$ openssl x509 -in user-cert.pem -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1373122324 (0x51d82f14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CA
Validity
Not Before: Jul 6 14:52:05 2013 GMT
Not After : May 15 14:52:05 2023 GMT
Subject: UID=test,CN=A user
Inside the subject line, there can be multiple subparts, such as CN=xxx, DC=xxxx, UID=xxx, OU=xxx, C=xxx, ... Each subpart is represented in the certificate as an OID that is globally unique and registred with IETF. For example, the OID of CN is 2.5.4.3, and the OID of UID is 0.9.2342.19200300.100.1.1. How are we supposed to find out the OID? Openssl provides a command option for just.
openssl x509 -in user-cert.pem -text -noout -nameopt RFC2253,oid
This command will print out the cert with the OID=xxx instead of CN=xxx.
No comments:
Post a Comment