Verify SSL Certificate Using OpenSSL Tools

This guide provides step-by-step instructions to verify and simulate SSL certificates using OpenSSL commands.

1. Check Individual Certificate Details:

Command: openssl x509 -in my.crt -text -noout

This command displays the details of the certificate stored in ‘my.crt’.

2. Verify the Chain of Trust:

Command: openssl verify -CAfile intermediate.crt -untrusted root.crt my.crt

This command checks the certificate chain starting from the root certificate to the intermediate and ending at your specific certificate.

3. Simulate Server Configuration:

Start the server:

openssl s_server -cert my.crt -key my.key -CAfile intermediate.crt -www

This starts a simple SSL/TLS server using the specified certificates and key.

Start the client:

openssl s_client -connect localhost:4433

This simulates an SSL/TLS client connecting to the server you started.

Outcome: If at the end of the client output you see “Verify return code: 0 (ok)”, then your SSL configuration is set up correctly.

Leave a Reply

Your email address will not be published. Required fields are marked *