如何使用 cURL 调试 SSL 握手? [英] How to debug SSL handshake using cURL?
问题描述
我想使用客户端证书对每个目录的身份验证进行故障排除.我特别想知道服务器发送了哪些可接受的客户端证书.
I would like to troubleshoot per directory authentication with client certificate. I would specially like to find out which acceptable client certificates does server send.
如何调试 SSL 握手,最好使用 cURL?
How do I debug SSL handshake, preferably with cURL?
推荐答案
我已经使用这个命令来解决客户端证书协商问题:
I have used this command to troubleshoot client certificate negotiation:
openssl s_client -connect www.test.com:443 -prexit
如果服务器并不总是需要客户端证书,输出可能会包含可接受的客户端证书 CA 名称"和来自服务器的 CA 证书列表,或者可能包含未发送客户端证书 CA 名称".
The output will probably contain "Acceptable client certificate CA names" and a list of CA certificates from the server, or possibly "No client certificate CA names sent", if the server doesn't always require client certificates.
这篇关于如何使用 cURL 调试 SSL 握手?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!