Sometimes, I could just kick myself. I know OpenSSL has a lot of great features, but I never spend any time learning the myriad of command line options.
Today, Matt showed me some really useful ones at work:
To print out a certificate in human-readable format:
openssl x509 -in certfile.crt -text
To print out hash fingerprint of a cert:
openssl x509 -in certfile.crt -fingerprint
To show the certs being served up by an SSL/TLS endpoint:
openssl s_client -connect hostname:443 -showcerts
I'm making a resolution that I'm going to spend a few hours going over the OpenSSL docs to learn more!
Friday, June 12, 2009
Subscribe to:
Posts (Atom)