Frequent SSL Troubleshooting commands from: http://shib.kuleuven.be/docs/ssl_commands.shtml
debug an SSL connection [server doesn't require certificate authentication]
openssl s_client -connect idp.example.be:443
debug an SSL connection with mutual certificate authentication
openssl s_client -connect idp.example.be:8443 -CAfile MY-CA-CERT.crt -cert MYCERT.crt -key MYKEY.key
- trust chain is in directory (hash format): replace -CAfile with -CApath /path/to/CAchainDir/
- send the starttls command (smtp or pop3 style): -starttls smtp or -starttls pop3
List the certificates inside a keystore
keytool -list -v -keystore KEYSTORE.jks
create self-signed certificate (can be used to sign other certificates)
openssl req -x509 -new -out MYCERT.crt -keyout MYKEY.key -days 365
No comments:
Post a Comment