View the SSL certificate of a page that immediately redirects to another
Solution 1:
Use openssl s_client piped to openssl x509:
$ openssl s_client -connect foo.example.com:443 < /dev/null | openssl x509 -text
(Add -servername foo.example.com
to the s_client command if the server uses SNI.)
The redirection of stdin from /dev/null for the first invocation of openssl will prevent it from hanging waiting for input.
Solution 2:
In Firefox 57, if you open the Developer Tools and go to the Network tab:
- Make sure
Persist Logs
is checked - Visit the URL of interest
- Click on the top row (i.e., the one corresponding to the request to the server you're interested in, which resulted in the redirect response)
- Click on the
Security
tab (half-way down, still withinNetwork
)
This will let you view certificate info such as the issuee common name, issuer details, validity period and fingerprints.
This worked for me on a site responding with a 301 redirect to another HTTPS website. (Unfortunately the accepted answer just gave me the certificate for the final destination page.)
Solution 3:
Also, there is a graphical tool for Windows with detailed text trace: SSL Certificate Verifier Tool and tool description: Verifying The SSL Certificates with a tool and here is an example of how it handles redirects: