Innehållsförteckning | ||
---|---|---|
|
Generera keystore med mellanliggande CA
...
Expandera | ||
---|---|---|
| ||
openssl x509 -inform DER -in "<target source>" -out <dest target> -outform PEM openssl s_client kommandot implementerar en generisk SSL/TLS klient -connect host:port -prexit print on exit Länka: s_client |
Kodblock |
---|
&>openssl s_client -connect 33.33.33.33:20000 -prexit CONNECTED(00000003) depth=2 /C=SE/O=Inera AB/CN=SITHS Root CA v1 verify error:num=19:self signed certificate in certificate chain verify return:0 22047:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:/SourceCache/OpenSSL098/OpenSSL098-47.2/src/ssl/s3_pkt.c:1106:SSL alert number 42 22047:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-47.2/src/ssl/s23_lib.c:182: --- Certificate chain 0 s:/C=se/DC=Services/DC=Nod1/O=Inera_AB/CN=esb.ntjp.sjunet.org/serialNumber=HSASERVICES-106J i:/C=SE/O=Inera AB/CN=SITHS Type 2 CA v1 1 s:/C=SE/O=Inera AB/CN=SITHS Type 2 CA v1 i:/C=SE/O=Inera AB/CN=SITHS Root CA v1 2 s:/C=SE/O=Inera AB/CN=SITHS Root CA v1 i:/C=SE/O=Inera AB/CN=SITHS Root CA v1 --- Server certificate -----BEGIN CERTIFICATE----- MIIGWzCCBEOgAwIBAgIQCQOCyORSzlnKHi8ZZ7PbtDANBgkqhkiG9w0BAQUFADA9 MQswCQYDVQQGEwJTRTERMA8GA1UECgwISW5lcmEgQUIxGzAZBgNVBAMMElNJVEhT IFR5cGUgMiBDQSB2MTAeFw0xNDA0MTAxNDM2NDJaFw0xNjA0MTAyMTU4MDBaMIGJ MQswCQYDVQQGEwJzZTEYMBYGCgmSJomT8ixkARkWCFNlcnZpY2VzMRQwEgYKCZIm iZPyLGQBGRYETm9kMTERMA8GA1UECgwISW5lcmFfQUIxHDAaBgNVBAMME2VzYi5u dGpwLnNqdW5ldC5vcmcxGTAXBgNVBAUTEEhTQVNFUlZJQ0VTLTEwNkowggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAaioXbk3QusJSTm7S49si8MOVixso HT5F4IuK/9x1qaCIk7kVlTtLhOxrxKUz3OSlaSzhZ+D2uJ3O7USFglMDLVDvxGpB +xymCg0aty0Hb4WQGZHjMFumEsJASo2qqkg18BdWJOecwhISp19LizB/NaGcnOlc 26Ghmbbnhku76a6RW/5ALmEW32+toeHOE2jo++qrXNNMRwe6oVEtgdQKWK3J6Cw0 KsHhrsE/FNrzHsCWHSW1zvjdsMws+OgKL3o40qeWnhgXYiXV1aarMyk2p2yxsI32 jzRuwQaDVYvcWnL6evjUu2MOYr5/pwXGwzWz9u9q5hQu1lGOLx8dzSMTAgMBAAGj ggIIMIICBDAOBgNVHQ8BAf8EBAMCAKAwbwYDVR0fBGgwZjAtoCugKYYnaHR0cDov L2NybDEuc2l0aHMuc2Uvc2l0aHN0eXBlMmNhdjEuY3JsMDWgM6Axhi9odHRwOi8v Y3JsMi5zaXRocy5zanVuZXQub3JnL3NpdGhzdHlwZTJjYXYxLmNybDCBzgYIKwYB BQUHAQEEgcEwgb4wIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3NwMS5zaXRocy5zZTAp BggrBgEFBQcwAYYdaHR0cDovL29jc3AyLnNpdGhzLnNqdW5ldC5vcmcwMgYIKwYB BQUHMAKGJmh0dHA6Ly9haWEuc2l0aHMuc2Uvc2l0aHN0eXBlMmNhdjEuY2VyMDoG CCsGAQUFBzAChi5odHRwOi8vYWlhLnNpdGhzLnNqdW5ldC5vcmcvc2l0aHN0eXBl