User Tools

Site Tools


howtos:view_the_contents_of_a_certificate

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

howtos:view_the_contents_of_a_certificate [d/m/Y H:i] (current)
Line 1: Line 1:
 +Once you have a certificate,​ either a self-signed one or one signed by a third-party Certificate Authority (CA), you may want to view the contents of the certificate. If you simply look at the file with a text editor, you will only see a block of PEM-encoded text such as this:
 +<​file>​
 +    -----BEGIN CERTIFICATE-----
 +    MIID1zCCA0CgAwIBAgIJAPznkOa+zeeLMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD
 +    VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxDzANBgNVBAcTBlVyYmFuYTENMAsG
 +    A1UEChMETkNTQTEjMCEGA1UECxMaU2VjdXJpdHkgUmVzZWFyY2ggRGl2aXNpb24x
 +    GjAYBgNVBAMTEXd3dy5uY3NhLnVpdWMuZWR1MSEwHwYJKoZIhvcNAQkBFhJyb290
 +    QG5jYXMudWl1Yy5lZHUwHhcNMDYwMzAxMTkzMDMxWhcNMDcwMzAxMTkzMDMxWjCB
 +    pDELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMQ8wDQYDVQQHEwZVcmJh
 +    bmExDTALBgNVBAoTBE5DU0ExIzAhBgNVBAsTGlNlY3VyaXR5IFJlc2VhcmNoIERp
 +    dmlzaW9uMRowGAYDVQQDExF3d3cubmNzYS51aXVjLmVkdTEhMB8GCSqGSIb3DQEJ
 +    ARYScm9vdEBuY2FzLnVpdWMuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
 +    gQCy8/​9Afil4C+wvFdm2p7w6sQsZolXJQ1J07VDySCoguXCi6sCR/​AyJEr9E6jP3
 +    50FsgFoMn4d0qhkBb6JwczJtJRPphZIvXTi0rrOzZpe0yTF17NWcc5XXn9M8MbR2
 +    jS97pjJ2AyclvOgGN/​nYIdEpBfGKJ0cLQr50rBEAu+GScQIDAQABo4IBDTCCAQkw
 +    HQYDVR0OBBYEFA9U2p42HR64xIK3uK9TqsuBYkorMIHZBgNVHSMEgdEwgc6AFA9U
 +    2p42HR64xIK3uK9TqsuBYkoroYGqpIGnMIGkMQswCQYDVQQGEwJVUzERMA8GA1UE
 +    CBMISWxsaW5vaXMxDzANBgNVBAcTBlVyYmFuYTENMAsGA1UEChMETkNTQTEjMCEG
 +    A1UECxMaU2VjdXJpdHkgUmVzZWFyY2ggRGl2aXNpb24xGjAYBgNVBAMTEXd3dy5u
 +    Y3NhLnVpdWMuZWR1MSEwHwYJKoZIhvcNAQkBFhJyb290QG5jYXMudWl1Yy5lZHWC
 +    CQD855Dmvs3nizAMBgNVHRMEBTADAQH/​MA0GCSqGSIb3DQEBBQUAA4GBAAfq52g4
 +    oMVFtzp52pMZevxov9HyJNpuWHOP7y7WHmuYzigDy5vOqJgPki3w3hkdprIKKIb5
 +    7UPwfEZxrW4WwklWllcYV2/​00ytZ9tf5GreGhM+AGKOZzv+fDQBtzLr4T4TOjpQO
 +    HtceiR1JeNNVHL+Y53cXbP6qKh0TYn8xVQH3
 +    -----END CERTIFICATE-----
 +</​file>​
 +
 +If you want to see the actual entries for this file, you can view the contents as text. Here's is a typical openssl command and the resulting output:
 +
 +    > openssl x509 -text -noout -in hostcert.pem
 +    Certificate:​
 +        Data:
 +            Version: 3 (0x2)
 +            Serial Number:
 +                fc:​e7:​90:​e6:​be:​cd:​e7:​8b
 +            Signature Algorithm: sha1WithRSAEncryption
 +            Issuer: C=US, ST=Illinois,​ L=Urbana, O=NCSA, OU=Security Research Division, ​
 +                    CN=www.ncsa.uiuc.edu/​emailAddress=webmaster@ncsa.uiuc.edu
 +            Validity
 +                Not Before: Mar  1 19:30:31 2006 GMT
 +                Not After : Mar  1 19:30:31 2007 GMT
