Re: How to get a site's ssl cert?
From: An Metet (anmetet_at_liberty.gmsociety.org)
Date: 04/18/04
- Next message: Damian Menscher: "Re: How to get a site's ssl cert?"
- Previous message: Doug McIntyre: "Re: How to get a site's ssl cert?"
- In reply to: Damian Menscher: "How to get a site's ssl cert?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 17 Apr 2004 22:40:44 -0400 (EDT)
On Sun, 18 Apr 2004, Damian Menscher wrote:
>I'm attemping to convince a major company that there's something
>screwy with their SSL certificate, but I need to rule out potential
>problems introduced by my browser.
>
>The hierarchy looks like:
>
>VeriSign cert that came with my browser
> - VeriSign cert that came from http://www.company.com/
> - cert for www.company.com
>
>The problem is that the middle certificate has expired. Since that
>certificate appears to have come from company.com (sniffing packets
>confirms this) I claim their site is at fault. Of course, it's hard
>to get past their phone tech support, who claim that their certs are
>good for the next 10 years.
>
>Is there some *nix utility that can obtain/dump the certificate
>contents from a remote site?
>
openssl.org
openssl s_client -connect company.com:443 -showcerts -state -verify 3 -prexit
read documentation
>Damian Menscher
>--
>-=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=-
>-=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=-
>-=#| <menscher@uiuc.edu> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=-
>-=#| The above opinions are not necessarily those of my employers: |#=-
>-=#| UIUC CITES Security Group || Beckman Imaging Technology Group |#=-
- Next message: Damian Menscher: "Re: How to get a site's ssl cert?"
- Previous message: Doug McIntyre: "Re: How to get a site's ssl cert?"
- In reply to: Damian Menscher: "How to get a site's ssl cert?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
