openssl命令查看证书的内容

通过openssl命令查看已经生成或者已经存在的证书的内容

openssl x509 -in ca.crt -noout -text

示例1,查看ca证书的内容

[root@nccztsjb-node-23 pki]# openssl x509 -in ca.crt -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=kubernetes
        Validity
            Not Before: Jan 20 09:44:28 2022 GMT
            Not After : Jan 18 09:44:28 2032 GMT
        Subject: CN=kubernetes
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:f5:96:27:7b:af:82:98:b7:79:6b:40:eb:82:c6:
                    d0:aa:0c:3f:53:0e:94:2b:29:7a:02:22:23:17:80:
                    98:e1:ac:78:6c:fd:e1:9e:38:f9:ea:b7:bc:ec:03:
                    26:6d:8c:c6:3b:26:8b:34:87:62:37:af:ab:89:85:
                    40:f9:76:ab:7d:36:38:b9:34:aa:63:e6:ec:4b:a6:
                    4e:5a:57:ab:29:94:98:00:97:b6:dc:52:b1:a9:1e:
                    6d:42:36:42:20:22:94:d8:ef:bd:c6:ea:8f:ed:68:
                    3f:30:f5:d5:3e:90:50:44:f3:3b:62:e1:0e:74:d4:
                    25:46:c3:60:de:4a:26:bb:a3:53:49:76:45:d3:8a:
                    44:38:21:00:89:10:96:d3:e0:4d:3b:cb:6d:79:30:
                    5b:f3:29:3a:1e:42:f4:6c:92:bf:7a:ab:a6:72:fb:
                    ff:6d:81:08:8e:18:b9:18:98:f5:0d:7d:07:6f:f2:
                    2f:2a:af:96:b8:9a:9a:f5:c0:34:b7:bf:18:05:f7:
                    ef:4b:5b:2c:86:6d:3d:25:4f:b4:37:07:fb:4a:a7:
                    00:6a:d9:62:27:62:54:d7:3e:ec:c5:d0:eb:6f:a1:
                    89:9b:c7:96:53:e9:1a:5f:ba:2f:ef:79:9d:77:87:
                    6c:0c:a8:3f:f6:64:13:ff:b6:7b:c2:f6:3e:58:5a:
                    fc:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment, Certificate Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier: 
                03:BA:CA:25:E8:A9:B2:D1:06:A2:7C:3C:44:77:A4:6D:91:89:21:3D
            X509v3 Subject Alternative Name: 
                DNS:kubernetes
    Signature Algorithm: sha256WithRSAEncryption
         df:7a:4a:9d:9c:7f:2a:12:73:af:28:44:2a:f4:70:9d:9c:3e:
         d5:16:df:69:fd:e4:11:36:32:27:e9:2b:d2:36:cc:a5:20:9b:
         41:06:6b:d6:d3:fe:c0:69:62:b9:3c:ef:4b:01:3f:f0:c4:58:
         6b:ef:66:ba:fd:d7:96:9e:86:7a:f4:83:42:a3:a0:94:da:b9:
         18:6c:f6:58:c9:cd:51:b0:25:ae:c5:e9:99:3d:1b:af:a6:97:
         63:88:3e:32:73:59:c9:b0:e9:f0:0f:f0:7d:a1:9c:72:3d:7f:
         d1:ae:ab:e3:65:c2:93:d8:92:bd:15:13:f7:88:e2:be:f3:fe:
         ac:c0:3b:cb:a5:03:31:96:25:c7:0b:96:d9:fc:23:a7:00:95:
         00:b2:36:ac:16:6a:6a:0d:3c:91:71:da:20:58:c7:07:b0:38:
         9b:12:17:4a:c3:2a:e2:ba:27:89:8c:ff:e6:d1:01:ee:c9:c6:
         e1:00:12:55:f0:90:62:f8:d5:c7:07:d8:f4:2f:75:17:b0:f0:
         62:9b:9c:36:c3:b6:0a:2b:ba:5f:80:35:0d:b3:e4:b3:36:be:
         09:e9:00:9b:7e:21:c5:79:4e:66:f4:94:b0:04:9d:e9:42:ce:
         f2:86:fd:39:13:d5:03:f3:55:51:ca:5e:c9:51:40:7d:dc:0f:
         57:6e:2e:d3

