Differences between revisions 1 and 6 (spanning 5 versions)
Revision 1 as of 2017-03-14 19:50:50
Size: 282
Editor: PieterSmit
Comment:
Revision 6 as of 2019-08-25 22:47:04
Size: 469
Editor: PieterSmit
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
== OpenSSL Linux commandline ssl tool ==
 * Links [[security/ssl]]		 == OpenSSL Linux command line ssl tool ==
 * Links [[security/ssl]] , [[easy-rsa]] , [[LetsEncrypt]]
 * [[OpenSslSelfSignedCertificate| openssl self signed certificate with keyUsage flags ]]
Line 4: Line 5:
=== Verify a webserver certificate === === Verify a web server certificate ===
Line 7: Line 8:
   * As of 2017 the Protocal should be TLSv1.2 at least.    * As of 2017 the TLS Protocol should be TLSv1.2 at least.

 * For sni you can add '''-servername xyz.test.com'''

OpenSSL Linux command line ssl tool

Verify a web server certificate

  • openssl s_client -showcerts -connect my.test.com:443
    • Output should end on "Verify return code: 0 (ok)"
    • As of 2017 the TLS Protocol should be TLSv1.2 at least.

  • For sni you can add -servername xyz.test.com

Linux/OpenSSL (last edited 2022-11-05 02:33:49 by PieterSmit)