What's the process of extracting certificates from TLS server?

306    Asked by AnilJha in Cyber Security , Asked on Mar 16, 2022

 I need to get an SSL certificate from some mail servers. I know I need to execute the following steps. Do a DNS mx query on the domain name (dig google.com mx).Use the information to download an SSL certificate (openssl s_client -showcerts -connect google.com:443). But I am not sure what information I should pick up from step 1 and how it should be used in step 2


Answered by Anil Jha

For extracting certificate from TLS server, you should pick the domain of one MX record from the answer section of your DNS query and feed it to openssl:


$ dig gmail.com mx
[...]
;; ANSWER SECTION:

  • gmail.com. 3599 IN MX 20 alt2.gmail-smtp-in.l.google.com.
  • gmail.com. 3599 IN MX 5 gmail-smtp-in.l.google.com.
  • gmail.com. 3599 IN MX 30 alt3.gmail-smtp-in.l.google.com.
  • gmail.com. 3599 IN MX 10 alt1.gmail-smtp-in.l.google.com.
  • gmail.com. 3599 IN MX 40 alt4.gmail-smtp-in.l.google.com.

[...]
$ openssl s_client -connect gmail-smtp-in.l.google.com:25 -starttls smtp
[...]

Note: it's not a safe assumption that the web server (if there is any) running on the same machine as the SMTP server uses the same certificate. see also https://serverfault.com/questions/131627/how-to-inspect-remote-smtp-servers-tls-certificate#131628



Your Answer

Interviews

Parent Categories