Re: [CentOS] Testing "dark" SSL sites

21 Oct 2014


      On Tue, Oct 21, 2014 at 02:57:42PM -0700, lists@benjamindsmith.com wrote:
...
So we have a set of unit tests written using PHPUnit, having trouble 
validating certificates. How do you test/validate an SSL cert for a prototype 
"foo.com" server if it's not actually active at the IP address that matches 
DNS for foo.com?
openssl s_client -connect ip.ad.dr.ess:443
then decode the cert
e.g.
$ openssl s_client -connect 1.2.3.4:443 < /dev/null >| cert
Now you can use the "x509" to look at various things
eg
$ openssl x509 -in cert -subject -noout
subject= /description=foobar/C=US/CN=ssl.example.com/emailAddress=foo@example.com
"man x509"
-- 

rgds
Stephen

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] Testing "dark" SSL sites