Openssl s_clientOpenSSL freeOpenSSL check ciphers on ServerOpenssl s_client Windowsopenssl s_client教學OpenSSL 1.1 0lOpenssl s_client 用法Openssl s_client -showcertsOpenSSL 1.1 1SSL test toolOpenSSL runtimeOpenSSL onlineOpenSSL check cipherVerify SSL certificate openssl s_clientOpenSSL test

Test TLS Connectivity with OpenSSL Command Line - django ...

文章推薦指數: 80 %
投票人數:10人

openssl s_client is a SSL/TLS client program can be used to test TLS server connectivity, check server certificate. Blog CAS python-casFlaskExample django-cas-ngExample AComparisonofDjangoCASclients IntegratewithDjangoadminsite CASSingleLogout(SLO) CASHistory CAS101 django-cas-ngReleases python-casRelease1.5.0 django-cas-ngRelease4.0.0 django-cas-ngRelease3.6.0 django-cas-ngRelease3.5.0 Security ECDSAsignatureverifyinkotlinandGo TestTLSConnectivitywithOpenSSLCommandLine RunningaDoHClienttoencryptallhomeDNStraffic Python Pythonunicodestringlowercaseandcaselessmatch Azure AzureChangeAppServiceHTTPPingURLandInterval AzurefunctionDidnotfindanyinitializedlanguageworkers AddgitcommittodockerimagetaginAzurepipeline PassvarinAzurepipeline AzureWALinuxAgentBackdoor OAuth2 OAuth2101 Posts Sphinx-doc101 NGINXReverseProxy Splunk Splunk!=vs.NOT InstallSplunkandForwarderonLinux Docker Dockercontainertoconnectlocalhostofhost Git SetupaGitServeroverSSH Gitquickreference Go OrganizeGoProject Linux TroubleshootingProtonVPNLinuxcliEnableIPv6LeakProtectionError:UnabletoaddIPv6leakprotectionconnection/interface LinuxSO_BINDTODEVICEandmacIP_BOUND_IFtobindsockettoanetworkinterface core_name_formatNosuchfileordirectory tcp_tw_recycleNosuchfileordirectory HugeimproveTCPperformancebyBBR SecureSquidProxyServer ConfigureDebianstartupservices npm npmpublish PostgreSQL PostgreSQLminicookbook:Performancetuning,debuggingandtesting PostgreSQLminicookbook:Dealingwiththesystemtables PostgreSQLminicookbook:Constrainingyourdata PostgreSQLminicookbook:ControllingAccesstoyourdata PostgreSQLminicookbook:advancedquerytricks PostgreSQLminicookbook:Automatingprocesses PostgreSQLminicookbook:aggregatequerytricks PostgreSQLminicookbook:basicquerytricks psql101 Rails Find3rdpartygemsglobalvariablesinruby CustomRailsloggertouseAzureapplicationinsights RaspberryPi RundockeronRaspberryPi Upgradejessietobuster Android AndroidOkHttpchangeUser-Agentheader WeirdAndroidjunittestfailurejava.lang.NoClassDefFoundError:android/content/Context Hugo CustomhugoRSStemplate Hugotroubleshooting:executeoftemplatefailed:can'tgiveargumenttonon-function hugo-page-lastmod RSS TestTLSConnectivitywithOpenSSLCommandLine