[openssl-users] Testing ports through firewall

Sai Teja Chowdary asteja.chowdary.ece13 at iitbhu.ac.in
Thu Dec 21 15:30:00 UTC 2017


Hi,
You can test ports with OpenSSL. But you gotta need a certificate for your
s_server. You can generate a self signed certificate with openssl.
Try this

https://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl

And place that file in the dir were you are running the s_server command,
or can use -cert argument to give the generated certificate.

And from the s_client connect to the port that you are listening with
s_server

Client:
openssl s_client -connect hostname:port

Server:
openssl s_server -accept PORT

Regards

Saiteja.

On 21-Dec-2017 7:07 PM, "warron.french" <warron.french at gmail.com> wrote:

> Hello Community, and Merry Christmas/Happy Seasons Greetings,
>    anyway, I need some help with understanding an openssl feature -
> *s_server*.
>
> I executed the following command:  openssl s_server -accept 21937 -www &
> And immediately got the following output:
> [1] 3286
> [sysadm at wfrench-rhel6c-cit ~]$ Error opening server certificate private
> key file server.pem
> 140679739017032:error:02001002:system library:fopen:No such file or
> directory:bss_file.c:398:fopen('server.pem','r')
> 140679739017032:error:20074002:BIO routines:FILE_CTRL:system
> lib:bss_file.c:400:
> unable to load server certificate private key file
>
> In order to test ports that are not encrypted with SSL/TLS do I still have
> to generate a certificate and private key file (each)?
>
> I would like to test ports from one machine using openssl s_client against
> a remote machine on an opposing network, running a "listener", using
> openssl s_server.
>
> Perhaps I am way off?  I am not allowed to use openssl for this sort of
> thing?
> Any guidance would be greatly appreciated because I want to expand my
> understanding of the openssl suite of commands and its offerings.
>
>
> Have a nice day,
> --------------------------
> Warron French
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171221/d4465a35/attachment.html>


More information about the openssl-users mailing list