I recently needed to check if the certificate I’d been provided with was SHA1 or SHA2. Stack Overflow helped, but here’s a copy for posterity:
For a given website:
openssl s_client -connect <host>:<port> < /dev/null 2>/dev/null | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"
For a file on disk:
openssl x509 -text -in /path/to/public.crt | grep "Signature Algorithm"
Michael is a polyglot software engineer, committed to reducing complexity in systems and making them more predictable. Working with a variety of languages and tools, he shares his technical expertise to audiences all around the world at user groups and conferences. You can follow @mheap on Twitter