There are indeed using openssl:
openssl x509 -in cacert.pem -noout -purpose -subject
will return you an entire bunch of capabilities your certificate works with.
openssl x509 -in cert.pem -noout -purpose -subject
Certificate purposes:
SSL client : Yes
SSL client CA : Yes
SSL server : Yes
SSL server CA : Yes
Netscape SSL server : Yes
Netscape SSL server CA : Yes
S/MIME signing : Yes
S/MIME signing CA : Yes
S/MIME encryption : Yes
S/MIME encryption CA : Yes
CRL signing : Yes
CRL signing CA : Yes
Any Purpose : Yes
Any Purpose CA : Yes
OCSP helper : Yes
OCSP helper CA : Yes
subject= /C=DE/ST=Bayern/L=City/O=OrganizationOU=Home/CN=xxxxxxx.xxxxxxx.xxx/emailAddress=xxxxxxx@xxxxxxxxx.xxx
|
Entered by smurphy on Friday, 14 November 2008 @ 16:15:21
|
Cryptography stuff - Common Linux problems, # Hits: 95497
|