Thursday, September 1, 2016

GNUtls serv for testing certficates and keys

openssl has s_client and s_server support for testing  certificates. Within GNUtls   { gnutls-serv }  we have the serve option which mimic the  s_server function in openssl

Here's an example for load a server.certificate and key


 you will need   sudo  if you want to bind to a address below 1024





Even if we have a bad key or mismatch of the key+certificate , gnutls-serv  will complain on the certificate  and will not launch.




The GUNtls server is great for SSL/TLS checks pre-launch and give you great diagnostics. If you use a -d option and specify a integer you can give verbose information.







Ken

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
         o 
        /  \

No comments:

Post a Comment