cmdref.net - Cheat Sheet and Example

cmdref.net is command references/cheat sheets/examples for system engineers.

User Tools

Site Tools


Sidebar









Etc


Reference














.

protocol:openssl:check_tls



00. How to check SSL/TLS from the outside (with openssl)

How to Check SSL/TLS with openssl command

$ echo | openssl s_client -connect redhat.com:443 -brief
CONNECTION ESTABLISHED
Protocol version: TLSv1.2
Ciphersuite: ECDHE-RSA-AES128-GCM-SHA256
Peer certificate: C = US, ST = North Carolina, L = Raleigh, O = "Red Hat, Inc.", OU = Information Technology, CN = *.redhat.com
Hash used: SHA256
Signature type: RSA
Verification: OK
Supported Elliptic Curve Point Formats: uncompressed
Server Temp Key: ECDH, P-256, 256 bits
DONE


a certificate expires

$ echo | openssl s_client -connect redhat.com:443 2>/dev/null | openssl x509 -noout -dates
notBefore=Jul  9 00:00:00 2019 GMT
notAfter=Aug  2 12:00:00 2021 GMT


Checking certificate extensions

  • Check SAN(the subject alternative name)
$ echo | openssl s_client -connect redhat.com:443 2>/dev/null | openssl x509 -noout -ext subjectAltName
X509v3 Subject Alternative Name:
    DNS:*.redhat.com, DNS:redhat.com


Refarence




protocol/openssl/check_tls.txt ยท Last modified: 2021/08/18 by admin

Page Tools