内容简介:显示证书信息提取证书
openssl s_client -connect awen.me:443 -state
显示证书信息
➜ Downloads openssl s_client -connect awen.me:443 -state
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = awen.me
verify return:1
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read server session ticket A
SSL_connect:SSLv3 read finished A
---
Certificate chain
0 s:/CN=awen.me
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISA3pwr8utOg9I8/XTJ+8wdJTOMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEwMTEwMDAzMzhaFw0x
ODAxMDkwMDAzMzhaMBIxEDAOBgNVBAMTB2F3ZW4ubWUwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQCtCuIWnpHvn6Lm7twgUlkzy1v6j1tQ/yDxWyd8gvOk
GJhLTlAepXdkLQsEw2QRpGxoOvsO28K9MH4B1baLGyl5TbNnZAFIUOrkDBMvaPFU
FYXK2yqtdSfky9AD3LkSjRcDMspqm9tIqjBYyu78lomZR/AgcVePYPwYfONzaE8J
4NvCLneFI+fzifNuqpkUt18wpWBp/oVC1/ln74ShVmYczg9IqTX8vw58MWlBemIL
OI40ExXDnOHa7ZdxFl1lKPtVjfQjR3bS84Dsj7XBqDYLe3tJNed0+kTJIgQFhshH
kcpDpMPW78rDz/e1akA2o0Ry/WzAnf9dOJDfjvd7FsC1AgMBAAGjggIiMIICHjAO
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG
A1UdEwEB/wQCMAAwHQYDVR0OBBYEFO1HBP+QqfO+dhvj5nr6vAr/mlOHMB8GA1Ud
IwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggr
BgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggr
BgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYD
VR0RBCYwJIIHYXdlbi5tZYIMZmlsZS5hd2VuLm1lggt3d3cuYXdlbi5tZTCB/gYD
VR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUH
AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyB
m1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVs
eWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2Vy
dGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3Jn
L3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAM74q3r2wOgyAfcg1atlgz
MChtVGaKTllk4tdS8OJKzhIFBR77NG7gHd1lzs/yQr4l3WYv4T2T5+Ayp4c95fvb
uWqMsrD3sL30MBhqCeXdccJlckWUfsejmUOEAzyqtscAtrIw3ksQLOmlibf326TJ
sIMV+oHsg9arSHUj2Z4hzMDxbH2jl+6J3HlszPmufUS2HRRMD9KGJFUECsmPnD+w
dUeBLOlcuNwcClH0KCHgqJcO+ZDGTk/hvbYNRGnpfVbJ/06MGEhKd+uKwurPy5sp
+mTOh22TTsN0wqc177L0CGy7E9NMr/erhOuaiEOhgHEI5atyueZmlfHz/Xkv49yV
-----END CERTIFICATE-----
subject=/CN=awen.me
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3148 bytes and written 433 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 07B2204FD14B558C10FD7B46FB671AA2773A7879E4D54EB6B87969AC0715817C
Session-ID-ctx:
Master-Key: A4CDEE832FED5CF7BC3EDBAF26F6656D50013C5B3D0F9180328E01055A4975ECF5DEB30EB7CBCD793743A5E5798CDF50
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 86400 (seconds)
TLS session ticket:
0000 - 04 b2 d5 29 64 26 3a 7e-6b 73 f7 51 59 05 2c ef ...)d&:~ks.QY.,.
0010 - 6e 16 8c cd 04 bd b7 31-89 54 f0 93 36 98 92 ea n......1.T..6...
0020 - 89 5e 00 96 d4 04 09 4b-a6 a6 3b b0 73 24 45 40 .^.....K..;.s$E@
0030 - a7 db c5 20 cd a0 72 c8-08 1b f9 a7 66 c6 64 a4 ... ..r.....f.d.
0040 - 05 42 c8 69 e9 19 1a 33-46 63 b1 6b 6b 82 56 01 .B.i...3Fc.kk.V.
