openssl命令查看证书的内容
通过openssl命令查看已经生成或者已经存在的证书的内容
openssl x509 -in ca.crt -noout -text
示例1,查看ca证书的内容
[root@nccztsjb-node-23 pki]# openssl x509 -in ca.crt -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=kubernetes
Validity
Not Before: Jan 20 09:44:28 2022 GMT
Not After : Jan 18 09:44:28 2032 GMT
Subject: CN=kubernetes
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:f5:96:27:7b:af:82:98:b7:79:6b:40:eb:82:c6:
d0:aa:0c:3f:53:0e:94:2b:29:7a:02:22:23:17:80:
98:e1:ac:78:6c:fd:e1:9e:38:f9:ea:b7:bc:ec:03:
26:6d:8c:c6:3b:26:8b:34:87:62:37:af:ab:89:85:
40:f9:76:ab:7d:36:38:b9:34:aa:63:e6:ec:4b:a6:
4e:5a:57:ab:29:94:98:00:97:b6:dc:52:b1:a9:1e:
6d:42:36:42:20:22:94:d8:ef:bd:c6:ea:8f:ed:68:
3f:30:f5:d5:3e:90:50:44:f3:3b:62:e1:0e:74:d4:
25:46:c3:60:de:4a:26:bb:a3:53:49:76:45:d3:8a:
44:38:21:00:89:10:96:d3:e0:4d:3b:cb:6d:79:30:
5b:f3:29:3a:1e:42:f4:6c:92:bf:7a:ab:a6:72:fb:
ff:6d:81:08:8e:18:b9:18:98:f5:0d:7d:07:6f:f2:
2f:2a:af:96:b8:9a:9a:f5:c0:34:b7:bf:18:05:f7:
ef:4b:5b:2c:86:6d:3d:25:4f:b4:37:07:fb:4a:a7:
00:6a:d9:62:27:62:54:d7:3e:ec:c5:d0:eb:6f:a1:
89:9b:c7:96:53:e9:1a:5f:ba:2f:ef:79:9d:77:87:
6c:0c:a8:3f:f6:64:13:ff:b6:7b:c2:f6:3e:58:5a:
fc:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Certificate Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
03:BA:CA:25:E8:A9:B2:D1:06:A2:7C:3C:44:77:A4:6D:91:89:21:3D
X509v3 Subject Alternative Name:
DNS:kubernetes
Signature Algorithm: sha256WithRSAEncryption
df:7a:4a:9d:9c:7f:2a:12:73:af:28:44:2a:f4:70:9d:9c:3e:
d5:16:df:69:fd:e4:11:36:32:27:e9:2b:d2:36:cc:a5:20:9b:
41:06:6b:d6:d3:fe:c0:69:62:b9:3c:ef:4b:01:3f:f0:c4:58:
6b:ef:66:ba:fd:d7:96:9e:86:7a:f4:83:42:a3:a0:94:da:b9:
18:6c:f6:58:c9:cd:51:b0:25:ae:c5:e9:99:3d:1b:af:a6:97:
63:88:3e:32:73:59:c9:b0:e9:f0:0f:f0:7d:a1:9c:72:3d:7f:
d1:ae:ab:e3:65:c2:93:d8:92:bd:15:13:f7:88:e2:be:f3:fe:
ac:c0:3b:cb:a5:03:31:96:25:c7:0b:96:d9:fc:23:a7:00:95:
00:b2:36:ac:16:6a:6a:0d:3c:91:71:da:20:58:c7:07:b0:38:
9b:12:17:4a:c3:2a:e2:ba:27:89:8c:ff:e6:d1:01:ee:c9:c6:
e1:00:12:55:f0:90:62:f8:d5:c7:07:d8:f4:2f:75:17:b0:f0:
62:9b:9c:36:c3:b6:0a:2b:ba:5f:80:35:0d:b3:e4:b3:36:be:
09:e9:00:9b:7e:21:c5:79:4e:66:f4:94:b0:04:9d:e9:42:ce:
f2:86:fd:39:13:d5:03:f3:55:51:ca:5e:c9:51:40:7d:dc:0f:
