A quick way to troubleshoot SSL chain issues using OpenSSL


You can use OpenSSL and run this command:

openssl.exe s_client -connect www.mysite.com:443

which will use a generic SSL/TLS client to connect to your site and give you a ton of diagnostic info.  You can see your entire SSL cert chain, the SSL handshake, SSL session info, etc.  Here’s a full list of switches you can use with it:  http://www.openssl.org/docs/apps/s_client.html

And here’s a great online tool to graphically verify your SSL chain is intact:  http://www.sslshopper.com/ssl-checker.html

About Jason Samuel

Jason Samuel is an Infrastructure Architect living in Houston, TX with a primary focus on mobility, virtualization, and cloud technologies from Citrix, VMware, & Microsoft. He also has an extensive background in web architecture and information security. In his spare time he enjoys writing how-to articles and evangelizing the technologies he works with. He is certified in several technologies and is a recipient of the Citrix Technology Professional (CTP) award and an Atlantis Community Expert (ACE).

Recommended for you

Leave a Reply

Your email address will not be published. Required fields are marked *