0050 - 21 22 60 32 fd a3 af 58-77 8f f1 39 2b 44 f2 52 !"`2...Xw..9+D.R
0060 - 6f 7e 93 80 19 8d a4 36-91 b3 c2 01 38 d3 6a 95 o~.....6....8.j.
0070 - fc 22 d5 77 9d 67 2a 84-7f 35 85 c7 a1 7d e8 13 .".w.g*..5...}..
0080 - 8e 38 96 c4 2c a6 35 02-92 1c 05 07 ef 4c 4d 80 .8..,.5......LM.
0090 - fa cb 1b 3a 5b 15 f5 f0-46 ce 45 60 65 40 82 9f ...:[...F.E`e@..
00a0 - f3 62 36 9c 00 ab c0 9f-db 77 b0 36 f0 24 b7 74 .b6......w.6.$.t
Start Time: 1509693221
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
SSL3 alert read:warning:close notify
closed
SSL3 alert write:warning:close notify
提取证书
echo |\openssl s_client -connect awen.me:443 2>&1|\sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> awen.pem
得到如下内容
➜ Downloads cat awen.pem -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISA3pwr8utOg9I8/XTJ+8wdJTOMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzEwMTEwMDAzMzhaFw0x ODAxMDkwMDAzMzhaMBIxEDAOBgNVBAMTB2F3ZW4ubWUwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCtCuIWnpHvn6Lm7twgUlkzy1v6j1tQ/yDxWyd8gvOk GJhLTlAepXdkLQsEw2QRpGxoOvsO28K9MH4B1baLGyl5TbNnZAFIUOrkDBMvaPFU FYXK2yqtdSfky9AD3LkSjRcDMspqm9tIqjBYyu78lomZR/AgcVePYPwYfONzaE8J 4NvCLneFI+fzifNuqpkUt18wpWBp/oVC1/ln74ShVmYczg9IqTX8vw58MWlBemIL OI40ExXDnOHa7ZdxFl1lKPtVjfQjR3bS84Dsj7XBqDYLe3tJNed0+kTJIgQFhshH kcpDpMPW78rDz/e1akA2o0Ry/WzAnf9dOJDfjvd7FsC1AgMBAAGjggIiMIICHjAO BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG A1UdEwEB/wQCMAAwHQYDVR0OBBYEFO1HBP+QqfO+dhvj5nr6vAr/mlOHMB8GA1Ud IwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggr BgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggr BgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLQYD VR0RBCYwJIIHYXdlbi5tZYIMZmlsZS5hd2VuLm1lggt3d3cuYXdlbi5tZTCB/gYD VR0gBIH2MIHzMAgGBmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUH AgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyB m1RoaXMgQ2VydGlmaWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVs eWluZyBQYXJ0aWVzIGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2Vy dGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3Jn L3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAM74q3r2wOgyAfcg1atlgz MChtVGaKTllk4tdS8OJKzhIFBR77NG7gHd1lzs/yQr4l3WYv4T2T5+Ayp4c95fvb uWqMsrD3sL30MBhqCeXdccJlckWUfsejmUOEAzyqtscAtrIw3ksQLOmlibf326TJ sIMV+oHsg9arSHUj2Z4hzMDxbH2jl+6J3HlszPmufUS2HRRMD9KGJFUECsmPnD+w dUeBLOlcuNwcClH0KCHgqJcO+ZDGTk/hvbYNRGnpfVbJ/06MGEhKd+uKwurPy5sp +mTOh22TTsN0wqc177L0CGy7E9NMr/erhOuaiEOhgHEI5atyueZmlfHz/Xkv49yV -----END CERTIFICATE-----
查看证书信息
➜ Downloads openssl x509 -noout -text -in awen.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:7a:70:af:cb:ad:3a:0f:48:f3:f5:d3:27:ef:30:74:94:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
