Sometimes in Linux environment, we need to use command line to check SSL certificate, then openssl comes to the picture.
$ echo | openssl s_client -servername NAME -connect HOST:PORT 2>/dev/null | openssl x509
$ echo | openssl s_client -servername NAME -connect HOST:PORT 2>/dev/null | openssl x509 -noout -${param}
- -text: print ssl certificate in text format, like echo | openssl s_client -connect www.google.com:443 2>/dev/null | openssl x509 -text
- -fingerprint: print certificate fingerprints
- -dates: print notBefor and notAfter date and time
- -subject: print subject name
- -issuer: print certificate issuer CA
Run man x509 to see the all available options.
Use below command to check ssl cert chain
openssl s_client -showcerts -connect example.com:443 -servername example.com
No comments:
Post a Comment