Recipe 8.10 Testing an SSL Mail Connection

8.10.1 Problem

You want to verify an SSL connection to a secure POP or IMAP server.

8.10.2 Solution

For secure POP:

$ openssl s_client -quiet -connect server:995 [messages about server certificate validation] +OK POP3 server.net v2001.78rh server ready

Type QUIT to exit.

For secure IMAP:

$ openssl s_client -quiet -connect server:993 [messages about server certificate validation] * OK [CAPABILITY ...] server.net IMAP4rev1 2001.315rh at Mon, 3 Mar 2003 20:01:43 - 0500 (EST)

Type 0 LOGOUT to exit.

8.10.3 Discussion

If you omit the -quiet switch, openssl will print specifics about the SSL protocol negotiation, including the server's X.509 public-key certificate.

The openssl command can verify the server certificate only if that certificate, or one in its issuer chain, is listed in the system trusted certificate cache. [Recipe 4.4]

8.10.4 See Also

openssl(1).



Linux Security Cookbook
Linux Security Cookbook
ISBN: 0596003919
EAN: 2147483647
Year: 2006
Pages: 247

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net