2 answers
+1
−0
nmap
can do this:
$ nmap -p 443 --script ssl-cert codidact.com
Starting Nmap 7.95 ( https://nmap.org ) at 2024-08-12 10:06 EEST
Nmap scan report for codidact.com (104.26.0.18)
Host is up (0.0037s latency).
Other addresses for codidact.com (not scanned): 172.67.69.183 104.26.1.18 2606:4700:20::ac43:45b7 2606:4700:20::681a:112 2606:4700:20::681a:12
PORT STATE SERVICE
443/tcp open https
| ssl-cert: Subject: commonName=codidact.com
| Subject Alternative Name: DNS:codidact.com, DNS:*.codidact.com
| Issuer: commonName=WE1/organizationName=Google Trust Services/countryName=US
| Public Key type: ec
| Public Key bits: 256
| Signature Algorithm: ecdsa-with-SHA256
| Not valid before: 2024-07-19T22:57:44
| Not valid after: 2024-10-17T22:57:43
| MD5: 21a2:8844:43a9:2f68:6bbc:a49e:f3c0:d9a6
|_SHA-1: b42f:d65f:cd2d:5281:9d40:52bf:6578:6c74:95df:7c1a
Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds
It uses the ssl-cert
nmap script to gather and print out the information. -p 443
just selects the port to scan, and 443
happens to be the usual HTTPS
port.
0 comment threads
+3
−0
You can use openssl
to get the information. It is usually installed by default in every distribution.
$ openssl s_client -connect codidact.com:443 -showcerts </dev/null | openssl x509 -text
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R4
verify return:1
depth=1 C = US, O = Google Trust Services, CN = WE1
verify return:1
depth=0 CN = codidact.com
verify return:1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:47:84:d5:72:2f:87:93:0d:cb:0c:8d:e1:cb:8b:51
Signature Algorithm: ecdsa-with-SHA256
Issuer: C = US, O = Google Trust Services, CN = WE1
Validity
Not Before: Jul 19 22:57:44 2024 GMT
Not After : Oct 17 22:57:43 2024 GMT
Subject: CN = codidact.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:cf:48:b5:11:18:91:1d:51:08:0e:57:fe:79:87:
df:b9:e5:c5:3a:12:82:01:48:ed:2f:da:e7:77:b5:
5b:03:20:57:76:1b:4d:8f:81:d9:86:79:3f:63:12:
d1:cd:60:51:04:c6:1c:a5:f5:05:ce:1a:16:5b:28:
00:8a:3f:fb:06
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
90:8E:C8:D1:B7:1A:71:04:21:31:1D:0A:58:18:3A:F7:88:BA:B4:90
X509v3 Authority Key Identifier:
90:77:92:35:67:C4:FF:A8:CC:A9:E6:7B:D9:80:79:7B:CC:93:F9:38
Authority Information Access:
OCSP - URI:http://o.pki.goog/s/we1/FUc
CA Issuers - URI:http://i.pki.goog/we1.crt
X509v3 Subject Alternative Name:
DNS:codidact.com, DNS:*.codidact.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
X509v3 CRL Distribution Points:
Full Name:
URI:http://c.pki.goog/we1/c9egY9ikPsU.crl
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Jul 19 23:57:44.693 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:02:BE:E2:BA:07:C0:92:31:31:2B:66:5C:
47:25:0D:95:F3:93:D8:F5:D4:62:3E:C2:A8:16:B7:1B:
AE:3E:22:E6:02:21:00:96:DD:18:EC:9B:BB:F9:EC:85:
9D:35:63:E7:72:05:2E:B4:7A:A3:2F:6D:95:8F:25:65:
2C:5D:43:49:82:C5:85
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Jul 19 23:57:44.632 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:8D:BB:62:01:CB:49:3E:EC:01:AE:3A:
5E:F5:31:1A:DD:47:3B:4D:E7:CB:2E:42:8E:71:D2:50:
01:1C:48:9B:A0:02:21:00:CE:CE:80:9F:D3:72:5C:C5:
77:92:D8:9D:13:2B:28:46:5F:E8:F6:80:D2:33:01:15:
86:33:70:23:BF:7E:25:F0
Signature Algorithm: ecdsa-with-SHA256
Signature Value:
30:45:02:20:06:88:49:33:37:a4:ce:46:1d:4b:d5:fd:7a:8a:
53:50:4a:41:a6:63:0c:3a:21:9c:ef:ee:a1:4f:a0:f5:0a:2b:
02:21:00:c4:8a:e3:c0:cf:af:8a:7a:a0:99:9d:12:32:f9:7e:
09:d2:7d:2a:23:dd:78:94:22:e4:10:3c:ad:c8:02:56:68
0 comment threads