Usually, in the browser, by clicking the Lock icon, you can view the SSL certificate information.
And, we can also run the `openssl` command to view the server ceritifcate (e.g. SSL chain) on command line. For example:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 | $ openssl s_client -connect helloacm.com:443 CONNECTED(00000003) depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root verify return:1 depth=1 C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2 verify return:1 depth=0 C = US, ST = CA, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com verify return:1 --- Certificate chain 0 s:C = US, ST = CA, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com i:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2 1 s:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2 i:C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root --- Server certificate -----BEGIN CERTIFICATE----- MIIE5TCCBIugAwIBAgIQC5UFOgyjwCAycwdYqx90XzAKBggqhkjOPQQDAjBvMQsw CQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28x GTAXBgNVBAoTEENsb3VkRmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkRmxhcmUg SW5jIEVDQyBDQS0yMB4XDTIwMDMxOTAwMDAwMFoXDTIwMTAwOTEyMDAwMFowbTEL MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2Nv MRkwFwYDVQQKExBDbG91ZGZsYXJlLCBJbmMuMR4wHAYDVQQDExVzbmkuY2xvdWRm bGFyZXNzbC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATdjmNNRSTaJQRg 3DBHzEMpKUtoNzciod0FgETrfMpPmtFjqKTVBywJenDP2SBmrYozrn3TpL4dQ3/X PARGh74No4IDCTCCAwUwHwYDVR0jBBgwFoAUPnQtH89FdQR+P8Cihz5MQ4NRE8Yw HQYDVR0OBBYEFPoMno5zzaoue3G90nO8fnAOFWzCMD4GA1UdEQQ3MDWCFXNuaS5j bG91ZGZsYXJlc3NsLmNvbYIMaGVsbG9hY20uY29tgg4qLmhlbGxvYWNtLmNvbTAO BgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHkG A1UdHwRyMHAwNqA0oDKGMGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9DbG91ZEZs YXJlSW5jRUNDQ0EyLmNybDA2oDSgMoYwaHR0cDovL2NybDQuZGlnaWNlcnQuY29t L0Nsb3VkRmxhcmVJbmNFQ0NDQTIuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEB MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYG Z4EMAQICMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au ZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy dC5jb20vQ2xvdWRGbGFyZUluY0VDQ0NBLTIuY3J0MAwGA1UdEwEB/wQCMAAwggED BgorBgEEAdZ5AgQCBIH0BIHxAO8AdQCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOey SVMt74uQXgAAAXDz80rYAAAEAwBGMEQCIEl6oXM4EHydqzGMm8efrCUp4nEIaTKm VbtHBTtarxxQAiBlhQ9R71vzf3M2M8UQEAN8yOVt0T5hl+Zb4yB+xDQ+UgB2APCV pFnyANGCQBAtL5OIjq1L/h1H45nh0DSmsKiqjrJzAAABcPPzSyEAAAQDAEcwRQIh AL4n31LbZn5nO+yXep4Kh0E4/4SMhpyBiOApVWLgWkjqAiBcWB6A4krBCl09ub8J ttaFMV7+zPhjjTkt4toyrKu5iTAKBggqhkjOPQQDAgNIADBFAiAgA5xSHgF0Oa+f dy8QoEUX7RCwTDQ+bSkfJ2A0JaAHBAIhAO6t2NuyqG8sLeEOEqj0L5Xqr72r4dRy QpxHGpQRa3T7 -----END CERTIFICATE----- subject=C = US, ST = CA, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com