UseOpenSSLcommandlinetotestTLSserverconnectivity,checkservercertificate. December13,2020 Introduction SampleUsage Use-connect:toconnecttoaTLSserver Use-showcertstoshowallcertificatesinthechain: Use-tls1_2TLS1.2only: Extractservercertificate Sampleerrorwhenconnecttonon-TLSserver References Introduction openssls_clientisaSSL/TLSclientprogramcanbeusedtotestTLSserverconnectivity,checkservercertificate. usage:s_clientargs -4-ForceIPv4 -6-ForceIPv6 -hosthost-use-connectinstead -portport-use-connectinstead -connecthost:port-whotoconnectto(defaultislocalhost:4433) -proxyhost:port-connecttohttpproxy -verifyarg-turnonpeercertificateverification -certarg-certificatefiletouse,PEMformatassumed -certformarg-certificateformat(PEMorDER)PEMdefault -keyarg-Privatekeyfiletouse,incertfileif notspecifiedbutcertfileis. -keyformarg-keyformat(PEMorDER)PEMdefault -passarg-privatekeyfilepassphrasesource -CApatharg-PEMformatdirectoryofCA's -CAfilearg-PEMformatfileofCA's -reconnect-Dropandre-maketheconnectionwiththesameSession-ID -pause-sleep(1)aftereachread(2)andwrite(2)systemcall -showcerts-showallcertificatesinthechain -debug-extraoutput -msg-Showprotocolmessages -nbio_test-moresslprotocoltesting -state-printthe'ssl'states -nbio-Runwithnon-blockingIO -crlf-convertLFfromterminalintoCRLF -quiet-nos_clientoutput -ign_eof-ignoreinputeof(defaultwhen-quiet) -no_ign_eof-don'tignoreinputeof -tls1_2-justuseTLSv1.2 -tls1_1-justuseTLSv1.1 -tls1-justuseTLSv1 -dtls1-justuseDTLSv1 -mtu-setthelinklayerMTU -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2-turnoffthatprotocol -bugs-SwitchonallSSLimplementationbugworkarounds -cipher-preferredciphertouse,usethe'opensslciphers' commandtoseewhatisavailable -starttlsprot-usetheSTARTTLScommandbeforestartingTLS forthoseprotocolsthatsupportit,where 'prot'defineswhichonetoassume.Currently, only"smtp","lmtp","pop3","imap","ftp"and"xmpp" aresupported. -xmpphosthost-connecttothisvirtualhostonthexmppserver -sess_outarg-filetowriteSSLsessionto -sess_inarg-filetoreadSSLsessionfrom -servernamehost-SetTLSextensionservernameinClientHello -tlsextdebug-hexdumpofallTLSextensionsreceived -status-requestcertificatestatusfromserver -no_ticket-disableuseofRFC4507bissessiontickets -alpnarg-enableALPNextension,consideringnamedprotocolssupported(comma-separatedlist) -groupsarg-specifyECcurvegroups(colon-separatedlist) -use_srtpprofiles-OfferSRTPkeymanagementwithacolon-separatedprofilelist -keymatexportlabel-Exportkeyingmaterialusinglabel -keymatexportlenlen-Exportlenbytesofkeyingmaterial(default20) SampleUsage