Sslget

From Dogtag
Jump to: navigation, search

Initialization

Before using sslget, prepare an NSS database, for example:

$ pki -c Secret.123 client-init

SSL Ciphers

$ sslget -v -d ~/.dogtag/nssdb -p Secret.123 -r / $HOSTNAME:8443 2>&1 | grep -i enabled
enabled  TLS_AES_128_GCM_SHA256                    
enabled  TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256   
enabled  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256     
enabled  TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384   
enabled  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384     
enabled  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA      
enabled  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA      
enabled  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA        
enabled  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   
enabled  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256     
enabled  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA        
enabled  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384   
enabled  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384     
enabled  TLS_DHE_RSA_WITH_AES_128_GCM_SHA256       
enabled  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384       
enabled  TLS_DHE_RSA_WITH_AES_128_CBC_SHA          
enabled  TLS_DHE_RSA_WITH_AES_128_CBC_SHA256       
enabled  TLS_DHE_RSA_WITH_AES_256_CBC_SHA          
enabled  TLS_DHE_RSA_WITH_AES_256_CBC_SHA256       
enabled  TLS_RSA_WITH_AES_128_GCM_SHA256           
enabled  TLS_RSA_WITH_AES_256_GCM_SHA384           
enabled  TLS_RSA_WITH_AES_128_CBC_SHA              
enabled  TLS_RSA_WITH_AES_128_CBC_SHA256           
enabled  TLS_RSA_WITH_AES_256_CBC_SHA              
enabled  TLS_RSA_WITH_AES_256_CBC_SHA256 

Anonymous Connection

$ sslget -d ~/.dogtag/nssdb -p Secret.123 -r / $HOSTNAME:8443

Client Certificate Authentication

$ sslget -d ~/.dogtag/pki-tomcat/ca/alias -p Secret.123 -n caadmin -r /ca/rest/admin/users $HOSTNAME:8443