正文
curl --resolve 查看证书情况
小程序:扫一扫查出行【扫一扫了解最新限行尾号】
复制小程序
通过curl 解析证书
[root@harbor ~]# curl --resolve 'www.abc.com:127.0.0.1' https://www.abc.com/ -vvv
* Couldn't parse CURLOPT_RESOLVE entry 'www.abc.com:127.0.0.1'!
* Trying 117.121.111.212:...
* TCP_NODELAY set
* Connected to www.abc.com (117.121.111.212) port (#)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1. (OUT), TLS header, Certificate Status ():
* TLSv1. (OUT), TLS handshake, Client hello ():
* TLSv1. (IN), TLS handshake, Server hello ():
* NPN, negotiated HTTP1.
* TLSv1. (IN), TLS handshake, Certificate ():
* TLSv1. (IN), TLS handshake, Server key exchange ():
* TLSv1. (IN), TLS handshake, Server finished ():
* TLSv1. (OUT), TLS handshake, Client key exchange ():
* TLSv1. (OUT), TLS change cipher, Change cipher spec ():
* TLSv1. (OUT), TLS handshake, Next protocol ():
* TLSv1. (OUT), TLS handshake, Finished ():
* TLSv1. (IN), TLS change cipher, Change cipher spec ():
* TLSv1. (IN), TLS handshake, Finished ():
* SSL connection using TLSv1. / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=CN; ST=\U5317\U4EAC\U5E02; L=\U5317\U4EAC\U5E02; O=\U5FC3\U533B\U56FD\U9645\U6559\U80B2\U79D1\U6280(\U5317\U4EAC)\U6709\U9650\U516C\U53F8; OU=IT; CN=*.abc.com
* start date: Mar :: GMT
* expire date: Dec :: GMT
* subjectAltName: host "www.abc.com" matched cert's "*.abc.com"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=GeoTrust RSA CA
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: www.xinyixy.com
> User-Agent: curl/7.67.
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Server: xinyixy web server
< Date: Thu, 28 Nov 2019 02:51:05 GMT
< Content-Length: 0
< Connection: keep-alive
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Location: http://www.abc.com/index
< Content-Language: en-US
<
* Connection #0 to host www.abc.com left intact