Use-connect:toconnecttoaTLSserver $openssls_client-connectwww.google.com:443 CONNECTED(00000005) depth=2OU=GlobalSignRootCA-R2,O=GlobalSign,CN=GlobalSign verifyreturn:1 depth=1C=US,O=GoogleTrustServices,CN=GTSCA1O1 verifyreturn:1 depth=0C=US,ST=California,L=MountainView,O=GoogleLLC,CN=www.google.com verifyreturn:1 --- Certificatechain 0s:/C=US/ST=California/L=MountainView/O=GoogleLLC/CN=www.google.com i:/C=US/O=GoogleTrustServices/CN=GTSCA1O1 1s:/C=US/O=GoogleTrustServices/CN=GTSCA1O1 i:/OU=GlobalSignRootCA-R2/O=GlobalSign/CN=GlobalSign --- Servercertificate -----BEGINCERTIFICATE----- MIIFkzCCBHugAwIBAgIQUvtF6bzAHyEDAAAAAMMjOTANBgkqhkiG9w0BAQsFADBC MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZpY2VzMRMw EQYDVQQDEwpHVFMgQ0EgMU8xMB4XDTIwMTIxNTE0MzYxNVoXDTIxMDMwOTE0MzYx NFowaDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcT DU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBMTEMxFzAVBgNVBAMTDnd3 dy5nb29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPmk rg4JZBqxukAqXcsIyoQ7EfkoYZooKy9OGOk0FsbA662QAhRvLyScRnAaKLeT/s1p lOzLIguQKCl8GkrNJRWjhhG9G95IWGOCuOxjdvRWF5RADpIPbapGAH0awFsO9hlg VzxsuZC+hHOrAVvUAI5x7tYhz6SYMjsbj0BUz2WzEnSXonY85Zy825rFBjpfJf69 CGJpCx1+T4w7USP7GqsdpI8kNSHfFSbt7Z8U5mdn4LG7tvaMS/oVlcE2P5O09lDT Yz1+MlxIeQnzSFt0R9S2Xrbv6oNuEdzoqKFXEHcQ+SDcf4Kb5ghpPezjiufwtotR /gwqXHrMLTZ3lzsMzQIDAQABo4ICXTCCAlkwDgYDVR0PAQH/BAQDAgWgMBMGA1Ud JQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFGfXwgDfHBsH oA7W51LPuYfBeHI0MB8GA1UdIwQYMBaAFJjR+G4Q68+b7GCfGJAboOt9Cf0rMGgG CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAYYfaHR0cDovL29jc3AucGtpLmdvb2cv Z3RzMW8xY29yZTArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nL2dzcjIvR1RT MU8xLmNydDAZBgNVHREEEjAQgg53d3cuZ29vZ2xlLmNvbTAhBgNVHSAEGjAYMAgG BmeBDAECAjAMBgorBgEEAdZ5AgUDMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9j cmwucGtpLmdvb2cvR1RTMU8xY29yZS5jcmwwggEFBgorBgEEAdZ5AgQCBIH2BIHz APEAdgD2XJQv0XcwIhRUGAgwlFaO400TGTO/3wwvIAvMTvFk4wAAAXZnC4CJAAAE AwBHMEUCIERZyIP0GBfWUDPpmMCMVYBgpSKpIQuqnsFo2MoRHDWsAiEA/+nQTy9E sKLKfzDABLRUz/P+TZGGjM7UVQjtWe/+s+sAdwBc3EOS/uarRUSxXprUVuYQN/vV +kfcoXOUsl7m9scOygAAAXZnC4C7AAAEAwBIMEYCIQCPyfB8H0em1gHv8QQeF4zN Hkfv47lQjNsszABWeYXfwwIhAKngHPHb1UKDE3LMF6FYEdsGOK63kdIfUuyWLX0A UYszMA0GCSqGSIb3DQEBCwUAA4IBAQAbkVw9feVP0maVCLVO/TKFBQWgcQTHtJGI k2YTSZCSwLYe7Xboae5t6inwKu0yB+bYqUC2itFpv7BCsZv4rPOH6zBHHH2CSlZB 1XI40WrnPwGMr3P1aR2dsUw1gDEXFwgXdFbL/u/9WUjeUogQULSFxqJXrYB693az 96FCwtoSg3+WC5IcEJElDEE0kgS8o5ZyJ4GLmLBYsWcMkbx80/pDf71ylBts63e0 u5k2sQuBcNhIGaRIFmP9SHYXyTtSlaB84RwThgkhr40S3QZWDNiqht2WnM65UHUR