It's not hard at all to use openssl s_client to try to make a connection and to see the certificate that is being presented by the server. If you use the -showcerts option it will even show the entire certificate chain being presented by the server, instead of just the end-user cert.
I have good luck copying the PEM cert text right off the terminal screen, then pasting into an openssl x509 -noout -text in another terminal window (thus pasting into its standard input). Then again, this is a Macintosh, and I think we had less luck doing the copy/paste thing on a Windows machine.
Not sure if the problem is in the copy or the paste. Maybe pasting to a text editor in input mode?
Jim Garrison wrote:
Lutz Jaenicke wrote:
No. The problem is located in between the ears.
Ouch! But thanks for helping....
I am most sorry, but your statement is wrong. This is not the certificate used on the host in question. I just did connect to
You are, of course, correct. I was assured that the cert I was given was the one in use. As I had no way to capture the one actually being sent by the server, I accepted on faith that they were the same.
Everything is now clear.... thanks again for your assistance.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
-- +---------+---------+---------+---------+---------+---------+---------+ Charles B. (Ben) Cranston mailto:[EMAIL PROTECTED] http://www.wam.umd.edu/~zben
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
