Back
Syntax
Study
Editor
Mode:
HTML
CSS
JavaScript
PHP
Reset
Run »
HTML / CSS / JS
# Inspect a live TLS certificate chain with openssl # Full handshake dump — shows TLS version, cipher, and certificate chain openssl s_client -connect example.com:443 -showcerts # Extract just the leaf certificate and print human-readable details openssl s_client -connect example.com:443 </dev/null 2>/dev/null \ | openssl x509 -noout -text \ | grep -E 'Subject:|Issuer:|Not Before|Not After|DNS:' # Check which TLS versions the server accepts for version in tls1_2 tls1_3; do result=$(openssl s_client -connect example.com:443 -$version </dev/null 2>&1) if echo "$result" | grep -q "CONNECTED"; then echo "$version: SUPPORTED" else echo "$version: NOT supported" fi done # Verify a certificate file against a CA bundle openssl verify -CAfile /etc/ssl/certs/ca-certificates.crt server.crt # Check certificate expiry (exit 1 if expiring within 30 days) openssl x509 -checkend $((30*86400)) -noout -in server.crt \ && echo "Certificate is valid for at least 30 more days" \ || echo "WARNING: certificate expires within 30 days"
Result
Open