Objective: Get, dump or display the
Subject Alternative Name (SAN) field from SSL certificate.
To print the SAN field from Google’s SSL certificate, use the following command syntax.
$ echo|openssl s_client -connect google.com:443 2>/dev/null | openssl x509 -noout -text | grep "Subject Alternative Name" -A2 | grep -Eo "DNS:[a-zA-Z 0-9.*-]*" | sed "s/DNS://g" *.google.com *.android.com *.appengine.google.com *.cloud.google.com *.google-analytics.com *.youtube.com android.com google-analytics.com google.com youtube.com ... [output truncated]
Each DNS host in the SAN field will be printed on a separate line. The command uses extended
grep and it has only been tested to be working on Linux.
If you would like to print the SAN field from a certificate file, use the following syntax.
$ openssl x509 -in /path/to/cert.pem -noout -text | grep "Subject Alternative Name" -A2 | grep -Eo "DNS:[a-zA-Z 0-9.*-]*" | sed "s/DNS://g" *.example.com example.com
cert.pem is the input certificate file from which the SAN field has to be dumped.