Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Finding SSL Cert Info

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Finding SSL Cert Info
# 1  
Old 09-24-2014
Finding SSL Cert Info
How do I find out the SSL cert info on the local server?

How do I know if an ssl cert is installed on local server?

How it was issued to?

Who was the issuer?

What's the expiration date?

Any other relevant information?
# 2  
Old 09-24-2014
Hi,

You should be able to find most of the information using "openssl" for the exact syntax and all the switches run,
Code:
[/etc] 
(23:57:50)-(annemunro)-(4883)-> openssl
OpenSSL> ?
openssl:Error: '?' is an invalid command.

Standard commands
asn1parse      ca             ciphers        crl            crl2pkcs7      
dgst           dh             dhparam        dsa            dsaparam       
ec             ecparam        enc            engine         errstr         
gendh          gendsa         genrsa         nseq           ocsp           
passwd         pkcs12         pkcs7          pkcs8          prime          
rand           req            rsa            rsautl         s_client       
s_server       s_time         sess_id        smime          speed          
spkac          verify         version        x509           

Message Digest commands (see the `dgst' command for more details)
md2            md4            md5            mdc2           rmd160         
sha            sha1           

Cipher commands (see the `enc' command for more details)
aes-128-cbc    aes-128-ecb    aes-192-cbc    aes-192-ecb    aes-256-cbc    
aes-256-ecb    base64         bf             bf-cbc         bf-cfb         
bf-ecb         bf-ofb         cast           cast-cbc       cast5-cbc      
cast5-cfb      cast5-ecb      cast5-ofb      des            des-cbc        
des-cfb        des-ecb        des-ede        des-ede-cbc    des-ede-cfb    
des-ede-ofb    des-ede3       des-ede3-cbc   des-ede3-cfb   des-ede3-ofb   
des-ofb        des3           desx           rc2            rc2-40-cbc     
rc2-64-cbc     rc2-cbc        rc2-cfb        rc2-ecb        rc2-ofb        
rc4            rc4-40         rc5            rc5-cbc        rc5-cfb        
rc5-ecb        rc5-ofb        seed           seed-cbc       seed-cfb       
seed-ecb       seed-ofb       

OpenSSL>

Or you could check the man page with,

Code:
man openssl

Further example from web.

Code:
[root@server]# openssl x509 -in /etc/httpd/conf/ssl.crt/server.crt -text -noout
Certificate:
      Data:
            Version: 3 (0x2)
            Serial Number: 0 (0x0)
            Signature Algorithm: md5WithRSAEncryption
            Issuer: C=US, ST=Someprovince, L=Sometown, O=none, OU=none, CN=localhost/emailAddress=webaster@localhost
            Validity
                  Not Before: Jul  7 05:58:09 2009 GMT
                  Not After : Nov 21 05:58:09 2036 GMT
            Subject: C=US, ST=Someprovince, L=Sometown, O=none, OU=none, CN=localhost/emailAddress=webaster@localhost
            Subject Public Key Info:
                  Public Key Algorithm: rsaEncryption
                  RSA Public Key: (1024 bit)
                        Modulus (1024 bit):
                              00:98:32:24:b9:13:30:7b:97:6f:dc:35:c2:a0:e8:
                              58:de:9f:88:d2:b0:86:1c:b9:67:1f:7d:b1:28:6c:
                              b8:52:47:f0:14:32:4c:36:62:14:a7:bf:d1:d1:47:
                              ed:bc:63:60:c7:ee:3c:22:58:69:4f:b4:93:8c:3e:
                              f5:02:54:85:70:24:c6:3e:b1:67:90:50:ab:18:64:
                              60:b2:46:e1:19:d3:b7:34:7b:48:c6:6b:bb:da:56:
                              54:92:c0:2e:39:81:f7:94:af:3d:51:2c:cf:4a:86:
                              9e:0c:30:60:82:6b:34:f6:9b:e4:01:9c:39:1b:4f:
                              68:61:fa:5f:7e:cc:f6:e0:ed
                        Exponent: 65537 (0x10001)
        Signature Algorithm: md5WithRSAEncryption
              20:86:28:65:d5:fe:d2:a9:0c:f9:c3:24:51:ff:de:ff:11:6e:
              ec:b4:dc:b1:11:70:cb:37:52:45:e7:cb:f3:e9:e1:b3:3a:5d:
              20:8b:49:07:43:a4:da:b8:17:bf:4b:84:89:d7:0e:18:34:b3:
              0c:c2:0c:cd:56:2b:9e:e1:e0:6a:c4:7d:fc:3f:3e:89:8a:a5:
              c9:a5:1a:1c:2c:7d:74:1c:34:54:b1:8b:36:2d:91:b6:38:79:
              ad:e5:14:53:d2:32:ce:ee:89:ef:60:f3:98:0f:38:79:e3:07:
              f5:e5:a5:ff:8f:6b:74:46:4c:89:7e:33:0e:66:cf:34:3b:c1:
              e3:79

