From 508b416383eb45a89c280d1368f88d294b79b2fc Mon Sep 17 00:00:00 2001
From: Dennis Koot <koter84@gmail.com>
Date: Fri, 29 Jan 2016 15:29:39 +0100
Subject: [PATCH] compare local vs remote after installing

---
 getssl | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/getssl b/getssl
index 5b698ad..dc22425 100755
--- a/getssl
+++ b/getssl
@@ -796,4 +796,13 @@ if [ ! -z "$RELOAD_CMD" ]; then
   fi
 fi
 
+# Check if the certificate is installed correctly
+CERT_REMOTE=$(echo | openssl s_client -servername ${DOMAIN} -connect ${DOMAIN}:443 2>/dev/null | openssl x509 -noout -fingerprint 2>/dev/null)
+CERT_LOCAL=$(cat "$CERT_FILE" | openssl x509 -noout -fingerprint 2>/dev/null)
+if [ "$CERT_LOCAL" == "$CERT_REMOTE" ]; then
+  info "certificate installed OK on server"
+else
+  error_exit "certificate on server is different from local certificate"
+fi
+
 graceful_exit