Shows x509 certificate in readable format (-noout to not show certificate (PKCS1 DER encoded))

$ openssl x509 -noout -text -in pemFile.pem

Get the certificate of a data node and return its expired dates

$ openssl s_client -connect </dev/null 2>/dev/null|openssl x509 -noout -dates
notBefore=Oct 16 00:00:00 2013 GMT
notAfter=Oct 27 23:59:59 2014 GMT

Find out the hash of the cert. Options:

  • -subject_hash: print subject hash value
  • -subject_hash_old: print old-style (MD5) subject hash value
  • -issuer_hash: print issuer hash value
  • -issuer_hash_old: print old-style (MD5) issuer hash value
$ openssl x509 -subject_hash_old -noout -in cert
Last modified 8 years ago Last modified on Oct 31, 2014 2:17:27 PM