Batch SSL Checker

With the new Google Chrome release beginning to display non-secured warnings, now is a great time to begin rolling out HTTPS everywhere on all your client’s websites. The following is a bash script I wrote to help with the switchover process. I used the script to assist with making the SSL switchover with over 500+ WordPress websites.

The script checks which websites are still running HTTP. It works by using CURL to follow the website to its final redirect, and then examines the headers. If the final request is HTTP then it outputs that site into a separate TXT file.

Screen Shot 2017-01-25 at 7.20.06 AM

Create a file called ssl_check.sh with the following. Fill up the sites variable with as many domains as you wish to check separated by a space.

sites="google.com microsoft.com anchor.host"
output=ssl_check_output.txt

# clears previous output
> $output

for site in $sites
do
    url=`curl --silent -IL $site | grep Location: | tail -1 | sed 's/Location: //g'`
    proto=`echo $url | grep :// | sed -e's,^\(.*://\).*,\1,g'`
    if [ "https://" != "$proto" ]
    then
        echo $site
        echo $site >> $output
    fi
done

The output will be stored in a file named ssl_check_output.txt which can be used as a checklist to manually process and activated new SSLs. After all of the SSLs have been installed, running ssl_check.sh can be used to make sure none of the websites have been missed.