On Wed, Jun 23, 2004 at 07:47:35AM -0400, Charles Cranston wrote:
> It's not hard at all to use openssl s_client to try to
> make a connection and to see the certificate that is
> being presented by the server. If you use the -showcerts
> option it will even show the entire certificate chain being
> presented by the server, instead of just the end-user cert.
>
> I have good luck copying the PEM cert text right off the
> terminal screen, then pasting into an openssl x509 -noout
> -text in another terminal window (thus pasting into its
> standard input). Then again, this is a Macintosh, and I
> think we had less luck doing the copy/paste thing on a
> Windows machine.
>
> Not sure if the problem is in the copy or the paste.
> Maybe pasting to a text editor in input mode?
While your concept is correct, it did fail in this case.
The mail server requires the STARTTLS protocol to be spoken after
an enforced EHLO, but the s_client application does not implement
enough of the ESMTP protocol.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
