How to decode a certificate
Article ID: 298258
Updated On:
Products
VMware Tanzu Application Service for VMs
Issue/Introduction
This article includes the steps necessary to decode the contents of a certificate using a console.
Environment
Product Version: 2.10
Resolution
In certain situations it is required to access the contents of a certificate for different purposes. In order to do this we can use console tools that the platform offers. An easy way to do this is doing SSH into the OpsMan VM to do the decode from there.
First you need to have the certificate. It will need to be placed on a text file. The extension of the file can be .crt, .txt, etc. It is important to make sure that there are no extra spaces or any extra characters when creating the file as this will result in an error when trying to decode.
Once the file has been created, using the console you can run the following command:
openssl x509 -noout -text -in <file_name>
The output of this command will show the contents of the certificate as the example seen below:
root@opsmgr-23-slot-##-#####-###-###:# openssl x509 -noout -text -in decode-test.txt
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f5:b3:5e:c8:1b:##:##:fe:##:a1:63:##:bf:##:95:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Example Issuer
Validity
Not Before: Apr 21 14:38:11 2022 GMT
Not After : Apr 18 14:38:11 2032 GMT
Subject: CN=*.run.foundation.example.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
.
.
.
.
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Authority Key Identifier:
keyid:17:56:CC:10:F2:8D:##:EE:##:FA:##:58:##:7E:BD:##:75:A9:##:3E
X509v3 Subject Alternative Name:
DNS:*.run.foundation.example.com, DNS:*.apps.foundation.example.com, DNS:*.login.foundation.example.com, DNS:*.uaa.foundation.example.com
Signature Algorithm: sha256WithRSAEncryption
.
.
.
.
Feedback
Yes
No
Powered by
