(Created page with "== SSL Tips and Tricks == ==== Issuer <br> ==== <code> openssl s_client -showcerts -connect www.pladder.nl:443 2>/dev/null | openssl x509 -noout -issuer </code> <br> ==== Su...") |
|||
| Line 1: | Line 1: | ||
== SSL Tips and Tricks == | == SSL Tips and Tricks == | ||
This is a list of useful commands to see information on SSL certificates | |||
==== Issuer <br> ==== | ==== Issuer <br> ==== | ||
<code> | <code> | ||
openssl s_client -showcerts -connect www. | openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer | ||
</code> <br> | </code> <br> | ||
Latest revision as of 21:14, 26 October 2021
SSL Tips and Tricks
This is a list of useful commands to see information on SSL certificates
Issuer
openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer
Subject | CN
openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -subject
Validity date
openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -dates
Full chain of the above
openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer -subject -dates
Full Certificate information
openssl s_client -showcerts -connect www.example.com:443
Howto check certificates local
Check for expire dates (rhel)
getcert list |grep expires
Check for a specific CA (rhel)
getcert list -c LOCAL
Fingerprint a certificate
Fingerprint with openssl
openssl x509 -in cert.crt -noout -fingerprint
SHA1 Fingerprint=4A:1B:26:1C:39:31:54:D8:7F:A3:13:5A:DC:46:31:35:69:E8:32:8B