Validity
Not Before: Oct 11 00:03:38 2017 GMT
Not After : Jan 9 00:03:38 2018 GMT
Subject: CN=awen.me
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ad:0a:e2:16:9e:91:ef:9f:a2:e6:ee:dc:20:52:
59:33:cb:5b:fa:8f:5b:50:ff:20:f1:5b:27:7c:82:
f3:a4:18:98:4b:4e:50:1e:a5:77:64:2d:0b:04:c3:
64:11:a4:6c:68:3a:fb:0e:db:c2:bd:30:7e:01:d5:
b6:8b:1b:29:79:4d:b3:67:64:01:48:50:ea:e4:0c:
13:2f:68:f1:54:15:85:ca:db:2a:ad:75:27:e4:cb:
d0:03:dc:b9:12:8d:17:03:32:ca:6a:9b:db:48:aa:
30:58:ca:ee:fc:96:89:99:47:f0:20:71:57:8f:60:
fc:18:7c:e3:73:68:4f:09:e0:db:c2:2e:77:85:23:
e7:f3:89:f3:6e:aa:99:14:b7:5f:30:a5:60:69:fe:
85:42:d7:f9:67:ef:84:a1:56:66:1c:ce:0f:48:a9:
35:fc:bf:0e:7c:31:69:41:7a:62:0b:38:8e:34:13:
15:c3:9c:e1:da:ed:97:71:16:5d:65:28:fb:55:8d:
f4:23:47:76:d2:f3:80:ec:8f:b5:c1:a8:36:0b:7b:
7b:49:35:e7:74:fa:44:c9:22:04:05:86:c8:47:91:
ca:43:a4:c3:d6:ef:ca:c3:cf:f7:b5:6a:40:36:a3:
44:72:fd:6c:c0:9d:ff:5d:38:90:df:8e:f7:7b:16:
c0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
ED:47:04:FF:90:A9:F3:BE:76:1B:E3:E6:7A:FA:BC:0A:FF:9A:53:87
X509v3 Authority Key Identifier:
keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
Authority Information Access:
OCSP - URI:http://ocsp.int-x3.letsencrypt.org
CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:awen.me, DNS:file.awen.me, DNS:www.awen.me
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
User Notice:
Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/
Signature Algorithm: sha256WithRSAEncryption
0c:ef:8a:b7:af:6c:0e:83:20:1f:72:0d:5a:b6:58:33:30:28:
6d:54:66:8a:4e:59:64:e2:d7:52:f0:e2:4a:ce:12:05:05:1e:
fb:34:6e:e0:1d:dd:65:ce:cf:f2:42:be:25:dd:66:2f:e1:3d:
93:e7:e0:32:a7:87:3d:e5:fb:db:b9:6a:8c:b2:b0:f7:b0:bd:
f4:30:18:6a:09:e5:dd:71:c2:65:72:45:94:7e:c7:a3:99:43:
84:03:3c:aa:b6:c7:00:b6:b2:30:de:4b:10:2c:e9:a5:89:b7:
f7:db:a4:c9:b0:83:15:fa:81:ec:83:d6:ab:48:75:23:d9:9e:
21:cc:c0:f1:6c:7d:a3:97:ee:89:dc:79:6c:cc:f9:ae:7d:44:
b6:1d:14:4c:0f:d2:86:24:55:04:0a:c9:8f:9c:3f:b0:75:47:
81:2c:e9:5c:b8:dc:1c:0a:51:f4:28:21:e0:a8:97:0e:f9:90:
c6:4e:4f:e1:bd:b6:0d:44:69:e9:7d:56:c9:ff:4e:8c:18:48:
4a:77:eb:8a:c2:ea:cf:cb:9b:29:fa:64:ce:87:6d:93:4e:c3:
74:c2:a7:35:ef:b2:f4:08:6c:bb:13:d3:4c:af:f7:ab:84:eb:
9a:88:43:a1:80:71:08:e5:ab:72:b9:e6:66:95:f1:f3:fd:79:
2f:e3:dc:95
显示证书信息
openssl s_client -connect www.alipay.com:443 -showcerts
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
Beautiful Code
Greg Wilson、Andy Oram / O'Reilly Media / 2007-7-6 / GBP 35.99
In this unique work, leading computer scientists discuss how they found unusual, carefully designed solutions to difficult problems. This book lets the reader look over the shoulder of major coding an......一起来看看 《Beautiful Code》 这本书的介绍吧!
