From 99e4b107d6b44025fab412a89e83a9acc1eabb5f Mon Sep 17 00:00:00 2001
From: Philippe G <philippe44@users.noreply.github.com>
Date: Wed, 31 Mar 2021 22:37:44 -0700
Subject: [PATCH] cleanup these $%@! certificates

---
 server_certs/getcert.sh | 47 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 server_certs/getcert.sh

diff --git a/server_certs/getcert.sh b/server_certs/getcert.sh
new file mode 100644
index 00000000..b27048f4
--- /dev/null
+++ b/server_certs/getcert.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+function get_pem_file() {
+	infile=$1
+	level=$((1 + $2))
+	if [ -z $infile ] 
+	then
+		return 1 
+	fi
+	echo Processing $1
+	crt=`openssl x509 -in ${infile}.pem -noout -text |sed -n -e 's/.*CA Issu.*URI:http:\/\/.*\/\(.*\)\..*/\1/p'` 
+	uri=`openssl x509 -in ${infile}.pem -noout -text |sed -n -e 's/.*CA Issu.*URI:\(.*\)/\1/p'`
+	if [ -z $uri ]
+        then
+                return 1
+        fi
+	echo crt=$crt, uri=$uri
+	wget ${uri}
+	openssl x509 -inform der -in ${crt}.crt -out ${crt}.pem
+	export outfile=$crt
+	if [ $level -lt 5 ]
+	then 
+		if get_pem_file $outfile level; then
+	        	echo completed $outfile with result $?
+	        else
+	                echo done
+	        fi
+	fi
+	return 0
+}
+
+function get_all_pem(){
+	export outfile=$2
+	export url=$1
+	openssl s_client -showcerts -connect ${url}:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >${outfile}.pem
+	get_pem_file $outfile 0
+}
+
+
+rm *.pem
+rm *.crt
+rm *.txt
+# seed the start pem
+get_all_pem github.com github-com
+get_all_pem s3.amazonaws.com s3-amazon-com
+get_all_pem github-releases.githubusercontent.com githubusercontent-com
+cat *.pem >github.pem