0

We have an organizational level SSL that exist on one of our testing servers. Is there a way to find who created it or to see if an application is bound to it?

SJaka
  • 145
  • 1
  • 3
  • 14
  • 1
    Does this answer your question? [How do I view the details of a digital certificate .cer file?](https://serverfault.com/questions/215606/how-do-i-view-the-details-of-a-digital-certificate-cer-file) – Michael Hampton Sep 28 '20 at 19:21

1 Answers1

2

The issuer created it. The name of the issuer is embedded as a mandatory field within the certificate. If you want to know who within your organisation dealt with the issuer, then they should be able to help you as their registration authority should be keeping records.

The application bound to the certificate can be found by looking through the configuration of all the services running on the server, or scanning ports on the server to see if the application on a port presents the certificate as part of their TLS handshake (or IPSec etc.).

There are specific certificate lifecycle management tools available to help you with these important tasks, but they can be expensive. Some attempt to write their own by scripting openssl s_client or similar to scan services for certificates.

garethTheRed
  • 4,009
  • 13
  • 20