Checking SSL certs #
Most people would be familiar with using openssl client to check details about a sites SSL certificate.
$ openssl s_client -servername prose.sh -connect prose.sh:https
However nmap is a versatile tool that you can also use to extract similar information and I find that the output is a little more readable.
Checking the SSL certificate details for the Prose.sh web server.
$ nmap -Pn -p 443 --script ssl-cert prose.sh
An advantage of using nmap is that you can also easily look up SSL certificate information for other services (eg SMTP/POP/IMAP), you simply have to specify the port that you want to check.
Checking the SSL certificate details for one of FastMail's mail servers.
$ nmap -Pn -p 25 --script ssl-cert in1-smtp.messagingengine.com