Webサイトの暗号化通信はもちろんMailサーバの暗号化通信などSSL通信が用いられているところが日々増えております。
もちろんSSL通信を行うためにはSSL証明書が必ず必要となってきます。
正規のSSL証明書はSSLストアさんなどで購入できます。
但しテスト用途などで暗号化ができればいいんだと言う方は、オレオレ証明書作成方法などを参考に
その他にも現在、Let's Encryptといって無料のSSL証明書を取得できる方法もありますので利用用途に応じてどのSSL証明書を使用するか検討頂ければと思います。
さて、今回はそんなSSL証明書に記載されている情報を確認する方法をご紹介します。
1 2 |
openssl x509 -noout -text -in {SSL証明書のファイルパス} |
▼ちなみに当サイトで使用しているSSL証明書の情報を確認するとこんな感じでした
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 |
Certificate: Data: Version: 3 (0x2) Serial Number: db:47:bd:d1:2e:a1:e6:33:3f:b2:e9:d4:75:82:44:37 Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA Validity Not Before: Jun 14 00:00:00 2016 GMT Not After : Jun 14 23:59:59 2017 GMT Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=aftercore.net Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:c8:76:58:2f:3a:a6:d0:b5:7d:b7:fb:09:e3:94: fa:f5:98:0b:23:58:d3:26:d9:93:8a:5d:a3:06:ee: 83:e1:1d:a8:ce:34:88:5c:e9:c3:68:48:44:8b:0b: d0:f4:bc:07:b3:81:15:82:d1:90:23:c5:84:93:be: 8a:58:33:84:41:08:76:47:64:f8:d0:3e:ba:73:eb: 90:23:bd:98:19:b2:7a:95:69:a5:b4:f7:a2:fe:f4: 62:16:55:e1:fc:ee:4a:82:97:3c:25:c2:d4:a1:ed: d5:21:4b:7c:c0:64:61:05:72:cc:7a:4d:89:a8:14: 88:c7:64:fc:5d:b3:72:b0:34:26:67:2f:d3:ac:18: a4:af:5f:a6:d1:76:72:01:92:d3:8e:cd:35:cf:82: e3:7a:c7:01:1a:33:2d:ad:ee:6a:7a:42:a9:ab:99: 55:0a:b6:c6:00:89:2e:ff:a4:b1:ca:5b:24:88:59: b5:4e:9e:0c:92:19:64:11:7e:65:fe:40:76:e1:e9: 61:d1:91:b3:7a:b5:23:a3:01:5c:0b:4f:d7:3a:29: ad:12:1e:1a:a8:30:4f:da:4b:2b:ad:66:f1:78:f0: 21:7f:27:1e:4d:e6:2f:43:c4:fa:4b:fe:8e:8f:26: d8:6e:20:23:c5:34:a0:67:d9:b7:44:59:05:15:71: 5b:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: keyid:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7 X509v3 Subject Key Identifier: 48:BB:F2:9D:77:FB:75:61:F4:1B:B8:F0:CD:42:9C:4D:47:33:27:00 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.6449.1.2.2.7 CPS: https://secure.comodo.com/CPS Policy: 2.23.140.1.2.1 X509v3 CRL Distribution Points: Full Name: URI:http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl Authority Information Access: CA Issuers - URI:http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt OCSP - URI:http://ocsp.comodoca.com X509v3 Subject Alternative Name: DNS:aftercore.net, DNS:www.aftercore.net Signature Algorithm: sha256WithRSAEncryption 3c:33:da:69:b2:de:d0:2d:12:e3:6c:8a:d0:16:cc:d2:bc:16: 95:65:c8:51:be:48:0d:11:2b:ed:8d:a8:d1:1c:24:f4:6c:5e: 82:b3:94:a1:97:b7:6a:bb:ff:d9:59:5a:ff:d9:fb:40:32:16: f6:7a:71:94:9d:a8:56:53:95:56:ff:9c:ba:5c:16:a7:60:74: 53:23:51:71:9f:26:20:dc:50:ca:47:82:97:7f:2b:ae:c6:e9: 55:cf:51:ec:fc:c4:cc:33:2e:28:6f:02:38:a4:e6:fc:46:a1: 2c:d4:43:48:46:1d:b7:dd:55:8f:21:24:3c:3c:82:b7:d6:04: 7d:cd:d1:83:a1:ef:a1:83:61:db:2d:c8:80:14:44:cb:f7:67: 13:03:16:9b:ad:f7:00:1e:94:4f:9e:2a:b6:fc:1f:e3:70:56: f1:32:a7:58:27:7c:98:7e:5d:f4:95:67:87:e2:e7:6c:12:6b: cc:30:a5:9e:10:cc:57:8c:4f:c2:cf:44:dd:07:11:7f:f8:97: e7:fb:ae:33:44:5b:6d:36:0f:c2:18:36:4a:e0:fe:6e:4f:c6: 63:dd:5b:07:98:c6:c7:0c:6c:0c:90:07:9f:fe:f9:d6:87:c4: 2e:04:d7:74:4f:07:1a:4d:c3:a9:68:9c:cb:f9:e3:0a:03:3b: f8:c0:bd:59 |