How to pull SSL certificates from an external server
July 31, 20241 min read
# Pull a server's certificate:#openssl s_client -connect ${SERVER}:${PORT}# When dealing with a mail server using STARTTLS, we need# to modify this a bit:#openssl s_client -connect ${SERVER}:${PORT} \ -starttls smtp# Pull the entire certificate chain:#openssl s_client -connect ${SERVER}:${PORT} -showcerts# Get certificate information:#openssl x509 -in $CERT -text -noout# Calculate a SHA1 fingerprint:#openssl x509 -noout -in $CERT -fingerprint# Calculate a MD5 fingerprint:#openssl x509 -noout -in $CERT -fingerprint -md5