View Live Website Certificates in CLI

Ishan jain November 18, 2024 22:08

View live ssl cert without caching them locally

Earlier I wrote about how to download a ssl certificate and then view it in terminal.

There is not always need to cache the certificate locally and the view it. Finally, I was able to combine both steps to one single line.

HOST=<hostname>; PORT=<port>; IP=<IP_Address>; echo | \
  openssl s_client -showcerts -servername \
    $HOST -connect $IP:$PORT 2>/dev/null | \
  openssl x509 -inform pem -noout \
    -fingerprint -issuer -enddate -subject -ext subjectAltName

Where:

hostname: hostname for the site
port: TCP port, default is 443
IP_Address: ip address to the server, can be $HOST
destination_folder: destination folder to save certificate in

For example:

HOST=example.com; PORT=443; IP=$HOST; echo | \
  openssl s_client -showcerts -servername \
    $HOST -connect $IP:$PORT 2>/dev/null | \
  openssl x509 -inform pem -noout \
    -fingerprint -issuer -enddate -subject -ext subjectAltName