Openssl: Difference between revisions
From Federal Burro of Information
Jump to navigationJump to search
No edit summary |
No edit summary |
||
Line 23: | Line 23: | ||
X509v3 Basic Constraints: critical | X509v3 Basic Constraints: critical | ||
CA:TRUE | CA:TRUE | ||
== Supported Cyphers == | |||
You are configuring your favourite app that uses openssl libs. You give it a "cyphers string". Am I allowing bad varitions? | |||
openssl ciphers -v TLSv1.2:+TLSv1.1:+SHA384:+SHA256:+SHA1:+MD5 | |||
Will spit out a lit of the supported cypher variations. |
Revision as of 13:57, 2 April 2014
connect to ssl at the command line:
https:
openssl s_client -connect server:443
smtp tls:
openssl s_client -connect server:25 -starttls smtp
more here: http://www.madboa.com/geek/openssl/
CA or not CA
Web Server Cert:
X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE
CA Cert:
X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE
Supported Cyphers
You are configuring your favourite app that uses openssl libs. You give it a "cyphers string". Am I allowing bad varitions?
openssl ciphers -v TLSv1.2:+TLSv1.1:+SHA384:+SHA256:+SHA1:+MD5
Will spit out a lit of the supported cypher variations.