SSL
Performance
seq 10 | xargs -I@ -n1 curl -kso /dev/null -w "tcp:%{time_connect}, ssldone:%{time_appconnect}\n" https://wiki.sysop.cafe
Check certificate expiration date
domain=www.google.com; days=14; echo | openssl s_client -connect $domain:443 2>/dev/null | openssl x509 -noout -checkend $(($days * 24 * 60 * 60)) -enddate
SSL check script
http://prefetch.net/code/ssl-cert-check (local copy, probably outdated: https://wiki.sysop.cafe/resources/ssl-cert-check.txt)
Strong Ciphers
SSL/TLS scanning library
Generate self-signed cert without passphrase
openssl req -x509 -newkey rsa:4096 -keyout privkey.pem -out fullchain.pem -days 365 -nodes
Generat pfx from pem
openssl pkcs12 -export -out cert.pfx -inkey privkey.pem -in fullchain.pem openssl pkcs12 -info -in cert.pfx #to verify