Testing SSL/TLS Client Authentication with OpenSSL

Question

I am developing a client/server application with TLS. My idea is to use a certificate on the client so it is authenticated by the server. Also another certificate on the ser

Answer 1

Generate two pairs of certificates/keys, one for the server and one for the client. Also create test.txt with any content.

To set up an SSL server that checks a client certificate, run the following command:

openssl s_server -cert server_cert.pem -key server_key.pem -WWW -port 12345 -CAfile client_cert.pem -verify_return_error -Verify 1

To test the server with client certificate, run the following command:

echo -e 'GET /test.txt HTTP/1.1\r\n\r\n' | openssl s_client -cert client_cert.pem -key client_key.pem -CAfile server_cert.pem -connect localhost:12345 -quiet

Alternatively you can use curl command:

curl -k --cert client_cert.pem --key client_key.pem https://localhost:12345/test.txt