示例2,查看客户端证书内容:

[root@nccztsjb-node-23 pki]# openssl x509 -in client.cert -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5026910384928549392 (0x45c32c5c83636a10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=kubernetes
        Validity
            Not Before: Jan 20 09:44:28 2022 GMT
            Not After : Jan 20 09:44:32 2023 GMT
        Subject: O=system:masters, CN=kubernetes-admin
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ca:5a:29:d6:fe:f1:f8:b9:2f:66:2e:ca:b5:73:
                    c2:1d:73:0d:a8:cc:5e:39:3e:26:dc:ce:fa:b1:04:
                    33:9d:14:0e:30:d1:da:a6:a1:63:22:7b:72:7c:6f:
                    d6:e0:9e:8e:34:50:f8:5b:01:af:d7:62:e1:4f:a8:
                    27:c5:fe:ed:21:46:1d:3c:2f:ec:6e:ef:61:27:48:
                    7e:9a:63:7f:23:4d:c9:c1:d9:11:05:e2:fc:a4:5c:
                    08:01:88:97:77:18:c5:3f:fb:d6:be:a7:93:8a:9a:
                    32:bd:d8:4f:c8:53:27:2d:63:f5:b9:f5:a8:6c:c6:
                    52:9c:7e:d2:1b:ac:f0:56:5b:16:06:f3:63:db:c7:
                    2c:7b:62:5c:e1:34:96:e2:aa:36:da:fa:02:b8:68:
                    a6:0a:fd:60:83:a0:3f:6d:4e:0f:b3:9f:72:dc:40:
                    75:63:7e:0c:2b:d2:30:7d:a3:19:37:ec:fe:12:1d:
                    81:13:20:64:13:c1:b5:83:3b:e6:a2:64:ea:31:21:
                    e3:7e:de:76:9e:8c:28:b7:ea:d9:4b:12:4c:04:97:
                    64:ee:b8:25:4a:9b:be:6e:5f:5a:b1:16:54:85:0f:
                    85:98:da:61:e6:75:32:33:0b:3a:bb:bb:b0:86:37:
                    6a:c5:e4:2e:08:ee:15:3b:1e:23:d4:7a:92:6e:de:
                    f0:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier: 
                keyid:03:BA:CA:25:E8:A9:B2:D1:06:A2:7C:3C:44:77:A4:6D:91:89:21:3D

    Signature Algorithm: sha256WithRSAEncryption
         bf:64:d4:e5:1d:b7:48:cc:e8:20:51:80:ff:2c:0b:69:1f:a1:
         18:19:33:55:e1:c5:f1:38:8a:f4:46:ea:e9:0f:c3:45:3c:77:
         72:78:d6:34:83:10:7c:78:27:a2:17:cc:8e:35:d4:bd:54:2d:
         98:36:87:63:81:ed:ae:4b:bb:41:fd:d6:26:d9:c1:38:c6:9b:
         4f:91:e6:6c:8f:6e:00:4b:79:10:78:81:6d:9f:b1:cc:79:ef:
         5e:dc:1c:72:52:ee:3b:45:39:08:72:4f:2d:c3:80:30:ad:0d:
         36:81:f8:3f:73:47:66:31:71:7d:fa:ec:57:ce:58:25:2d:37:
         88:ee:88:e0:1f:2d:87:1b:0c:a3:7b:54:36:92:35:20:fc:2b:
         8b:73:57:82:e8:d8:f7:a9:e0:ed:23:c3:67:32:01:4c:76:7d:
         a1:a8:99:bf:2d:93:9d:53:f0:4f:2c:2b:c0:44:00:63:00:71:
         54:7b:a5:1f:9b:d2:0a:bf:dc:0f:30:a7:53:95:06:a8:ef:95:
         b0:9e:51:63:2b:fb:ea:7b:5c:7d:02:7c:db:38:74:f0:83:72:
         0c:6c:67:60:9e:a6:53:ed:f3:71:64:05:eb:5f:f2:12:8c:fd:
         74:1f:81:3c:7f:ab:22:a7:50:8b:50:c6:ad:52:51:91:41:3a:
         ba:0a:f4:24
posted @ 2022-01-21 10:14  Zhai_David  阅读(11064)  评论(0编辑  收藏  举报