CVEiml3bIKMz+fLaOgroFKQy8uBw7tei+gzbbqqyJbicdgcSDgd3 -----ENDCERTIFICATE----- subject=/C=US/ST=California/L=MountainView/O=GoogleLLC/CN=www.google.com issuer=/C=US/O=GoogleTrustServices/CN=GTSCA1O1 --- NoclientcertificateCAnamessent ServerTempKey:ECDH,X25519,253bits --- SSLhandshakehasread3208bytesandwritten281bytes --- New,TLSv1/SSLv3,CipherisECDHE-RSA-CHACHA20-POLY1305 Serverpublickeyis2048bit SecureRenegotiationISsupported Compression:NONE Expansion:NONE NoALPNnegotiated SSL-Session: Protocol:TLSv1.2 Cipher:ECDHE-RSA-CHACHA20-POLY1305 Session-ID:EDF30CC8709D2A7E5930E21DF4FC95B10C0438A6BBB64D550C975936B1B2E7B7 Session-ID-ctx: Master-Key:6C731ACB4248F67690838BE615E945E8D7CDD418794C54F5E33BF7487939EDC0C13DBED09DEC2A95F093F63713250762 TLSsessionticketlifetimehint:100800(seconds) TLSsessionticket: 0000-0156db77af6f7983-c8d1362b85d6e415.V.w.oy...6+.... 0010-254e5625b71b2b3a-18a85b4a9d7b825b%NV%..+:..[J.{.[ 0020-2873447ea574127d-635639027e749c11(sD~.t.}cV9.~t.. 0030-cfc9d3a2b0c74226-1b05ba700bf01678......B&...p...x 0040-d0838cbd493cb3f5-e749e821ab3c469d....I<...i.>.Eeq. 0070-76c186fa85d01740-489f330364ad7683[email protected] 0080-d50acf742f713d6b-4dbe55089fa8879b...t/q=kM.U..... 0090-03180e9e99bcd5d6-b81c95d45527b300............U'.. 00a0-a82d83c21dee493e-06a9986714687eac.-....I>...g.h~. 00b0-dd9585554e56b888-e271988dc493e965...UNV...q.....e 00c0-310eb79a87bd909d-dc8ee5d26a3416531...........j4.S 00d0-dd71d37062d7b643-81963fb97b.q.pb..C..?.{ StartTime:1610932834 Timeout:7200(sec) Verifyreturncode:0(ok) --- GET/HTTP/1.1 HTTP/1.1200OK Date:Mon,18Jan202101:20:39GMT Use-showcertstoshowallcertificatesinthechain: $openssls_client-connectdns.google:853-showcerts CONNECTED(00000006) depth=2OU=GlobalSignRootCA-R2,O=GlobalSign,CN=GlobalSign verifyreturn:1 depth=1C=US,O=GoogleTrustServices,CN=GTSCA1O1 verifyreturn:1 depth=0C=US,ST=California,L=MountainView,O=GoogleLLC,CN=dns.google verifyreturn:1 --- Certificatechain 0s:/C=US/ST=California/L=MountainView/O=GoogleLLC/CN=dns.google i:/C=US/O=GoogleTrustServices/CN=GTSCA1O1 -----BEGINCERTIFICATE----- MIIGIjCCBQqgAwIBAgIRAJTRUTehSoT8AwAAAADDI0EwDQYJKoZIhvcNAQELBQAw QjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczET MBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMDEyMTUxNDM2MjZaFw0yMTAzMDkxNDM2 MjVaMGQxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH Ew1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRMwEQYDVQQDEwpk bnMuZ29vZ2xlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/ulxhYN FowGZ+8VIk8eIWsj/tHekcfTtmtIP9KgdhyXlmXXlntHx330XiX9UfCSfbnu3UP5 