C<certcheck> returns the main values
+
+Example:
+
+ certcheck check cert_base_name
+
+=head2 C<text> or C<txt>
+
+The C<text> (or C<txt>) subcommand returns the main values
(lifetime, DNS name...) of the public key.
+The certificate's name base can also be used as command-line input,
+in which case the same rules as with L<check> are applied
+to find the public certificate.
+ certcheck text cert_base_name.pub.pem
+ certcheck txt cert_base_name.pub.pem
=head1 AUTHORS
@@ -166,7 +182,7 @@ and extended by Gabriel Moreau <Gabriel.Moreau@univ-grenoble-alpes.fr>, Grenoble
=head1 COPYRIGHT
-Copyright (C) 2015, Valentin Hilbig
+Copyright (C) 2015, Valentin Hilbig,
Copyright (C) 2023, LEGI UMR 5519 / CNRS UGA G-INP, Grenoble, France
Licence: CC0 (Creative Commons Zero - https://spdx.org/licenses/CC0-1.0)