问题
How do I check if my SSL Certificate is using SHA1 or SHA2, from the commandline?
And yes, i this is similar to this, but i need a cli-tool and i want to understand how it is done.
回答1:
after googling for quite some time i came up with the following snippet (unix):
openssl s_client -connect <host>:<port> < /dev/null 2>/dev/null | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"
windows (thanx Nick Westgate, see below)
certutil -dump cacert.pem | find "Algorithm"
回答2:
I know the topic is old but I think
openssl x509 -in yourcert.crt -text -noout | grep "Signature Algorithm"
would be an easier solution.
回答3:
You didn't specify a platform, but in a Windows command prompt you can use:
certutil -dump cacert.pem | find "Algorithm"
回答4:
In PowerShell
PS C:\> certutil -dump cacert.pem | findstr "Algorithm"
来源:https://stackoverflow.com/questions/26473076/how-do-i-check-if-my-ssl-certificate-is-sha1-or-sha2-on-the-commandline