Skip to main content

How to extract an SSL certificate from a website in Chrome

This is a quick post about extracting SSL certificates from websites, we'll need this step for some of the future posts that I'm going to write about SSL and HTTPS stuff.

In general, you may want to extract this whenever you are trying to use some tool (not a web browser) or a code to access this website. Then after extracting this, you will require to install this into your tool or framework. With this post, I'm just covering the extraction part.

I'll use the Chrome browser since it is one of the common browsers that is being used.


In my example, I'm going to extract the public certificate of https://letsencrypt.org/. (Let's Encrypt is one of the free Certificate Authority, probably I'll discuss this in one of the future posts.)


1. First, go to the website using the Chrome web browser.

The website has to be in HTTPS. Otherwise, we don't want to do this in the first place. So, make sure your URL is starting with https://...

2. Click on the padlock icon of the browser on the left in the URL and select the Certificate from the menu as below.




Then you will see the certificate dialog box as below.


In the General tab, you can see some of the basic information about this certificate. Who issued this, when it was certified (valid from) and when it expires (to) and to whom it was issued.


3. Go to the Details tab


4. Click on the Copy to File


5. Click Next in the Certificate Export Wizard, then you will see the below screen to select the certificate export options.

Note: Why we selected that is because most of the tools support this format. For example, if you want to add this into the Java Trust store, it would be ideal and it supports Java keytool as well. However, the selection depends on what you are going to do with the certificate.


6. Select Base-64 encoded X.509 (.CER) and hit Next


7. Provide the file path to export. The name can be anything, just to represent the website, I have used the website name.

8. If you click next, it will show a message that it successfully exported.

If you open up the extracted certificate using a text editor, it will look like below.


If it looks like that, then you have successfully extracted the public certificate of the website you wanted.



Labels:

Comments

Post a Comment

Popular posts from this blog

Install Docker on Windows 11 with WSL Ubuntu 22.04

This is to install Docker within Ubuntu WSL without using the Windows Docker application. Follow the below steps. Install Ubuntu 22.04 WSL 1. Enable Windows Subsystem for Linux and Virtual Machine platform Go to Control Panel -> Programs -> Programs and Features -> Turn Windows features on or off 2. Switch to WSL 2 Open Powershell and type in the below command. wsl --set-default-version 2 If you don't have WSL 2, download the latest WSL 2 package and install it.  3. Install Ubuntu Open Microsoft Store and search for Ubuntu. Select the version you intend to install. I'd use the latest LTS version Ubuntu 22.04. Click on the Get button. It will take a couple of minutes to download and install. 4. Open up the installed Ubuntu version that was installed. If you get an error like the below image, make sure to install the WSL2 Kernel update .  If it's an older Ubuntu version the error message would be something like the image below. Error: WSL 2 requires an update to its
1 comment
Read more

How to fix SSLHandshakeException PKIX path building failed in Java

TL ; DR 1. Extract the public certificate of the website/API that you are trying to connect from your Java application. Steps are mentioned in this post 2. Use the Java keytool to install the extracted certificate into the "cacerts" file (Trust store) keytool -import -trustcacerts -alias <domain name> -file <public certificate>.cert -keystore /path_to_java_home/jre/lib/security/cacerts -storepass changeit 3. Restart your Java application Exception A typical exception stack trace would look like below. javax.net.ssl. SSLHandshakeException : sun.security.validator.ValidatorException: PKIX path building failed : sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshake
Post a Comment
Read more

How to set terminal title in Ubuntu 18.04 LTS

In older Ubuntu versions, you could have just right-clicked on the Ubuntu Terminal window's title bar and set any title you would like. But unfortunately after Ubuntu 18.04 LTS this feature is gone. I used to love this feature because I'm multiple tabs in the single terminal window kind of a guy. I usually like to work in multiple named terminal tabs like below. By default, in newer Ubuntu version, it is showing just the current directory. Let's see how we can do this. Ubuntu prompt In ubuntu's Bash, there's an environment variable $PS1 which is responsible for the details that the command line prompts. You'll be able to echo this and see what's inside it. If I echo it it will print something like this. echo $PS1 \[\e]0;\u@\h: \w\a\]${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ If you really want to understand what this means, you can refer this page .  Updating the termina
6 comments
Read more