SSL인증서 CN 확인

(SSL 인증서 CN 확인에서 넘어옴)

1 개요[ | ]

SSL인증서 CN 확인
SSL인증서 일반명칭 확인
인증서에서 Common Name 확인
  • 로컬 인증서 파일
openssl x509 -noout -subject -in 파일명
openssl x509 -noout -subject -in 파일명 | sed -n '/^subject/s/^.*CN=//p'
  • 원격서버 인증서
echo | openssl s_client -showcerts -connect 서버주소:443 2>/dev/null | sed -n '/^subject/s/^.*CN=//p'
echo | openssl s_client -showcerts -connect 서버주소:443 2>/dev/null | sed -n '/^issuer/s/^.*CN=//p'

2 실행예시 (로컬파일)[ | ]

[root@zetawiki ~]# cat /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem | head
-----BEGIN CERTIFICATE-----
MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
... (생략)
W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
-----END CERTIFICATE-----
[root@zetawiki ~]# openssl x509 -noout -subject -in /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem
subject= /C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Secure Server Certification Authority
[root@zetawiki ~]# openssl x509 -noout -subject -in /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem | sed -n '/^subject/s/^.*CN=//p'
Entrust.net Secure Server Certification Authority

3 실행예시 (원격서버)[ | ]

root@zetawiki:~# echo | openssl s_client -showcerts -connect google.com:443 2>/dev/null | sed -n '/^subject/s/^.*CN=//p'
*.google.com
root@zetawiki:~# echo | openssl s_client -showcerts -connect google.com:443 2>/dev/null | sed -n '/^issuer/s/^.*CN=//p'
Google Internet Authority G2
root@zetawiki:~# echo | openssl s_client -showcerts -connect ko.wikipedia.org:443 2>/dev/null | sed -n '/^subject/s/^.*CN=//p'
*.wikipedia.org
root@zetawiki:~# echo | openssl s_client -showcerts -connect ko.wikipedia.org:443 2>/dev/null | sed -n '/^issuer/s/^.*CN=//p'
GlobalSign Organization Validation CA - SHA256 - G2

4 같이 보기[ | ]

5 참고[ | ]

문서 댓글 ({{ doc_comments.length }})
{{ comment.name }} {{ comment.created | snstime }}