Tools for setting up and testing secure certificatesPosted in Linux/Unix/BSD -
This is a quick reference page for some tools for configuring web server settings and testing secure certificates.
Mozilla SSL Configuration Generator
This tool provides you with SSL configurations for Apache, Nginx, HAProxy & AWS Elb, depending on the server version and openssl version.
To find out your openssl version, do this:
To find out your Apache version, do this (depending on distro it'll be apache2 or httpd, and you may need to prefix it with /usr/sbin):
apache2 -v OR httpd -v
To find out your Nginx version, do this (again you might need to prefix with /usr/sbin):
Qualys SSL Labs SSL Server Test
This tool tests your secure certificate and gives it a grade. On a couple of older servers, I was able to improve the grade from an "F" to a "B" simply by using the Mozilla SSL configuration generator above. We should be able to get them to an "A" by fixing the intermediate certificate when we renew.
[Update] I bought a new certificate for a site using RapidSSL, the Mozilla configuration generator and with up to date Nginx & openssl on Debian 7 Wheezy and got an A+ with the testing tool.