メンテナンス・トラブルシュート - SSL 無料証明書(Let's Encrypt) - 証明書の内容を確認
- 1. 概要
- 2. コマンドで確認
1. 概要
証明書の内容を確認するときは、クライアントマシンで読みこんだものを、ブラウザなり、メールクライアントなりで表示させていたのですが・・・。
「SSL 証明書の内容を openssl で確認する - Qiita」を読んで、サーバ側でコマンドから確認できることがわかりました。
2. コマンドで確認
単に期限を見るだけの場合
$ openssl x509 -noout -dates -in /パス/cert.pem
notBefore=Jan 15 14:10:51 2019 GMT
notAfter=Apr 15 14:10:51 2019 GMT
全内容を確認する場合は
$ openssl x509 -text -noout -in /パス/cert.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:e8:9b:18:a2:f1:81:fc:5c:57:b5:6d:d1:bd:d8:36:c5:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
Validity
Not Before: Jan 15 14:10:51 2019 GMT
Not After : Apr 15 14:10:51 2019 GMT
Subject: CN=ns.sing.ne.jp
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:aa:07:a6:34:4a:f2:eb:8a:2b:44:be:ad:6e:84:
・・・ 略 ・・・
a4:32:61:b1:12:10:4f:b1:fc:a2:fb:34:72:06:76:
64:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
86:90:1A:A9:A7:E6:5E:F5:7F:98:9D:1F:00:80:8E:34:5E:C5:05:22
X509v3 Authority Key Identifier:
keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
Authority Information Access:
OCSP - URI:http://ocsp.int-x3.letsencrypt.org
CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
X509v3 Subject Alternative Name:
DNS:ns.sing.ne.jp
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1(0)
Log ID : E2:69:4B:AE:26:E8:E9:40:09:E8:86:1B:B6:3B:83:D4:
3E:E7:FE:74:88:FB:A4:8F:28:93:01:9D:DD:F1:DB:FE
Timestamp : Jan 15 15:10:52.477 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:1C:31:6F:96:9B:9F:C7:85:CC:F6:C1:C4:
・・・ 略 ・・・
83:45:FF:7E:37:8B
Signed Certificate Timestamp:
Version : v1(0)
Log ID : 29:3C:51:96:54:C8:39:65:BA:AA:50:FC:58:07:D4:B7:
6F:BF:58:7A:29:72:DC:A4:C3:0C:F4:E5:45:47:F4:78
Timestamp : Jan 15 15:10:52.068 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:C5:BC:4E:AD:0D:B8:E8:0D:8F:3C:41:
・・・ 略 ・・・
C7:AE:C0:30:01:E7:BE:D6
Signature Algorithm: sha256WithRSAEncryption
51:b1:9e:08:38:ce:cd:e5:b9:3c:67:91:7f:88:de:74:3e:5e:
・・・ 略 ・・・
03:1c:b8:ae:65:d7:e3:49:83:9b:c6:37:cc:99:e7:79:da:34:
62:0e:27:63
|
|