• How to check the validity of existing certificates?

• How to confirm if the certificates used by the domains are self signed or CA signed?

All supported releases of Smarts

• Below is the command to check the validity of existing certificates:

        openssl s_client -connect <domain-host>:<domain-port> 2>/dev/null | openssl x509 -noout -dates

• One of the way to check if the ssl certificates used by the Smarts domains are self signed or CA signed is to analyze the output of command: openssl s_client -connect -connect <domain-host>:<domain-port> </dev/null 2>/dev/null | openssl x509 -text

• • Self-signed certificate: If the subject and issuer fields are identical, the certificate is likely self-signed. 
     
  • CA-signed certificate: If the subject and issuer fields are different, the certificate has been signed by a Certificate Authority (CA). The issuer field will indicate the CA that signed the certificate.