A quick way to troubleshoot SSL chain issues using OpenSSL


You can use OpenSSL and run this command:

openssl.exe s_client -connect www.mysite.com:443

which will use a generic SSL/TLS client to connect to your site and give you a ton of diagnostic info.  You can see your entire SSL cert chain, the SSL handshake, SSL session info, etc.  Here’s a full list of switches you can use with it:  http://www.openssl.org/docs/apps/s_client.html

And here’s a great online tool to graphically verify your SSL chain is intact:  http://www.sslshopper.com/ssl-checker.html

About Jason Samuel

Jason Samuel is an Infrastructure Architect living in Houston, TX with a primary focus on mobility, virtualization, and cloud technologies from Citrix, VMware, & Microsoft. He also has an extensive background in web architecture and information security. In his spare time he enjoys writing how-to articles and evangelizing the technologies he works with.

Recommended for you

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">