Dns and ip not seen in node certificate

Using bin/elasticsearch-certutil to create node certificate, with --name, --dns, --ip, then using
openssl pkcs12 -info -in <node-certificate.p12>,
I can only see the CN (common name) of the certificate, but no dns and ip information.
So how can I see these information?

AFAIK one cannot print the SANs of a certificate from a PKCS#12 container using openssl pkcs12 so this is not something related to elasticsearch-certutil.

You can, instead use pkcs12 to get the certificate and then x509 to get the information of the Certificate. This would look something like :

openssl pkcs12 -in node-certificate.p12 -nokeys -clcerts | openssl x509 -text -noout

and look for something similar to

 X509v3 Subject Alternative Name: 
                DNS:name.com, IP Address:

in the output.

It is done. Thanks!

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.