Validation of Peer Certificate using CLI

You can use the sslconfig command to validate the peer certificate.

 
mail.example.com> sslconfig

Disabling SSLv3 is recommended for best security.

Note that the SSL/TLS service on remote servers may require that the selected TLS versions be sequential. So to avoid
communications errors, always select a contiguous set of versions for each service. For example, do not enable TLS 1.0
and 1.2, while leaving TLS 1.1 disabled.

Choose the operation you want to perform:
- VERSIONS - Enable or disable SSL/TLS versions
- PEER_CERT_FQDN - Validate peer certificate FQDN compliance for Alert Over TLS, updater and LDAP.
- PEER_CERT_X509 - Validate peer certificate X509 compliance for Alert Over TLS, updater and LDAP.