openssl 查看证书细节

利用curl对域名https证书做过期检查

命令:curl -vvl https://www.moneyslow.com ,结果如下:

curl -vvl https://www.moneyslow.com
*   Trying 43.129.234.94...
* TCP_NODELAY set
* Connected to www.moneyslow.com (43.129.234.94) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=moneyslow.com
*  start date: Dec 19 00:00:00 2023 GMT
*  expire date: Dec 18 23:59:59 2024 GMT
*  subjectAltName: host "www.moneyslow.com" matched cert's "www.moneyslow.com"

主要看日期,另外最后一行是否是“matched”。