From cea2122fa55ef2be74bfcb391e7e7a453d37087e Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Fri, 27 Feb 2015 12:44:09 +0200
Subject: [PATCH] 2015-02-24-znc160-ssl.md: update the function

ref: Mikaela/shell-things#64
---
 _posts/2015-02-24-znc160-ssl.md | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/_posts/2015-02-24-znc160-ssl.md b/_posts/2015-02-24-znc160-ssl.md
index e535795..79b56d7 100644
--- a/_posts/2015-02-24-znc160-ssl.md
+++ b/_posts/2015-02-24-znc160-ssl.md
@@ -61,16 +61,21 @@ from multiple places:
 ```bash
 # Get server SSL certificate fingerprint in MD5, SHA1 and SHA256.
 # Note that OpenSSL doesn't support IPv6 at time of writing (2015-01-13).
-serversslcertfp() {
-    SSSLCFFN="/tmp/$(date -Is).pem"
-    openssl s_client -showcerts -connect $1 < /dev/null|tee $SSSLCFFN
-    cat $SSSLCFFN|openssl x509 -md5 -fingerprint -noout
-    cat $SSSLCFFN|openssl x509 -sha1 -fingerprint -noout
-    cat $SSSLCFFN|openssl x509 -sha256 -fingerprint -noout
-    rm $SSSLCFFN
+serversslcertfp () {
+    SSSLCFFN=$(openssl s_client -showcerts -connect $1 < /dev/null)
+    # To see all validity information
+    echo $SSSLCFFN
+    # For getting the fingerprints
+    echo $SSSLCFFN | openssl x509 -md5 -fingerprint -noout
+    echo $SSSLCFFN | openssl x509 -sha1 -fingerprint -noout
+    echo $SSSLCFFN | openssl x509 -sha256 -fingerprint -noout
+    unset SSSLCFFN
 }
 ```
 
 I hope this article has helped you to understand the issues with blindly
 accepting SSL certificates or at least to understand that *if you don't
 want to verify SSL certificates, don't use SSL.*
+
+*Updated on 2015-02-26 10:43Z: just use environment variables in the
+function like suggested by @DarthGandalf on \#znc.*