Check if SSL certificate is SHA1 or SHA2

This article was published 5 years ago. Due to the rapidly evolving world of technology, some concepts may no longer be applicable.

I recently needed to check if the certificate I’d been provided with was SHA1 or SHA2. Stack Overflow helped, but here’s a copy for posterity:

For a given website:

openssl s_client -connect <host>:<port> < /dev/null 2>/dev/null | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"

For a file on disk:

openssl x509 -text -in /path/to/public.crt | grep "Signature Algorithm"

Thoughts on this post

Leave a comment?