[WLUG] Which CA does my ssl certificate belong to on the file system
Robert Steckroth
robertsteckroth at gmail.com
Sat Jun 11 11:20:31 EDT 2016
Well, I don't know then.. I am under the impression that when a remote
server sends a certificate, it needs to be verified against the
certificates in the local file system to ensure that there is no middleman.
So, shouldn't openssl be able to return the local path the any certs which
correspond to the one sent by the remote?
On Sat, Jun 11, 2016 at 10:18 AM, Carl T. Miller <carl at carltm.com> wrote:
> Hi Robert,
>
> You can use openssl to retrieve and view the certificates on a webserver.
>
> To retrieve all certs on a server:
> openssl s_client -connect www.carltm.com:443 -showcerts | tee allcerts
>
> To view each cert:
> (create a file for each cert including the "BEGIN CERTIFICATE" and
> "END CERTIFICATE" lines)
> openssl x509 -noout -text -purpose -in onecert
>
> I hope this helps with your investigation.
>
> c
>
>
> Robert Steckroth wrote:
> > Hello everyone, I have a interesting question for those of you with https
> > experience.
> > I have a certificate authority (through namecheap), chained to my ssl
> > key/certificate which is distributed by a Ubuntu server. The https
> content
> > server is nodejs and serves the ssl cert to three types of platforms: web
> > browsers, git repositories, and a qt desktop application. The https
> server
> > works find on browsers (with the green https uri text). The problem is, I
> > need to know where the CA certificate is kept on my local ubuntu file
> > system in order to add it to the qt application and to the git config. I
> > think maybe it is a cheap CA sense git does not already know about the CA
> > on the file system (it works if I add it manually via git config
> > http.sslCAInfo). Anyways, I still would like to know if there is a
> > terminal
> > command to find which CA my cert belongs to on the file system. It seems
> > that they are everywhere on it, jeesh.
> > ______________________________________________________
> > washlug mailing list washlug web site
> > washlug at washlug.org www.washlug.org
> > http://linux.marcdatabase.com/mailman/listinfo/washlug
> >
>
>
> ______________________________________________________
> washlug mailing list washlug web site
> washlug at washlug.org www.washlug.org
> http://linux.marcdatabase.com/mailman/listinfo/washlug
>
--
<surgemcgee>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linux.marcdatabase.com/pipermail/washlug/attachments/20160611/06709571/attachment.html
More information about the washlug
mailing list