List containing files
$ ls cert9.db key4.db pkcs11.txt
| cert9.db | SQLite database | Certificate store |
| key4.db | SQLite database | Password store |
| pkcs11.txt | Text file | Init parameter |
Show containing certificates
$ certutil -L -d sql:.
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
DigiCert TLS RSA SHA256 2020 CA1 ,,
DigiCert SHA2 Secure Server CA ,,
Amazon ,,
R3 ,,
GTS CA 1O1 ,,
Show certificate details (here: Amazon)
$ certutil -L -d sql:. -a -n "Amazon" | openssl x509 -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:7f:94:57:85:87:e8:ac:77:de:b2:53:32:5b:bc:99:8b:56:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Amazon, CN=Amazon Root CA 1
Validity
Not Before: Oct 22 00:00:00 2015 GMT
Not After : Oct 19 00:00:00 2025 GMT
Subject: C=US, O=Amazon, OU=Server CA 1B, CN=Amazon
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c2:4e:16:67:dd:ce:bc:6a:c8:37:5a:ec:3a:30:
b0:1d:e6:d1:12:e8:12:28:48:cc:e8:29:c1:b9:6e:
53:d5:a3:eb:03:39:1a:cc:77:87:f6:01:b9:d9:70:
cc:cf:6b:8d:e3:e3:03:71:86:99:6d:cb:a6:94:2a:
4e:13:d6:a7:bd:04:ec:0a:16:3c:0a:eb:39:b1:c4:
b5:58:a3:b6:c7:56:25:ec:3e:52:7a:a8:e3:29:16:
07:b9:6e:50:cf:fb:5f:31:f8:1d:ba:03:4a:62:89:
03:ae:3e:47:f2:0f:27:91:e3:14:20:85:f8:fa:e9:
8a:35:f5:5f:9e:99:4d:e7:6b:37:ef:a4:50:3e:44:
ec:fa:5a:85:66:07:9c:7e:17:6a:55:f3:17:8a:35:
1e:ee:e9:ac:c3:75:4e:58:55:7d:53:6b:0a:6b:9b:
14:42:d7:e5:ac:01:89:b3:ea:a3:fe:cf:c0:2b:0c:
84:c2:d8:53:15:cb:67:f0:d0:88:ca:3a:d1:17:73:
f5:5f:9a:d4:c5:72:1e:7e:01:f1:98:30:63:2a:aa:
f2:7a:2d:c5:e2:02:1a:86:e5:32:3e:0e:bd:11:b4:
cf:3c:93:ef:17:50:10:9e:43:c2:06:2a:e0:0d:68:
be:d3:88:8b:4a:65:8c:4a:d4:c3:2e:4c:9b:55:f4:
86:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
X509v3 Subject Key Identifier:
59:A4:66:06:52:A0:7B:95:92:3C:A3:94:07:27:96:74:5B:F9:3D:D0
X509v3 Authority Key Identifier:
keyid:84:18:CC:85:34:EC:BC:0C:94:94:2E:08:59:9C:C7:B2:10:4E:0A:08
Authority Information Access:
OCSP - URI:http://ocsp.rootca1.amazontrust.com
CA Issuers - URI:http://crt.rootca1.amazontrust.com/rootca1.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.rootca1.amazontrust.com/rootca1.crl
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Signature Algorithm: sha256WithRSAEncryption
85:92:be:35:bb:79:cf:a3:81:42:1c:e4:e3:63:73:53:39:52:
35:e7:d1:ad:fd:ae:99:8a:ac:89:12:2f:bb:e7:6f:9a:d5:4e:
72:ea:20:30:61:f9:97:b2:cd:a5:27:02:45:a8:ca:76:3e:98:
4a:83:9e:b6:e6:45:e0:f2:43:f6:08:de:6d:e8:6e:db:31:07:
13:f0:2f:31:0d:93:6d:61:37:7b:58:f0:fc:51:98:91:28:02:
4f:05:76:b7:d3:f0:1b:c2:e6:5e:d0:66:85:11:0f:2e:81:c6:
10:81:29:fe:20:60:48:f3:f2:f0:84:13:53:65:35:15:11:6b:
82:51:40:55:57:5f:18:b5:b0:22:3e:ad:f2:5e:a3:01:e3:c3:
b3:f9:cb:41:5a:e6:52:91:bb:e4:36:87:4f:2d:a9:a4:07:68:
35:ba:94:72:cd:0e:ea:0e:7d:57:f2:79:fc:37:c5:7b:60:9e:
b2:eb:c0:2d:90:77:0d:49:10:27:a5:38:ad:c4:12:a3:b4:a3:
c8:48:b3:15:0b:1e:e2:e2:19:dc:c4:76:52:c8:bc:8a:41:78:
70:d9:6d:97:b3:4a:8b:78:2d:5e:b4:0f:a3:4c:60:ca:e1:47:
cb:78:2d:12:17:b1:52:8b:ca:39:2c:bd:b5:2f:c2:33:02:96:
ab:da:94:7f