view all certs in a PEM cert file (full cert chain) with openssl or another command

openssl x509
6,333

Solution 1

The post How to view all ssl certificates in a bundle? suggests several possibilities:

openssl crl2pkcs7 -nocrl -certfile CHAINED.pem | openssl pkcs7 -print_certs -text -noout
openssl crl2pkcs7 -nocrl -certfile CHAINED.pem | openssl pkcs7 -print_certs -noout (gives shorter output)
keytool -printcert -v -file <certs.crt>

The post contains more variations when using Perl, bash, awk and other utilities.

Solution 2

I would suggest a non-OpenSSL tool: another popular TLS stack, GnuTLS, has a similar certtool program which produces output in the same format.

certtool -i < multiplecerts.pem

(They do differ in some small details, such as decoding of less-common certificate extensions.)

Share:
6,333

Related videos on Youtube

gelonida
Author by

gelonida

Versatile, passionate and pragmatic developer with experience in back/front administration / automation and preference for Python / Linux. I enjoy to participate at SO and try to do so with answers and comments and try to avoid down votes without comments.

Updated on September 18, 2022

Comments

  • gelonida
    gelonida 9 months

    often cert files (in PEM) format contain multiple certs like:

    -----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
.....
-----END CERTIFICATE-----

    with the command: openssl x509 -in cert.pem -noout -text I can see the first entry.

    Is there any built-in way to display the second entry or all entries.

    Is there any simple way to view all entries?

    What I'm really interested in are: C, ST, O, OU, CN, of subject, the issuer and the subject's validity dates

  • gelonida
    gelonida over 2 years
    Indeed this helps. Will wait a little to see whether there are other answers, but this one will do for my tasks. I rephrased the title accordingly (replaced "with openssl" with "with openssl or another command"
  • gelonida
    gelonida over 2 years
    Thanks a lot. I will mark this answer as solution as the crosslink shows multiple solutions.
  • gelonida
    gelonida over 2 years
    I makrjed the other answer as solutions as there are multiple suggestions. However for my personal usage I will use certtool

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Specify Subject Alternative Name when generating a self signed certificate
Windows 2008R2 CA & OpenSSL CSR: Error parsing CSR ASN1 bad value met
How to create a single line x509 certificate that can be parsed by OpenSSL commandline tool
How to use OpenSSL for self-signed certificates with custom CA and proper SAN settings?
Incorrect Authority Key Identifier on openssl end cert
What does openssl rsa -passin pass:xxx without other important commands do?
OpenSSL: How to create a certificate with an empty subject DN?
Avoid password prompt for keys and prompts for DN information
Renew SSL client certificates
Why can't I enter a PEM Pass Phrase in the prompt?