To make sure that you have installed the SSL certificate correctly, we have have compiled a cheatsheet with OpenSSL commands to verify that multiple protocols use the correct certificate.
Enter the domain you want to check here: {INPUT:servername|server.yourwebhoster.eu}
Your domain will get updated in the commands below.Test FTP certificate
openssl s_client -connect {VAR:servername}:21 -starttls ftpTest POP3 certificate
openssl s_client -connect {VAR:servername}:995Test IMAP certificate
openssl s_client -connect {VAR:servername}:993Test SMTP SSL certificate
openssl s_client -connect {VAR:servername}:465Test SMTP TLS certificate
openssl s_client -connect {VAR:servername}:587 -starttls smtpTest HTTPS certificate
openssl s_client -connect {VAR:servername}:443Test DirectAdmin certificate
openssl s_client -connect {VAR:servername}:2222Tip: Add the following to extract the certificate expiry date from the server.
2>/dev/null | openssl x509 -noout -dates
How to verify SSL certificates with SNI (Server Name Indication) using OpenSSL
Using SNI with OpenSSL is easy. Just add the -servername flag and you are good to go. Replace in the examples below mail.domain.com with the SNI name. Note: you can also use the SNI name to replace server.yourwebhoster.eu with.
Test FTP certificate
openssl s_client -connect {VAR:servername}:21 -starttls ftp -servername {VAR:servername}Test POP3 certificate
openssl s_client -connect {VAR:servername}:995 -servername {VAR:servername}Test IMAP certificate
openssl s_client -connect {VAR:servername}:993 -servername {VAR:servername}Test SMTP SSL certificate
openssl s_client -connect {VAR:servername}:465 -servername {VAR:servername}Test SMTP TLS certificate
openssl s_client -connect {VAR:servername}:587 -starttls smtp -servername {VAR:servername}Test HTTPS certificate
openssl s_client -connect {VAR:servername}:443 -servername {VAR:servername}Test DirectAdmin certificate
openssl s_client -connect {VAR:servername}u:2222 -servername {VAR:servername}