networking:certificate-check
Table of Contents
Checking a SSL Certificate
Prerequisite
To query certificates the openssl package has to be installed:
openssl version –a
View the Full Certificate Details
To check the details of a particular certificate, run the following command. This OpenSSL command shows certificate expiry, subject, issuer, key details, and signature algorithm.
openssl x509 -in mail.oscardegroot.nl.cer -text -noout
View the SSL Certificate Itself (Encoded)
OpenSSL allows you to view the SSL certificate in its original encoded format. Run the command below to display it:
$ echo | openssl s_client -servername google.com -connect www.google.com:443 2>/dev/null | openssl x509 -------------------------------------------------------------- -----BEGIN CERTIFICATE----- MIIOPDCCDSSgAwIBAgIQeJqX0U5Tc7gJCu11qI55eTANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM QzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yMzA4MDcxMjE2NDBaFw0yMzEwMzAx ...... hwJIJt0p+v/KtBb7R+9YWcK4kaW7ColdWx3pIneTZse0o+42x8HshHLwhNma5u6M rXZNfOQmwIeD7gdNYyfdrJ78tJDZU7eJjhyYmsSD1SgHPwSefW3ZjOEaRdGhS2QU -----END CERTIFICATE-----
Check SSL Certificate Validity
It’s important to know when the SSL certificate expires, so you can renew it in advance and avoid potential website outages and data breaches. Here’s how to check the SSL certificate expiration date in Linux:
$ echo | openssl s_client -servername oscardegroot.nl -connect www.oscardegroot.nl:443 2>/dev/null | openssl x509 -noout -dates -------------------------------------------------------------- notBefore=Jul 1 00:56:57 2023 GMT notAfter=Sep 29 00:56:56 2023 GMT
networking/certificate-check.txt · Last modified: by oscar