{"id":8148,"date":"2017-05-31T17:06:39","date_gmt":"2017-05-31T09:06:39","guid":{"rendered":"http:\/\/jpuyy.com\/?p=8148"},"modified":"2020-11-24T10:33:34","modified_gmt":"2020-11-24T02:33:34","slug":"openssl-%e6%a3%80%e9%aa%8c-ssl-%e8%af%81%e4%b9%a6%e8%bf%87%e6%9c%9f%e6%97%b6%e9%97%b4","status":"publish","type":"post","link":"https:\/\/jpuyy.com\/?p=8148","title":{"rendered":"openssl shell \u68c0\u9a8c ssl \u8bc1\u4e66\u8fc7\u671f\u65f6\u95f4"},"content":{"rendered":"<p>\u8bed\u6cd5\u5982\u4e0b<\/p>\n<pre>\r\nsite=www.youqiantu.com\r\necho | openssl s_client -servername $site -connect $site:443 2&gt;\/dev\/null | openssl x509 -noout -dates\r\n<\/pre>\n<p>\u6dfb\u52a0\u5f88\u591a\u57df\u540d\u7684 check<\/p>\n<pre>#!\/bin\/bash\r\n\r\ndomains='\r\nsentry.google.com\r\nconsole.google.com\r\nwww.google.com\r\nm.google.com\r\napi.google.com\r\n'\r\n\r\nfor domain in $domains\r\ndo\r\n  check_result=$(echo | openssl s_client -servername $domain -connect $domain:443 2&gt;\/dev\/null | openssl x509 -noout -dates | grep After)\r\n  echo \"$domain\\t $check_result\" | awk -F\"\\t\" '{sub(\/^ \/,\"\",$2);printf \"%-40s%s\\n\",$1,$2}'\r\ndone\r\n<\/pre>\n<p>\u5bf9\u4e8e\u81ea\u5df1\u7b7e\u53d1\u7684\u8bc1\u4e66<\/p>\n<pre>openssl x509 -enddate -noout -in apiserver.pem \r\nnotAfter=Mar  5 13:23:40 2018 GMT\r\n<\/pre>\n<p>\u6216\u8005\u901a\u8fc7\u7b2c\u4e09\u65b9\u5de5\u5177\u68c0\u67e5<br \/>\nhttps:\/\/www.ssllabs.com\/ssltest\/analyze.html<br \/>\nhttps:\/\/whatsmychaincert.com\/?jpuyy.com<\/p>\n<p>\u8bc1\u4e66\u4fe1\u606f certificate\/intermediate\/root ca<\/p>\n<pre>openssl x509 -in example.com.crt -text -noout\r\n<\/pre>\n<p>key \u4fe1\u606f<\/p>\n<pre>openssl rsa -in example.com.key -check \r\n<\/pre>\n<p>\u68c0\u67e5 p12 \u8bc1\u4e66\u8fc7\u671f\u65f6\u95f4<br \/>\nhttps:\/\/stackoverflow.com\/questions\/28373771\/how-to-determine-ssl-cert-expire-date-from-the-cert-file-itself-p12\/28374749<\/p>\n<pre>\r\nYou can use openssl to extract the certificate from the .p12 file to a .pem file using the following command:\r\n\r\nopenssl pkcs12 -in certificate.p12 -out certificate.pem -nodes\r\nThen, you can extract the expiration date from the certificate in the .pem file using the following command:\r\n\r\ncat certificate.pem | openssl x509 -noout -enddate\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u8bed\u6cd5\u5982\u4e0b site=www.youqiantu.com echo | openssl s_client -servername $site -connect $site:443 2&gt;\/dev\/null | openssl x509 -noout -dates \u6dfb\u52a0\u5f88\u591a\u57df\u540d\u7684 check #!\/bin\/bash domains=&#8217; sentry.google.com console.google.com www.google.com m.google.com api.google.com &#8216; for domain in $domains do check_result=$(echo | openssl s_client -servername $domain -connect $domain:443 2&gt;\/dev\/null | openssl x509 -noout -dates | grep After) echo &#8220;$domain\\t $check_result&#8221; | awk -F&#8221;\\t&#8221; &#8216;{sub(\/^ [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-8148","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/8148","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8148"}],"version-history":[{"count":10,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/8148\/revisions"}],"predecessor-version":[{"id":9211,"href":"https:\/\/jpuyy.com\/index.php?rest_route=\/wp\/v2\/posts\/8148\/revisions\/9211"}],"wp:attachment":[{"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8148"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8148"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jpuyy.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8148"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}