Get SSL Certificate from Server (Site URL) – Export & Download

Someday you may need to get the SSL certificate of a website and save it locally.

For example, you could get an error saying that you can’t clone a Git repository due to a self-signed certificate and to resolve this issue you would need to download the SSL certificate and make it trusted by your Git client.

In the following article i am showing how to export the SSL certificate from a server (site URL) using Google Chrome, Mozilla Firefox and Internet Explorer browsers as well as how to get SSL certificate from the command line, using openssl command.

Cool Tip: Create a self-signed SSL Certificate! Read more →

Export SSL Certificate

Google Chrome

Export the SSL certificate of a website using Google Chrome:

  1. Click the Secure button (a padlock) in an address bar
  2. Click the Show certificate button
  3. Go to the Details tab
  4. Click the Export button
  5. Specify the name of the file you want to save the SSL certificate to, keep the “Base64-encoded ASCII, single certificate” format and click the Save button

Mozilla Firefox

Export the SSL certificate of a website using Mozilla Firefox:

  1. Click the Site Identity button (a padlock) in an address bar
  2. Click the Show connection details arrow
  3. Click the More Information button
  4. Click the View Certificate button
  5. Go to the Details tab
  6. Click the Export button
  7. Specify the name of the file you want to save the SSL certificate to, keep the “X.509 Certificate (PEM)” format and click the Save button

Cool Tip: Check the expiration date of the SSL Certificate from the Linux command line! The fastest way! Read more →

Internet Explorer

Download and save the SSL certificate of a website using Internet Explorer:

  1. Click the Security report button (a padlock) in an address bar
  2. Click the View Certificate button
  3. Go to the Details tab
  4. Click the Copy to File... button
  5. Click the Next button
  6. Select the “Base-64 encoded X.509 (.CER)” format and click the Next button
  7. Specify the name of the file you want to save the SSL certificate to
  8. Click the Next and the Finish buttons

OpenSSL

Get the SSL certificate of a website using openssl command:

$ echo | openssl s_client -servername NAME -connect HOST:PORT |\
  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > certificate.crt

Short explanation:

Option Description
-connect HOST:PORT The host and port to connect to
-servername NAME The TLS SNI (Server Name Indication) extension (website)
certificate.crt Save SSL certificate to this file

Example:

$ echo | openssl s_client -servername google.com -connect google.com:443 |\
  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > certificate.crt