curl --resolve 查看证书情况

通过curl  解析证书

[root@harbor ~]# curl --resolve 'www.abc.com:127.0.0.1' https://www.abc.com/ -vvv
* Couldn't parse CURLOPT_RESOLVE entry 'www.abc.com:127.0.0.1'!
*   Trying 117.121.111.212:443...
* TCP_NODELAY set
* Connected to www.abc.com (117.121.111.212) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* NPN, negotiated HTTP1.1
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Next protocol (67):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=CN; ST=\U5317\U4EAC\U5E02; L=\U5317\U4EAC\U5E02; O=\U5FC3\U533B\U56FD\U9645\U6559\U80B2\U79D1\U6280(\U5317\U4EAC)\U6709\U9650\U516C\U53F8; OU=IT; CN=*.abc.com
*  start date: Mar 20 00:00:00 2018 GMT
*  expire date: Dec 20 12:00:00 2019 GMT
*  subjectAltName: host "www.abc.com" matched cert's "*.abc.com"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=GeoTrust RSA CA 2018
*  SSL certificate verify ok.
> GET / HTTP/1.1
> Host: www.xinyixy.com
> User-Agent: curl/7.67.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Server: xinyixy web server
< Date: Thu, 28 Nov 2019 02:51:05 GMT
< Content-Length: 0
< Connection: keep-alive
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Location: http://www.abc.com/index
< Content-Language: en-US
< 
* Connection #0 to host www.abc.com left intact

 

posted @ 2019-11-28 10:54  fengjian1585  阅读(7990)  评论(0编辑  收藏  举报