Anonymous
×
Create a new article
Write your page title here:
We currently have 28 articles on PhenixOps. Type your article name above or click on one of the titles below and start writing!



PhenixOps
28Articles

SSL Tips and Tricks

SSL Tips and Tricks

This is a list of useful commands to see information on SSL certificates

Issuer

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer

Subject | CN

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -subject

Validity date

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -dates

Full chain of the above

openssl s_client -showcerts -connect www.example.com:443 2>/dev/null | openssl x509 -noout -issuer -subject -dates

Full Certificate information

openssl s_client -showcerts -connect www.example.com:443

Howto check certificates local

Check for expire dates (rhel)

getcert list |grep expires

Check for a specific CA (rhel)

getcert list -c LOCAL

Fingerprint a certificate

Fingerprint with openssl

openssl x509 -in cert.crt -noout -fingerprint SHA1 Fingerprint=4A:1B:26:1C:39:31:54:D8:7F:A3:13:5A:DC:46:31:35:69:E8:32:8B