How to terminate OpenSSL s_client after connection

You can achieve the desired effect by using a pipe to pass in the character "Q". This makes for a great one-liner for a script:

echo "Q" | openssl s_client -connect host:port

If you are using a sufficiently new version of BASH, you can also use the triple less-than redirect instead of piping (some times a pipe isn't usable since it operates on stdin/stdout):

openssl s_client -connect host:port <<< "Q"

Entering the letter 'Q' at the beginning of a blank line will end an active connection. I've seen s_client get into states where this does not do anything, but this is the documented way to quit a session.

If you want to do this in batch mode, just create a text file with the letter 'Q' followed by a carriage return and direct it into the end of the command like so:

openssl s_client -connect host:port < Q.txt

I tried this and it works.

I have a following in my $profile and simply call that with cert github.com or cert github.com 15 if I need to extend the output. Works until now.

# $profilefunction test-certificate($domain, $contextLength = 10) {        $domain += ":443"    echo "q" | openssl s_client -connect $domain | openssl x509 -noout -enddate | sls "notAfter.*"    echo "q" | openssl s_client -connect $domain | sls "certificate chain" -Context $contextLength    write-host "~~~" -ForegroundColor darkcyan    write-host "If needed, pass a desired output length after domainname" -ForegroundColor darkcyan}Set-Alias cert test-certificate

Edit: to resolve unable to get local issuer certificate, download a certificate package from https://curl.se/docs/caextract.html. I don't do it programmatically, so I ended up with

function test-certificate($domain, $contextLength = 10) {        $cacertPath = "c:\Users\Admin\tools\cacert.pem" #←EDIT THIS    $domain += ":443"    echo "q" | openssl s_client -connect $domain -CAfile $cacertPath  | openssl x509 -noout -enddate | sls "notAfter.*"    echo "q" | openssl s_client -connect $domain -CAfile $cacertPath  | sls "certificate chain" -Context $contextLength    Write-Host "~~~" -ForegroundColor darkcyan    Write-Host "→ If needed, pass a desired output length after domainname" -ForegroundColor darkcyan    Write-Host "→ To update the list of trusted Certificates, run:" -ForegroundColor darkcyan    Write-Host "→ Invoke-WebRequest https://curl.se/ca/cacert.pem -OutFile 'c:\Users\Admin\tools\cacert.pem'" -ForegroundColor darkcyan    Write-Host "~~~" -ForegroundColor darkcyan}