CentOS Stream 8にSSL/TLS通信の解析ツールssldumpをインストールする
環境
# cat /etc/redhat-release
CentOS Stream release 8
サーバに来ているSSL/TLSコネクションのクライアントバージョンを確認したい時、ssldumpコマンドが使える。
インストールの方法
1.リポジトリをダウンロードします
# cd /usr/local/src
# wget https://forensics.cert.org/cert-forensics-tools-release-el8.rpm
# cd /usr/local/src
# wget https://forensics.cert.org/cert-forensics-tools-release-el8.rpm
# cd /usr/local/src # wget https://forensics.cert.org/cert-forensics-tools-release-el8.rpm
ダウンロードしたリポジトリをインストールします
# sudo dnf install cert-forensics-tools-release-el8.rpm
# sudo dnf install cert-forensics-tools-release-el8.rpm
# sudo dnf install cert-forensics-tools-release-el8.rpm
2.ssldumpをインストールします
# sudo dnf --enablerepo=forensics install ssldump
# sudo dnf --enablerepo=forensics install ssldump
# sudo dnf --enablerepo=forensics install ssldump
3.ssldumpバージョンを確認します
# ssldump -v
ssldump 1.4b
Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS
Copyright (C) 2015-2021 the aforementioned volunteers
Copyright (C) 1998-2001 RTFM, Inc.
All rights reserved.
Compiled with OpenSSL: decryption enabled
# ssldump -v
ssldump 1.4b
Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS
Copyright (C) 2015-2021 the aforementioned volunteers
Copyright (C) 1998-2001 RTFM, Inc.
All rights reserved.
Compiled with OpenSSL: decryption enabled
# ssldump -v ssldump 1.4b Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS Copyright (C) 2015-2021 the aforementioned volunteers Copyright (C) 1998-2001 RTFM, Inc. All rights reserved. Compiled with OpenSSL: decryption enabled
4.サーバーへの通信を確認します
# sudo ssldump -n -H -i NIC名