0

I just updated a certificate for a particular apache virtual host which is behind a load balancer. Restarted the virtualhost with the command httpd -k restart -f /etc/httpd/someweb.tx.com/conf/httpd.conf.

What's the best way for me to check if the new certificate that was updated is the one in use on the server? I tried using openssl s_client utility as below but it doesn't seem to check the cert locally, instead it pulls the old certificate from my production site over dns. 

openssl s_client -showcerts -servername example.com -connect someweb.tx.com:443

Please note that I have few more Virtual hosts running on 443 in this server whose certificates were unchanged thus the need to check the certificate update on that one particular virtual host.

Also I'm ready to try any tool/utility not just openssl s_client as long as my requirement can be addressed. Please advise.

Thanks in advance -B

bindo
  • 15
  • 1
  • 3

2 Answers2

3

With openssl s_client, you set the SNI name with -servername. With the -connect you can specify the ip-adress (or hostname) and port. So this should do the trick:

openssl s_client -showcerts -servername example.com -connect localhost:443
Gerrit
  • 1,552
  • 8
  • 8
0

I bumped into the same problem after my company's IT group took out one of my primary servers.

Background: I really wanted to use Chrome because it's universally accessible, and it does some deep checking on its own. But I couldn't figure out how to "Request domain example.com from server 1.2.3.4"

Using Postman, I was able to accomplish this in a very friendly way. In case the image is hard to read, here are the steps:

  1. Populate the URL with an address that points to the 1 server you want to test:
    https://1.2.3.4/
  2. Disable the automatic Host header
  3. Add your own customer Host header indicating the domain (SNI) of the cert
  4. Send the request, then verify that the server responded, and that the "Globe + Lock" icon appears

A successful cert + server verification using Postman

Chris
  • 71
  • 1
  • 2