[linux] SSL / TLS 測試工具 GnuTLS

如題, 測試ssl / tls 可以用這個工具.

參考連結如下:
https://www.gnutls.org/manual/html_node/gnutls_002dcli-Invocation.html

 

Debian , Ubuntu 用這個指令裝

$ sudo apt-get install gnutls-bin

yum的話用這個

$ yum install gnutls-utils

這邊是 gmail IMAP port 993測試結果

$ gnutls-cli -d 5 imap.gmail.com -p 993
Resolving 'imap.gmail.com'...
Connecting to '2607:f8b0:400d:c00::6d:993'...
...
(略)
...
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.2
- Key Exchange: RSA
- Cipher: ARCFOUR-128
- MAC: SHA1
- Compression: NULL
- Handshake was completed

...

或者這樣用 , 可以列印出他的憑證.

$ gnutls-cli --print-cert www.google.com
...
(略)
...
- Status: The certificate is trusted.
...
(略)
...
- MAC: AEAD
- Compression: NULL
- Options: safe renegotiation,
- Handshake was completed

這邊有紅帽的文件, 有興趣可以參考看看.
https://access.redhat.com/articles/1493153