openssl – Connect and verify

To connect to a remote host and verify the TLS connection, run this command:

openssl s_client -verify -showcerts \
-connect remote-hostname.com:443 -msg \
-CAfile allca.cer -cert myhostname.cer -key myhostname.key

The example above is for a mutual TLS connection where the client offers its certs too.

To view the parsed certificate of a remote host, do this:

echo | \
openssl s_client  -connect remote-hostname.com:443 2>/dev/null | \
openssl x509 -text

Leave a Reply