メモ > サーバ > 各論: SSL証明書 > 外部サーバからコマンドで証明書情報を確認
■外部サーバからコマンドで証明書情報を確認
証明書と中間証明書は外部に公開されている
以下のようにコマンドで内容を確認できる
opensslコマンドで証明書情報を確認したい。 │ サポート │ GMOグローバルサイン【公式】
https://jp.globalsign.com/support/faq/07.html
$ openssl s_client -connect refirio.net:443 -showcerts
CONNECTED(00000003)
depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Domain Validation CA - SHA256 - G2
verify return:1
depth=0 C = JP, OU = Domain Control Validated, CN = refirio.net
verify return:1
---
Certificate chain
0 s:/C=JP/OU=Domain Control Validated/CN=refirio.net
i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2
-----BEGIN CERTIFICATE----- … 証明書
MIIHZTCCBk2gAwIBAgIMeQV/EhIJ4kw74FJIMA0GCSqGSIb3DQEBCwUAMGAxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1H
bG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcN
MTcwNDE3MDc0MDAyWhcNMTgwNTI3MDYwMzQyWjBEMQswCQYDVQQGEwJKUDEhMB8G
A1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRIwEAYDVQQDDAlraW5kYWku
anAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDepwfgWarCNG3eL7SI
u4X8o7RAr75qBbZb5hrMY0jPIUP5dmi0rz29PG0rJxpWGuYbNtlPCKITiKF2KC0S
bxXdgVj34RslfarkJoRHO3KhCUOgg4VqnhLS2lCcX4pu4JoCIOng3JPGyUqd73u5
c16IwbQXFUkr5Q/2BTgmxbvKbK5XcVp1Nh60wO/AADKDafoPdzGtnGjzXijnLLnF
HhT+WVfBWirsA6pBdqeCVdl5ouQg0iZTdCF7+0WUQTECNQRIG8FrU1m2e6G1TXjf
3JT6zBjBDE2Vlv0UCexJTiUBqLyO2ZbRxCyeLEwY0x/o6+lSc2f/wZwxmJ/Wm2Eu
exgNAgMBAAGjggQ5MIIENTAOBgNVHQ8BAf8EBAMCBaAwgZQGCCsGAQUFBwEBBIGH
MIGEMEcGCCsGAQUFBzAChjtodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2Nh
Y2VydC9nc2RvbWFpbnZhbHNoYTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDov
L29jc3AyLmdsb2JhbHNpZ24uY29tL2dzZG9tYWludmFsc2hhMmcyMFYGA1UdIARP
ME0wQQYJKwYBBAGgMgEKMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2Jh
bHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECATAJBgNVHRMEAjAAMEMGA1Ud
〜略〜
flDpMB8GA1UdIwQYMBaAFOpOfNSALeUVgYYmjIJtwJikz5cPMIICbQYKKwYBBAHW
eQIEAgSCAl0EggJZAlcAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ
3QAAAVt62rISAAAEAwBHMEUCIF4iru4YvCudvNAlflW0N30KKtZxiiPCnSF7G7g8
7hYEAiEAslSq3LUfnDMa8equ5ZdS2XWHmCPppw2TymVxnUya8wgAdwCkuQmQtBhY
FIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVt62rJDAAAEAwBIMEYCIQC3x8PR
fI3NMDJ29yKQfZ1nSQdVJHsrjXMY5ovtJWFhxwIhAKQEeDQNWecU7fzXDBV4uybA
4rXUhW0qa/avWVOqdr9kAHYAu9nfvB+KcbWTlCOXqpJ7RzhXlQqrUugakJZkNo4e
0YUAAAFbetqzAQAABAMARzBFAiAhUkSH1GgWpcjH5kZPhNlwPihmrnavYZLzMg4+
9a/ZlgIhAIh8ywrnXLinbm+OADvkx/KZcxFeOg1ruASpWeCKay3OAHUA3esdK3oN
T6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswAAAFbetqzIwAABAMARjBEAiBVdY3W
ugq3fnNiKSWfBJiqOEPnb4DZivmHy8U10aumpAIgQzxu8TroC1zIl8aUiKWjHJ5Q
sbihPZEJg96xHXfqc7YAdQDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9
ywAAAVt62rU5AAAEAwBGMEQCIEQrTKhFZX1wI3ETispso6wbjG0GoZAVyQ/9MiOW
4mAqAiBJRkpwlq5OMfI96HoTIUiRLUUj44I0C60afTaDLygkFjANBgkqhkiG9w0B
AQsFAAOCAQEABRt+4gIubf3s8qoSujvJfThbA99BPcuYuOK0nsH5a0K1o8SS6EDG
ks/NaFSaD65PHJ+tD2TW2zNEUQH1U7Xw0dYZcxda3dVQMd3AYq3CVusFfVg7s60Y
N6KSKl9ZYHvvXonF2o5z7V3O3/xVEFZ68rK7UyGt7ky6Y6ljKu2XlDd8YsyQiTQO
