View a Certificate

This exercise complements material in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.

This lab shows you one method of viewing a digital certificate using Google Chrome.

Requirements: This exercise assumes you are able to open a Google Chrome web browser, version 56 or later.

Note: Prior to version 56, the procedure to look at the certificate was different.

1. Open the Google Chrome web browser.

2. Type in https://google.com and press Enter (or click the link if Google Chrome is your default web browser). The web browser will create a secure connection with the google.com web site using HTTPS over port 443.

Some web browsers give you some type of visual indication that the connection is secure. For example, Google’s Chrome shows a lock in the URL (just to the left of https) as shown in the following graphic:

3. Open the Developer Tools. You can do so with one of the following steps:

  • Press the F12 key on Windows or Linux.
  • Press the CTRL + SHIFT + i keys on Windows or Linux.
  • Press the Command (⌘) + Option + i keys on a Mac.
  • Open the Chrome Developer Tools by opening the Chrome menu (⋮), directly under the X in the browser, and then selecting More Tools -> Developer Tools.
Manually Selecting Developer Tools

4. With the Developer Tools open, select the Security tab. If the Security tab isn’t showing, you may need to click on the open icon (») to show more tabs.

Chrome Developer Tools

5. Click on the View certificate button. It will open the main page for the certificate. Note that this certificate is a wildcard certificate, starting with an asterisk (*), and can be used for any Google.com domain. For example, it can be used for the following domain names:

  • accounts.google.com
  • support.google.com

It was issued by the Certificate Authority (CA) Google Internet Authority G2.

6. Click on the Details tab for the certificate. Note that the certificate is uniquely identified with a serial number.
This tab also shows details on algorithms and validity dates for the certificate.

7. Scroll down and select Public Key. Notice that the public key is shown in the text area. Remember, the public key is available publicly, while the private key is kept private.

Note that the figure also shows Subject Alternative Names (SANs). If you select it, you will see the different SANs used by Google.

8. Select the Certification Path tab.  This shows that the root CA is GeoTrust Global CA. GeoTrust issued a certificate to Google Internet Authority and Google Internet Authority issued this certificate.

If a computer trusts either GeoTrust Global CA or Google Internet Authority G2, it will trust this wildcard certificate.

9. Close the certificate by clicking OK. Close the Developer Tools by clicking the X to the right of the Security tab.

Back to SY0-501 Security+ Labs.

error: