Given the following cert: 1root@php73:~# certbot certificates 2Saving debug log to /var/log/letsencrypt/letsencrypt.log 34- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 5Found the following certs: 6Certificate Name: php72.example.com 7Domains: php72.example.com php72.example.net 8Expiry …

We had this ssl cert issued by Network Solutions 1root@www:/etc/nginx/conf.d/ssl/example-2020# unzip -l EXAMPLE.ORG.zip 2Archive: EXAMPLE.ORG.zip 3Length Date Time Name 4--------- ---------- ----- ---- 52150 2020-07-14 16:59 DV_NetworkSolutionsDVServerCA2.crt 6Network Solutions DV Intermediate CA 72093 2020-07-14 16:59 …

Scenario: Cert was purchased originally for 5 years. Cert with that validity need to revalidate every 2 years as per https://www.digicert.com/shortening-validity-periods-for-ov-dv-certificates However, the cert has been configured with the following SAN: www.example1.com www.example2.com Problem: www.example2.com is …

Oneliner solution using the following command: 1~$ openssl crl2pkcs7 -nocrl -certfile www.example.org-bundle.crt | openssl pkcs7 -print_certs -noout With sample output as follows: 1~$ openssl crl2pkcs7 -nocrl -certfile www.example.org-bundle.crt | openssl pkcs7 -print_certs -noout 2subject=/OU=Domain Control …

From Comodo Email after verifying domain ownership, got this hints: 1Root CA Certificate - AAACertificateServices.crt 2Intermediate CA Certificate - USERTrustRSAAAACA.crt 3Intermediate CA Certificate - SectigoRSADomainValidationSecureServerCA.crt 4Your PositiveSSL Multi-Domain Certificate - 378394251.crt Generate the …

1cat AddTrustExternalCARoot.crt COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt >> cert-chain.pem NOTE: This is the inverse of "Creating an SSL Bundle out of Comodo Positive SSL" which seems valid as well. Not sure if it's valid in any order.

Given this list of files given by Comodo 1Root CA Certificate - AddTrustExternalCARoot.crt 2Intermediate CA Certificate - USERTrustRSAAddTrustCA.crt 3Intermediate CA Certificate - SectigoRSADomainValidationSecureServerCA.crt 4Your PositiveSSL Multi-Domain Certificate - 285695299.crt Do the following: 1cat 285695299.crt …

Check a Certificate Signing Request (CSR) 1openssl req -text -noout -verify -in CSR.csr Check a private key 1openssl rsa -in privateKey.key -check Check a certificate 1openssl x509 -in certificate.crt -text -noout Check a PKCS#12 file (.pfx or .p12) 1openssl pkcs12 -info -in keyStore.p12 See …

All the certificates (including Intermediates) should be displayed 1openssl s_client -connect www.google.com:443 Web UI checking possible in https://www.sslshopper.com/ssl-checker.html

Convert a DER file (.crt .cer .der) to PEM 1openssl x509 -inform der -in certificate.cer -out certificate.pem Convert a PEM file to DER 1openssl x509 -outform der -in certificate.pem -out certificate.der Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM 1openssl pkcs12 -in …