adds feature to detect multiple certificates in PEM bundles

[mayrstefan]

If a PEM bundle contains multiple certificates only the first one is detected.

This features adds further certificates to the JSON output:

• first cert is shown as filename (#0 is omitted to stay compatible to previous outputs)
• second cert is shown as filename#1
• third cert is shown as filename#2
• and so on

This should solve #181

[mayrstefan]

@gurubert you closed #181 because of openssls limitation. Does this PR have a chance?

[gurubert]

I am currently thinking about re-implementing the whole plugin in Python as all the string handling in Bash is getting out of hand.

[mayrstefan]

A disadvantage of a python solution on the agent would be the dependency to an addition module to read the certificates. AFAIK python does not include a (public) module to process x509 certificates. I'm no fan of telling people to just use pip install xy and break the package management of traditional linux oses. For me this is dll hell all over again. I like the current plugin because it uses tools that are included in almost any linux installation.

When thinking about this PR I wanted to change or break as little as possible. Another refacoring step could be a refacoring that:

• gets the PEM output of a single certificate (convert DER to PEM or select one if multiple certificates are chained in one file)
• replace the occurences of openssl reading the file with echo "$PEM" | openssl ...

[mayrstefan]

What is your current plan for this plugin? Is a python version still on the list or will it stay in bash (which I would prefer)?

[gurubert]

I am sorry but due to all the other extensions being migrated to 2.4 there was no room to think about this.