# Certificados

## Obtener certificado

```sh
# Descargar certificado
openssl s_client -connect example.com:443 | openssl x509 > example.pem
## Convertir de PEM a DER
openssl x509 -outform der -in example.pem -out example.der
## Convertir de PEM a PKCS#7
openssl crl2pkcs7 -nocrl -certfile example.pem -out example.p7
```

## Generar certificado autofirmado <a href="#crt.sh" id="crt.sh"></a>

```sh
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out example.pem -sha256 -days 365
```

## crt.sh <a href="#crt.sh" id="crt.sh"></a>

* <https://crt.sh/>

```sh
curl -s "https://crt.sh/?q=<domain-name>&output=json" | jq -r '.[] | "\(.name_value)\n\(.common_name)"' | sort -u
```

* \<domain-name> = nombre de dominio.

## Censys <a href="#censys" id="censys"></a>

* <https://search.censys.io/>