Checking an Certificate Chain

  • Post by Mike Dixson
  • Jul 20, 2020
post-thumb

Use the following one liner to check the a certificate chain in detail:

openssl crl2pkcs7 -nocrl -certfile chained.crt | openssl pkcs7 -print_certs -text -noout | less

Use this command to produce a simple list of the chain in order:

echo "" | openssl s_client -connect www.google.com:443 2>&1 | grep -A 6 "Certificate chain"

#If your testing a local server which is listening on the same port for different headers use this:
echo "" | openssl s_client -connect 172.217.169.4:443 -servername www.google.com 2>&1 | grep -A 6 "Certificate chain"
LATEST POST
  • Post By Mike Dixson
  • Nov 17, 2020
Using MFA for Sudo Only
  • Post By Mike Dixson
  • Jul 25, 2020
Fixed: Obelisk not working in Ableton Live
  • Post By Mike Dixson
  • Jun 15, 2020
BYOBU files being flagged by rkhunter
TAG