CheckTLS Extras

We have two tools that test general client/server services, and two tools that help manage SSL certificates.

Watch a Client/Server Connection Run It

Watch a real client connect to a real server in real time. WatchConnect sits inbetween your client and your server and lets you see everything that is sent and received between the two. It's an easy, cheap, online traffic sniffer. more...

Test IP Services Run It

Test many different Internet services such as POP, IMAP, HTTP. This test makes telnetting to different ports to test various TCP/IP services much easier. Because it also works on the secure (SSL) versions of these services, decripting the traffic so you can see it, it can test things that are impossible with telnet. more...

Show SSL Certificate Signing Request Contents Show A CSR

SSL certificate signing requests are used to ask a Certificate Authority to create a trusted certificate ("signed"). They look something like:

...about 20 lines of gibberish...
This is an encoded rendering of the contents of the request (see X.509). ShowCSR opens up the formatted data (gibberish) and displays it in human read-able format.

Show SSL Certificate Contents Show A Cert

SSL certificates are typically stored in X509 format, and they look something like:

...about 20 lines of gibberish...
This is an encoded rendering of the contents of the certificate (see X.509). ShowCert opens up the X509 formatted data and displays it in human read-able format.

Multi-Host Wild-Card SSL Certificate Generate Cert

SSL certificates are typically specific to a single host. An extension of the standard allows wildcards, for example * Wildcards are single-level, meaning * matches but does not match And two wildcard characters are not allowed, so *.* doesn't work.

It is also possible to do two or more hosts in a single certificate, which them works on both hosts. In fact, any number of hosts work in the same certificate. And so do any number of wildcard entries. Which means a single certificate can serve all of the following:
The standard single host.
A second host in the same certificate.
Another host, this one in a subdomain of
All hosts in the domain (what goes in for the asterisk cannot have a dot in it). This would take care of the first two entries above but not the third.
Another wildcard allowing all hosts in the subdomain. More than one wildcard specification can be in the same certificate.
A hardware address, for a host that does not have a name published on the Internet.

For example, all of our internal certs list * and *, and so are valid for any host in either domain.