How to save a remote server SSL certificate locally as a file

If you have access to OpenSSL, try

openssl s_client -connect {HOSTNAME}:{PORT} -showcerts

replacing {HOSTNAME} and {PORT} with whatever your values are.

A quick method to get the certificate pulled and downloaded would be to run the following command which pipes the output from the -showcerts to the x509 ssl command which just strips everything extraneous off. For example:

openssl s_client -showcerts -connect </dev/null 2>/dev/null|openssl x509 -outform PEM >mycertfile.pem

To use the certificate, with wget,

wget https:/ --ca-certificate=mycertfile.pem

To be honest, I have never tried this before (never needed to) however, I have just tried in Firefox and it seems to work for saving:

  1. Click on the SSL certificate icon at the top / Padlock at the bottom.
  2. Click View Certificate
  3. Click on the Details Tab
  4. Chose which certificate you want from the hierarchy [not circled in picture]
  5. Click Export

alt text