问题
I have written a web service client that uses SSL client certificates to authenticate to the remote server. But since the actual web service is not yet available to me, I'm looking for a public test server that accepts a client certificate for authentication, so that I can test the SSL part of my client for correct implementation and configuration.
I have tried https://requestb.in but it replies with HTTP status 403 (Forbidden) when I use a client certificate. And https://httpbin.org/ accepts my request but doesn't give any indication if the certificate was usable.
Is there a similar service that checks the SSL client certificate?
回答1:
You can use the following URLs to test SSL client authentication:
- https://server.cryptomix.com/secure/
- https://prod.idrix.eu/secure/
They both use the same configuration: they accept any client certificate and upon success they display the content of various webserver variables like the certificate used and the ciphersuite selected. If the authentication fails, an error is displayed.
I hope this will be useful.
回答2:
https://client.badssl.com (part of the badssl.com service) lets you test authentication using client SSL certificates. The client certificate can be downloaded from https://badssl.com/download/.
This server returns 200 OK if the correct client certificate is provided, and 400 Bad Request otherwise.
来源:https://stackoverflow.com/questions/38095559/https-test-server-that-checks-client-certificates