Skip to content

Instantly share code, notes, and snippets.

@mrwacky42

mrwacky42/fun_with_ssl.org

Created September 1, 2016 20:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save mrwacky42/4fc42da45fcb6dbd9889d2624303ea89 to your computer and use it in GitHub Desktop.
Save mrwacky42/4fc42da45fcb6dbd9889d2624303ea89 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
fun_with_ssl.org

See what certificate a site is presenting

openssl s_client -showcerts -connect example.com:443

Disable verification

openssl s_client -verify 0 -showcerts -connect example.com:443

force TLS version

openssl s_client -tls1 -showcerts -connect example.com:443

Examine a local certificate

openssl x509 -noout -in example.com.crt -text | less

Examine a local key

openssl rsa -in example.com.key -noout -text

Examine a local CSR

openssl req -in example.com.csr -noout -text | less

connect to HTTPS webserver

openssl s_client -connect example.com:443 (then issue some HTTP commands interactively)

connect to SMTP and issue STARTTLS command

openssl s_client -starttls smtp -connect example.com:25 (then issue SMTP commands interactively)

Generate new key and CSR at the same time

openssl req -newkey rsa:2048 -keyout key.pem -out req.pem

Generate CSR from existing private key

openssl req -new -key key.pem -out req.pem

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment