Saturday, 31 October 2020

Digging into certificate expiration using OpenSSL

This popped up on my Twitter feed earlier: -

Check the expiration date of an SSL or TLS certificate

and I thought it worth book marking ...

Checking the expiration of various certificates on my network ....

openssl s_client -servername 192.168.1.1 -connect 192.168.1.1:443 < /dev/null | openssl x509 -noout -dates

depth=0 C = TW, ST = HsinChu, L = HuKou, O = DrayTek Corp., OU = DrayTek Support, CN = Vigor Router

verify error:num=18:self signed certificate

verify return:1

depth=0 C = TW, ST = HsinChu, L = HuKou, O = DrayTek Corp., OU = DrayTek Support, CN = Vigor Router

verify return:1

poll errornotBefore=Aug 30 17:21:28 2020 GMT

notAfter=Sep 29 17:21:28 2021 GMT

openssl s_client -servername 192.168.1.12 -connect 192.168.1.12:443 < /dev/null | openssl x509 -noout -dates

depth=0 CN = HP3050A, L = Vancouver, ST = Washington, C = US, O = HP, OU = HP-IPG

verify error:num=20:unable to get local issuer certificate

verify return:1

depth=0 CN = HP3050A, L = Vancouver, ST = Washington, C = US, O = HP, OU = HP-IPG

verify error:num=21:unable to verify the first certificate

verify return:1

poll errornotBefore=Mar 16 06:51:44 2012 GMT

notAfter=Mar 11 06:51:44 2032 GMT

openssl s_client -servername nessus.local.com -connect nessus.local.com:8834 < /dev/null | openssl x509 -noout -dates

depth=0 O = Nessus Users United, OU = Nessus Server, L = New York, C = US, ST = NY, CN = nessus.local.com

verify error:num=20:unable to get local issuer certificate

verify return:1

depth=0 O = Nessus Users United, OU = Nessus Server, L = New York, C = US, ST = NY, CN = nessus.local.com

verify error:num=21:unable to verify the first certificate

verify return:1

poll errornotBefore=Oct  4 12:29:02 2019 GMT

notAfter=Oct  3 12:29:02 2023 GMT


No comments:

Today I Learned - more about Git config

Whilst trying to create a container image from a project on GitHub, I hit an issue with the cloning process of the GH repository ... Specifi...