WCndFfzviPtB4ocvE2Wr0poYmbdvM3e4bpg7RMMb/aIly29nHiXNaVVKRdAuQJE4
uhahu1FZKTMQzb2CRhqyXXRFYS5ifmx1vTjNUjwgqcNpyjxu/tApMCXZCl0bdsXt
taMba8aijNLTf/fdaIpRRtTbcMBm2DeaZg==
-----END CERTIFICATE-----
1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2
i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
-----BEGIN CERTIFICATE----- … 中間証明書
MIIEYzCCA0ugAwIBAgILBAAAAAABRE7wPiAwDQYJKoZIhvcNAQELBQAwVzELMAkG
A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw
MDBaFw0yNDAyMjAxMDAwMDBaMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
YWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0
aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCp3cwOs+IyOd1JIqgTaZOHiOEM7nF9vZCHll1Z8syz0lhXV/lG72wm2DZC
jn4wsy+aPlN7H262okxFHzzTFZMcie089Ffeyr3sBppqKqAZUn9R0XQ5CJ+r69eG
ExWXrjbDVGYOWvKgc4Ux47JkFGr/paKOJLu9hVIVonnu8LXuPbj0fYC82ZA1ZbgX
qa2zmJ+gfn1u+z+tfMIbWTaW2jcyS0tdNQJjjtunz2LuzC7Ujcm9PGqRcqIip3It
〜略〜
mKTPlw8wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSG
Imh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEE
MTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290
cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQEL
BQADggEBANdFnqDc4ONhWgt9d4QXLWVagpqNoycqhffJ7+mG/dRHzQFSlsVDvTex
4bjyqdKKEYRxkRWJ3AKdC8tsM4U0KJ4gsrGX3G0LEME8zV/qXdeYMcU0mVwAYVXE
GwJbxeOJyLS4bx448lYm6UHvPc2smU9ZSlctS32ux4j71pg79eXw6ImJuYsDy1oj
H6T9uOr7Lp2uanMJvPzVoLVEgqtEkS5QLlfBQ9iRBIvpES5ftD953x77PzAAi1Pj
tywdO02L3ORkHQRYM68bVeerDL8wBHTk8w4vMDmNSwSMHnVmZkngvkA0x1xaUZK6
EjxS1QSCVS1npd+3lXzuP8MIugS+wEY=
-----END CERTIFICATE-----
---
Server certificate
subject=/C=JP/OU=Domain Control Validated/CN=refirio.net
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3718 bytes and written 415 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: DB797C134B3DD73500CD0083AFEE92E01435AFD3437429D73FA7ADF37890C8D1
Session-ID-ctx:
Master-Key: C38818F50369E8FFADCBD244C2F0273C49BB0A3FCF7A208AF58B25609214640380457F3B461DFB1B74D1D3CDF0EF30B5
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 08 48 6d 38 00 88 40 a3-ea 6b 94 14 6d ab da be .Hm8..@..k..m...
0010 - 15 c4 24 50 71 b4 16 d5-74 e3 a5 2c 79 49 e1 d9 ..$Pq...t..,yI..
0020 - f1 4d 32 7e af 69 b6 96-b0 bf dc 8e ee 9e f0 f4 .M2~.i..........
0030 - 30 4f ad 9e 61 99 9e e1-36 9f 46 5d e7 ae c7 8e 0O..a...6.F]....
0040 - 1b 25 e3 88 58 51 7b d2-86 f8 14 29 f7 ee 5c 40 .%..XQ{....)..\@
0050 - df d5 c3 63 1a 3a 44 87-5d 4a f7 fc b4 9e 9d 3e ...c.:D.]J.....>
0060 - f9 9a e1 b5 38 0d e8 26-fb c2 cd e1 ca ba fc 79 ....8..&.......y
0070 - 84 88 36 1a 69 30 eb 2d-eb 41 e7 3c 2e 51 8a bb ..6.i0.-.A.<.Q..
0080 - 73 07 22 f1 91 1c ef 10-64 47 f7 27 17 c0 2a 4f s.".....dG.'..*O
0090 - af 17 2f 36 9a ec 90 c6-aa a5 a3 e8 98 e4 c5 2e ../6............
00a0 - 73 75 52 36 72 db 9d ca-82 92 c0 22 be 76 ae 77 suR6r......".v.w
00b0 - 69 eb 66 a4 0a da f3 8a-0a bd 79 0f 1e 8a 1a 4c i.f.......y....L
Start Time: 1526013372
Timeout : 300 (sec)
Verify return code: 0 (ok)
---