User Tools

Site Tools


unix:unix

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
unix:unix [2019/01/08 10:02]
ap ngrep
unix:unix [2019/11/08 09:15] (current)
ap [Test SSL connection with client certificate]
Line 251: Line 251:
 ==== Generate a SSL self-signed certificate ==== ==== Generate a SSL self-signed certificate ====
  
-  openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 3650+  openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 3650 -subj '/​CN=myhost'​
   cat key.pem cert.pem >> `hostname -f`.pem   cat key.pem cert.pem >> `hostname -f`.pem
  
Line 260: Line 260:
   openssl s_client -connect secure.example.com:​443 -cert ./​mycert.pem -key ./mykey.pem -CAfile ./​myprivateCA.pem -msg -debug   openssl s_client -connect secure.example.com:​443 -cert ./​mycert.pem -key ./mykey.pem -CAfile ./​myprivateCA.pem -msg -debug
   curl -k --cert ./​mycert.pem --key ./mykey.pem "​https://​secure.example.com/"​   curl -k --cert ./​mycert.pem --key ./mykey.pem "​https://​secure.example.com/"​
 +  curl --cacert ./​myprivateCA.pem --cert ./​mycert.pem --key ./mykey.pem "​https://​secure.example.com/"​
 +==== Show certificate chain ====
  
 +  # No SNI
 +  :|openssl s_client -showcerts -connect example.com:​443
 +  # SNI
 +  :|openssl s_client -servername example.com -showcerts -connect example.com:​443
 ==== Test SSL connection "​forcing"​ the IP ==== ==== Test SSL connection "​forcing"​ the IP ====
  
unix/unix.1546941755.txt · Last modified: 2019/01/08 10:02 by ap

Informativa sui cookie