Have you ever wonder about SSl/TLS connections details and need a simple binary for this purpose? openssl is a great tool for various conversions and CSR/priv-KEY generation, but GNuTLS is the master as workshop tool
Here's a simple execution with no verbose;
How about if you ever wonder if the certificate is a wildcard or SANs certificate;
Here's nsa.com and nsa.gov look at which one deploys DH-key exchanges;
note: use the "-insecure" for non-valid certificates
How about inspecting the CA chain depth, the number are detailed along with the certificates in the chain starting from the end to top CA. Here SSl.com has a chain 4 links deep.
The -print-cert option provides details in the x509 format an DH info. Here's my virtual pfSense instance.
The GNuTLS cli binary is great if you work with server certificate and need to validate server SSL/TLS connections and profiles like when work with SLB ( A10, F5, Kemp,ServerIron, LVS ) or webservers ( MS, Apache2, Ngnix )
Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment