Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

HTTPS test server that checks client certificates

I have written a web service client that uses SSL client certificates to authenticate to the remote server. But since the actual web service is not yet available to me, I'm looking for a public test server that accepts a client certificate for authentication, so that I can test the SSL part of my client for correct implementation and configuration.

I have tried https://requestb.in but it replies with HTTP status 403 (Forbidden) when I use a client certificate. And https://httpbin.org/ accepts my request but doesn't give any indication if the certificate was usable.

Is there a similar service that checks the SSL client certificate?

like image 797
oliver Avatar asked Jun 29 '16 09:06

oliver


People also ask

How do I verify a client certificate?

Chrome: Verifying that Your Client Certificate Is InstalledIn Chrome, go to Settings. On the Settings page, below Default browser, click Show advanced settings. Under HTTPS/SSL, click Manage certificates. In the Certificates window, on the Personal tab, you should see your Client Certificate.

Does HTTPS require a client certificate?

HTTPS Client Authentication requires the client to possess a Public Key Certificate (PKC). If you specify client authentication, the web server will authenticate the client using the client's public key certificate.


2 Answers

You can use the following URLs to test SSL client authentication:

  • https://certauth.idrix.fr (TLS 1.2 only for compatibility with Windows Schannel)
  • https://server.cryptomix.com/secure/ (TLS 1.2 only for compatibility with Windows Schannel)
  • https://prod.idrix.eu/secure/ (TLS 1.2 & TLS 1.3)

They all use the same configuration: they accept any client certificate and upon success they display the content of various webserver variables like the certificate used and the ciphersuite selected. If the authentication fails, an error is displayed.

I hope this will be useful.

like image 193
Mounir IDRASSI Avatar answered Sep 18 '22 19:09

Mounir IDRASSI


https://client.badssl.com (part of the badssl.com service) lets you test authentication using client SSL certificates. The client certificate can be downloaded from https://badssl.com/download/.

This server returns 200 OK if the correct client certificate is provided, and 400 Bad Request otherwise.

like image 27
Helen Avatar answered Sep 17 '22 19:09

Helen