tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: How to check whether a SSL certificate has been correctly installed
Date Mon, 08 Oct 2012 18:42:09 GMT
Hash: SHA1


On 10/8/12 5:35 AM, Tom Anthony wrote:
> I just installed a third party certificate on Tomcat and was
> wondering whether there was a way to check with confidence that the
> ceritiftcae has been installed correctly on the server and that all
> communications between client and server are encrypted.

A couple of ways:

1. Connect via a web browser: use the https:// protocol. If the server
is speaking HTTP then you'll get an error message.

2. Use sslscan ( ; some Linux distros have it
in their package management systems). Just run sslscan [hostname]

3. - use their "test my website" tool at the
bottom of their home page. It tells you about your certificates --
including making sure that you have a full cert chain and that the
certs are in the right order). It also tells you about other things
like if you are susceptible to BEAST and CRIME, and gives you a
"grade" based upon criteria I can't quite discern.

4. Use openssl's s_client:

   $ openssl s_client -connect hostname:port

It will give you some diagnostic information and actually let you
issue an HTTP request: it's pretty much 'telnet' except that it
tunnels it through SSL.

I'm sure there are other ways, too.

- -chris
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools -
Comment: Using GnuPG with Mozilla -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message