SSL certificate verify

Материал из Webko Wiki
Версия от 22:20, 28 апреля 2020; Sol (обсуждение | вклад) (Новая страница: «Категория:Linux How to verify that SSL for IMAP/POP3/SMTP works and a proper SSL certificate is in use. ==IMAP via SSL uses port 993== 1. connect to…»)
(разн.) ← Предыдущая | Текущая версия (разн.) | Следующая → (разн.)
Перейти к навигации Перейти к поиску

How to verify that SSL for IMAP/POP3/SMTP works and a proper SSL certificate is in use.

IMAP via SSL uses port 993

1. connect to a mail server using openssl

openssl s_client -showcerts -connect mail.example.com:993 -servername mail.example.com

2. Check output and make sure that a valid certificate is shown:

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

3. Make sure that you received IMAP server response:

* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=PLAIN IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information.

POP3 via SSL uses port 995

1. connect to a mail server using openssl

openssl s_client -showcerts -connect mail.example.com:995  -servername mail.example.com

2. Check output and make sure that a valid certificate is shown:

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

3. Make sure that you received POP3 server response:

+OK Hello there. <1793[email protected]>

SMTP via SSL uses port 465

1. connect to a mail server using openssl

openssl s_client -showcerts -connect mail.example.com:465  -servername mail.example.com

2. Check output and make sure that a valid certificate is shown:

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

3. Make sure that you received SMTP server response:

220 mail.example.com ESMTP Postfix

SMTP via TLS/StartTLS uses port 25 or 587

1.Connect to a mail server using openssl

openssl s_client -starttls smtp -showcerts -connect mail.example.com:25  -servername mail.example.com

2. Check output and make sure that a valid certificate is shown:

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

3. Make sure that you received SMTP server response:

250 DSN