SSL Certificate Tricks

when, like me, you only have a few webservers to deal with, chances are, you don't do the whole SSL certificate renewal stuff often enough to remember everything by heart. Openssl is a very versatile tool that can obviously do alot but one needs to know how to get the information you need.

this is a collection of tools and tricks that can be used to deal with ssl certificates.

get certificate of a starttls smtp server

echo | openssl s_client -connect my.mailserver:<port> -starttls smtp 2>/dev/null

get certificate dates

cat mycert.crt | openssl x509 -noout -dates

example to get that from a remote starttls smtp server

echo | openssl s_client -connect my.mailserver:587 -starttls smtp 2>/dev/null | openssl x509 -noout -dates

get certificate owner

same as above but use -subject instead of -dates