How to check if the generated self-signed certificate files are correct/valid and
make sure that the client and server are handshaking using the provided certificate files using openssl in command line.
In one terminal run below command to start server and listen to 8443 port.
openssl s_server -accept 8443 -cert /path/to/server/cert.pem -key /path/to/server/key.pem -CAfile /path/to/server/ca/cacert.pem
And, in another terminal run below command to make connection to the server running on first terminal.
openssl s_client -connect YOUR_SERVER_ADDRESS:8443 -key /path/to/client/key.pem -CAfile /path/to/client/key-cert.pem
If the client is able to connect and doesn't return back to prompt due to timeout or any other error, your connection is successful and your generated certificates are in order.
PS:
The CAfile used for client is the concatenated file of key and cert files. You can generate it by running following command.
cat key.pem cert.pem > key-cert.pem