Regards

Dave
This User Gave Thanks to gull04 For This Post:
scj2012
 
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. What is on Your Mind?

PHP Fatal Errors During SSL Cert Management - PHP Fatal error: xc_fcntl_mutex failed

Today, I noticed some errors in our SSL cert renewal log files, mostly related to domains where the IP address had changed. Concerned about this, rebuilt out SSL cert, which normally goes well without a hiccup. However, for today, for some reason which I cannot explain, there was a PHP error... (0 Replies)
Discussion started by: Neo
0 Replies

2. Shell Programming and Scripting

Script which will validate SSL cert with key

Hi, I am trying to find the script which will ask for SSL Cert and Key file name/path. The output of both should be matched and compared. If the output are same than the script final output should be Certificate Matches and if it doesn't than Output don't match. Is there any way we can create... (0 Replies)
Discussion started by: SachinD
0 Replies

3. UNIX for Advanced & Expert Users

ldap over tls -- ssl cert help

Hey Guys, I am trying to setup ldap over tls in our lab. I am generating a self signed cert on the ldap server and importing that into the ldap system so it will use ldap over port 636. The clients will be a mix of solaris and redhat. I am lost on what I need to do on the client side to get... (0 Replies)
Discussion started by: s ladd
0 Replies

4. Linux

Finding IP info from access_log file

I found the /var/www/logs/access_log file (access log in order to find specific information about IP, And when users last logged in.) but in my fedora the access_log file is is in my /var/log/cups and it looks different from what it should be. Why is that? my goal is to get a list of IP... (4 Replies)
Discussion started by: bugenhagen_
4 Replies

5. UNIX for Dummies Questions & Answers

Need help with finding info on pcode-interpreters-virtual machines

I'm trying to research interpreters and I can't find much info on Pcode or how or why it is used. Thanks in advance!:wall: (2 Replies)
Discussion started by: theKbStockpiler
2 Replies

6. Shell Programming and Scripting

Help finding info from log file

Hi, I have a log file that contains information such as this: date id number command1 command2 command3 command4 data data data date id number command1 command2 command3 command4 (4 Replies)
Discussion started by: bbbngowc
4 Replies

7. Shell Programming and Scripting

Shell Script to provide "answers" to SSL Cert Request

Hello, I need assistance with creating a shell script to generate SSL Certificate Requests on remote hosts. Below is my stab at this, but I cannot figure out how to pass the requested arguments into the openssl command correctly. I have a major problem with redirecting the "answers" into the... (2 Replies)
Discussion started by: azvelocat
2 Replies

8. UNIX for Dummies Questions & Answers

Finding file version info

Hi, Is there a standard command for retrieving the version of any given file (assuming the file has a version)? Thanks in advance Dave :) (1 Reply)
Discussion started by: davewg
1 Replies

9. UNIX for Dummies Questions & Answers

Finding system info

Can someone tell me the command to display the info about the CPU? I need the CPI id.. of my SUN box. Solaris 8. It's some totally un-intuitive command, and i can't recall it. tnx. (3 Replies)
Discussion started by: ireeneek
3 Replies
Login or Register to Ask a Question