OpenSSL "x509 -text" - View Self-Signed Certificate in Text

Q

How to print contents of a self-signed certificate in text format using OpenSSL "x509" command?

✍: FYIcenter.com

A

If you want to see contents of a self-signed certificate in text format, you can use the OpenSSL "x509 -text" command as shown below:

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> x509 -in my_rsa.crt -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            9e:3c:9f:bd:61:b5:e5:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=us, ST=NY, L=New York, O=Donald Inc., OU=IT, 
                CN=www.donald.inc/emailAddress=john@donald.inc
        Validity
            Not Before: Aug 20 22:30:43 2016 GMT
            Not After : Sep 19 22:30:43 2016 GMT
        Subject: C=us, ST=NY, L=New York, O=Donald Inc., OU=IT, 
                 CN=www.donald.inc/emailAddress=john@donald.inc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:d1:8b:18:1f:8d:8d:bf:cd:d2:75:f0:e9:f0:4a:
                    25:73:98:12:82:87:91:98:cd:fb:d7:da:36:25:2c:
                    2d:c3:1d:f1:ac:b6:76:cb:d1:fc:67:1f:18:b3:83:
                    af:19:1b:8a:10:3d:f9:8a:25:01:85:da:16:d0:fa:
                    f4:3e:cd:a6:1f:0b:7d:e6:29:91:85:fa:59:fe:36:
                    5c:50:93:e0:fb:e3:6a:63:e4:66:1e:9c:83:e3:28:
                    7b:21:57:73:f5:18:7b:9b:03:0f:67:5b:bd:56:01:
                    dd:32:ca:32:fb:04:75:77:9d:66:de:c1:1f:80:01:
                    c7:bc:57:a6:0b:b7:9e:26:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:CF:45:C7:9F:36:C2:DD:F3:36:49:0B:E9:C2:65:DF:FD:61:1B:95
            X509v3 Authority Key Identifier:
                keyid:0C:CF:45:C7:9F:36:C2:DD:F3:36:49:0B:E9:C2:65:DF:FD:61:1B:95

            X509v3 Basic Constraints:
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
         68:29:df:67:a1:d4:0a:53:23:32:4f:07:ef:17:8f:35:9a:2c:
         c8:9a:47:82:c5:12:46:26:23:d3:13:c4:2a:d4:da:dc:84:3c:
         5f:25:c2:aa:21:39:ea:9e:5a:43:8c:d6:03:97:16:f8:d0:44:
         71:ed:4a:3c:7f:dc:fb:fc:09:89:3e:8f:bf:b6:1d:29:43:c1:
         70:4f:7c:21:19:f9:c5:e4:5a:3d:71:ef:80:b5:2e:4a:93:e9:
         0d:23:28:73:25:b1:45:72:db:ba:ac:5f:55:ef:8c:46:94:5b:
         58:df:cb:a7:31:33:a5:83:d7:8d:86:7b:9d:74:de:ed:63:a8:
         3f:32

Options used in this "req" command are:

"-in my_rsa.crt" - Read the certificate from the given file.
"-text" - Print out certificate content in text format.
"-noout" - Do not include the certificate itself in the output.

⇒ OpenSSL "verify" - Validate Self-Signed Certificate

⇐ OpenSSL "req -new -x509" - Generate Self-Signed Certificate

⇑ OpenSSL "req" Command

⇑⇑ OpenSSL Tutorials

2016-11-20, 1774👍, 0💬

OpenSSL "req -verify" - Verify Signature of CSR
How to verify the digital signature inside a CSR using OpenSSL "req -verify" command? If you want to verify the digital signature inside a CSR (Certificate Signing Request), you can use the OpenSSL "req -verify" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL&... 2016-11-23, 6173👍, 0💬

OpenSSL "req -x509 -days" - Longer Self-Signed Certificate
Can I sign my own CSR with a longer expiration date using the OpenSSL "req -x509" command? I want to use this certificate as an internal root CA for 10 years. Yes, you can sign you own CSR (Certificate Sign Request) with a longer expiration date using the OpenSSL "req -x509 -days" command as shown b... 2016-11-11, 2751👍, 0💬

OpenSSL "req -x509 -newkey" - Generate Private Key and Certificate
How to generate a new private key with a public key and generate a self-signed certificate using a single OpenSSL "req" command? If you do not have a pair of private key and public key, and you want to generate self-signed certificate to represent your personal identity or server identity, you can u... 2016-11-15, 2159👍, 0💬

OpenSSL "req -new -x509" - Generate Self-Signed Certificate
How to generate a new self-signed certificate using OpenSSL "req -new -x509" command? I have an RSA private key (including public key) ready. If you have a pair of RSA private key and public key, and you want to generate a self-signed certificate to represent your personal identity or server identit... 2016-11-12, 2115👍, 0💬

OpenSSL "req -newkey" - Generate Private Key and CSR
How to generate a new private key with a public key and generate a CSR (Certificate Signing Request) using a single OpenSSL "req" command? If you do not have a pair of private key and public key, and you want to generate CSR (Certificate Signing Request) to represent your personal identity or server... 2016-11-12, 2083👍, 0💬

OpenSSL "req -text" Output and CSR Components
How to identify CSR components in OpenSSL "req -text" command output? OpenSSL "req -text" command output displays all components in a CSR with proper labels to help you identify each component. Below is a good example of the "req -text" command output: C:\Users\fyicenter>\loc al\openssl\openss... 2016-11-23, 1951👍, 0💬

OpenSSL "verify" - Validate Self-Signed Certificate
How to validate a self-signed certificate using OpenSSL "verify" command? You can validate your self-signed certificate using the OpenSSL "verify" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL> verify rsa_test.crt rsa_test.crt: C = us, ST = NY, L = New Y... 2016-11-15, 1810👍, 0💬

OpenSSL "x509 -text" - View Self-Signed Certificate in Text
How to print contents of a self-signed certificate in text format using OpenSSL "x509" command? If you want to see contents of a self-signed certificate in text format, you can use the OpenSSL "x509 -text" command as shown below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL> x... 2016-11-20, 1775👍, 0💬

OpenSSL "req -x509" - Sign My Own CSR
Can I sign my own CSR with the OpenSSL "req -x509" command? Yes, you can sign you own CSR (Certificate Sign Request) with the OpenSSL "req -x509" command as shown below. The result is a self-signed certificate. See the example below: C:\Users\fyicenter>\loc al\openssl\openssl.exeOpenSSL&g... 2016-11-08, 1480👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.