Last active
June 2, 2025 11:01
-
-
Save swarupdonepudi/51e8148fba3f2f3d7addd7f352f6e9a5 to your computer and use it in GitHub Desktop.
check ssl certificate using openssl cli
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Below is the command I used to check the status of an SSL Certificate for `id.planton.cloud` domain from command line | |
| ```sh | |
| echo | openssl s_client -connect id.planton.cloud:443 -servername id.planton.cloud | head | |
| ``` | |
| ```sh | |
| Connecting to 104.19.168.24 | |
| depth=2 C=US, O=Internet Security Research Group, CN=ISRG Root X1 | |
| verify return:1 | |
| depth=1 C=US, O=Let's Encrypt, CN=E6 | |
| verify return:1 | |
| depth=0 CN=id.planton.cloud | |
| verify return:1 | |
| CONNECTED(00000006) | |
| --- | |
| Certificate chain | |
| 0 s:CN=id.planton.cloud | |
| i:C=US, O=Let's Encrypt, CN=E6 | |
| DONE | |
| a:PKEY: EC, (prime256v1); sigalg: ecdsa-with-SHA384 | |
| v:NotBefore: Jun 2 08:53:57 2025 GMT; NotAfter: Aug 31 08:53:56 2025 GMT | |
| 1 s:C=US, O=Let's Encrypt, CN=E6 | |
| i:C=US, O=Internet Security Research Group, CN=ISRG Root X1 | |
| a:PKEY: EC, (secp384r1); sigalg: sha256WithRSAEncryption | |
| ``` | |
| ## Full Details | |
| Remove ` | head` at the end of the command to see full details | |
| ```sh | |
| Connecting to 104.19.168.24 | |
| CONNECTED(00000006) | |
| depth=2 C=US, O=Internet Security Research Group, CN=ISRG Root X1 | |
| verify return:1 | |
| depth=1 C=US, O=Let's Encrypt, CN=E6 | |
| verify return:1 | |
| depth=0 CN=id.planton.cloud | |
| verify return:1 | |
| --- | |
| Certificate chain | |
| 0 s:CN=id.planton.cloud | |
| i:C=US, O=Let's Encrypt, CN=E6 | |
| a:PKEY: EC, (prime256v1); sigalg: ecdsa-with-SHA384 | |
| v:NotBefore: Jun 2 08:53:57 2025 GMT; NotAfter: Aug 31 08:53:56 2025 GMT | |
| 1 s:C=US, O=Let's Encrypt, CN=E6 | |
| i:C=US, O=Internet Security Research Group, CN=ISRG Root X1 | |
| a:PKEY: EC, (secp384r1); sigalg: sha256WithRSAEncryption | |
| v:NotBefore: Mar 13 00:00:00 2024 GMT; NotAfter: Mar 12 23:59:59 2027 GMT | |
| --- | |
| Server certificate | |
| -----BEGIN CERTIFICATE----- | |
| MIIDjTCCAxKgAwIBAgISBhhah0qXY8+pVEvCHeKDXCpQMAoGCCqGSM49BAMDMDIx | |
| CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF | |
| NjAeFw0yNTA2MDIwODUzNTdaFw0yNTA4MzEwODUzNTZaMBsxGTAXBgNVBAMTEGlk | |
| LnBsYW50b24uY2xvdWQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARUICtJCMQT | |
| veCuA9z0j96dECSMQykfPQc9BBlfXdy26JorrKVS12fwIWnL2dbRRJPLp3CfHtxf | |
| RmN6TQBpeQUoo4ICHTCCAhkwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsG | |
| AQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQumhmLo5sU | |
| Y2AE94ojL/AHKbhyLjAfBgNVHSMEGDAWgBSTJ0aYA6lRaI6Y1sRCSNsjv1iU0jAy | |
| BggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lNi5pLmxlbmNyLm9y | |
| Zy8wGwYDVR0RBBQwEoIQaWQucGxhbnRvbi5jbG91ZDATBgNVHSAEDDAKMAgGBmeB | |
| DAECATAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vZTYuYy5sZW5jci5vcmcvODEu | |
| Y3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYA7TxL1ugGwqSiAFfbyyTiOAHf | |
| US/txIbFcA8g3bc+P+AAAAGXMA6E3QAABAMARzBFAiAbooSMX0JAw7Nadb68ncp5 | |
| O9BMCJrIilAPOxMxFF6jGAIhANCmk9riLyP9/637789StoSwW5c6sZGt429v0hDZ | |
| J7sFAHUAEvFONL1TckyEBhnDjz96E/jntWKHiJxtMAWE6+WGJjoAAAGXMA6MtQAA | |
| BAMARjBEAiBOXaf3Wlm3ojsTljdDZgFiL/0Cq1C7V7a//xjvISQEtQIgXViykJif | |
| e84BPi/JsCKQtsC5z2u6E/TxStYkDQDfocwwCgYIKoZIzj0EAwMDaQAwZgIxAPFL | |
| zEM57EoyZIoSnEZN8x5/l/YZF55MH0cmUbj697wZwe2zL84iZouTPFo8Pd+apQIx | |
| AJZkAPwBGrP1TD4ZBw7rKNhLukWA7Mij6R5B4ROAcuQHla0u1CFZaJQ89kNbDntJ | |
| DQ== | |
| -----END CERTIFICATE----- | |
| subject=CN=id.planton.cloud | |
| issuer=C=US, O=Let's Encrypt, CN=E6 | |
| --- | |
| No client certificate CA names sent | |
| Peer signing digest: SHA256 | |
| Peer signature type: ecdsa_secp256r1_sha256 | |
| Negotiated TLS1.3 group: X25519MLKEM768 | |
| --- | |
| SSL handshake has read 3430 bytes and written 1629 bytes | |
| Verification: OK | |
| --- | |
| New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 | |
| Protocol: TLSv1.3 | |
| Server public key is 256 bit | |
| This TLS version forbids renegotiation. | |
| Compression: NONE | |
| Expansion: NONE | |
| No ALPN negotiated | |
| Early data was not sent | |
| Verify return code: 0 (ok) | |
| --- | |
| DONE | |
| ``` | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment