"SSL인증서 CN 확인"의 두 판 사이의 차이

30번째 줄: 30번째 줄:
[root@zetawiki ~]# openssl x509 -noout -subject -in /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem | sed -n '/^subject/s/^.*CN=//p'
[root@zetawiki ~]# openssl x509 -noout -subject -in /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem | sed -n '/^subject/s/^.*CN=//p'
Entrust.net Secure Server Certification Authority
Entrust.net Secure Server Certification Authority
</source>
==실행예시 (원격서버)==
<source lang='console'>
root@zetawiki:~# echo | openssl s_client -showcerts -connect google.com:443 2>/dev/null | sed -n '/^subject/s/^.*CN=//p'
*.google.com
</source>
<source lang='console'>
root@zetawiki:~# echo | openssl s_client -showcerts -connect ko.wikipedia.org:443 2>/dev/null | sed -n '/^subject/s/^.*CN=//p'
*.wikipedia.org
</source>
</source>



2017년 1월 6일 (금) 09:17 판

1 개요

인증서에서 CN 확인
인증서에서 Common Name 확인
  • 로컬 인증서 파일
openssl x509 -noout -subject -in 파일명
openssl x509 -noout -subject -in 파일명 | sed -n '/^subject/s/^.*CN=//p'
  • 원격서버 인증서
echo | openssl s_client -showcerts -connect 서버주소:443 2>/dev/null | sed -n '/^subject/s/^.*CN=//p'

2 실행예시 (로컬파일)

[root@zetawiki ~]# cat /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem | head
-----BEGIN CERTIFICATE-----
MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
... (생략)
W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
-----END CERTIFICATE-----
[root@zetawiki ~]# openssl x509 -noout -subject -in /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem
subject= /C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority
[root@zetawiki ~]# openssl x509 -noout -subject -in /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem | sed -n '/^subject/s/^.*CN=//p'
Entrust.net Secure Server Certification Authority

3 실행예시 (원격서버)

root@zetawiki:~# echo | openssl s_client -showcerts -connect google.com:443 2>/dev/null | sed -n '/^subject/s/^.*CN=//p'
*.google.com
root@zetawiki:~# echo | openssl s_client -showcerts -connect ko.wikipedia.org:443 2>/dev/null | sed -n '/^subject/s/^.*CN=//p'
*.wikipedia.org

4 같이 보기

5 참고 자료

문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}