Anonymous
×
Create a new article
Write your page title here:
We currently have 27 articles on PhenixOps. Type your article name above or click on one of the titles below and start writing!



PhenixOps
27Articles

SSL Tips and Tricks

This is a list of useful commands to see information on SSL certificates

Issuer

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer

Subject | CN

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -subject

Validity date

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -dates

Full chain of the above

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer -subject -dates

Full Certificate information

openssl s_client -showcerts -connect www.example.com:443

Howto check certificates local

Check for expire dates (rhel)

getcert list |grep expires

Check for a specific CA (rhel)

getcert list -c LOCAL

Fingerprint a certificate

Fingerprint with openssl

openssl x509 -in cert.crt -noout -fingerprint SHA1 Fingerprint=4A:1B:26:1C:39:31:54:D8:7F:A3:13:5A:DC:46:31:35:69:E8:32:8B