With openssl, you can dump a cert from an ip address with:
openssl s_client -connect 93.184.216.34:443 | openssl x509 -noout -text
Which gives the single cert on non-SNI hosts, or the default SNI cert on SNI hosts.
Is there an equivalent way to dump every cert on a host using SNI without knowing any of the CN/SAN?
The idea here is to do a quick discovery of all certs on all our Load Balancers. Worked well before, but SNI is throwing a wrench into this.
No comments:
Post a Comment