Rethinking the problem a bit, I came up with the following, which may or may not be an improvement over what others have already suggested...
T=$(openssl x509 -noout -text -in "$1" | sed -n 's/^.*Not After : /EXPD=/p;s/^.*Subject: .*CN *= */SUBJ=/p' | sed "s/=(.*)/='\1'/") eval $T EXPD=$(date -d"$EXPD" +%Y%b%d)
The first command does most of the leg-work, stripping out the crud and leaving us with 2 mostly usable variable definitions. (I've added "*"'s after the spaces surrounding the "CN = " string, since those spaces may not always be there, and were missing for my test case.)
The second command sets the two variables (and should be mostly safe, considering the constraints on those fields), and the third one then massages the EXPD variable into the desired date format.
Hope this helps!
Gilbert
On 2023-02-26 6:07 p.m., Adam Thompson wrote:
I’m trying to figure out if there’s a way to do this more compactly (for reasons…):
T=$(openssl x509 -noout -text -in "$1")
EXPD=$(date -d"$(echo "$T" | sed -n 's/^.*Not After : //p')" +%Y%b%d)
SUBJ=$(echo "$T" | sed -n 's/^.*Subject: .*CN = //p')
I am having two issues:
- Bash doesn’t happily let me embed double quotes inside a subshell inside a subshell inside double-quotes. All of the double-quotes are required, AFAICT. So doing X=$(…”$(…”xxx”)”) just doesn’t work because bash doesn’t parse nested double-quotes. But both the inner var and the result can and will have spaces in them.
- I can’t remember how in shell (bash, in this case) how to bifurcate stdout and have it run to two pipelines. I figure echo is a builtin, so should at least be lighter than re-running the monstrosity that is openssl over and over. I have a vague recollection that this is harder than it sounds, and may not be worth it…
Any suggestions on how to solve either issue? I’m sure I’ve just forgotten some obvious technique, hopefully someone can jog my mind.
-Adam