 +            Subject: C=US, ST=Illinois,​ L=Urbana, O=NCSA, OU=Security Research Division,
 +                     ​CN=www.ncsa.uiuc.edu/​emailAddress=webmaster@ncsa.uiuc.edu
 +            Subject Public Key Info:
 +                Public Key Algorithm: rsaEncryption
 +                RSA Public Key: (1024 bit)
 +                    Modulus (1024 bit):
 +                        00:​b2:​f3:​ff:​40:​7e:​29:​78:​0b:​ec:​2f:​15:​d9:​b6:​a7:​
 +                        bc:​3a:​b1:​0b:​19:​a2:​55:​c9:​43:​52:​74:​ed:​50:​f2:​48:​
 +                        2a:​20:​b9:​70:​a2:​ea:​c0:​91:​fc:​0c:​89:​12:​bf:​44:​ea:​
 +                        33:​f7:​e7:​41:​6c:​80:​5a:​0c:​9f:​87:​74:​aa:​19:​01:​6f:​
 +                        a2:​70:​73:​32:​6d:​25:​13:​e9:​85:​92:​2f:​5d:​38:​b4:​ae:​
 +                        b3:​b3:​66:​97:​b4:​c9:​31:​75:​ec:​d5:​9c:​73:​95:​d7:​9f:​
 +                        d3:​3c:​31:​b4:​76:​8d:​2f:​7b:​a6:​32:​76:​03:​27:​25:​bc:​
 +                        e8:​06:​37:​f9:​d8:​21:​d1:​29:​05:​f1:​8a:​27:​47:​0b:​42:​
 +                        be:​74:​ac:​11:​00:​bb:​e1:​92:​71
 +                    Exponent: 65537 (0x10001)
 +            X509v3 extensions:
 +                X509v3 Subject Key Identifier: ​
 +                    0F:​54:​DA:​9E:​36:​1D:​1E:​B8:​C4:​82:​B7:​B8:​AF:​53:​AA:​CB:​81:​62:​4A:​2B
 +                X509v3 Authority Key Identifier: ​
 +                    keyid:​0F:​54:​DA:​9E:​36:​1D:​1E:​B8:​C4:​82:​B7:​B8:​AF:​53:​AA:​CB:​81:​62:​4A:​2B
 +                    DirName:/​C=US/​ST=Illinois/​L=Urbana/​O=NCSA/​OU=Security Research Division/
 +                            CN=www.ncsa.uiuc.edu/​emailAddress=webmaster@ncsa.uiuc.edu
 +                    serial:​FC:​E7:​90:​E6:​BE:​CD:​E7:​8B
 +                X509v3 Basic Constraints: ​
 +                    CA:TRUE
 +        Signature Algorithm: sha1WithRSAEncryption
 +            07:​ea:​e7:​68:​38:​a0:​c5:​45:​b7:​3a:​79:​da:​93:​19:​7a:​fc:​68:​bf:​
 +            d1:​f2:​24:​da:​6e:​58:​73:​8f:​ef:​2e:​d6:​1e:​6b:​98:​ce:​28:​03:​cb:​
 +            9b:​ce:​a8:​98:​0f:​92:​2d:​f0:​de:​19:​1d:​a6:​b2:​0a:​28:​86:​f9:​ed:​
 +            43:​f0:​7c:​46:​71:​ad:​6e:​16:​c2:​49:​56:​96:​57:​18:​57:​6f:​f4:​d3:​
 +            2b:​59:​f6:​d7:​f9:​1a:​b7:​86:​84:​cf:​80:​18:​a3:​99:​ce:​ff:​9f:​0d:​
 +            00:​6d:​cc:​ba:​f8:​4f:​84:​ce:​8e:​94:​0e:​1e:​d7:​1e:​89:​1d:​49:​78:​
 +            d3:​55:​1c:​bf:​98:​e7:​77:​17:​6c:​fe:​aa:​2a:​1d:​13:​62:​7f:​31:​55:​
 +            01:f7
 +    >
 +
 +Here's an explanation of the command line options:
 +
 +    * -text - view the contents of the certificate as plain text.
 +    * -noout - do not output the PEM-encoded version of the certificate.
 +    * -in hostcert.pem - read in the certificate from the file hostcert.pem.
 +
 +
  
howtos/view_the_contents_of_a_certificate.txt · Last modified: d/m/Y H:i (external edit)