-
使用openssl命令
openssl s_client -connect <url>:<port>
openssl s_client -connect 10.1.0.1:443
cer证书以-----BEGIN CERTIFICATE-----开始,
以-----END CERTIFICATE-----结尾
复制证书内容到文件即可。命名以 .cer 结尾。
image.png
root@supsky:/mnt/c/Users/26685# openssl s_client -connect 10.1.0.1:443
CONNECTED(00000003)
Can't use SSL_get_servername
depth=0 C = CN, ST = WH, L = WH, O = , OU = , CN =
verify error:num=
verify return:
depth=0 C = CN, ST = WH, L = WH, O = , OU = , CN =
verify error:
verify return:
---
Certificate chain
0 s:C = CN, ST = WH, L = WH, O = , OU = , CN =
i:DC = com, DC = , CN =
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGSDCCBTCgAwIBAgITTQAaWfC8MRh9imEY3wAAABpZ8DANBgkqhkiG9w0BAQsF
ADBIMRMwEQYKCZImiZPyLGQBGRYDY29tMRYwFAYKCZImiZPyLGQBGRYGbGVub3Zv
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
EwJXSDEPMA0GA1UEChMGTGVub3ZvMQ8wDQYDVQQLEwZMZW5vdm8xFTATBgNVBAMT
DDEwLjEyMi42NC4yMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANmX
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
ont1p7E26vHmWJQDRScCAwEAAaOCAxEwggMNMAsGA1UdDwQEAwIFoDAlBgNVHREE
HjAcggwxMC4xMjIuNjQuMjGCDDEwLjEyMi42NC4yMTAdBgNVHQ4EFgQUmFrROv/+
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
bGVub3ZvLmNvbS9DZXJ0RW5yb2xsL2xlbm92b1NIQTJTVUJDQTEuY3JshjxodHRw
Oi8vU2hhMlN1YkNBMi5sZW5vdm8uY29tL0NlcnRFbnJvbGwvbGVub3ZvU0hBMlNV
QkNBMS5jcmyGgblsZGFwOi8vL0NOPWxlbm92b1NIQTJTVUJDQTEsQ049U0hBMlN1
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
b21fbGVub3ZvU0hBMlNVQkNBMS5jcnQwXgYIKwYBBQUHMAKGUmh0dHA6Ly9TaGEy
U3ViQ0EyLmxlbm92by5jb20vQ2VydEVucm9sbC9TSEEyU3ViQ0ExLmxlbm92by5j
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
K8T4I/MEueHb9VbkAq0y8qttLuutuXygTArsEbNHDyPbLVpVrH9nIuo7u1ZMsiW6
u/qu96lvGMH/qicJmR/tWyvsmtr3DOCp1z0FUx5c1qfiEgm4I8lOgVq98UeU3Cs5
KWeWOjL81K4hjT/oO1YXhBLiNN/YyPAXhVfWadealOpNEVBtTcq5wm+8Zt/4g0Na
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaAAAAAAAAAAAAAAAA
-----END CERTIFICATE-----
subject=C = CN, ST = WH, L = WH, O = , OU = , CN =
issuer=DC = com, DC = , CN =
---
No client certificate CA names sent
Peer signing digest:
Peer signature type:
Server Temp Key:
---
SSL handshake has read
Verification error:
---
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression:
Expansion:
SSL-Session:
Protocol : TLSv1.2
Cipher :
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint:
TLS session ticket:
Start Time:
Timeout :
Verify return code:
Extended master secret:
---
closed
root@supsky:/mnt/c/Users/26685#
-
从浏览器导出
此处以简书网站为例
F12打开开发者工具-->安全性-->查看证书-->详细信息-->复制到文件-->下一步-->选择Base64编码X.509 -->....-->直到导出即可
image.png
image.png
image.png
网友评论