如題, 測試ssl / tls 可以用這個工具.
參考連結如下:
https://www.gnutls.org/manual/html_node/gnutls_002dcli-Invocation.html
Debian , Ubuntu 用這個指令裝
$ sudo apt-get install gnutls-bin
yum的話用這個
$ yum install gnutls-utils
這邊是 gmail IMAP port 993測試結果
$ gnutls-cli -d 5 imap.gmail.com -p 993
Resolving 'imap.gmail.com'...
Connecting to '2607:f8b0:400d:c00::6d:993'...
...
(略)
...
- Peer's certificate issuer is unknown
- Peer's certificate is NOT trusted
- Version: TLS1.2
- Key Exchange: RSA
- Cipher: ARCFOUR-128
- MAC: SHA1
- Compression: NULL
- Handshake was completed
...
或者這樣用 , 可以列印出他的憑證.
$ gnutls-cli --print-cert www.google.com
...
(略)
...
- Status: The certificate is trusted.
...
(略)
...
- MAC: AEAD
- Compression: NULL
- Options: safe renegotiation,
- Handshake was completed
這邊有紅帽的文件, 有興趣可以參考看看.
https://access.redhat.com/articles/1493153
