Extract certificate from a domain
Published on
To extract the certificate use:
openssl s_client -showcerts -servername humberto.io -connect humberto.io:443 </dev/null 2>/dev/null
If your target is not using SNI you don’t need to use the -servername <fqdn>
option.
Then you can pipe it with other OpenSSL commands to extract information in the format that you need.
To extract PEM formatted cert:
| openssl x509 -outform PEM
To extract the public key:
| openssl x509 -pubkey -noout
To extract the Fingerprint: