Version 6 (modified by terryk, 8 years ago) (diff)


Shows x509 certificate in readable format (-noout to not show certificate (PKCS1 DER encoded))

$ openssl x509 -noout -text -in pemFile.pem

Get the certificate of a data node and return its expired dates

$ openssl s_client -connect </dev/null 2>/dev/null|openssl x509 -noout -dates
notBefore=Oct 16 00:00:00 2013 GMT
notAfter=Oct 27 23:59:59 2014 GMT

Averiguate the hash of the cert. Options:

-subject_hash - print subject hash value -subject_hash_old - print old-style (MD5) subject hash value -issuer_hash - print issuer hash value -issuer_hash_old - print old-style (MD5) issuer hash value

$ openssl x509 -subject_hash_old -noout -in cert