Tip: Retrieving server certificate used in SSL communication (e.g. POP3s)
If you would like to get the security certificate used by a server in communication over SSL, such as with the HTTPS or POP3s protocols, for instance to install it on a client device that needs to talk to the server, you can use OpenSSL to retrieve it:
You then store the text starting with "-----BEGIN CERTIFICATE-----" and ending with "-----END CERTIFICATE-----" (inclusive) into a file with the extension .pem.
You can also use openssl to convert the certificate into another format, e.g.:
The information originates from the page Gmail POP3 with Fetchmail where you can find a more detailed description and also instructions for testing the certificate.
bash$ openssl s_client -connect pop.gmail.com:995 -showcerts
You then store the text starting with "-----BEGIN CERTIFICATE-----" and ending with "-----END CERTIFICATE-----" (inclusive) into a file with the extension .pem.
You can also use openssl to convert the certificate into another format, e.g.:
bash$ openssl x509 -in mycertificate.pem -inform PEM -out mycertificate.der -outform DER
The information originates from the page Gmail POP3 with Fetchmail where you can find a more detailed description and also instructions for testing the certificate.