On Mon, Mar 25, 2024 at 12:01 PM Daniel Sahlberg
<daniel.l.sahlb...@gmail.com> wrote:
>
> Den mån 25 mars 2024 kl 16:34 skrev Stanley Gilliam
> <stanley.x.gill...@gsk.com>:
>>
>> Hello,
>>
>> So we use appview to update our certificates and our cert team confirmed
>> that the cert was updated correctly. Is there another way to possibly verify
>> this. There may also be something to the second option, I am on a linux RH
>> OS. Is there a way someone could jump on a short call with us?
>
> What if you run the same command as Jeffrey already tries, ie:
>
> $ openssl s_client -connect hpc.gsk.com:443 -servername hpc.gsk.com
>
> (I had to Ctrl-D out of the above command). I'm not familiar with openssl
> debugging but there seems to be a lot of useful information on the
> certificate chain. Verify that all the intermediary certificates are
> available and that the root certificate is trusted by your client.
CRTL+D is normal in this situation. OpenSSL is used to create the
secure channel to the application. However, the application (a web
server) is waiting for a command, like GET or POST.
You can sidestep it with something like:
echo -e 'GET / HTTP1.1\r\n\r\n' | openssl s_client ...
That sends a command to the web server. The web server will provide a
response, and then close the connection.
Jeff
