To check a host’s TLS (Transport Layer Security) certificate details using the macOS Terminal, you can use the openssl command. OpenSSL is a powerful tool that provides various SSL and TLS-related functionalities. Here’s how you can use it to check the TLS certificate of a host:
The basic command format to check a TLS certificate is:
openssl s_client -connect host:port
To check the TLS certificate for www.example.com on port 443, you would use:
openssl s_client -connect www.example.com:443
To view the certificate chain and more details, add -showcerts to the command:
openssl s_client -connect www.example.com:443 -showcerts
To get just the server certificate, you can pipe the output to openssl x509:
openssl s_client -connect www.example.com:443 | openssl x509 -text
If you want to check the connection using a specific TLS version, you can specify it using -tls1_2 or another relevant version flag.
For example, to use TLS 1.2, the command would be:
openssl s_client -connect www.example.com:443 -tls1_2