Download Website Certificates
Sometimes we need to download a websites certificate locally
There are times we need to download a certificate a website uses.
We can use openssl to download a certificate:
HOST=<hostname>; PORT=<port>; IP=<IP_Address>; \
echo | openssl s_client -servername $HOST -connect $IP:$PORT | \
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /<destination_folder>/$HOST.crt
Where:
- hostname: hostname for the site
- port: TCP port, default is
443 - IP_Address: ip address to the server, can be
$HOST - destination_folder: destination folder to save certificate in
For example, following command will download certificate from example.com on port 443, and save it in /tmp/ folder:
HOST=example.com; PORT=443; IP=$HOST; \
echo | openssl s_client -servername $HOST -connect $IP:$PORT | \
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/$HOST.crt