...
Any suggestions to improve the script would be most welcome.
Jason:
You are of course correct: '#!/usr/bin/env bash' is more portable. I don't usually bother because '#!/usr/bin/bash' works fine on every Linux I've used and on Mac, so I don't think to fix this when I make my scripts public ...
Dave:
"Line 130 s/-eq/=/"
See, that's interesting ... First, "==" would be correct for a Bash string comparison, not "=" (which is correct for 'sh'). Second ... Arguably it's a numeric comparison (thus '-eq'), but I did put quotes around it which probably makes it string ... <sigh> Yeah, I don't know what that should be. It's worked so far ...
Stewart:
"It's just a little loud on sites that don't support https:"
My apologies: I did think of that and test for it ... but on precisely one site where it returned silently and all was good. I tested on a site that responds on port 80, but doesn't respond at all on port 443. The site you named sends a 400 "Bugger off" response (technically "Bad Request") on port 443. Probably because you have a hosting provider who reasonably enough listens on that port whether the site has a certificate or not. I naively assumed that a site without a cert wouldn't be listening on port 443. I'll think about that.
William:
'How does it compare with "testssl.sh" ?'
I have no idea, I haven't used that. If you point me to it I'll take a look.
--