Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is it possible to extract a certificate chain?
Top Forums UNIX for Dummies Questions & Answers Is it possible to extract a certificate chain? Post 302550059 by Keepcase on Wednesday 24th of August 2011 01:37:43 PM
Old 08-24-2011
Is it possible to extract a certificate chain?
Hi all!

I wanted to look at the key length of a certificate chain we have. When I do the conventional export command using keytool I will only get the end user cert.

Code:
keytool -export -alias aliasname -file filename.cer -keystore keystorename

The above code will only give me the end user (the alias) without the intermediate and root CA after I convert the above binary cert to pem format.

Is there anyway to extract the entire certificate chain?
I've tried keytool and openssl but I did not find anything that would allow me to extract a certificate chain from a keystore.

Thanks!
Erin
 

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How to chain some commands together

Hey, I am fiddling with a little script to kill a certain program if it freezes. Basically I want to do something like this: ps -A | grep firefox-bin | read -d ' ' pid kill $pid The problem lies when I pipe the output of grep into read. That part does not seem to work the way I want... (4 Replies)
Discussion started by: kermit
4 Replies

2. Shell Programming and Scripting

Find a sub chain in a file

Hello, I have a logfile from which i would to extract date and login information. (the goal is to find the inactive users). To extract the date, no problem. To extract the login, i'm stuck. I first extract lines which contains the logging-in information, i obtain different lines. Here... (2 Replies)
Discussion started by: Meldawa
2 Replies

3. Shell Programming and Scripting

[solved] Killing 3rd command in ssh chain

Hi All, Noob question here... How do I kill the 3rd command in this ssh chain effectively? # ssh -t -t 10.80.0.5 'ssh 10.80.0.6 | /var/tmp/some_script' The "/var/tmp/some_script" contains: ssh 10.80.0.81 'echo "Hello World!!!!" >> /tmp/sample.txt'The problem is that once the sample.txt... (2 Replies)
Discussion started by: NYG71
2 Replies

4. UNIX for Advanced & Expert Users

[SOLVED] No INPUT chain on nat table in iptables

Hello, I'm having problem with an iptables rule. It seems that on one of two systems on the nat table, the INPUT chain doesn't exist for some strange reason. I get the error below: # iptables -t nat -A INPUT -j ACCEPT iptables: No chain/target/match by that name. Here is my kernel on... (0 Replies)
Discussion started by: Narnie
0 Replies

5. Ubuntu

forward packet from input chain to output

Hi, I receive a packet at input chain of iptables in filter table. How can i forward that same packet exactly to the output chain of the iptables in filter table. I need this help desperately. Thanks. (0 Replies)
Discussion started by: arsipk
0 Replies

6. UNIX for Advanced & Expert Users

Editing iptables rules with custom chain

Hello, I have iptables service running on my CentOS5 server. It has approx 50 rules right now. The problem I am facing now is as follows - I have to define a new chain in the filter table, say DOS_RULES & add all rules in this chain starting from index number 15 in the filter table. ... (1 Reply)
Discussion started by: BhushanPathak
1 Replies

7. Programming

Extract Common Name (CN) of SSL certificate using perl code

Hello folks, I need a piece of code in perl which can read the file having multiple ssl certificates in text format one after the other as shown below. I need to parse this file and find out the common names of each of ssl certs it contains. E.g. -----BEGIN CERTIFICATE-----... (4 Replies)
Discussion started by: jhamaks
4 Replies

8. UNIX for Dummies Questions & Answers

Logging Aggregator and Reporting For a Chain

Hello, I'am lerning Powershell and have this task. can anyone help? Imagine a fitness studio chain that operates different studios in Munich. Every studio has been given a Windows server that operates the entry of studio clients via a key-card (NFC) and it also operates the cashier at the bar... (1 Reply)
Discussion started by: akotb
1 Replies

9. UNIX for Advanced & Expert Users

Does vsftpd support user access with client certificate with priv/pub key + vsftpd certificate?

:rolleyes:I am trying to setup all certificate based client-server environment in Linux using vsftpd and curl with openssl. I would like to make a user access with vsftpd certificate and user own client certificate (self-signed) with private/public key. I don't see google posts about the my plan... (4 Replies)
Discussion started by: gogogo
4 Replies

LEARN ABOUT V7

ssl_ctx_add_extra_chain_cert

SSL_CTX_add_extra_chain_cert(3SSL)				      OpenSSL					SSL_CTX_add_extra_chain_cert(3SSL)

NAME

       SSL_CTX_add_extra_chain_cert - add certificate to chain

SYNOPSIS

	#include <openssl/ssl.h>

	long SSL_CTX_add_extra_chain_cert(SSL_CTX ctx, X509 *x509)

DESCRIPTION

       SSL_CTX_add_extra_chain_cert() adds the certificate x509 to the certificate chain presented together with the certificate. Several
       certificates can be added one after the other.

NOTES

       When constructing the certificate chain, the chain will be formed from these certificates explicitly specified. If no chain is specified,
       the library will try to complete the chain from the available CA certificates in the trusted CA storage, see
       SSL_CTX_load_verify_locations(3).

RETURN VALUES

       SSL_CTX_add_extra_chain_cert() returns 1 on success. Check out the error stack to find out the reason for failure otherwise.

SEE ALSO

       ssl(3), SSL_CTX_use_certificate(3), SSL_CTX_set_client_cert_cb(3), SSL_CTX_load_verify_locations(3)

1.0.1e								    2013-02-11					SSL_CTX_add_extra_chain_cert(3SSL)
All times are GMT -4. The time now is 05:55 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy