Log in Go to the main page Page Discussion History Go to the file list Go to the site toolbox Bookmark and Share

Check Certificate, Using OpenSSL

From RZWiki


Image:linux-logo-large.png

To check a SSL certificate using OpenSSL use the openssl x509 command as shown below, a valid certificate will not produce any output, an invalid certificate will;

openssl x509 -in networkstuff.crt -text -noout

The optional -noout parameter prevents the actual certificate from being displayed.

The optional -text parameter displays information about the certificate including the encryption key.

Image:Emblem-documents-medium.png Default Certificate Locations

Image:F5-logo-small.png F5 BigIP v4.x, v9.x

For v9.x, all LTM related SSL files are stored in subdirectories of: /config/ssl/ as follows;

  • ssl.crl - Unknown
  • ssl.crt - Certificates
  • ssl.csr - Certificate Signing Requests
  • ssl.key - Keys

For v4.x, the directory is: /config/bigconfig/

The device's own SSL key is located here: /config/httpd/conf/ssl.key/server.key

The device's own SSL certificate is located here: /config/httpd/conf/ssl.crt/server.crt

Image:icemon-medium.png Related Articles

See the Check Certificate Expiry Date, Using OpenSSL article for information how to simply display the start and end date of a certificate

Information on OpenSSL Commands

Image:internet-group-chat-small.png We really do appreciate all feedback so please do send your comments, suggestions or corrections to sjiveson#routerzone.eu 
(replacing the # with an @)


Retrieved from "http://localhost/wiki/index.php/Check_Certificate,_Using_OpenSSL"

Site Toolbox:

Personal tools
This page was last modified on 11 May 2009, at 11:58. - This page has been accessed 33 times. - Disclaimers - About RZWiki
Powered by MediaWiki