issuer=C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 2507 bytes and written 394 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: 2369749FDF66D7BFD323F53958A27F6E45CDC2239A7FCDDCB1175A7C1C8B1466 Session-ID-ctx: Resumption PSK: EEA87720335AD216961F713DB0544F8A7E5F42223DEB2DBA992483D24D75F60809373FF82BEFEA0692C248151CC2BDDE PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 64800 (seconds) TLS session ticket: 0000 - 24 29 83 3e 7e 68 72 88-be fe 43 06 e6 91 6b 2e $).>~hr...C...k. 0010 - 98 32 0b c2 4f 6f 60 d0-6b 60 e0 40 8b c6 03 62 .2..Oo`.k`.@...b 0020 - 8f 8f 4c 25 ad 8c a1 22-c0 c7 47 94 5a 9e 97 18 ..L%..."..G.Z... 0030 - 81 eb 2f 4a b6 4c 07 02-aa e0 91 43 95 1e d2 22 ../J.L.....C..." 0040 - 6f 31 e5 2a 83 41 a1 6f-f9 ed 53 d2 0d 5d 89 cf o1.*.A.o..S..].. 0050 - 22 68 ad d9 bf 1d 49 b7-96 7f fc 09 6d 11 f5 f2 "h....I.....m... 0060 - 2a 5d a6 35 f0 fb 54 f5-be 1a d8 1d 19 ec 80 40 *].5..T........@ 0070 - 57 15 cc a0 38 79 1d 47-34 75 81 73 77 ce ef d2 W...8y.G4u.sw... 0080 - e9 17 ee 66 63 d2 2f c6-29 ce 74 f0 62 1d 49 b2 ...fc./.).t.b.I. 0090 - bc c5 da 62 24 e3 42 97-b2 13 e2 97 ed 7c 2d dc ...b$.B......|-. 00a0 - d3 55 ac 3e 66 92 43 af-11 ba 41 60 66 c0 f4 f7 .U.>f.C...A`f... 00b0 - 74 4a 1b 7c dd d9 8d 21-9b fe a0 ae 3f 97 37 4b tJ.|...!....?.7K 00c0 - ef c5 d5 34 31 93 30 ab-9f 8b 8b 2d f5 3f 21 1f ...41.0....-.?!. Start Time: 1595760329 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 14336 --- read R BLOCK --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: B126A49538D22C054CC7A61988EAB35538A7953C1516C98A52513E81C6245B73 Session-ID-ctx: Resumption PSK: 16E0F2E582F4AF8120E79B33C54CA75E64FEFA6B8EF5CF819C59AEA63A0DBB96DE445563EF1D6C87028CE71BE1B5D137 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 64800 (seconds) TLS session ticket: 0000 - 24 29 83 3e 7e 68 72 88-be fe 43 06 e6 91 6b 2e $).>~hr...C...k. 0010 - bb 07 3e 5b c8 33 49 bf-c4 23 d4 0b 29 04 c7 61 ..>[.3I..#..)..a 0020 - b9 63 d7 79 19 0d 00 55-fc 96 cc e4 2e d3 a5 d1 .c.y...U........ 0030 - 86 91 13 e1 5d b7 91 ef-e0 ef 1b 3d ed eb e0 c3 ....]......=.... 0040 - 74 a8 06 ce 03 8d 1e c0-a1 47 5e a1 94 3c 4c 60 t........G^..<L` 0050 - 84 62 e2 87 c9 0b 63 32-f7 6c 32 20 8c 98 d3 e3 .b....c2.l2 .... 0060 - f9 73 47 61 dd 1e 26 48-e7 46 ee 9a 47 bf 01 af .sGa..&H.F..G... 0070 - 78 51 a8 2d 20 cd ee 1a-c2 5f 88 c0 c8 70 ba 8a xQ.- ...._...p.. 0080 - a7 99 d3 ba 23 46 d0 bd-e0 3d b4 82 b5 e9 7e 64 ....#F...=....~d 0090 - b1 96 84 c7 4b d8 5c 83-22 a6 96 b0 8d 0e 51 5b ....K.\.".....Q[ 00a0 - aa 1e d8 82 e6 36 1b b7-1f 46 18 3c 89 28 4d a8 .....6...F.<.(M. 00b0 - ca 3f 37 83 16 e6 85 2a-ea 98 80 b7 da 20 3f f3 .?7....*..... ?. 00c0 - fc 74 9a 88 3b a8 07 07-f4 bb 19 af 19 82 5a bd .t..;.........Z. Start Time: 1595760329 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 14336 --- read R BLOCK closed |
