[openssl-users] regarding ssl_server test

Walter H. Walter.H at mathemainzel.info
Thu May 26 18:52:02 UTC 2016


On 26.05.2016 18:33, R-D intern wrote:
> Hello,
>           I have implemented ssl for my internal server that listens over a
> private ip. Can anyone suggest how can I test my ssl_server? For eg. Qualys
> test shows the amount of ssl implementation of a server listening over
> public ip  and even checks for vulnerabilities in ssl implementation. How
> can such a thing be tested for a server listening over private ip?
>
you can't because, your site listens
for e.g.
https://host.domain.local/...
and domain.local is the CN of your SSL-certificate, but not a real 
public domain name;
so a port forwarding in a NAT router won't help you ...

you only can do - in case you have a public webserver - implement it 
there and test with
Qualys ...
and then take the same configuration parameters to your internal server

Walter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4312 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160526/98495cfe/attachment.bin>


More information about the openssl-users mailing list