MmNhdjEuY2VyMEcGA1UdIARAMD4wPAYHKoVwSggDAjAxMC8GCCsGAQUFBwIBFiNo dHRwOi8vcnBhLnNpdGhzLnNlL3NpdGhzcnBhdjEuaHRtbDAnBgNVHSUEIDAeBggr BgEFBQcDBAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTK0PxEbXw5qJbD ih/NijAIstpnzjAfBgNVHSMEGDAWgBRRiNwkxNxKiOSL9J7Vs846FL9WSDANBgkq hkiG9w0BAQUFAAOCAgEAgzesycxpUin9tKpzUwXxxZWs1mi0Qtdqd3auY67bmws8 iBXdjrF+C3n4JXSzyiV0q6zpyDcmsr6Cup34FWnXM8JWdqKZLx1Nkef0jV6T7r8U FYxNgKrsxRvBW0A3fyPRU3RQ00rw89/VoLE71xtvU7xGjxGo0a0ev8OyT09WXP9R XzMRdCIYUAWk7RmnC1hvcoLz+euR7tobsYCrXmUjZpqCcSFHdZAsvRgThGFgMini PBPsiAYwtZhd3j1q7lTibatnNIo7srC21lJZtp7n6qzJ+1ppcTmeWuhi+PewM8Uo Xb5KSW2UYRlIFezmLNAbCCJwmIrTdFisAhMmFHPaTc2nO/uDoV/vSayfliNJ73xI hEG3I/riLfGNSpyO4PCRxPggsF9M2KhVPLXTSEZl1xeXduvVmywu4/A/eOWPOvai 9gBkkLj9Fa7XxOXHRQ7i2IsNfnTeb+Wzzg2oADmG4K/iPIErtClz2NXRcNnP37V/ JYEnXE9/5v0xkqFJUQIJtRnWOPw6/TcN0iSgqZAJuDpC0jnAob54Sg6kGy4ttGKV F0YR7TaVqpDUzdRLnRDoB60tvmUC0xOvlCkXv6ocNx/9W4kIrBw8+d0U4UfDtyz4 hEkq3/WHcaNNnEW1QeMri9LFWFDlP3p2YzHVYKzie5VKd2Xz62fRhXd+HDWs0vU= -----END CERTIFICATE----- subject=/C=se/DC=Services/DC=Nod1/O=Inera_AB/CN=esb.ntjp.sjunet.org/serialNumber=HSASERVICES-106J issuer=/C=SE/O=Inera AB/CN=SITHS Type 2 CA v1 --- Acceptable client certificate CA names /C=SE/O=Inera AB/CN=SITHS Root CA v1 PP /C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA /C=SE/O=SITHS CA/CN=SITHS CA TEST v3 /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA /C=SE/O=162321000016/OU=Infrastruktur/CN=HVAL/emailAddress=liston_support@brainpool.se /C=SE/O=Inera AB/CN=SITHS Type 2 CA v1 /C=SE/O=Steria AB/CN=Steria AB EID CA v1 /C=US/O=Thawte, Inc./CN=Thawte SSL CA /C=SE/O=Carelink/CN=SITHS CA v3 /C=SE/O=Inera AB/CN=SITHS Type 2 CA v1 PP /C=SE/O=SITHS CA/CN=SITHS CA TEST v4 /C=SE/O=Inera AB/CN=SITHS CA v4 /C=SE/O=Inera AB/CN=SITHS Root CA v1 /O=AlphaSSL/CN=AlphaSSL CA - G2 /C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA --- SSL handshake has read 6683 bytes and written 170 bytes --- New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : EDH-RSA-DES-CBC3-SHA Session-ID: 534D94B2F76105F39728EA014975BE1541205FA959DEE868F3890DBB43D9F2B5 Session-ID-ctx: Master-Key: 43B89A535AC90D9B9BB968D7E521B869ED305C00FDE5C6235B8804532F235182A57EF021F4C1551E990702F58AA76D97 Key-Arg : None Start Time: 1397629508 Timeout : 300 (sec) Verify return code: 19 (self signed certificate in certificate chain) --- |
...