Re: [Fed-Talk] How to examine certificate from command line?
Re: [Fed-Talk] How to examine certificate from command line?
- Subject: Re: [Fed-Talk] How to examine certificate from command line?
- From: John Oliver <email@hidden>
- Date: Mon, 19 Nov 2012 11:26:44 -0800
- Thread-topic: [Fed-Talk] How to examine certificate from command line?
N/M I can use -Z instead of -c
On 11/19/12 11:22 AM, "John Oliver" <email@hidden> wrote:
>How can I find-certificates by SHA1 hash instead of the common name?
>There are too many duplicate or ambiguous names in SystemRootCertificates?
>seems like the hash is the way to go unless there's a better identifier
>for unique certs.
>
>
>On 11/19/12 9:37 AM, "Miller, Timothy J." <email@hidden> wrote:
>
>>You could always view it in the GUI from Keychain Access.
>>
>>Otherwise, export it and use openssl:
>>
>>$ security find-certificate -p | openssl x509 -text
>>
>>-- T
>>
>>>-----Original Message-----
>>>From: fed-talk-bounces+tmiller=email@hidden
>>>[mailto:fed-talk-
>>>bounces+tmiller=email@hidden] On Behalf Of John Oliver
>>>Sent: Monday, November 19, 2012 11:34 AM
>>>To: email@hidden
>>>Subject: [Fed-Talk] How to examine certificate from command line?
>>>
>>>In OS X (10.7.5 specifically), how would one examine the contents of a
>>>certificate from the command line? The 'security' command will list
>>>them, but
>>>if it includes the contents, it sure isn't human-readable...
>>>
>>>
>>>
>>>
>>>keychain: "/System/Library/Keychains/SystemRootCertificates.keychain"
>>>
>>>class: 0x80001000
>>>
>>>attributes:
>>>
>>> "alis"<blob>="Wells Fargo Root Certificate Authority"
>>>
>>> "cenc"<uint32>=0x00000003
>>>
>>> "ctyp"<uint32>=0x00000001
>>>
>>> "hpky"<blob>=0x14AF18F7BDE6E76BE35AFAEA51EFFED45A7139C0
>>>"\024\257\030\367\275\346\347k\343Z\372\352Q\357\376\324Zq9\300"
>>>
>>>
>>>"issu"<blob>=0x308182310B300906035504061302555331143012060355040A130
>>>B57454C4C5320464152474F312C302A060355040B132357454C4C5320464152474
>>>F2043455254494649434154494F4E20415554484F52495459312F302D0603550403
>>>132657454C4C5320464152474F20524F4F542043455254494649434154452041555
>>>4484F52495459
>>>"0\201\2021\0130\011\006\003U\004\006\023\002US1\0240\022\006\003U\00
>>>4\012\023\013WELLS FARGO1,0*\006\003U\004\013\023#WELLS FARGO
>>>CERTIFICATION AUTHORITY1/0-\006\003U\004\003\023&WELLS FARGO ROOT
>>>CERTIFICATE AUTHORITY"
>>>
>>> "labl"<blob>="Wells Fargo Root Certificate Authority"
>>>
>>> "skid"<blob>=<NULL>
>>>
>>> "snbr"<blob>=0x39E4979E "9\344\227\236"
>>>
>>>
>>>"subj"<blob>=0x308182310B300906035504061302555331143012060355040A13
>>>0B57454C4C5320464152474F312C302A060355040B132357454C4C532046415247
>>>4F2043455254494649434154494F4E20415554484F52495459312F302D060355040
>>>3132657454C4C5320464152474F20524F4F54204345525449464943415445204155
>>>54484F52495459
>>>"0\201\2021\0130\011\006\003U\004\006\023\002US1\0240\022\006\003U\00
>>>4\012\023\013WELLS FARGO1,0*\006\003U\004\013\023#WELLS FARGO
>>>CERTIFICATION AUTHORITY1/0-\006\003U\004\003\023&WELLS FARGO ROOT
>>>CERTIFICATE AUTHORITY"
>>>
>>>
>>>
>>>
>>>--
>>>
>>> John Oliver | SAIC
>>>
>>> Defense & Maritime Solutions
>>>
>>> Surveillance and Reconnaissance Solutions Division
>>>
>>> SPAWAR Systems Center - Pacific | Code 53223
>>>
>>> Sr. Systems Administrator
>>>
>>> Bldg 600 | Room 428N
>>>
>>> Office: (619) 553-9567
>>>
>>> Mobile: (571) 481-0198
>>>
>>> email@hidden
>>>
>>> email@hidden
>>>
>>> DCO: email@hidden
>>
>
>
>
> _______________________________________________
>Do not post admin requests to the list. They will be ignored.
>Fed-talk mailing list (email@hidden)
>Help/Unsubscribe/Update your Subscription:
>mil
>
>This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden