To check for SSL certificate details, I use the following command line tool ever since it's become available:
https://github.com/azet/tls_tools
It's great to double-check you have all info correct for re-issuing certs or validating existing ones, and also as few dependencies AND it requires no setup.
This is what the first few lines of the output look like:
$ ./check_certificate_chain.py gnupg.org 443>> Certificate Chain: [+]* OU=Domain Control Validated, OU=Gandi Standard SSL, CN=gnupg.org [+]** C=FR, O=GANDI SAS, CN=Gandi Standard SSL CA [+]*** C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware>> Certificate Information:................................................................................- [Subject]: OU=Domain Control Validated, OU=Gandi Standard SSL, CN=gnupg.org- [Issuer]: C=FR, O=GANDI SAS, CN=Gandi Standard SSL CA- [Valid from]: Mar 18 00:00:00 2014 GMT- [Valid until]: Mar 18 23:59:59 2016 GMT- [Authority]: Is not a CA- [Version]: 2- [Serial No.]: 43845251655098616578492338727643475746- [X.509 Extension Details]: -- [x509_authorityKeyIdentifier]: keyid:B6:A8:FF:A2:A8:2F:D0:A6:CD:4B:B1:68:F3:E7:50:10:31:A7:79:21 That output is followed by the whole certificate chain at the same level of detail.
What I like that instead of being a ssl-centric cli tool like openssl's s_client, this one tries to just do the one job we need most of the time. Of course openssl is more flexible (i.e. also checking clientcerts, imaps on odd ports, etc) - but I don't always need that.
Alternatively, if you have time to dig in & setup or appreciate more features, there's the bigger tool named sslyze (not using it since dependencies and install...)