Add new comment

Debugging SSL Connections

Submitted by Bill St. Clair on Tue, 2008-06-24 19:24.

I've had a little trouble with the SSL certificate for this site and for some sites for which I do technical maintenance. I wrote up a little about that in Intermediate SSL Certificates. Well, I asked my web hosting provider to install the intermediate certificates for another web site that is also using a GoDaddy certificate. They said that they had done it, but I was still getting warnings in Safari, on both my Mac and my iPhone. So I did some Googling, and found some simple Java code that I could modify, and enable debugging while running, to show the SSL handshake during a connection to a web site.

I have uploaded that code as billstclair.com/blog/images/ssltest.zip. The zip file decompresses into the "ssltest" directory, containing the following files:

ssltesta bash script to run the java program
ssltest.classthe compiled version of the Java program
ssltest.javathe source code for the Java program
ssltest.zip.sha bash script to create ssltest.zip

You're certainly welcome to look at the Java source, and change it to your liking, but to use the program, you just need to cd to the ssltest directory in your shell, and type the following:

Quote:
./ssltest billstclair.com

Or change "billstclair.com" to your favorite SSL-enabled web site. It prints quite a bit of stuff, but the most interesting to me were the lines beginning with "chain [", which show the certificate and the intermediate certificates, if any.

I didn't include an ssltest.bat file for Windows, because I have no way to test it, but it should be pretty obvious how to convert the bash script into a Windows batch file.

Enjoy!

Bill St. Clair's blog | 1 comment | quote | 868 reads
( categories: Webmaster stuff )

Reply



The content of this field is kept private and will not be shown publicly.


*

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <i> <b> <u>
  • Lines and paragraphs break automatically.
  • Web and e-mail addresses are automatically converted into links.
  • You may quote other posts using [quote] tags.
  • Easily link to terms in various wikis. For help, see interwiki.
  • Easily link to terms in various wikis. For help, see interwiki.
  • You may quote other posts using [quote] tags.
  • You can use BBCode tags in the text, URLs will be automatically converted to links
More information about formatting options
Verify comment authorship
Captcha Image: you will need to recognize the text in it.
*
Please type in the letters/numbers that are shown in the image above.