32 lines
1.0 KiB
Bash
32 lines
1.0 KiB
Bash
#!/bin/bash
|
|
DOMAIN="git.baqi.dev"
|
|
PORT=443
|
|
|
|
echo "🔍 检测 $DOMAIN:$PORT 的 SSL/TLS 状态..."
|
|
echo "--------------------------------------------------"
|
|
|
|
# 1. 显示证书链
|
|
echo -e "\n📜 证书链信息:"
|
|
openssl s_client -connect $DOMAIN:$PORT -servername $DOMAIN -showcerts </dev/null 2>/dev/null | openssl x509 -noout -issuer -subject -dates
|
|
|
|
# 2. 检查证书过期时间
|
|
echo -e "\n⏳ 证书有效期:"
|
|
openssl s_client -connect $DOMAIN:$PORT -servername $DOMAIN </dev/null 2>/dev/null | openssl x509 -noout -dates
|
|
|
|
# 3. 测试 TLS 协议兼容性
|
|
for v in ssl3 tls1 tls1_1 tls1_2 tls1_3; do
|
|
echo -ne "\n⚡ 测试 $v ... "
|
|
result=$(openssl s_client -connect $DOMAIN:$PORT -servername $DOMAIN -$v </dev/null 2>&1)
|
|
if echo "$result" | grep -q "Cipher is"; then
|
|
echo "✅ 支持"
|
|
else
|
|
echo "❌ 不支持"
|
|
fi
|
|
done
|
|
|
|
# 4. 用 curl 模拟 git
|
|
echo -e "\n🌐 使用 curl 模拟访问:"
|
|
curl -vk https://$DOMAIN/ 2>&1 | grep "SSL" || echo "curl 请求正常"
|
|
|
|
echo -e "\n✅ 检测完成。"
|