티스토리 뷰

  • Subject : 소유자의 데이터로 domain 정보가 포함된다.
  • Issuer : CA를 의미

CA(Certificate Authority)

subject 및 issuer 확인

$ curl -sL https://certs.godaddy.com/repository/gdroot-g2.crt | openssl x509 -subject -noout
subject=C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2
$ curl -sL https://certs.godaddy.com/repository/gdroot-g2.crt | openssl x509 -issuer -noout
issuer=C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2

expire time 확인

$ curl -sL https://certs.godaddy.com/repository/gdroot-g2.crt | openssl x509 -enddate -noout
notAfter=Dec 31 23:59:59 2037 GMT

certificate

subject 및 issuer 확인

$ cat jacobbaek.com/cert.pem  | openssl x509 -subject -noout
subject=CN = *.jacobbaek.com
$ cat jacobbaek.com/cert.pem  | openssl x509 -issuer -noout
issuer=C = US, O = Let's Encrypt, CN = R3

expire time 확인

$ cat jacobbaek.com/cert.pem  | openssl x509 -enddate -noout
notAfter=Jan 15 01:50:45 2024 GMT

certificate

server certificate 가져오기

$ SERVERURL="www.google.com"
$ openssl s_client -connect $SERVERURL:443 2>/dev/null </dev/null |  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'

subjet 확인

$ SERVERURL="www.google.com"
$ openssl s_client -connect $SERVERURL:443 2>/dev/null </dev/null |  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -subject -noout

References

https://stackoverflow.com/questions/40061263/what-is-ca-certificate-and-why-do-we-need-it

'Security > System&Tools' 카테고리의 다른 글

Teleport  (0) 2021.08.10
Grafana login using Keycloak OAuth  (0) 2021.06.15
Wireguard  (0) 2020.07.02
metasploit  (0) 2013.06.10
댓글
공지사항
최근에 올라온 글
최근에 달린 댓글
Total
Today
Yesterday
링크
«   2024/07   »
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31
글 보관함