ssl証明書の確認コマンド

1. コマンド

$ openssl x509 -text -noout -in <crtファイル>

2. 出力例

まずはサンプルに使用するため適当に証明書作成

# openssl req -new -x509 -nodes -out test.crt -keyout test.key -subj '/C=JP/ST=Tokyo/L=Chiyoda-ku/O=Foo INC./OU=Develoment Dept./CN=dev.exlample.com' -days 365

作成した証明書を確認

# openssl x509 -text -noout -in test.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            9e:87:f4:8d:15:ac:70:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=JP, ST=Tokyo, L=Chiyoda-ku, O=Foo INC., OU=Develoment Dept., CN=dev.exlample.com
        Validity
            Not Before: Oct  4 08:18:31 2018 GMT
            Not After : Oct  4 08:18:31 2019 GMT
        Subject: C=JP, ST=Tokyo, L=Chiyoda-ku, O=Foo INC., OU=Develoment Dept., CN=dev.exlample.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d7:c5:96:9b:82:66:e1:b9:61:4f:f3:11:c2:11:
                    8b:66:98:37:70:c0:7e:ce:71:d4:c6:79:b0:eb:78:
                    21:21:49:7f:e5:06:cf:a3:a6:be:d6:d2:96:3e:d7:
                    45:21:45:5b:77:33:aa:05:8c:5f:51:20:d3:03:5c:
                    9a:07:41:6c:0f:9b:90:12:a7:df:4d:09:82:e6:ae:
                    6e:51:ed:50:5d:6f:bd:65:23:7b:48:d0:ab:61:4a:
                    03:00:9f:20:53:74:6d:4b:c3:ff:9c:2e:c7:33:bc:
                    c6:b0:08:32:f3:b7:75:cf:6b:f1:89:9d:df:25:14:
                    9b:83:b3:1f:21:a7:e3:c1:27:ba:27:79:a4:d7:db:
                    e7:41:d8:6e:f1:f3:25:34:88:0a:5b:35:89:31:7b:
                    48:ba:89:94:80:b2:0d:47:3c:7d:a4:42:22:ab:87:
                    c6:b7:97:d4:7b:5e:10:8c:5e:b2:83:b3:fa:39:ee:
                    36:06:22:f2:36:73:25:d9:ef:81:e7:7c:10:ca:f6:
                    9c:dc:d6:f3:24:dd:8d:d0:7e:81:93:d8:90:3b:c0:
                    2a:e3:33:23:fc:c7:c5:3e:c4:3a:c8:d5:e0:71:34:
                    5e:86:48:af:a6:9d:29:2e:97:42:71:07:a5:79:db:
                    56:a1:b4:bb:eb:d7:42:9a:9b:fb:d5:0e:18:6c:7b:
                    60:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:FA:43:86:2D:A4:88:87:53:05:24:FA:64:68:94:C6:81:AA:CD:B9
            X509v3 Authority Key Identifier:
                keyid:49:FA:43:86:2D:A4:88:87:53:05:24:FA:64:68:94:C6:81:AA:CD:B9

            X509v3 Basic Constraints:
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
         d0:04:3b:f9:43:ef:ca:69:2d:db:f0:8d:75:40:07:d0:74:60:
         dd:b3:4f:61:1a:81:15:40:8c:86:98:b3:86:31:a9:b7:0b:12:
         95:f2:10:88:03:a9:c8:28:72:d8:aa:e5:28:e7:7d:ec:17:9c:
         05:e5:8b:be:8e:48:25:7c:bd:ba:1e:0c:b9:51:1f:42:ff:82:
         30:3a:03:65:7a:62:e7:b1:ca:91:34:da:3e:2d:2a:25:a1:ba:
         e4:21:fe:c9:a0:89:97:dd:bd:7f:5c:b6:dd:f7:4f:37:bb:ea:
         30:4f:a3:3f:75:f3:0b:17:ad:cb:21:c9:91:55:42:3d:b9:41:
         3f:4c:94:a3:df:93:31:6a:6c:07:45:f5:40:f6:d9:76:5b:b4:
         df:97:db:80:57:ca:be:22:3f:e0:4a:33:f9:bb:60:a2:43:b5:
         b5:a0:c1:b7:b9:f9:18:a3:10:d4:5a:fa:36:fa:2a:57:c9:6e:
         a0:df:47:6c:1e:a2:8e:e5:da:c0:ef:1d:83:db:bf:1a:c3:24:
         23:9a:ff:9e:a9:6d:b6:4e:39:7f:ff:a4:11:98:a7:3e:59:f8:
         f2:c5:0b:eb:89:5e:90:51:b0:bf:eb:09:9b:fc:05:c8:36:8e:
         e0:e9:38:ec:d3:3f:05:22:57:36:e1:23:db:4b:ed:71:d2:a7:
         fb:e6:e7:4f