Menu
I'm experimenting with OpenSSL on my network application and I want to test if the data sent is encrypted and can't be seen by eavesdropper.
What tools can you use to check? Could this be done programmatically so it could be placed in a unit test?
462
This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.
To view certificates for the current userSelect Run from the Start menu, and then enter certmgr. msc. The Certificate Manager tool for the current user appears. To view your certificates, under Certificates - Current User in the left pane, expand the directory for the type of certificate you want to view.
An SSL checker (Secure Sockets Layer checker) is a tool that verifies proper installation of an SSL certificate on a Web server. Multiple SSL certificate vendors offer Web-based tools to check the validity of an SSL certificate for a particular domain.
openssl has an s_client, which is a quick and dirty generic client that you can use to test the server connection. It'll show the server certificate and negotiated encryption scheme.
101
I found this guide very helpful. These are some of the tools that he used:
$ openssl s_client -connect mail.prefetch.net:443 -state -nbio 2>&1 | grep "^SSL"
$ ssldump -a -A -H -i en0
$ ssldump -a -A -H -k rsa.key -i en0
$ ssldump -a -A -H -k rsa.key -i en0 host fred and port 443
44
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