57:6e:2e:d3
示例2,查看客户端证书内容:
[root@nccztsjb-node-23 pki]# openssl x509 -in client.cert -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5026910384928549392 (0x45c32c5c83636a10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=kubernetes
Validity
Not Before: Jan 20 09:44:28 2022 GMT
Not After : Jan 20 09:44:32 2023 GMT
Subject: O=system:masters, CN=kubernetes-admin
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ca:5a:29:d6:fe:f1:f8:b9:2f:66:2e:ca:b5:73:
c2:1d:73:0d:a8:cc:5e:39:3e:26:dc:ce:fa:b1:04:
33:9d:14:0e:30:d1:da:a6:a1:63:22:7b:72:7c:6f:
d6:e0:9e:8e:34:50:f8:5b:01:af:d7:62:e1:4f:a8:
27:c5:fe:ed:21:46:1d:3c:2f:ec:6e:ef:61:27:48:
7e:9a:63:7f:23:4d:c9:c1:d9:11:05:e2:fc:a4:5c:
08:01:88:97:77:18:c5:3f:fb:d6:be:a7:93:8a:9a:
32:bd:d8:4f:c8:53:27:2d:63:f5:b9:f5:a8:6c:c6:
52:9c:7e:d2:1b:ac:f0:56:5b:16:06:f3:63:db:c7:
2c:7b:62:5c:e1:34:96:e2:aa:36:da:fa:02:b8:68:
a6:0a:fd:60:83:a0:3f:6d:4e:0f:b3:9f:72:dc:40:
75:63:7e:0c:2b:d2:30:7d:a3:19:37:ec:fe:12:1d:
81:13:20:64:13:c1:b5:83:3b:e6:a2:64:ea:31:21:
e3:7e:de:76:9e:8c:28:b7:ea:d9:4b:12:4c:04:97:
64:ee:b8:25:4a:9b:be:6e:5f:5a:b1:16:54:85:0f:
85:98:da:61:e6:75:32:33:0b:3a:bb:bb:b0:86:37:
6a:c5:e4:2e:08:ee:15:3b:1e:23:d4:7a:92:6e:de:
f0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Authority Key Identifier:
keyid:03:BA:CA:25:E8:A9:B2:D1:06:A2:7C:3C:44:77:A4:6D:91:89:21:3D
Signature Algorithm: sha256WithRSAEncryption
bf:64:d4:e5:1d:b7:48:cc:e8:20:51:80:ff:2c:0b:69:1f:a1:
18:19:33:55:e1:c5:f1:38:8a:f4:46:ea:e9:0f:c3:45:3c:77:
72:78:d6:34:83:10:7c:78:27:a2:17:cc:8e:35:d4:bd:54:2d:
98:36:87:63:81:ed:ae:4b:bb:41:fd:d6:26:d9:c1:38:c6:9b:
4f:91:e6:6c:8f:6e:00:4b:79:10:78:81:6d:9f:b1:cc:79:ef:
5e:dc:1c:72:52:ee:3b:45:39:08:72:4f:2d:c3:80:30:ad:0d:
36:81:f8:3f:73:47:66:31:71:7d:fa:ec:57:ce:58:25:2d:37:
88:ee:88:e0:1f:2d:87:1b:0c:a3:7b:54:36:92:35:20:fc:2b:
8b:73:57:82:e8:d8:f7:a9:e0:ed:23:c3:67:32:01:4c:76:7d:
a1:a8:99:bf:2d:93:9d:53:f0:4f:2c:2b:c0:44:00:63:00:71:
54:7b:a5:1f:9b:d2:0a:bf:dc:0f:30:a7:53:95:06:a8:ef:95:
b0:9e:51:63:2b:fb:ea:7b:5c:7d:02:7c:db:38:74:f0:83:72:
0c:6c:67:60:9e:a6:53:ed:f3:71:64:05:eb:5f:f2:12:8c:fd:
74:1f:81:3c:7f:ab:22:a7:50:8b:50:c6:ad:52:51:91:41:3a:
ba:0a:f4:24