casting the serial number
I noticed that the serial numbers specified in info
do not match the files on disk.
$ ../tlsctl-linux-amd64 info --path git.watertower/4111
---
Serial: 100f
Subject:
OpenSSL shows them both:
$ openssl x509 -text -noout -in git.watertower/4111
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4111 (0x100f)
Noticed when working with CAChain.crt
, because the specified serials don't match the filenames - should you want to inspect the certs direct.
$ ../tlsctl-linux-amd64 info --path gitlab.com/CAChain.crt | grep Serial
Serial: 1a407c8e793fcf051e22a0b2989de64
Serial: 7a29851ab7f45d6679506641b6ffd71d
Serial: 4000000000121585308a2
$ ls gitlab.com/
162381399334300351237757892920061450013 2180922574754299852229941692052659812 4835703278459759426209954 CAChain.crt
linux binary off: https://gitlab.com/gitlab-org/ci-cd/runner-tools/tlsctl/-/pipelines/398129810