List all certificates on a server


 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users List all certificates on a server
# 1  
Old 01-24-2016
List all certificates on a server

Dear All,

I am planning to find the list of certificates(WEBshpere/MQ) on a servers.

My certificates are either stored in (.jks) / (.pem) / (.cer) . But some of the certificates are stored without these file formats. I tried using find command but unless I give the file name its difficult for me to find.

I have been told to use "file" command but file command is not telling me whether it's a certificate file or not.

I am not a root user.

If Is there any way, I can find the list of certificates by their Certificate Names (CN) ? I can see openssl to get it but I need to find the list of certificate files first. Is there any way or options?

I am not asking to provide any scripts but if I will get an idea to find then I will be able to write a script.

any kind of help will be much appreciated. Thanks


Regards
Sid
# 2  
Old 01-24-2016
The directory tree /etc/ssl has most openssl certificates. Except for a few cases.

For us to help please:
give us your UNIX OS
# 3  
Old 01-25-2016
Thanks Jim for your response.

I am using both Sun Solaris(5.10) and GNU Linux.

There are system certificates which are available in (/etc/pki/tls) but I need to find the certificates o websphere locations as well. If I will provide the absolute path of the websphere location, then I can find the file but its hard for me how to identifiy the certificate files alone.

If there is a way only to find the certificate files then could you please kindly let me know?

It may be with the extensions(.crt/.cer/.pem/.jks) and some of the files without extensions as well.

Thanks again

Regards
Sid
# 4  
Old 01-25-2016
Try to query via ssl:
Code:
openssl s_client -showcerts -connect yourhost:yourport  < /dev/null

Give your hostname and port number.
# 5  
Old 01-26-2016
Thanks for your answer but I am not asking to connect to different hosts and find the certificates... I am just trying to list all certificates on a single server including (websphere/MQ).

---------- Post updated 01-26-16 at 08:52 AM ---------- Previous update was 01-25-16 at 04:36 PM ----------

Quote:
Originally Posted by jim mcnamara
The directory tree /etc/ssl has most openssl certificates. Except for a few cases.

For us to help please:
give us your UNIX OS

Hi Jim, If you have any suggestions or any idea's then please let me know. Thanks
# 6  
Old 01-26-2016
There is no "standard" for key stores because applications tend to put these all over the place (especially Java apps). You can use a tool like "find" to locate all files with various extensions. How those files are used and by what can be difficult to automate.
# 7  
Old 01-28-2016
There is no standard command to list certificates on a platform.
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How to Find List of MQ and Websphere certificates that are installed on Linux and UNIX servers?

Dear All, I am planning to find the list of certificates(WEBshpere/MQ) on a servers. My certificates are either stored in (.jks) / (.pem)/ (.cer) . But some of the certificates are stored without these file formats. I tried using find command but unless I give the file name its difficult for... (4 Replies)
Discussion started by: sidh_arth85
4 Replies

2. Red Hat

Installation of Certificates failing

Hi All, I have a few certificates that I need to install on my Apache server. The files are in /opt/keys/: # ls -ltrh total 36K -rw-r--r--. 1 root root 1.8K Apr 20 18:29 EntrustG2bridge.cer -rw-r--r--. 1 root root 1.7K Apr 20 18:29 wildcard.key -rw-r--r--. 1 root root 1.5K Apr 20... (1 Reply)
Discussion started by: Junaid Subhani
1 Replies

3. UNIX for Dummies Questions & Answers

Installing SSL certificates on Ubuntu Server 12.04

Hi everyone, I am working on a Nginx + Apache installation for learning purposes, and just got to the point of installing a self-signed certificate for securing some pages that will be used to send "sensitive" information such as login credentials. So far so good. What a I want to know is how can... (2 Replies)
Discussion started by: gacanepa
2 Replies

4. UNIX for Dummies Questions & Answers

Generating server and client certificates

Hi, I am currently in the process of implementing port based authentication(802.1x) in my home network through radius(FreeRadius). I want all my clients to use a certificate for authenticating (eap-tls) However openssl's massive amount of configuration options has me a bit confused. And... (0 Replies)
Discussion started by: regexp
0 Replies

5. AIX

Creation of SSL certificates

Can someone guide me as to how SSL certificates are created for a new AIX box? I am a novice to system administration. Thanks in advance Gayathri (1 Reply)
Discussion started by: ggayathri
1 Replies

6. UNIX for Dummies Questions & Answers

VSFTPD & SSL Certificates

Hello all :b: I need a little advice on securing my VSFTPD server. I currently have it setup and working using a self signed certificate by following instructions on the net and im happy with it to a certain extent. One of my clients is not... He said he cannot connect to the server unless... (1 Reply)
Discussion started by: mokachoka
1 Replies

7. Cybersecurity

expiration of SSL Certificates

Does anyone know how to extract the expiration date of a Solaris 9 certificate? I have searched over the 'net and it seems this command ssl-cert-check comes up often but this does not work on my servers. Not sure how to extraxt the expiration dates of the SSL Certs so if anyone can help that would... (2 Replies)
Discussion started by: bluridge
2 Replies

8. Solaris

FTPS : FTP with certificates

Does anyone know of any products that support FTPS (FTP with SSL). Or does anyone out there run this now? any experiences? This is particularly to support the Cuncur expense system, I don tknow if anyone works with them at all, but they dont support sftp, just ftps. Thanks,!! (1 Reply)
Discussion started by: BG_JrAdmin
1 Replies
Login or Register to Ask a Question