SSL 证书相关

证书时间获取

查看域名https证书到期时间

1.通过域名获取:

echo | openssl s_client -servername 域名 -connect 域名:443 2>/dev/null | openssl x509 -noout -dates

Not Before: Jun 16 11:31:29 2015 GMT(起)
Not After : Jun 17 02:38:48 2018 GMT(止)

举例:

[root@MyFirstwon ~]# echo | openssl s_client -servername myfirstwon.com -connect myfirstwon.com:443 2>/dev/null | openssl x509 -noout -dates
notBefore=May 10 00:00:00 2019 GMT
notAfter=May  9 12:00:00 2020 GMT
[root@MyFirstwon ~]# 
[root@MyFirstwon ~]# 

站点多的话也可以写个脚本:

[root@MyFirstwon shell]# bash https.sh 
baidu.com
2020
***************************
myfirstwon.com
2020
***************************
[root@MyFirstwon shell]# cat https.sh 
#!/bin/bash

web_list=(
baidu.com
myfirstwon.com
)

for i in ${web_list[@]};
do
    echo $i 
    A=`echo | openssl s_client -servername $i -connect $i:443 2>/dev/null | openssl x509 -noout -dates|tail -n 1`
    echo  ${A:0-8:4}
    echo '***************************'

done
[root@MyFirstwon shell]# 
2.通过证书获取

openssl x509 -in dingkai.crt(证书文件名,不是key) -noout -text

RSA 公钥 私钥

RSA 依赖于 openssl 执行生成命令后 文件会在当前目录下
[root@MyFirstwon RSA]# yum -y install openssl
[root@MyFirstwon RSA]# openssl

OpenSSL> genrsa -out rsa_private_key.pem 1024
Generating RSA private key, 1024 bit long modulus
……………………++++++
………………………….++++++
e is 65537 (0x10001)
OpenSSL> rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
writing RSA key
OpenSSL> quit
[root@MyFirstwon RSA]# ll rsa_*
-rw-r--r-- 1 root root 887 12月  4 14:33 rsa_private_key.pem
-rw-r--r-- 1 root root 272 12月  4 14:33 rsa_public_key.pem
comments powered by Disqus