Display received cert with curl?

Here is my replacement batch file, using openssl instead of curl:

@echo off
nslookup %1
(openssl s_client -showcerts -servername %1 -connect %1:443 <nul |openssl x509 -text |findstr /I "DNS After") 2>nul

This gives me this output:

C:\>seecert www.google.com
Server:         192.168.1.1
Address:        192.168.1.1#53

Non-authoritative answer:
Name:   www.google.com
Address: 172.217.10.228
Name:   www.google.com
Address: 2607:f8b0:4006:813::2004

            Not After : Aug 16 09:49:00 2018 GMT
                DNS:www.google.com

For anyone else on OSX or Linux, you can add this to your ~/.zshrc file:

function seecert () {
  nslookup $1
  (openssl s_client -showcerts -servername $1 -connect $1:443 <<< "Q" | openssl x509 -text | grep -iA2 "Validity")
}

Example usage, after you have run a source ~/.zshrc after the above additions:

% seecert www.google.com
Server:         1.1.1.1
Address:        1.1.1.1#53

Non-authoritative answer:
Name:   www.google.com
Address: 172.217.10.100

depth=2 OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = US, O = Google Trust Services, CN = GTS CA 1O1
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google LLC, CN = www.google.com
verify return:1
DONE
        Validity
            Not Before: Nov  3 07:39:18 2020 GMT
            Not After : Jan 26 07:39:18 2021 GMT

Thanks go to @ross-presser and his answer for the inspiration for this function.

Tags:

Ssl

Curl