Extract Certificate Info
At times working in terminal can be faster, after all openssl is cli first.
Update: Added example output
There have been time when I am sitting in terminal an needed to debug a certificate on a site.
To examine a downloaded certificate we can leverage openssl:
openssl x509 -in <crt_file> \
-noout -fingerprint -issuer -enddate -subject -ext subjectAltName
Where:
- crt_file location of certificate file, often with
.crtextension
For example, following command will examine the certificate from example.com stored in /tmp/ folder:
openssl x509 -in /tmp/example.com.crt \
-noout -fingerprint -issuer -enddate -subject -ext subjectAltName
This will give similar output:
SHA1 Fingerprint=4D:A2:5A:6D:5E:F6:2C:5F:95:C7:BD:0A:73:EA:3C:17:7B:36:99:9D
issuer=C = US, O = DigiCert Inc, CN = DigiCert Global G2 TLS RSA SHA256 2020 CA1
notAfter=Mar 1 23:59:59 2025 GMT
subject=C = US, ST = California, L = Los Angeles, O = Internet\C2\A0Corporation\C2\A0for\C2\A0Assigned\C2\A0Names\C2\A0and\C2\A0Numbers, CN = www.example.org
X509v3 Subject Alternative Name:
DNS:www.example.org, DNS:example.net, DNS:example.edu, DNS:example.com, DNS:example.org, DNS:www.example.com, DNS:www.example.edu, DNS:www.example.net