$ openssl s_client -connect helloacm.com:443 CONNECTED(00000003) depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root verify return:1 depth=1 C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2 verify return:1 depth=0 C = US, ST = CA, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com verify return:1 --- Certificate chain 0 s:C = US, ST = CA, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com i:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2 1 s:C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2 i:C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root --- Server certificate -----BEGIN CERTIFICATE----- MIIE5TCCBIugAwIBAgIQC5UFOgyjwCAycwdYqx90XzAKBggqhkjOPQQDAjBvMQsw CQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28x GTAXBgNVBAoTEENsb3VkRmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkRmxhcmUg SW5jIEVDQyBDQS0yMB4XDTIwMDMxOTAwMDAwMFoXDTIwMTAwOTEyMDAwMFowbTEL MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2Nv MRkwFwYDVQQKExBDbG91ZGZsYXJlLCBJbmMuMR4wHAYDVQQDExVzbmkuY2xvdWRm bGFyZXNzbC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATdjmNNRSTaJQRg 3DBHzEMpKUtoNzciod0FgETrfMpPmtFjqKTVBywJenDP2SBmrYozrn3TpL4dQ3/X PARGh74No4IDCTCCAwUwHwYDVR0jBBgwFoAUPnQtH89FdQR+P8Cihz5MQ4NRE8Yw HQYDVR0OBBYEFPoMno5zzaoue3G90nO8fnAOFWzCMD4GA1UdEQQ3MDWCFXNuaS5j bG91ZGZsYXJlc3NsLmNvbYIMaGVsbG9hY20uY29tgg4qLmhlbGxvYWNtLmNvbTAO BgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHkG A1UdHwRyMHAwNqA0oDKGMGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9DbG91ZEZs YXJlSW5jRUNDQ0EyLmNybDA2oDSgMoYwaHR0cDovL2NybDQuZGlnaWNlcnQuY29t L0Nsb3VkRmxhcmVJbmNFQ0NDQTIuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEB MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYG Z4EMAQICMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au ZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy dC5jb20vQ2xvdWRGbGFyZUluY0VDQ0NBLTIuY3J0MAwGA1UdEwEB/wQCMAAwggED BgorBgEEAdZ5AgQCBIH0BIHxAO8AdQCyHgXMi6LNiiBOh2b5K7mKJSBna9r6cOey SVMt74uQXgAAAXDz80rYAAAEAwBGMEQCIEl6oXM4EHydqzGMm8efrCUp4nEIaTKm VbtHBTtarxxQAiBlhQ9R71vzf3M2M8UQEAN8yOVt0T5hl+Zb4yB+xDQ+UgB2APCV pFnyANGCQBAtL5OIjq1L/h1H45nh0DSmsKiqjrJzAAABcPPzSyEAAAQDAEcwRQIh AL4n31LbZn5nO+yXep4Kh0E4/4SMhpyBiOApVWLgWkjqAiBcWB6A4krBCl09ub8J ttaFMV7+zPhjjTkt4toyrKu5iTAKBggqhkjOPQQDAgNIADBFAiAgA5xSHgF0Oa+f dy8QoEUX7RCwTDQ+bSkfJ2A0JaAHBAIhAO6t2NuyqG8sLeEOEqj0L5Xqr72r4dRy QpxHGpQRa3T7 -----END CERTIFICATE----- subject=C = US, ST = CA, L = San Francisco, O = "Cloudflare, Inc.", CN = sni.cloudflaressl.com issuer=C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 2507 bytes and written 394 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: 2369749FDF66D7BFD323F53958A27F6E45CDC2239A7FCDDCB1175A7C1C8B1466 Session-ID-ctx: Resumption PSK: EEA87720335AD216961F713DB0544F8A7E5F42223DEB2DBA992483D24D75F60809373FF82BEFEA0692C248151CC2BDDE PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 64800 (seconds) TLS session ticket: 0000 - 24 29 83 3e 7e 68 72 88-be fe 43 06 e6 91 6b 2e $).