openssl – Connect and verify

To connect to a remote host and verify the TLS connection, run this command:

openssl s_client -verify -showcerts \
-connect -msg \
-CAfile allca.cer -cert myhostname.cer -key myhostname.key

The example above is for a mutual TLS connection where the client offers its certs too.

To view the parsed certificate of a remote host, do this:

echo | \
openssl s_client  -connect 2>/dev/null | \
openssl x509 -text

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s