Skip to content

Commit b93a50a

Browse files
alankingalanking
committed
squash - imiscsvrinfo
1 parent 50bd3e0 commit b93a50a

File tree

1 file changed

+35
-0
lines changed

1 file changed

+35
-0
lines changed

docs/system_overview/ssl_and_tls.md

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -145,3 +145,38 @@ irods_ssl_ca_certificate_file
145145

146146
irods_ssl_ca_certificate_path
147147
: Location of a directory containing CA certificates in PEM format. The files each contain one CA certificate. The files are looked up by the CA subject name hash value, which must be available. If more than one CA certificate with the same name hash value exist, the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1, etc.). The search is performed based on the ordering of the extension number, regardless of other properties of the certificates. Use the 'c_rehash' utility to create the necessary links.
148+
149+
### Verification and Debugging
150+
151+
One can view TLS information from the server via `imiscsvrinfo`. Here is an example of the output from a client/server using certs generated using the instructions above:
152+
~~~
153+
SSL/TLS Info:
154+
enabled: true
155+
issuer_name: C=US, ST=North Carolina, L=Chapel Hill, O=iRODS Consortium
156+
not_after: 2026-04-01 13:26:35 UTC
157+
not_before: 2025-04-01 13:26:35 UTC
158+
public_key: Public-Key: (2048 bit)
159+
Modulus:
160+
00:a6:10:cd:91:99:8b:37:91:86:11:0b:ed:4e:72:
161+
2b:cc:15:65:e7:df:0a:1d:21:62:a6:50:48:4d:60:
162+
af:e2:2b:9a:34:de:e6:65:f7:fd:60:40:eb:ac:21:
163+
23:95:33:cd:34:e6:45:df:da:27:71:9b:95:05:1c:
164+
b1:4d:72:09:08:8e:64:2e:2b:61:1f:18:cc:e5:91:
165+
89:64:3d:69:3e:4f:1f:3b:b0:7d:3b:70:3c:7a:a0:
166+
65:cd:80:01:05:1c:0b:71:29:80:c7:e1:fa:65:38:
167+
ea:13:42:9e:0d:65:c1:9b:b4:0b:cc:bc:16:47:f0:
168+
94:05:01:ae:22:b8:39:f1:d0:36:52:cc:e2:fa:5f:
169+
72:a7:cb:b0:26:39:0a:4a:d6:ea:6e:fd:8b:4d:db:
170+
ca:59:9d:a3:bb:1a:f3:b8:52:05:7a:e2:35:3a:af:
171+
f7:61:38:6f:6f:f0:62:a0:34:1b:5d:78:a6:de:02:
172+
21:00:8a:c5:cc:b3:7e:81:76:d7:3a:1b:4a:88:c1:
173+
86:dd:4c:a6:9b:98:b6:a9:ed:f0:48:10:7c:af:7c:
174+
d6:50:b2:89:65:99:1c:dc:3a:77:91:6f:e3:92:9e:
175+
c5:98:76:05:64:00:aa:e1:db:86:68:03:b0:89:f5:
176+
cb:de:3d:8f:b4:7b:4c:39:59:27:4a:d5:37:b5:05:
177+
e6:09
178+
Exponent: 65537 (0x10001)
179+
signature_algorithm: sha256WithRSAEncryption
180+
subject_alternative_names: ["DNS:localhost"]
181+
subject_name: C=US, ST=North Carolina, L=Chapel Hill, O=iRODS Consortium
182+
~~~

0 commit comments

Comments
 (0)