使用echo,grep,perl获得SAN (subjectAltName ) 站点的证书

・1 分钟阅读

获取站点证书的SAN (subjectAltName ),

echo"quit" | openssl s_client -connect facebook.com:443 | openssl x509 -noout -text | grep"DNS:" | perl -pe"s/(, )?DNS:/n/g"
基于http://stackoverflow.com/questions/13127352/checking-alternative-names-for-a-san-ssl-cert,用所需的主机名替换"facebook.com",
示例输出
depth=1 /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance CA-3
verify error:num=20:unable to get local issuer certificate
verify return:0
DONE
*.facebook.com
facebook.com
*.fb.com
fb.com
*.fbsbx.com
*.fbcdn.net
*.xx.fbcdn.net
*.xy.fbcdn.net
*.xz.fbcdn.net
*.m.facebook.com
*.messenger.com
messenger.com
Hujiuxiang profile image