OpenSSL Client for Windows: Win32 OpenSSL Debugging Tool

We came across this great little tool, and wanted to share in case anyone can use the info. Shining Light OpenSSL client for Windows is a command line OpenSSL utility, implementing the full OpenSSL software for testing and debugging SSL connection issues on Windows systems.

Download the OpenSSL client, free, here:

After running the installer, open Command Prompt and navigate to the folder where the software was installed.

cd c:\windows\openssl

Try a connection to a SSL host:

openssl s_client -connect 

Note that this client does NOT include any root CA certificates, and never uses the Windows certificate store, which will cause “verify error 20” unless CA certificates are explicitly given.

To have OpenSSL fully verify, you must get a suitable set of CA certs in PEM file(s) and give them explicitly to s_server using -CAfile or -CAparth or a combination. Specify a certificate file like this:

openssl s_client -connect -CAfile "C:/windows/openssl/certificates/certs.pem"
This entry was posted in Guides & How To's, Security, Tech Support, VPS Hosting, Windows Server, Windows VPS and tagged , , , , , . Bookmark the permalink. Trackbacks are closed, but you can post a comment.

Questions? We're here to help.