Command Line Tools Guide
Red Hat Certificate System                                                            
Previous
 Contents
 Index
 Next

Chapter 10

Pretty Print Certificate Tool

You can use the Pretty Print Certificate tool to print the contents of a certificate stored as ASCII base-64 encoded data in a human-readable form.

The chapter has the following sections:

Location

The tool is located with the rest of the command-line tools in this directory: <server_root>/bin/cert/tools

Syntax

To run the Pretty Print Certificate tool, type the following command:

PrettyPrintCert[.bat] [options] <input_file> [<output_file>]

.bat specifies the file extension; this is required only when running the utility on a Windows NT system.
[options] consists of "-simpleinfo," which prints limited certificate information in an easy to parse format.
<input_file> specifies the path to the file that contains the ASCII base-64 encoded certificate.
<output_file> specifies the path to the file to write the certificate. This argument is optional; if you don't specify an output file, the certificate information is written to the standard output.

Examples

PrettyPrintCert.bat C:\test\cert.in C:\test\cert.out

The above command takes the ASCII base-64 encoded certificate in the cert.in file and writes the certificate in the pretty-print form to the output file named cert.out.

The base-64 encoded certificate (content of the cert.in file) would look similar to this: 

-----BEGIN CERTIFICATE-----

MIIC2DCCAkGgAwIBAgICEAwwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCVVMxIzA

hBgNVBAoTGlBhbG9va2FWaWxsZSBXaWRnZXRzLCBJbmMuMR0wGwYDVQQLExRXaWRnZX

QgTWFrZXJzICdSJyBVczEpMCcGA1UEAxMgVGVzdCBUZXN0IFRlc3QgVGVzdCBUZXN0I

FRlc3QgQ0EwHhcNOTkwMjE4MDMMzM5WhcNMDAwMjE4MDM0MzM5WjCBrjELMAkGA1UEB

hMCVVMxJjAkBgNVBAoTHU5ldHNjYXBlIENvbW11bmljYXRpb25zIENvcnAuMRUwEwYD

VQQLEwOZXRzY2FwZSBDTVMxGDAWBEBEwhtaGFybXNlbjEfMB0GA1UEAxWaW50ZGV2Y2

EgQWRtaW5pcwp0frfJOObeiSsia3BuifRHBNw95ZZQR9NIXr1x5bE

-----END CERTIFICATE-----

The certificate in pretty-print form (content of the cert.out file) would look similar to this: 

Certificate:
 
	Data:
 
	Version:  v3
 
	Serial Number: 0x100C
 
	Signature Algorithm: OID.1.2.840.113549.1.1.5 -1.2.840.113549.1.1.5
 
	Issuer: CN=Test CA,OU=Widget Makers 'R'Us,O=Example Corporation, 

		Widgets\,Inc.,C=US
 
	Validity:

		Not Before: Wednesday, February 17, 1999 7:43:39 PM

		Not  After: Thursday, February 17, 2000 7:43:39 PM
 
	Subject: MAIL=admin@example.com,CN=testCA Administrator, UID=admin, 

			OU=IS, O=Example Corporation,C=US
 
	Subject Public Key Info:

		Algorithm: RSA - 1.2.840.113549.1.1.1

		Public Key:

			30:81:89:02:81:81:00:DE:26:B3:C2:9D:3F:7F:FA:DF:

			24:E3:9B:7A:24:AC:89:AD:C1:BA:27:D1:1C:13:70:F7:

			96:59:41:1F:4D:21:7A:F5:C7:96:C4:75:83:35:9F:49:

			E4:B0:A7:5F:95:C4:09:EA:67:00:EF:BD:7C:39:92:11:

			31:F2:CA:C9:16:87:B9:AD:B8:39:69:18:CE:29:81:5F:

			F3:4D:97:B9:DF:B7:60:B3:00:03:16:8E:C1:F8:17:6E:

			7A:D2:00:0F:7D:9B:A2:69:35:18:70:1C:7C:AE:12:2F:

			0B:0F:EC:69:CD:57:6F:85:F3:3E:9D:43:64:EF:0D:5F:

			EF:40:FF:A6:68:FD:DD:02:03:01:00:01:
 
	Extensions:

		Identifier: 2.16.840.1.113730.1.1

			Critical: no

			Value: 03:02:00:A0:
 
		Identifier: Authority Key Identifier - 2.5.29.35

			Critical: no

			Key Identifier:

				EB:B5:11:8F:00:9A:1A:A6:6E:52:94:A9:74:BC:65:CF:

				07:89:2A:23:
 
	Signature:

		Algorithm: OID.1.2.840.113549.1.1.5 - 1.2.840.113549.1.1.5

		Signature:

			3E:8A:A9:9B:D1:71:EE:37:0D:1F:A0:C1:00:17:53:26:

			6F:EE:28:15:20:74:F6:C5:4F:B4:E7:95:3C:A2:6A:74:

			92:3C:07:A8:39:12:1B:7E:C4:C7:AE:79:C8:D8:FF:1F:

			D5:48:D8:2E:DD:87:88:69:D5:3A:06:CA:CA:9C:9A:55:

			DA:A9:E8:BF:36:BC:68:6D:1F:2B:1C:26:62:7C:75:27:

			E2:8D:24:4A:14:9C:92:C6:F0:7A:05:A1:52:D7:CC:7D:

			E0:9D:6C:D8:97:3A:9C:12:8C:25:48:7F:51:59:BE:3C:

			2B:30:BF:EB:0A:45:7D:A6:49:FB:E7:BE:04:05:D6:8F:

PrettyPrintCert.bat -simpleinfo C:\test\cert.in C:\test\cert.simple

The above command takes the ASCII base-64 encoded certificate in the cert.in file and writes simple information contained within the certificate to the output file named cert.simple.

The base-64 encoded certificate (content of the cert.in file) would look similar to this: 

-----BEGIN CERTIFICATE-----

MIIC2DCCAkGgAwIBAgICEAwwDQYJKoZIhvcNAQEFBQAwfDELMAkGA1UEBhMCVVMxIzA

hBgNVBAoTGlBhbG9va2FWaWxsZSBXaWRnZXRzLCBJbmMuMR0wGwYDVQQLExRXaWRnZX

QgTWFrZXJzICdSJyBVczEpMCcGA1UEAxMgVGVzdCBUZXN0IFRlc3QgVGVzdCBUZXN0I

FRlc3QgQ0EwHhcNOTkwMjE4MDMMzM5WhcNMDAwMjE4MDM0MzM5WjCBrjELMAkGA1UEB

hMCVVMxJjAkBgNVBAoTHU5ldHNjYXBlIENvbW11bmljYXRpb25zIENvcnAuMRUwEwYD

VQQLEwOZXRzY2FwZSBDTVMxGDAWBEBEwhtaGFybXNlbjEfMB0GA1UEAxWaW50ZGV2Y2

EgQWRtaW5pcwp0frfJOObeiSsia3BuifRHBNw95ZZQR9NIXr1x5bE

-----END CERTIFICATE-----

The simple certificate information (content of the cert.simple file) would look similar to this:

MAIL=admin@example.com
CN=testCA Administrator
UID=admin
OU=IS
O=Example Corporation
C=US




Previous
 Contents
 Index
 Next
© 2001 Sun Microsystems, Inc. Used by permission. © 2005 Red Hat, Inc. All rights reserved.
Read the Full Copyright and Third-Party Acknowledgments.

 last updated July 18, 2005