从命令行获取HTTPS服务器的证书指纹？ [英] Get certificate fingerprint of HTTPS server from command line?

问题描述

最近，Mercurial在连接到HTTPS服务器时已添加证书验证。我试图克隆一个googlecode项目的wiki仓库 https://wiki.pydlnadms.googlecode.com/hg/ ，但证书是 *。googlecode.com 。我的印象是，这被称为通配符域并且对所有子域有效，但我收到错误：

Recently Mercurial has added certificate validation when connecting to HTTPS servers. I'm trying to clone the wiki repository for a googlecode project at https://wiki.pydlnadms.googlecode.com/hg/, but the certificate is for *.googlecode.com. I was under the impression that this is called a wildcard domain and valid for all subdomains, but I'm receiving the error:

matt@stanley:~/src$ hg clone https://wiki.pydlnadms.googlecode.com/hg/ pydlnadms-wiki
abort: wiki.pydlnadms.googlecode.com certificate error: certificate is for *.googlecode.com

据说我需要将证书指纹添加到我的hgrc。 如何从命令行检索此指纹？

Allegedly I need to add the certificate fingerprint to my hgrc. How do I retrieve this fingerprint from the command line?

父问题：在Google代码上托管图片

推荐答案

p> http://wiki.debuntu.org/wiki/OpenSSL#Retrieving_certificate_informations 中的页面列出了命令行为此（并打印出相关信息）。从该页面和一些man页面，它看起来像你想要的是（对于bash）：

The page at http://wiki.debuntu.org/wiki/OpenSSL#Retrieving_certificate_informations lists the command lines for that (and printing out the relevant information). From that page and some of the man pages, it seems like what you want is (for bash):

openssl s_client -connect <host>:<port> < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin

如果要整个证书， | 符号及其后的所有内容。

If you want the whole certificate, leave off the | symbol and everything after it.

这篇关于从命令行获取HTTPS服务器的证书指纹？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！