How to Check SSL Certificates on Servers

Managing SSL certificates on your network can be challenging. As more and more software today uses encoding, you have more and more certificates you need to keep track of. These certificates can come in many shapes and forms which can make finding them difficult. They can be encoded in Base64 or DER, they can be in versatile samara stores such as JKS stores or the windows certificate store, or they can be encrypted files somewhere on your file system. There is only one locate where all certificates look the same no matter in which format they are stored – the net .

SSL Certificates over the network

contrary to popular impression, when dealings between servers is encrypted using TLS or SSL, the certificates themselves are actually not encrypted. If you think about this, it isn ’ t besides surprise. Before establishing a impregnable connection between a client and a waiter, the client needs to read the certificate data to make certain that it trusts the server. The full certificate information is sent over the network by the server to the node as part of the SSL Handshake protocol .
The format of this information is dictated by the SSL protocol which makes the data that is air identical no matter how and where the certificate is actually stored on the server. We can use this to answer some basic questions for any SSL security :

  • Which SSL certificates are actually in use – The fact that a certificate file exists somewhere on a server does not necessarily mean that certificate is actually being used. If it is sent over the network to a client, it is definitely in use.
  • Where a certificate is being used – SSL certificates, especially those using wildcard common names, may be copied and used in more than one server. Using the serial number of a certificate, we can track all the servers use a specific certificate.
  • When the certificate is expiring – One of the most important thing to keep track of with SSL certificates is when they expire. An expired certificate can break applications and can cause significant downtime until the certificate is found and replaced. Knowing ahead of time when a certificate will expire can save us from this.

(Need to find and manage all your SSL certificates? Gain visibility into your entire IT environment with our simple discovery and mapping platform. Start a free trial or see a demo right now!)

How to find SSL Certificates using Wireshark

Wireshark is one of the more popular network protocol analyzers and it is available for loose from hypertext transfer protocol : //www.wireshark.org/.

There are many different methods we can use to get network traffic for the relevant servers depending on the environment. For some examples, you can see our web log post on getting net traffic in VMware environments here : hypertext transfer protocol : //thefartiste.com/network-visibility-in-virtual-environments-1/.

Wireshark has advanced traffic filtering capabilities for finding the information we want. In our case, we can use the trickle : tls.handshake.certificate. If needed, we can besides filter out the servers based on subnets to exclude any certificates we may be getting from other servers that are not in our environment. This can be done using the filter :
tls.handshake.certificate & & ip.src == [ Subnet CIDR Notation ] Each of the packets returned by this trickle should have SSL certificate information like the watch :

source : https://thefartiste.com
Category : Tech

About admin

I am the owner of the website thefartiste.com, my purpose is to bring all the most useful information to users.

Check Also

articlewriting1

Manage participants in a zoom meeting webinar

Call the people who attend the meet as follows Alternate host host Who scheduled the …

Leave a Reply

Your email address will not be published.