Hi all, Except export (or copy) the cert from the configuration file, and view using openssl, is there anyway / tools to allow me check the TLS / SSL cert is being used? As beside checking the cert is using by my IronPort, i would like to check the cert using by my partner as well (although i can configure IronPort to accept trust cert only, i still wanna verify it)
You don't need to copy the cert out of your configuration. OpenSSL has an "s_client" subcommand which can open an SSL connection and verify the cert for you. It even knows how to do STARTTLS. Something like this ought to do it:
The /path/to/ca/file is necessary to provide openssl with a cache of root CA certs. You could use -CApath instead of -CAfile if you have a hashed directory of root CA certs instead of a single file containing them all.
You can also point this at your partner's SMTP server as well.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...