内容简介:显示证书信息提取证书
openssl s_client -connect awen.me:443 -state
显示证书信息
➜ Downloads openssl s_client -connect awen.me:443 -state CONNECTED(00000003) SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL_connect:SSLv3 read server hello A depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = awen.me verify return:1 SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server key exchange A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:SSLv3 read server session ticket A SSL_connect:SSLv3 read finished A --- Certificate chain 0 s:/CN=awen.me i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 i:/O=Digital Signature Trust Co./CN=DST Root CA X3 --- Server certificate -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISA3pwr8utOg9I8/XTJ+8wdJTOMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEwMTEwMDAzMzhaFw0x ODAxMDkwMDAzMzhaMBIxEDAOBgNVBAMTB2F3ZW4ubWUwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCtCuIWnpHvn6Lm7twgUlkzy1v6j1tQ/yDxWyd8gvOk GJhLTlAepXdkLQsEw2QRpGxoOvsO28K9MH4B1baLGyl5TbNnZAFIUOrkDBMvaPFU FYXK2yqtdSfky9AD3LkSjRcDMspqm9tIqjBYyu78lomZR/AgcVePYPwYfONzaE8J 4NvCLneFI+fzifNuqpkUt18wpWBp/oVC1/ln74ShVmYczg9IqTX8vw58MWlBemIL OI40ExXDnOHa7ZdxFl1lKPtVjfQjR3bS84Dsj7XBqDYLe3tJNed0+kTJIgQFhshH kcpDpMPW78rDz/e1akA2o0Ry/WzAnf9dOJDfjvd7FsC1AgMBAAGjggIiMIICHjAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFO1HBP+QqfO+dhvj5nr6vAr/mlOHMB8GA1Ud IwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggr BgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggr BgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYD VR0RBCYwJIIHYXdlbi5tZYIMZmlsZS5hd2VuLm1lggt3d3cuYXdlbi5tZTCB/gYD VR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyB m1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVs eWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2Vy dGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3Jn L3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAM74q3r2wOgyAfcg1atlgz MChtVGaKTllk4tdS8OJKzhIFBR77NG7gHd1lzs/yQr4l3WYv4T2T5+Ayp4c95fvb uWqMsrD3sL30MBhqCeXdccJlckWUfsejmUOEAzyqtscAtrIw3ksQLOmlibf326TJ sIMV+oHsg9arSHUj2Z4hzMDxbH2jl+6J3HlszPmufUS2HRRMD9KGJFUECsmPnD+w dUeBLOlcuNwcClH0KCHgqJcO+ZDGTk/hvbYNRGnpfVbJ/06MGEhKd+uKwurPy5sp +mTOh22TTsN0wqc177L0CGy7E9NMr/erhOuaiEOhgHEI5atyueZmlfHz/Xkv49yV -----END CERTIFICATE----- subject=/CN=awen.me issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 --- No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3148 bytes and written 433 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 07B2204FD14B558C10FD7B46FB671AA2773A7879E4D54EB6B87969AC0715817C Session-ID-ctx: Master-Key: A4CDEE832FED5CF7BC3EDBAF26F6656D50013C5B3D0F9180328E01055A4975ECF5DEB30EB7CBCD793743A5E5798CDF50 Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 86400 (seconds) TLS session ticket: 0000 - 04 b2 d5 29 64 26 3a 7e-6b 73 f7 51 59 05 2c ef ...)d&:~ks.QY.,. 