Here are a few helpful commands if you want to inspect and dump certificates for analysis or debugging:

HTTPS certificates

Run the following command if you want to see the certificate presented by netfuture.ch on HTTPS (port 443):

openssl s_client -showcerts -connect netfuture.ch:443

You need to press Ctrl-D to exit from the command, unless you want to send an HTTPS request to the server. (Redirecting from /dev/null, using -no-interactive or piping from sleep 2 did not reliably print the certificate before terminating, so this seems to remain a manual process.)

Detailed certificate information

If you want to see the detailed certificate output, including Subject Alternate Names, pipe any of the s_client outputs through the following command:

openssl openssl x509 -text

Mail certificates

SMTP certificate

Checking the SMTP port (change mail.netfuture.ch to whatever server name you want to test):

openssl s_client -showcerts -starttls smtp -connect mail.netfuture.ch:25

Checking the SMTP submission port:

openssl s_client -showcerts -starttls smtp -connect mail.netfuture.ch:587

Checking the legacy SMTPS port:

openssl s_client -showcerts -connect mail.netfuture.ch:465

IMAP certificate

Checking the IMAP port:

openssl s_client -showcerts -starttls imap -connect mail.netfuture.ch:143

Checking the legacy IMAPS port:

openssl s_client -showcerts -connect mail.netfuture.ch:993