How do I validate the ssl chain served by server for a internal site ? I found online tools like ssl labs that do this but they don't work for a internal network site . I tried OpenSSL and inputted site url and it says the site's chain is ok. But still we are having issues with some Android devices not trusting the server . Is there any other way to validate the certificate chain being served by my server ?
SSL chain validation for internal sites
834 Views Asked by Naresh Kumar At
1
There are 1 best solutions below
Related Questions in SSL
- D2L Valence - post feedback for a dropbox with no submission
- D2L Valence - Uploading file to a group locker
- Valence API D2L/Brightspace API calls from WordPress Site
- Creating Group categories - D2L Valence
- How to loop through modules, link topics, and LTI links
- how to Create a provider of insert-stuff elements: in the list of Insert Stuff sources for Desire to learn LMS
- Valence and Release Conditions?
- Desire2Learn Valence: Unenrolling users with hidden roles
- Valence command to open new window or iframe
- Uploading News attachment from file in database D2L Valence API
Related Questions in SSL-CERTIFICATE
- D2L Valence - post feedback for a dropbox with no submission
- D2L Valence - Uploading file to a group locker
- Valence API D2L/Brightspace API calls from WordPress Site
- Creating Group categories - D2L Valence
- How to loop through modules, link topics, and LTI links
- how to Create a provider of insert-stuff elements: in the list of Insert Stuff sources for Desire to learn LMS
- Valence and Release Conditions?
- Desire2Learn Valence: Unenrolling users with hidden roles
- Valence command to open new window or iframe
- Uploading News attachment from file in database D2L Valence API
Related Questions in TLS1.2
- D2L Valence - post feedback for a dropbox with no submission
- D2L Valence - Uploading file to a group locker
- Valence API D2L/Brightspace API calls from WordPress Site
- Creating Group categories - D2L Valence
- How to loop through modules, link topics, and LTI links
- how to Create a provider of insert-stuff elements: in the list of Insert Stuff sources for Desire to learn LMS
- Valence and Release Conditions?
- Desire2Learn Valence: Unenrolling users with hidden roles
- Valence command to open new window or iframe
- Uploading News attachment from file in database D2L Valence API
Related Questions in IIS-10
- D2L Valence - post feedback for a dropbox with no submission
- D2L Valence - Uploading file to a group locker
- Valence API D2L/Brightspace API calls from WordPress Site
- Creating Group categories - D2L Valence
- How to loop through modules, link topics, and LTI links
- how to Create a provider of insert-stuff elements: in the list of Insert Stuff sources for Desire to learn LMS
- Valence and Release Conditions?
- Desire2Learn Valence: Unenrolling users with hidden roles
- Valence command to open new window or iframe
- Uploading News attachment from file in database D2L Valence API
Related Questions in TRUSTEDCONNECTION
- D2L Valence - post feedback for a dropbox with no submission
- D2L Valence - Uploading file to a group locker
- Valence API D2L/Brightspace API calls from WordPress Site
- Creating Group categories - D2L Valence
- How to loop through modules, link topics, and LTI links
- how to Create a provider of insert-stuff elements: in the list of Insert Stuff sources for Desire to learn LMS
- Valence and Release Conditions?
- Desire2Learn Valence: Unenrolling users with hidden roles
- Valence command to open new window or iframe
- Uploading News attachment from file in database D2L Valence API
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
For public HTTPS endpoints, we can use an online service to check its certificate. For Azure SignalR Service instances, you can use the lonos SSL checker. There are also other SSL certificate testing services online, such as the one from SSLlabs.com.
If you can't use a browser or an online service - possibly because the internal environment prevents getting the provided certificate chain in this way. You can use a network trace to see the certificate chain, such as that obtained with Wireshark. In TLS negotiation, after Client Hello and Server Hello, the server will present its certificate to authenticate itself to the client. So, in the network trace, you see certificates, each with its serial number and issuer information.
More information can be obtained from this blog。