Say hello to the SslChainSaver tool. This is a tool that I wrote internally to troubleshoot SSL connections and I'm finally able to offer it publically. Use this tool when you want to to add new root or intermediate certificates to a device for an SSL connection.
- - makes CertificateStore XML out of the entire certificate chain
- - saves all the certificates out to disk for further inspection
- - identifies servers that are not sending down the entire certificate chain
- - can optionally connect to ports other than 443
The XML from this tool will allow the device to connect to servers that aren't sending down the entire chain. (because the XML contains all the intermediate certificates)
Usage is simple:
> sslchainsaver mail.company.com
This will create a directory called mail.company.com which contains all the certificates from the SSL chain. It will also create a file called mail.company.com.xml which can be pushed over rapiconfig or put in a CAB file for installation on devices.
update 5/18/2008: Version 2 is now released