Examine Public SSL Certificate / Keys

13 Aug 2007 in Systems administration on Linux, Ssl, Ldap

So, in trying to figure out the LDAP issues that I had earlier, I needed to check the public key that was returned by the LDAP server when using SSL / TLS. The problem was that I had the damndest time trying to figure out the command necessary to open up and examine SSL certificates on non-standard ports (ie: anything but HTTPS, IMAPS, POP3 over SSL, etc.). Finally, I found on the Atlassian Confluence website the exact command I needed:

openssl s_client -connect host.example.com:ldaps

This displayed everything I needed to know, including the PEM formatted public key / certificate as well as the Certificate Chain (ie: who was the Certificate Authority for the certificate).