>~hr...C...k. 0010 - 98 32 0b c2 4f 6f 60 d0-6b 60 e0 40 8b c6 03 62 .2..Oo`.k`[email protected] 0020 - 8f 8f 4c 25 ad 8c a1 22-c0 c7 47 94 5a 9e 97 18 ..L%..."..G.Z... 0030 - 81 eb 2f 4a b6 4c 07 02-aa e0 91 43 95 1e d2 22 ../J.L.....C..." 0040 - 6f 31 e5 2a 83 41 a1 6f-f9 ed 53 d2 0d 5d 89 cf o1.*.A.o..S..].. 0050 - 22 68 ad d9 bf 1d 49 b7-96 7f fc 09 6d 11 f5 f2 "h....I.....m... 0060 - 2a 5d a6 35 f0 fb 54 f5-be 1a d8 1d 19 ec 80 40 *].5..T........@ 0070 - 57 15 cc a0 38 79 1d 47-34 75 81 73 77 ce ef d2 W...8y.G4u.sw... 0080 - e9 17 ee 66 63 d2 2f c6-29 ce 74 f0 62 1d 49 b2 ...fc./.).t.b.I. 0090 - bc c5 da 62 24 e3 42 97-b2 13 e2 97 ed 7c 2d dc ...b$.B......|-. 00a0 - d3 55 ac 3e 66 92 43 af-11 ba 41 60 66 c0 f4 f7 .U.>f.C...A`f... 00b0 - 74 4a 1b 7c dd d9 8d 21-9b fe a0 ae 3f 97 37 4b tJ.|...!....?.7K 00c0 - ef c5 d5 34 31 93 30 ab-9f 8b 8b 2d f5 3f 21 1f ...41.0....-.?!. Start Time: 1595760329 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 14336 --- read R BLOCK --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: B126A49538D22C054CC7A61988EAB35538A7953C1516C98A52513E81C6245B73 Session-ID-ctx: Resumption PSK: 16E0F2E582F4AF8120E79B33C54CA75E64FEFA6B8EF5CF819C59AEA63A0DBB96DE445563EF1D6C87028CE71BE1B5D137 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 64800 (seconds) TLS session ticket: 0000 - 24 29 83 3e 7e 68 72 88-be fe 43 06 e6 91 6b 2e $).>~hr...C...k. 0010 - bb 07 3e 5b c8 33 49 bf-c4 23 d4 0b 29 04 c7 61 ..>[.3I..#..)..a 0020 - b9 63 d7 79 19 0d 00 55-fc 96 cc e4 2e d3 a5 d1 .c.y...U........ 0030 - 86 91 13 e1 5d b7 91 ef-e0 ef 1b 3d ed eb e0 c3 ....]......=.... 0040 - 74 a8 06 ce 03 8d 1e c0-a1 47 5e a1 94 3c 4c 60 t........G^..<L` 0050 - 84 62 e2 87 c9 0b 63 32-f7 6c 32 20 8c 98 d3 e3 .b....c2.l2 .... 0060 - f9 73 47 61 dd 1e 26 48-e7 46 ee 9a 47 bf 01 af .sGa..&H.F..G... 0070 - 78 51 a8 2d 20 cd ee 1a-c2 5f 88 c0 c8 70 ba 8a xQ.- ...._...p.. 0080 - a7 99 d3 ba 23 46 d0 bd-e0 3d b4 82 b5 e9 7e 64 ....#F...=....~d 0090 - b1 96 84 c7 4b d8 5c 83-22 a6 96 b0 8d 0e 51 5b ....K.\.".....Q[ 00a0 - aa 1e d8 82 e6 36 1b b7-1f 46 18 3c 89 28 4d a8 .....6...F.<.(M. 00b0 - ca 3f 37 83 16 e6 85 2a-ea 98 80 b7 da 20 3f f3 .?7....*..... ?. 00c0 - fc 74 9a 88 3b a8 07 07-f4 bb 19 af 19 82 5a bd .t..;.........Z. Start Time: 1595760329 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no Max Early Data: 14336 --- read R BLOCK closed
--EOF (The Ultimate Computing & Technology Blog) --
GD Star Rating
loading...
1067 wordsloading...
Last Post: Algorithm to Shuffle String in Python3 According to Index
Next Post: How to Avoid Paying Too Much Fee when Cashing out Bitcoin via Wirex Credit Card?