curl 명령어로 인증서 정보 확인

curl명령어로 SSL인증서 정보를 확인하려면 아래 명령어를 사용하면 된다.

curl -vI <https site> 

[root@kvm31 ~]# curl -vI https://atl.kr
* Rebuilt URL to: https://atl.kr/
*   Trying 119.203.241.130...
* TCP_NODELAY set
* Connected to atl.kr (119.203.241.130) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Request CERT (13):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, [no content] (0):
* TLSv1.3 (OUT), TLS handshake, Certificate (11):
* TLSv1.3 (OUT), TLS handshake, [no content] (0):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=atl.kr
*  start date: May 11 09:22:13 2022 GMT
*  expire date: Aug  9 09:22:12 2022 GMT
*  subjectAltName: host "atl.kr" matched cert's "atl.kr"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.3 (OUT), TLS app data, [no content] (0):
* TLSv1.3 (OUT), TLS app data, [no content] (0):
* TLSv1.3 (OUT), TLS app data, [no content] (0):
* Using Stream ID: 1 (easy handle 0x55bb091ff690)
* TLSv1.3 (OUT), TLS app data, [no content] (0):
> HEAD / HTTP/2
> Host: atl.kr
> User-Agent: curl/7.61.1
> Accept: */*
> 
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, [no content] (0):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS app data, [no content] (0):
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
* TLSv1.3 (OUT), TLS app data, [no content] (0):
* TLSv1.3 (IN), TLS app data, [no content] (0):
< HTTP/2 200 
HTTP/2 200 
< date: Fri, 01 Jul 2022 01:10:41 GMT
date: Fri, 01 Jul 2022 01:10:41 GMT
< server: Apache/2.4.53 (Debian)
server: Apache/2.4.53 (Debian)
< last-modified: Thu, 18 Jun 2015 15:48:40 GMT
last-modified: Thu, 18 Jun 2015 15:48:40 GMT
< etag: "9f-518ccbdd2d802"
etag: "9f-518ccbdd2d802"
< accept-ranges: bytes
accept-ranges: bytes
< content-length: 159
content-length: 159
< vary: Accept-Encoding
vary: Accept-Encoding
< content-type: text/html
content-type: text/html
< cache-control: no-cache, max-age=600
cache-control: no-cache, max-age=600
< strict-transport-security: max-age=63072000
strict-transport-security: max-age=63072000

< 
* Connection #0 to host atl.kr left intact