About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Technical Blog Post
Abstract
Checking a certificate from a remote host
Body
Occasionally we encounter a circumstance where certificates have been checked in on both sides of an HTTP communications link and the authentication fails. This is sometimes a result of the difference certificate being checked in on the server side than expected. A quick way to check this is to use the following OpenSSL command to connect to the remote machine and display the certificate chain and public details of that chain. This can then be compared to the expected certificate chain to verify that the correct chain elements are in use and that all properties are correct.
openssl s_client -host hostname.company.com -port 443 -prexit -showcerts
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS4PJT","label":"IBM Sterling Connect:Direct"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]
UID
ibm11123449