Checking an SSL certificate for SHA-2 hash algorithm
Assuming the SSL certificate is stored in a file called example.crt, you can use the following OpenSSL command to display the details of the SSL certificate.
$ openssl x509 -noout -text -in example.crt
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
..
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
Validity
Not Before: Sep 10 00:00:00 2014 GMT
Not After : Sep 10 23:59:59 2015 GMTThe Signature Algorithm represents the hash algorithm used to sign the SSL certificate.
$ openssl x509 -noout -text -in example.crt | grep 'Signature Algorithm'
Signature Algorithm: sha256WithRSAEncryptionIf the value is sha256WithRSAEncryption, the certificate is using SHA-256 (also known as SHA-2). Another common value is sha1WithRSAEncryption, that means the certificate is signed with SHA-1.
If you haven't received the SSL certificate yet, you can check if the CSR is hashed with SHA-2.
Written by Simone Carletti
Related protips
1 Response
Nice
over 1 year ago
·
Have a fresh tip? Share with Coderwall community!
Post
Post a tip
Best
#Shell
Authors
Sponsored by #native_company# — Learn More
#native_title#
#native_desc#