☰

Updated ssl-debug.md

Dave committed 2019-11-13 13:27:53 +0000 commit 54d66c01ddc31025b46ce0dd86d7e2a60b41a14e

				ssl-debug.md
			
          @@ -1,4 +1,4 @@

          -<!-- TITLE: Ssl Debug -->

          +<!-- TITLE: Ssl Stuff -->

           <!-- SUBTITLE: SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT? What the fuck does that mean? -->

           ### Read cert

          @@ -11,4 +11,10 @@ $ openssl s_client -showcerts -servername \<hostname> -connect \<hostname>:443

           $ openssl crl -inform {DER|PEM} -noout -text -in \<crl file>

           ### Test connection

          -$ openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile \<Root CA cert file>

          \ No newline at end of file

          +$ openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile \<Root CA cert file>

          +

          +### Convert DER to PEM

          +$ openssl x509 -inform DER -in cert.der -outform PEM -out cert.pem

          +

          +## Verify cert chain

          +$ openssl verify -CAfile /etc/ssl/cert.pem -untrusted intermediate.pem cert.pem

          \ No newline at end of file

...	...	@@ -1,4 +1,4 @@
1		-<!-- TITLE: Ssl Debug -->
	1	+<!-- TITLE: Ssl Stuff -->
2	2	<!-- SUBTITLE: SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT? What the fuck does that mean? -->
3	3
4	4	### Read cert
...	...	@@ -11,4 +11,10 @@ $ openssl s_client -showcerts -servername \<hostname> -connect \<hostname>:443
11	11	$ openssl crl -inform {DER\|PEM} -noout -text -in \<crl file>
12	12
13	13	### Test connection
14		-$ openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile \<Root CA cert file>
...	...	\ No newline at end of file
	0	+$ openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile \<Root CA cert file>
	1	+
	2	+### Convert DER to PEM
	3	+$ openssl x509 -inform DER -in cert.der -outform PEM -out cert.pem
	4	+
	5	+## Verify cert chain
	6	+$ openssl verify -CAfile /etc/ssl/cert.pem -untrusted intermediate.pem cert.pem
...	...	\ No newline at end of file