Home Server Apache Solution to: How do I read an SSL certificate using OpenSSL?

Get social!

I recently had need to read one of my SSL certificates, using openssl. The site that helped the most is here:

http://www.madboa.com/geek/openssl/

Solution

To read an SSL certificate:

openssl x509 -text -in ssl.crt

You'll see something like the following. Note that I've hidden sensitive data:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
 
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certificates.godaddy.com/repository, CN=Go Daddy Secure Certification Authority/serialNumber=07969287
        Validity
            Not Before: Apr 17 12:37:37 2013 GMT
            Not After : Apr 17 12:37:37 2014 GMT
        Subject: OU=Domain Control Validated, CN=v4.magicbrain.net
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
 
                Exponent:  (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 CRL Distribution Points:
                URI:http://crl.godaddy.com/gds1-89.crl
 
            X509v3 Certificate Policies:
                Policy: 2.16.840.1.114413.1.7.23.1
                  CPS: http://certificates.godaddy.com/repository/
 
            Authority Information Access:
                OCSP - URI:http://ocsp.godaddy.com/
                CA Issuers - URI:http://certificates.godaddy.com/repository/gd_intermediate.crt
 
            X509v3 Authority Key Identifier:
                keyid:
 
            X509v3 Subject Alternative Name:
                DNS:v4.magicbrain.net, DNS:www.v4.magicbrain.net
            X509v3 Subject Key Identifier:
 
    Signature Algorithm: sha1WithRSAEncryption
 
-----BEGIN CERTIFICATE-----
 
-----END CERTIFICATE-----

Bad Behavior has blocked 159 access attempts in the last 7 days.