0010 - 6e 16 8c cd 04 bd b7 31-89 54 f0 93 36 98 92 ea n......1.T..6... 0020 - 89 5e 00 96 d4 04 09 4b-a6 a6 3b b0 73 24 45 40 .^.....K..;.s$E@ 0030 - a7 db c5 20 cd a0 72 c8-08 1b f9 a7 66 c6 64 a4 ... ..r.....f.d. 0040 - 05 42 c8 69 e9 19 1a 33-46 63 b1 6b 6b 82 56 01 .B.i...3Fc.kk.V. 0050 - 21 22 60 32 fd a3 af 58-77 8f f1 39 2b 44 f2 52 !"`2...Xw..9+D.R 0060 - 6f 7e 93 80 19 8d a4 36-91 b3 c2 01 38 d3 6a 95 o~.....6....8.j. 0070 - fc 22 d5 77 9d 67 2a 84-7f 35 85 c7 a1 7d e8 13 .".w.g*..5...}.. 0080 - 8e 38 96 c4 2c a6 35 02-92 1c 05 07 ef 4c 4d 80 .8..,.5......LM. 0090 - fa cb 1b 3a 5b 15 f5 f0-46 ce 45 60 65 40 82 9f ...:[...F.E`e@.. 00a0 - f3 62 36 9c 00 ab c0 9f-db 77 b0 36 f0 24 b7 74 .b6......w.6.$.t Start Time: 1509693221 Timeout : 300 (sec) Verify return code: 0 (ok) --- SSL3 alert read:warning:close notify closed SSL3 alert write:warning:close notify
提取证书
echo |\openssl s_client -connect awen.me:443 2>&1|\sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> awen.pem
得到如下内容
➜ Downloads cat awen.pem -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISA3pwr8utOg9I8/XTJ+8wdJTOMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEwMTEwMDAzMzhaFw0x ODAxMDkwMDAzMzhaMBIxEDAOBgNVBAMTB2F3ZW4ubWUwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCtCuIWnpHvn6Lm7twgUlkzy1v6j1tQ/yDxWyd8gvOk GJhLTlAepXdkLQsEw2QRpGxoOvsO28K9MH4B1baLGyl5TbNnZAFIUOrkDBMvaPFU FYXK2yqtdSfky9AD3LkSjRcDMspqm9tIqjBYyu78lomZR/AgcVePYPwYfONzaE8J 4NvCLneFI+fzifNuqpkUt18wpWBp/oVC1/ln74ShVmYczg9IqTX8vw58MWlBemIL OI40ExXDnOHa7ZdxFl1lKPtVjfQjR3bS84Dsj7XBqDYLe3tJNed0+kTJIgQFhshH kcpDpMPW78rDz/e1akA2o0Ry/WzAnf9dOJDfjvd7FsC1AgMBAAGjggIiMIICHjAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFO1HBP+QqfO+dhvj5nr6vAr/mlOHMB8GA1Ud IwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggr BgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggr BgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYD VR0RBCYwJIIHYXdlbi5tZYIMZmlsZS5hd2VuLm1lggt3d3cuYXdlbi5tZTCB/gYD VR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyB m1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVs eWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2Vy dGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3Jn L3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAM74q3r2wOgyAfcg1atlgz MChtVGaKTllk4tdS8OJKzhIFBR77NG7gHd1lzs/yQr4l3WYv4T2T5+Ayp4c95fvb uWqMsrD3sL30MBhqCeXdccJlckWUfsejmUOEAzyqtscAtrIw3ksQLOmlibf326TJ sIMV+oHsg9arSHUj2Z4hzMDxbH2jl+6J3HlszPmufUS2HRRMD9KGJFUECsmPnD+w dUeBLOlcuNwcClH0KCHgqJcO+ZDGTk/hvbYNRGnpfVbJ/06MGEhKd+uKwurPy5sp +mTOh22TTsN0wqc177L0CGy7E9NMr/erhOuaiEOhgHEI5atyueZmlfHz/Xkv49yV -----END CERTIFICATE-----
查看证书信息
