How do I check if my SSL Certificate is SHA1 or SHA2 on the commandline
30,613
Solution 1
after googling for quite some time i came up with the following snippet (unix):
openssl s_client -connect <host>:<port> < /dev/null 2>/dev/null | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"
windows (thanx Nick Westgate, see below)
certutil -dump cacert.pem | find "Algorithm"
Solution 2
I know the topic is old but I think
openssl x509 -in yourcert.crt -text -noout | grep "Signature Algorithm"
would be an easier solution.
Solution 3
You didn't specify a platform, but in a Windows command prompt you can use:
certutil -dump cacert.pem | find "Algorithm"
Related videos on Youtube
34 : 51
SHA1 & SHA2 certificate migration issue Resolved After up-gradation of McAfee ePO 5.9.1
01 : 37
How to check HTTPS certificate (command line)
![SSL Certificate Error Fix [Tutorial]](https://i.ytimg.com/vi/Xp5G8x3SNhE/hqdefault.jpg?sqp=-oaymwEcCOADEI4CSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLDbPsM9guRh7myRvKhCABz8ha1lOg)
04 : 12
SSL Certificate Error Fix [Tutorial]
05 : 31
SSL CERTIFICATE NAMECHEAP: HOW TO INSTALL NAMECHEAP SSL MANUALLY (HACKED)
02 : 11
How to quickly verify MD5, SHA1 and SHA2 (256, 384, 512) Checksum in Windows using Command Prompt
11 : 04
OpenSSL Step By Step Tutorial | How to Generate Keys, Certificates & CSR Using OpenSSL
30 : 04
How to create keystore file, get SHA1 Certificate, Hash key and change package name in Flutter
12 : 17
Intro to Hashing | SHA1, SHA2 and SHA256, MD5, Hash Tables, Digitally Signing
02 : 43
How to Upgrade Certification Authority to Use SHA2 - Step by Step
06 : 59
SSL Certificate Checker- Find if a domain, website or URL has a SSL Certificate installed or https
05 : 59
CertUtil Command Line Program for Hash Checking
Author by
that guy from over there
sysadmin, waf-developer and skiddo-hunter
Updated on July 30, 2022Comments
-
that guy from over there almost 2 years
How do I check if my SSL Certificate is using SHA1 or SHA2, from the commandline?
And yes, i this is similar to this, but i need a cli-tool and i want to understand how it is done.
-
Shalom Carmel over 7 yearsThis is exactly what the first answer eventually does. A certificate is usually installed on a web server and does not exist in a file, and rink.attendant.6's answer fetches the cerificate AND runs the verification check in a single line
-
that guy from over there over 7 yearsincluded your answer, thanx
-
Doktor J over 6 years@ShalomCarmel but this one is helpful to admins like myself who want to double-check a certificate we've inherited, and have shell access to the server :)
-
Björn about 4 yearsIn my case on Windows with a .p12-certificate i used: certutil -dump crtname.p12 | find "Cert Hash" (Also, my certificate had a password, so I had to type that in too after pressing enter.)
