Manual/OpenSSL

[OpenSSL] TLS ์„œ๋ฒ„ ํ…Œ์ŠคํŠธ

JayKim๐Ÿ™‚ 2023. 4. 5. 16:28

openssl s_server ๋ฉ”๋‰ด์–ผ
https://www.openssl.org/docs/man3.0/man1/openssl-s_server.html

openssl s_client ๋ฉ”๋‰ด์–ผ
https://www.openssl.org/docs/man3.0/man1/openssl-s_client.html

๋จผ์ € TLS ์„œ๋ฒ„๋ฅผ ๋›ฐ์šฐ๊ธฐ

openssl s_server -accept 4433 -cert ssl_server.pem -keyform DER -key ssl_server_pri.der -www

TLS ํด๋ผ์ด์–ธํŠธ ์—ฐ๊ฒฐ ํ•˜๊ธฐ

openssl s_client -host 127.0.0.1 -port 4433

์ƒ์„ธ ๋ฉ”์„ธ์ง€๋ฅผ ๋ณด๊ธฐ ์œ„ํ•ด์„œ -debug ์˜ต์…˜์„ ์ค„ ์ˆ˜ ์žˆ๋‹ค.
-msg ์˜ต์…˜์„ ์ฃผ๋ฉด TLS Handshake ๋ฉ”์„ธ์ง€ ๊ฐ’์„ ๋ณด์—ฌ ์ค€๋‹ค.

  • ๊ธฐ๋ณธ์ ์œผ๋กœ ์ธ์ฆ์„œ๋‚˜ ๊ฐœ์ธํ‚ค๋Š” PEM ํ˜•์‹์ด๋‹ค. ํ•˜์ง€๋งŒ DER ํ˜•์‹์„ ์‚ฌ์šฉํ•˜๊ธฐ ์œ„ํ•ด -keyform ์œผ๋กœ ํŒŒ์ผ ํฌ๋งท์„ ์ง€์ •ํ•ด ์ค€๋‹ค
    ์ธ์ฆ์„œ ํฌ๋งท ๊ฒฝ์šฐ -certform DER ์„ ์ง€์ •ํ•œ๋‹ค. 
    openssl s_client -connect google.com:443 -showcert
    ์ด ๋ช…๋ น์–ด๋ฅผ ์‚ฌ์šฉํ•˜๋ฉด google.com ์—ฐ๊ฒฐ์‹œ ์‚ฌ์šฉํ•˜๋Š” TLS ์ธ์ฆ์„œ ์ฒด์ธ ์ •๋ณด๋ฅผ ๋ณด์—ฌ์ค€๋‹ค.
  • TLS ํด๋ผ์ด์–ธํŠธ๋กœ ๊ตฌ๊ธ€ ์‚ฌ์ดํŠธ ์ธ์ฆ์„œ ๋ณด๊ธฐ
์ €์ž‘์žํ‘œ์‹œ

'Manual > OpenSSL' ์นดํ…Œ๊ณ ๋ฆฌ์˜ ๋‹ค๋ฅธ ๊ธ€

[OpenSSL] OCSP ์™€ TSP ๋ช…๋ น์–ด  (0) 2023.04.07
[OpenSSL] PKCS#12 (PFX) ํŒŒ์ผ ๋งŒ๋“ค๊ธฐ ๋ช…๋ น์–ด  (0) 2023.04.07
[OpenSSL] CMS ( Cryptographic Message Syntax ) ๋ช…๋ น์–ด ์‚ฌ์šฉ๋ฒ•  (3) 2023.04.06
[OpenSSL] RSA ๊ฐœ์ธํ‚ค (PrivateKey) ์ƒ์„ฑ ๋ช…๋ น์–ด  (0) 2023.04.06
[OpenSSL] ECDSA ์šฉ Self-Sign ์ธ์ฆ์„œ ๋งŒ๋“ค๊ธฐ  (0) 2023.04.05

'Manual/OpenSSL'์˜ ๋‹ค๋ฅธ๊ธ€

  • ํ˜„์žฌ๊ธ€[OpenSSL] TLS ์„œ๋ฒ„ ํ…Œ์ŠคํŠธ

๊ด€๋ จ๊ธ€

๋Œ“๊ธ€

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”