Skip to content

Instantly share code, notes, and snippets.

@SyeedHasan

SyeedHasan/x509-certificates.md

Last active February 16, 2022 04:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save SyeedHasan/1df91d0e5628ef2a5971fac0bec197fe to your computer and use it in GitHub Desktop.
Save SyeedHasan/1df91d0e5628ef2a5971fac0bec197fe to your computer and use it in GitHub Desktop.
Download ZIP
Managing X509 certificates - creation, conversion, etc.
Raw
x509-certificates.md

Acquiring TLS Certificates from Shodan

  1. Head to the Raw Version of the report
  2. Go to the SSL section
    2A. Use the 'cert' section to retrieve fingerprints of the certificate (SHA1/MD5 of the certificate in DER format)
    2B. Use the 'chain' section to retrieve the certificate in PEM (might require some form of cleaning before its usable)

Creation of an X509 Certificate

openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem

Decode Certificate to Text

openssl x509 -text -noout -in certificate.pem

Save Text-based Certificate

Create a .cer file for the certificate [unverified]

Convert PEM to DER

openssl x509 -in CensysPEM.pem -outform DER -out RandomCertInDER.cer

Calculate Fingerprint of an X509 Certificate

Convert the certificate to DER form (if it isn't in DER form) then calculate the hash:
openssl x509 -in certificateInPem.pem -outform DER -out certificateInDer.cer
sha1sum certificateInDer.cer

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment