Extract certificate from a domain
Published on
To extract the certificate use:
openssl s_client -showcerts -servername humberto.io -connect humberto.io:443 </dev/null 2>/dev/null
If your target is not using SNI you don’t need to use the -servername <fqdn> option.
Then you can pipe it with other OpenSSL commands to extract information in the format that you need.
To extract PEM formatted cert:
| openssl x509 -outform PEM
To extract the public key:
| openssl x509 -pubkey -noout
To extract the Fingerprint:
| openssl x509 -fingerprint -noout
This work is licensed under a Creative Commons Attribuition-ShareAlike 4.0 International License .