Essential OpenSSL Commands

Here, I collected some essential commands for OpenSSL.

Check the Connection:

$ openssl s_client -showcerts -connect www.microsoft.com:443

Decoding BASE64 (PEM) Certificate

Capture the output between “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–” tags, and save as a text file (i.e. cert_microsoft.com).

Run the command below to read the file, and display it in a textual format.

$ openssl x509 -noout -text -in cert_microsoft.com

Decoding Binary Certificate (DER) Certificate

DER is a binary certificate format and the content is the same as PEM (Base64).

$ openssl x509 -noout -text -inform der -in cert_microsoft.der

Convert Certificate between DER and PEM format

By the way, -inform is short for “input format”

$ openssl x509 -inform der -in cert_microsoft.der -out cert_microsoft.pem

$ openssl x509 -inform der -in cert_mirosoft.der -outform pem -out cert_microsoft.pem

$ openssl x509 -in cert_microsoft.pem -outform der -out cert_microsoft.der

 $ openssl x509 -inform pem -in cert_microsoft.pem -outform der -out cert_microsoft.der

 

Checking the Chain of Trust

$ openssl verify -verbose cert_microsoft.pem

If you see "Error 20 at 0 depth lookup", it means that the intermediate certificate (or certificate for the Issuer of the server certificate) is missing. 

$ openssl verify -untrusted cert_symantec cert_microsoft.pem

If you see "Error 20 at 1 depth lookup", it means the error is no longer on the server certificate (0 depth) but now can't find the issuer certificate for the Symantec cert.

$ openssl verify -untrusted cert_symantec -CAfile ./RootCerts.pem cert_microsoft.pem

You should see everything is "OK" now.

If you have more than 1 intermediate certificate, just concatenate both certs into one.

$ cat inter1.pem inter2.pem > inter_both.pem

Testing SSLv2/SSLv3/TLSv1/TLSv1.1/TLSv1.2/TLSv1.3

$ openssl s_client -ssl2 -connect microsoft.com:443

$ openssl s_client -ssl3 -connect microsoft.com:443

$ openssl s_client -tls1 -connect microsoft.com:443

$ openssl s_client -tls1_1 -connect microsoft.com:443

$ openssl s_client -tls1_2 -connect microsoft.com:443

$ openssl s_client -tls1_3 -connect microsoft.com:443    

$ openssl s_client [-no_ssl3, -no_tls1, -no_tls1_1, -no_tls1_2, -no_tls1_3] -connect microsoft.com:443

 

Get the Common Name (cn) or Subject

$ openssl x509 -noout -subject -in cert_microsoft.pem

Renegotiation (by client)

$ openssl s_client -connect www.microsoft.com:443

HEAD / HTTP/1.0

R

<CRLF>

 

Testing Weak Ciphers

$ openssl s_client -cipher NULL,EXPORT,LOW,3DES -connect <site:port>

Testing NULL Cipher

$ openssl s_client -cipher aNULL -connect <site:port>

Forward Secrecy

$ openssl s_client -cipher EDH,EECDH -connect <site:port>

Testing RC4 ciphers

$ openssl s_client -cipher RC4 -connect <site:port>

Testing Compression (CRIME/TLS or BREACH/HTTP)

"Compression: zlib compression" and "Compression: 1 (zlib compression)" indicate that the remote server is vulnerable to the CRIME attack. "Compression: NONE" means not vulnerable to TLS compression. 

$ openssl s_client -connect <site:port>

GET / HTTP/1.1
Host: example.com
Accept-Encoding: compress, gzip

<CRLF><CRLF> 

If the response contains encoded data, it indicates that HTTP compression is supported; therefore the remote host is vulnerable (to BREACH).

Links:

• Explaining the Chain of Trust 
• SSL Checklist for Pentesters - the Manual Cheatsheet
• Manual testing of SSL/TLS weaknesses