Theodore Baschak

Routing Guru. IPv6 Advocate. Operator of Hextet Systems (AS395089).

SSL CLI Troubleshooting

Sun, 13 Jan 2013 01:52:00 -0600 » Nerd Projects, Networking, IPv6, CLI, System Administration » Estimated read time: 1 min

This afternoon I setup nginx to act as a pop3/imap/smtp proxy w/ SSL. During the setup process it was necessary to test the services via CLI. While its fairly simple to test non-encrypted services, “telnet xx.yy.com 995” doesn’t exactly work. You can even verify the SSL cert chain validity if you’ve got a chain available.

openssl s_client -CAfile ca-certificates.crt -connect ciscodude.net:995

This blog post from KutuKupret was very helpful in the process.