Anonymous
×
Create a new article
Write your page title here:
We currently have 27 articles on PhenixOps. Type your article name above or click on one of the titles below and start writing!



PhenixOps
27Articles

SSL Tips and Tricks: Difference between revisions

(Created page with "== SSL Tips and Tricks == ==== Issuer <br> ==== <code> openssl s_client -showcerts -connect www.pladder.nl:443 2>/dev/null | openssl x509 -noout -issuer </code> <br> ==== Su...")
 
 
Line 1: Line 1:
== SSL Tips and Tricks ==
== SSL Tips and Tricks ==
This is a list of useful commands to see information on SSL certificates


==== Issuer <br> ====
==== Issuer <br> ====
<code>
<code>
openssl s_client -showcerts -connect www.pladder.nl:443 2>/dev/null | openssl x509 -noout -issuer
openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer
</code> <br>
</code> <br>



Latest revision as of 21:14, 26 October 2021

SSL Tips and Tricks

This is a list of useful commands to see information on SSL certificates

Issuer

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer

Subject | CN

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -subject

Validity date

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -dates

Full chain of the above

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer -subject -dates

Full Certificate information

openssl s_client -showcerts -connect www.example.com:443

Howto check certificates local

Check for expire dates (rhel)

getcert list |grep expires

Check for a specific CA (rhel)

getcert list -c LOCAL

Fingerprint a certificate

Fingerprint with openssl

openssl x509 -in cert.crt -noout -fingerprint SHA1 Fingerprint=4A:1B:26:1C:39:31:54:D8:7F:A3:13:5A:DC:46:31:35:69:E8:32:8B