How do I validate the ssl chain served by server for a internal site ? I found online tools like ssl labs that do this but they don't work for a internal network site . I tried OpenSSL and inputted site url and it says the site's chain is ok. But still we are having issues with some Android devices not trusting the server . Is there any other way to validate the certificate chain being served by my server ?
SSL chain validation for internal sites
865 Views Asked by Naresh Kumar At
1
There are 1 best solutions below
Related Questions in SSL
- How to Fix TLS CBC Incorrect Padding Abuse Vulnerability on Windows 2003 Server
- SSL: Error parsing the certificate: Ok
- PHP mysqlnd sha256_password plugin "Access denied", user works from cli mysql
- CFNetwork SSLHandshake failed iOS 9
- Java does not accept 2 methods with same name
- Expected Compatibility Issues with upcoming TLS/SSL Cipher Suite update on Azure WebApps?
- python requests SSLError
- Connecting via mutual SSL fails reading incoming changeCipherSpec
- HTTP to HTTPS mapping using proxy servers
- Ruby on Windows XP: How to change directory of SSL certificates
- KeyStore file is not found in jar, although present in jar
- How do I accept a self-signed SSL certificate using iOS 7's NSURLSession
- Chef remote_file from https site with self signed certificate
- Meteor force-ssl on a staging system without ssl cert?
- Use python SSL to download google.com.au page
Related Questions in SSL-CERTIFICATE
- How to solve CERT_UNTRUSTED error in nodemailer
- Connecting via mutual SSL fails reading incoming changeCipherSpec
- SSL certificate error 403.13 in IIS 7.5
- Can't connect from JAVA to Mongo SSL Replica Set
- Spring Boot SSL Client
- Firefox and SSL pages - takes very long on certain sites
- Google Cloud Storage: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received
- IntelliJ: SVN auth issue
- Maven 3.0.5 refuses our updated nexus certificate
- Wildcard SSL - Which to chose and what is the key differences?
- Local site testing with BrowserStack and self-signed certificates
- Parse Cloud Code authentication issue
- Facing badmatch keyfile error while fetching APNS Socket
- How to disable common name check in SSLContext in java?
- How can i get Certificate issuer information in python?
Related Questions in TLS1.2
- NSURLSession/NSURLConnection HTTP load failed on iOS 9
- Two SoapClient requests for two different thirdparty WSDL services, one works, the other doesn't
- Unity 5.5 Standard Asset ParticleSystems throwing TLS Allocator ALLOC_TEMP_THREAD error
- TLS implementation for Bluetooth
- Domain=NSURLErrorDomain Code 1202
- Non-RSA TLS1.2 Packet decryption
- Can not programmatically determine which TLS version my app uses
- Certificate Pinning Issue with TLS1.2 Enabled Server
- Setup FTPS connection with Client Authentication certs
- Go https client issue - remote error: tls: handshake failure
- Java Email Unrecognized SSL message, plaintext connection? couldn't open server and protocol connection error
- why sdwebimage can't download image while my api works fine with https?
- Unhandled critical extension
- Embedded Jetty responds to clear http on port 443
- AVPlayer URL https connection with ATS blocked cleartext HTTP
Related Questions in IIS-10
- IIS PHP 7.1 PECL DLL Libraries
- IIS 10 Gives Blank Screen for PHP 7.1.0 in phpinfo() page
- RedirectFromLoginPage or Response.Redirect do not work with IIS10
- IIS 10 fails to parse .cshtml file
- Install php_oci8_11g at Windows 10 IIS 10
- How to debug a service in hosting WCF side-by-side with ASP.NET
- How to install IIS Admin Service on Windows 10 Pro
- Crash issue on windows server 2016 DataCenter
- Openiddict implicitflow premature token expiration
- Asp.net core 2 deployment to IIS10 (Windows Server 2016)
- Dynamic IP address restriction presence in IIS 10
- How to remove 'blank' files from Visual Studio when debugging Classic ASP
- Jenkins reverse proxy on IIS
- How to make ASP.Net WebAPI Server available on LAN
- Upgrading SQL Management from Express 2012 to Enterprise 2016
Related Questions in TRUSTEDCONNECTION
- How to initiate MS SQL trusted connection for PHP
- Can I impersonate a client authenticated with forms auth and establish a trusted connection to SQL Server?
- Risks of a Non Trusted Connection to SQL Server?
- Can I use the Integrated Security option in a connection string if I'm connecting to a remote machine that's not on a domain?
- SQL Server 2000 Trusted Authentication Issue
- How to remove Windows authentication from SQL Server Express database
- WCF hosted in IIS, Problem connecting to database with integrated security
- How to Detect Trusted Connection in Crystal Reports using VB.NET?
- Change Azure App Service app pool identity
- Azure App Services trusted connection to SQL Azure
- WCF Impersonation and SQL trusted connections?
- What is a Trusted Connection?
- Laravel: How to connect to sql server using Microsoft Credentials
- SSO handshake with Active directory
- Detect VPN connection or trusted network connection
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
For public HTTPS endpoints, we can use an online service to check its certificate. For Azure SignalR Service instances, you can use the lonos SSL checker. There are also other SSL certificate testing services online, such as the one from SSLlabs.com.
If you can't use a browser or an online service - possibly because the internal environment prevents getting the provided certificate chain in this way. You can use a network trace to see the certificate chain, such as that obtained with Wireshark. In TLS negotiation, after Client Hello and Server Hello, the server will present its certificate to authenticate itself to the client. So, in the network trace, you see certificates, each with its serial number and issuer information.
More information can be obtained from this blog。