–
The above link shows good examples for using the openssl command.
Exemples/Examples:
# list all available ciphers
openssl ciphers -v
# Use the verify
option to verify certificates.
openssl verify cert.pem
# Connecting to a secure SMTP server
# port 25/TLS; use same syntax for port 587
openssl s_client -connect remote.host:25 -starttls smtp
# port 465/SSL
openssl s_client -connect remote.host:465
# RFC821
suggests (although it falls short of explicitly specifying) the two
characters “# accept either “
-crlf
option:openssl s_client -connect remote.host:25 -crlf -starttls smtp
# Connecting to a different type of
SSL-enabled server is essentially the same operation as outlined above.
As of the date of this writing, openssl only supports command-line
# TLS with SMTP servers, so you have to use straightforward SSL connections with any other protocol.
# https: HTTP over SSL openssl s_client -connect remote.host:443 # ldaps: LDAP over SSL openssl s_client -connect remote.host:636 # imaps: IMAP over SSL openssl s_client -connect remote.host:993 # pop3s: POP-3 over SSL openssl s_client -connect remote.host:995
# The
s_server
option allows you to set up an SSL-enabled server from the command
line, but it’s I wouldn’t recommend using it for anything other than
# testing or debugging. If you need a production-quality wrapper around an otherwise insecure server, check out Stunnel instead.
# The
s_server
option works best when you have a certificate; it’s fairly limited without one.# the -www option will sent back an HTML-formatted status page # to any HTTP clients that request a page openssl s_server -cert mycert.pem -www # the -WWW option "emulates a simple web server. Pages will be # resolved relative to the current directory." This example # is listening on the https port, rather than the default # port 4433 openssl s_server -accept 443 -cert mycert.pem -WWW
No comments:
Post a Comment