➜ Downloads openssl x509 -noout -text -in awen.pem Certificate: Data: Version: 3 (0x2) Serial Number: 03:7a:70:af:cb:ad:3a:0f:48:f3:f5:d3:27:ef:30:74:94:ce Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3 Validity Not Before: Oct 11 00:03:38 2017 GMT Not After : Jan 9 00:03:38 2018 GMT Subject: CN=awen.me Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ad:0a:e2:16:9e:91:ef:9f:a2:e6:ee:dc:20:52: 59:33:cb:5b:fa:8f:5b:50:ff:20:f1:5b:27:7c:82: f3:a4:18:98:4b:4e:50:1e:a5:77:64:2d:0b:04:c3: 64:11:a4:6c:68:3a:fb:0e:db:c2:bd:30:7e:01:d5: b6:8b:1b:29:79:4d:b3:67:64:01:48:50:ea:e4:0c: 13:2f:68:f1:54:15:85:ca:db:2a:ad:75:27:e4:cb: d0:03:dc:b9:12:8d:17:03:32:ca:6a:9b:db:48:aa: 30:58:ca:ee:fc:96:89:99:47:f0:20:71:57:8f:60: fc:18:7c:e3:73:68:4f:09:e0:db:c2:2e:77:85:23: e7:f3:89:f3:6e:aa:99:14:b7:5f:30:a5:60:69:fe: 85:42:d7:f9:67:ef:84:a1:56:66:1c:ce:0f:48:a9: 35:fc:bf:0e:7c:31:69:41:7a:62:0b:38:8e:34:13: 15:c3:9c:e1:da:ed:97:71:16:5d:65:28:fb:55:8d: f4:23:47:76:d2:f3:80:ec:8f:b5:c1:a8:36:0b:7b: 7b:49:35:e7:74:fa:44:c9:22:04:05:86:c8:47:91: ca:43:a4:c3:d6:ef:ca:c3:cf:f7:b5:6a:40:36:a3: 44:72:fd:6c:c0:9d:ff:5d:38:90:df:8e:f7:7b:16: c0:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Key Identifier: ED:47:04:FF:90:A9:F3:BE:76:1B:E3:E6:7A:FA:BC:0A:FF:9A:53:87 X509v3 Authority Key Identifier: keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1 Authority Information Access: OCSP - URI:http://ocsp.int-x3.letsencrypt.org CA Issuers - URI:http://cert.int-x3.letsencrypt.org/ X509v3 Subject Alternative Name: DNS:awen.me, DNS:file.awen.me, DNS:www.awen.me X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 Policy: 1.3.6.1.4.1.44947.1.1.1 CPS: http://cps.letsencrypt.org User Notice: Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/ Signature Algorithm: sha256WithRSAEncryption 0c:ef:8a:b7:af:6c:0e:83:20:1f:72:0d:5a:b6:58:33:30:28: 6d:54:66:8a:4e:59:64:e2:d7:52:f0:e2:4a:ce:12:05:05:1e: fb:34:6e:e0:1d:dd:65:ce:cf:f2:42:be:25:dd:66:2f:e1:3d: 93:e7:e0:32:a7:87:3d:e5:fb:db:b9:6a:8c:b2:b0:f7:b0:bd: f4:30:18:6a:09:e5:dd:71:c2:65:72:45:94:7e:c7:a3:99:43: 84:03:3c:aa:b6:c7:00:b6:b2:30:de:4b:10:2c:e9:a5:89:b7: f7:db:a4:c9:b0:83:15:fa:81:ec:83:d6:ab:48:75:23:d9:9e: 21:cc:c0:f1:6c:7d:a3:97:ee:89:dc:79:6c:cc:f9:ae:7d:44: b6:1d:14:4c:0f:d2:86:24:55:04:0a:c9:8f:9c:3f:b0:75:47: 81:2c:e9:5c:b8:dc:1c:0a:51:f4:28:21:e0:a8:97:0e:f9:90: c6:4e:4f:e1:bd:b6:0d:44:69:e9:7d:56:c9:ff:4e:8c:18:48: 4a:77:eb:8a:c2:ea:cf:cb:9b:29:fa:64:ce:87:6d:93:4e:c3: 74:c2:a7:35:ef:b2:f4:08:6c:bb:13:d3:4c:af:f7:ab:84:eb: 9a:88:43:a1:80:71:08:e5:ab:72:b9:e6:66:95:f1:f3:fd:79: 2f:e3:dc:95
显示证书信息
openssl s_client -connect www.alipay.com:443 -showcerts
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
如何不在网上虚度人生
[美] 肯尼思·戈德史密斯 / 刘畅 / 北京联合出版公司 / 2017-9 / 39.80元
我们平时上网多大程度上是浪费时间,多大程度是在学习、关心社会、激发创造力?我们真能彻底断网,逃离社交网络吗? 手机把都市人变成一群电子僵尸,是福是祸? 浏览记录就是我们将来的回忆录吗?文件归档属于一种现代民间艺术? 不自拍、P图、发朋友圈,我还是我吗? 美国知名概念艺术家戈德史密斯认为:上网绝不是浪费时间,而是一种创造性的活动。在本书中他以跨学科角度、散文式语言进行论证,涉及大众传播学、计算......一起来看看 《如何不在网上虚度人生》 这本书的介绍吧!