compute/ssl-debug.md
... ...
@@ -0,0 +1,23 @@
1
+<!-- TITLE: Ssl Stuff -->
2
+<!-- SUBTITLE: SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT? What the fuck does that mean? -->
3
+
4
+### Read cert
5
+$ openssl s_client -host \<hostname> -port 443 | openssl x509 -noout -text
6
+
7
+### Read cert and check
8
+$ echo | openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile /etc/ssl/cert.pem | openssl x509 -noout -text
9
+
10
+### Dump cert chain
11
+$ openssl s_client -showcerts -servername \<hostname> -connect \<hostname>:443
12
+
13
+### Read CRL
14
+$ openssl crl -inform {DER|PEM} -noout -text -in \<crl file>
15
+
16
+### Test connection
17
+$ openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile \<Root CA cert file>
18
+
19
+### Convert DER to PEM
20
+$ openssl x509 -inform DER -in cert.der -outform PEM -out cert.pem
21
+
22
+### Verify cert chain
23
+$ openssl verify -CAfile /etc/ssl/cert.pem -untrusted intermediate.pem cert.pem
... ...
\ No newline at end of file
ssl-debug.md
... ...
@@ -1,23 +0,0 @@
1
-<!-- TITLE: Ssl Stuff -->
2
-<!-- SUBTITLE: SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT? What the fuck does that mean? -->
3
-
4
-### Read cert
5
-$ openssl s_client -host \<hostname> -port 443 | openssl x509 -noout -text
6
-
7
-### Read cert and check
8
-$ echo | openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile /etc/ssl/cert.pem | openssl x509 -noout -text
9
-
10
-### Dump cert chain
11
-$ openssl s_client -showcerts -servername \<hostname> -connect \<hostname>:443
12
-
13
-### Read CRL
14
-$ openssl crl -inform {DER|PEM} -noout -text -in \<crl file>
15
-
16
-### Test connection
17
-$ openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile \<Root CA cert file>
18
-
19
-### Convert DER to PEM
20
-$ openssl x509 -inform DER -in cert.der -outform PEM -out cert.pem
21
-
22
-### Verify cert chain
23
-$ openssl verify -CAfile /etc/ssl/cert.pem -untrusted intermediate.pem cert.pem
... ...
\ No newline at end of file