TLS/Zertifikat überprüfen: Unterschied zwischen den Versionen

Version vom 7. Juni 2020, 15:57 Uhr

Using online checkers

Check SSL using online tools

   ImmuniWeb® SSLScan
   SSL Checker - SSL Certificate Verify
   SSL Server Test (Powered by Qualys SSL Labs)

Using a Linux server

Any Linux server can be used for these tests. If you do not have a Linux server, use the online checkers above.
To verify SSL, connect to any Linux server via SSH and use the instructions below:

IMAP via SSL uses port 993

connect to a mail server using openssl:

openssl s_client -showcerts -connect mail.example.com:993 -servername mail.example.com

Check output and make sure that a valid certificate is shown:

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

Make sure that you received IMAP server response:

* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=PLAIN IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information.

POP3 via SSL uses port 995

Connect to a mail server using openssl:

openssl s_client -showcerts -connect mail.example.com:995  -servername mail.example.com

Check output and make sure that a valid certificate is shown:

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

Make sure that you received POP3 server response:

+OK Hello there. <1793.1385684315@localhost.localdomain>

SMTP via SSL uses port 465

Connect to a mail server using openssl:

openssl s_client -showcerts -connect mail.example.com:465  -servername mail.example.com

Check output and make sure that a valid certificate is shown:

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

Make sure that you received SMTP server response:

220 mail.example.com ESMTP Postfix

SMTP via TLS/StartTLS uses port 25 or 587

Connect to a mail server using openssl:

openssl s_client -starttls smtp -showcerts -connect mail.example.com:25  -servername mail.example.com

Check output and make sure that a valid certificate is shown:

Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=mail.example.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=PositiveSSL CA 2

Make sure that you received SMTP server response:

250 DSN

Quellen

https://support.plesk.com/hc/en-us/articles/213961665-How-to-verify-that-SSL-for-IMAP-POP3-SMTP-works-and-a-proper-SSL-certificate-is-in-use

@@ Zeile 7: / Zeile 7: @@
 * Any Linux server can be used for these tests. If you do not have a Linux server, use the online checkers above.
 * To verify SSL, connect to any Linux server via SSH and use the instructions below:
-====IMAP via SSL uses port 993:====
+==== IMAP via SSL uses port 993 ====
 * connect to a mail server using openssl:
   openssl s_client -showcerts -connect mail.example.com:993 -servername mail.example.com
@@ Zeile 16: / Zeile 16: @@
 Make sure that you received IMAP server response:
   * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=PLAIN IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2004 Double Precision, Inc. See COPYING for distribution information.
 ==== POP3 via SSL uses port 995 ====
 Connect to a mail server using openssl: