Instead of using sed
to filter out the certificate, you can also pipe the openssl s_client
output through openssl x509 -out certfile.txt
, for example:
echo "" | openssl s_client -connect my.server.com:443 -showcerts 2>/dev/null | openssl x509 -out certfile.txt