If you have
openssl installed you can run:
openssl x509 -noout -subject -in server.pem
certtool -i < whatever.pem | egrep "^s+Subject:"
Notice that’s directing the file to standard input via
<, not using it as argument. Sans
egrep this will print the whole certificate out, but the CN is in the
Subject: field near the top (beware there’s also a CN value in the
X.509 Certificate Information: Version: 3 Serial Number (hex): 01 Issuer: [...] CN=unixandlinux.ex <- Not this one. Validity: ... Subject: CN=goldilocks
certtool is part of gnutls, if it is not installed just search for that. GnuTLS is a little nicer than OpenSSL, IMO.
I found the above answer, and found it to be very useful, but I also found that the
certtool command syntax (on Ubuntu Linux, today) was noticeably different than described by goldilocks, as was the output. So, I thought it best to update that excellent answer with what might be “today’s version.”
"i" option (now?) stands for “import,” according to
man certtool, so the proper command appears to be
"d", “display.” So, this command:
certtool d myfoo.crt
(The file-extension in my case just happens to be
.pem … this is not relevant.)
… produces output that, in relevant part, looks like this:
Common Name : Foobar
Unquestionably, goldilocks was right:
certtool output is much easier easier to work with than
openssl in this case.