View the SSL certificate of a page that immediately redirects to another

Solution 1:

Use openssl s_client piped to openssl x509:

$ openssl s_client -connect foo.example.com:443 < /dev/null | openssl x509 -text

(Add -servername foo.example.com to the s_client command if the server uses SNI.)

The redirection of stdin from /dev/null for the first invocation of openssl will prevent it from hanging waiting for input.

Solution 2:

In Firefox 57, if you open the Developer Tools and go to the Network tab:

  1. Make sure Persist Logs is checked
  2. Visit the URL of interest
  3. Click on the top row (i.e., the one corresponding to the request to the server you're interested in, which resulted in the redirect response)
  4. Click on the Security tab (half-way down, still within Network)

This will let you view certificate info such as the issuee common name, issuer details, validity period and fingerprints.

This worked for me on a site responding with a 301 redirect to another HTTPS website. (Unfortunately the accepted answer just gave me the certificate for the final destination page.)


Solution 3:

Also, there is a graphical tool for Windows with detailed text trace: SSL Certificate Verifier Tool and tool description: Verifying The SSL Certificates with a tool and here is an example of how it handles redirects:

enter image description here