使用echo,grep,perl获得SAN (subjectAltName ) 站点的证书
Hujiuxiang
・1 分钟阅读
获取站点证书的SAN (subjectAltName ),
echo"quit" | openssl s_client -connect facebook.com:443 | openssl x509 -noout -text | grep"DNS:" | perl -pe"s/(, )?DNS:/n/g"
基于http://stackoverflow.com/questions/13127352/checking-alternative-names-for-a-san-ssl-cert,用所需的主机名替换"facebook.com",
示例输出
depth=1 /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance CA-3 verify error:num=20:unable to get local issuer certificate verify return:0 DONE *.facebook.com facebook.com *.fb.com fb.com *.fbsbx.com *.fbcdn.net *.xx.fbcdn.net *.xy.fbcdn.net *.xz.fbcdn.net *.m.facebook.com *.messenger.com messenger.com