[openssl-users] Testing ports through firewall
jb-openssl at wisemo.com
Thu Dec 21 13:56:47 UTC 2017
On 21/12/2017 14:36, warron.french wrote:
> Hello Community, and Merry Christmas/Happy Seasons Greetings,
> anyway, I need some help with understanding an openssl feature -
> I executed the following command: openssl s_server -accept 21937 -www &
> And immediately got the following output:
>  3286
> [sysadm at wfrench-rhel6c-cit ~]$ Error opening server certificate
> private key file server.pem
> 140679739017032:error:02001002:system library:fopen:No such file or
> 140679739017032:error:20074002:BIO routines:FILE_CTRL:system
> unable to load server certificate private key file
> In order to test ports that are not encrypted with SSL/TLS do I still
> have to generate a certificate and private key file (each)?
> I would like to test ports from one machine using openssl s_client
> against a remote machine on an opposing network, running a "listener",
> using openssl s_server.
> Perhaps I am way off? I am not allowed to use openssl for this sort
> of thing?
> Any guidance would be greatly appreciated because I want to expand my
> understanding of the openssl suite of commands and its offerings.
Any normal SSL/TLS server needs a certificate. For testing the
certificate doesn't have to be "real" (from a trusted public CA).
A dummy certificate for a server named "computer.example.com" can
be generated using the command:
openssl req -x509 -days 365 -newkey:rsa:2048 -nodes -keyout server.key
-out server.pem -subj /CN=computer.example.com/O=test/C=US
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users