Deprecated: Use of ParserOutput::getProperty was deprecated in MediaWiki 1.38. [Called from MediaWiki\Skin\Cosmos\CosmosHooks::onOutputPageParserOutput in /var/www/html/doc/skins/Cosmos/includes/CosmosHooks.php at line 81] in /var/www/html/doc/includes/debug/MWDebug.php on line 377
SSL Tips and Tricks - PhenixOps
Anonymous
×
Create a new article
Write your page title here:
We currently have 27 articles on PhenixOps. Type your article name above or click on one of the titles below and start writing!



PhenixOps
27Articles

SSL Tips and Tricks

This is a list of useful commands to see information on SSL certificates

Issuer

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer

Subject | CN

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -subject

Validity date

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -dates

Full chain of the above

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer -subject -dates

Full Certificate information

openssl s_client -showcerts -connect www.example.com:443

Howto check certificates local

Check for expire dates (rhel)

getcert list |grep expires

Check for a specific CA (rhel)

getcert list -c LOCAL

Fingerprint a certificate

Fingerprint with openssl

openssl x509 -in cert.crt -noout -fingerprint SHA1 Fingerprint=4A:1B:26:1C:39:31:54:D8:7F:A3:13:5A:DC:46:31:35:69:E8:32:8B