Save Remote SSL Certificate via Linux Command Line

linux https ssl ssl-certificate x509

Something like:

openssl s_client -servername remote.server.net -connect remote.server.net:443 </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >/path/to/certificate.pem

That's what I use with fetchmail to retrieve the certificate of an SSL capable IMAP or POP3 server (except obviously I don't use port 443)

(Note that "redundant" -servername parameter is necessary to make openssl do a request with SNI support.)


From http://www.madboa.com/geek/openssl/#cert-retrieve

#!/bin/sh
#
# usage: retrieve-cert.sh remote.host.name [port]
#
REMHOST=$1
REMPORT=${2:-443}

echo |\
openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'

Related

How to copy files to Amazon EC2 Windows instance from my local machine?
Is a Self Signed SSL Certificate a False Sense of Security?
How to remove/backup script from /etc/init.d/?
Is there a smarter tar or cpio out there for efficiently retrieving a file stored in the archive?
Best way to run python 3.7 on Ubuntu 16.04 which comes with python 3.5
Nginx proxy domain to another domain with no change URL
How do I require an IP range instead of 1 IP?
SMTP server on Windows 7
Best way to prevent default server?
how to remove a package which post-installation and pre-removal script fails?
Can upstart handle symbolic links to config files?
Services remain in failed state after stopped with systemctl