Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: s2.opuntia.ca
I ran this command: N/A
It produced this output: N/A
My web server is (include version): do not have a website, instead I use the certificates for other applications.
The operating system my web server runs on is (include version): ubuntu 22.04
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don't know): YES
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): N/A
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 2.10.0
I am looking for a web portal where we can verify a certificate issued by letsencrypt, showing relevant email address and other info associated with the certificate. I do not mean something like https://crt.sh, as it does not show such info. I already found something like this in one of the topics here, but unfortunately cannot find it anymore.
I am looking for a web portal where we can verify a certificate issued by letsencrypt, showing relevant email address and other info associated with the certificate.
crt.sh shows 100% of the available information about the certificate -- all of the information contained in the cert itself, and all of the extra information which can be gleaned from its issuer and revocation URLs.
It's unclear what you mean by "verify a certificate". Usually that would mean that you want to check that the signature is valid, and that the issuer is (transitively) trusted by your root store. It sounds like you want to... manually check some of the certificate details? What is your goal here?
Yes, I do not necessarily look for verification of my certificate, I just want to know how much a stranger can learn about who owns a certificate, like my email address, etc.
Thanks for clarifying. A stranger can only know the same things as crt.sh displays. If you provide an email address to your ACME client (which is always optional), that address is not tied to your certificates in any externally visible way.
For Domain Validation (DV) certificates, not much information about the Subject: is in the Certificate. There are Organization Validation (OV) certificates and Extended Validation (EV) certificates the Subject: generally carries a bit information; they are not that common today (in my opinion). So it is possible that an OV or EV might have an email address in it.
Also, on your Ubuntu command line, you can get this information for yourself from a certificate file by running the openssl x509 command on it.
For example
openssl x509 -text -noout -in cert.pem
where cert.pem is a certificate file on your Ubuntu system. You'll see some detailed output that represents all of the contents of that particular certificate.
(The -text option says that you want a textual description of the certificate contents, and the -noout option says that you don't want OpenSSL to output an additional machine-readable copy of the certificate data.)
