How to view and download and verify server SSL/TLS certificate and connection

how-to_‎ > ‎SSL_‎ > ‎

How to view and download and verify server SSL/TLS certificate and connection

posted May 3, 2011, 7:40 AM by Daniele Albrizio [ updated May 22, 2017, 6:12 AM ]

$ openssl s_client -connect host:port

Famous "over SSL" protocols table

Protocol	Port
https	443/tcp
nntps	563/tcp
ldaps	636/tcp
ftps-data	989/tcp
telnets	992/tcp
imaps	993/tcp
ircs	994/tcp
pop3s	995/tcp
ssmtp	465/tcp

To verify connection parameters you need at least to specify a CA certificate, at most a client secret key and public certificate.

$ openssl s_client -CAfile /etc/ssl/certs/AddTrust_External_Root.pem -connect host:443

$
openssl s_client -CAfile /etc/ssl/certs/AddTrust_External_Root.pem -cert /my/cert.pub -key /my/key.priv -connect host:443

Successful connection ends with:
Verify return code: 0 (ok)

Comments

Daniele_ Albrizio_

Rooms

How to view and download and verify server SSL/TLS certificate and connection