Za/BM8rRm+3yVCsi0QVU+mey35hLLdBaKvdmrTQkYIdVhHDWGQN8C1f6UGq8nNPN X7HLyxxXa03vEpLvtaSzULVprYfppGlqDLvUqqVbF9loTtZp6sdtPYAM0j8O71SK DnUCdMu3WGPEhK2ImyUdk6Oq+CFueRNLbBL6Lfkd1NWLyebpbKQcMNmSbQfphZga 4WXmfhXWF5Vblyn4FBxarw96O1FDX/jUdOFbKRfR0GxvhS5Qt+dPEhom52JdTth6 dfLtmbvdnqPcAwIDAQABo4IC7zCCAuswDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM MAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJrgW406vF0JgE8F CJd5Cgc1/RDOMB8GA1UdIwQYMBaAFJjR+G4Q68+b7GCfGJAboOt9Cf0rMGgGCCsG AQUFBwEBBFwwWjArBggrBgEFBQcwAYYfaHR0cDovL29jc3AucGtpLmdvb2cvZ3Rz MW8xY29yZTArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nL2dzcjIvR1RTMU8x LmNydDCBrAYDVR0RBIGkMIGhggpkbnMuZ29vZ2xlghAqLmRucy5nb29nbGUuY29t ggs4ODg4Lmdvb2dsZYIOZG5zLmdvb2dsZS5jb22CEGRuczY0LmRucy5nb29nbGWH ECABSGBIYAAAAAAAAAAAAGSHECABSGBIYAAAAAAAAAAAZGSHECABSGBIYAAAAAAA AAAAiESHECABSGBIYAAAAAAAAAAAiIiHBAgIBASHBAgICAgwIQYDVR0gBBowGDAI BgZngQwBAgIwDAYKKwYBBAHWeQIFAzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8v Y3JsLnBraS5nb29nL0dUUzFPMWNvcmUuY3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB 8QDvAHUA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAF2ZwuscwAA BAMARjBEAiAWqt7W7bSnzvbUwayFoEbGWagFR2K+itqZCW5NF4WG2AIgJ38Z6+ZF eCnzIrOcZejKC/uj095tb1fIhhALpfNJEMIAdgCUILwejtWNbIhzH4KLIiwN0dpN XmxPlD1h204vWE2iwgAAAXZnC6x9AAAEAwBHMEUCIQC/+FJmLcs2ijzNDaw8spRE y5+9x53+ZzSUS55Dvun5GQIgV7cuRxpIdZ80U4d4B8zXliMiCMX2ppZ11R2Yof27 /5cwDQYJKoZIhvcNAQELBQADggEBADuBZ8NVva0NDcVcBDsy571lS/05TbHvq9u4 xzbqIwEjrX8LhJpEs9n/ZNcClzS63laDGSB8NtOLy1X4BIUoQXOBZ59Nhm43bJCO ObwlZVOJvU8tQ3RajQeJ6vvBQEFtbTxPAphjrPWcrmt5Rn4nIToHRApd8SPgBAXo e+T9S2MKFJh7M18VcSUpi8qUphwKoc3w1AMcZnrbM2WE6xdY/7H48pVijdNgyMau VwAMTKh7a2fEs6/jAZHWbAnjtQQc3ltOWZO/h7MbG38TKbvTud8+JZQdcwCM5cS5 MnwzXvYoyKQEc4sHj9scMKnXyM9Cgbqh0wGH0eaIscCNIu7ULeU= -----ENDCERTIFICATE----- 1s:/C=US/O=GoogleTrustServices/CN=GTSCA1O1 i:/OU=GlobalSignRootCA-R2/O=GlobalSign/CN=GlobalSign -----BEGINCERTIFICATE----- MIIESjCCAzKgAwIBAgINAeO0mqGNiqmBJWlQuDANBgkqhkiG9w0BAQsFADBMMSAw HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFs U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MTUwMDAwNDJaFw0yMTEy MTUwMDAwNDJaMEIxCzAJBgNVBAYTAlVTMR4wHAYDVQQKExVHb29nbGUgVHJ1c3Qg U2VydmljZXMxEzARBgNVBAMTCkdUUyBDQSAxTzEwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDQGM9F1IvN05zkQO9+tN1pIRvJzzyOTHW5DzEZhD2ePCnv UA0Qk28FgICfKqC9EksC4T2fWBYk/jCfC3R3VZMdS/dN4ZKCEPZRrAzDsiKUDzRr mBBJ5wudgzndIMYcLe/RGGFl5yODIKgjEv/SJH/UL+dEaltN11BmsK+eQmMF++Ac xGNhr59qM/9il71I2dN8FGfcddwuaej4bXhp0LcQBbjxMcI7JP0aM3T4I+DsaxmK FsbjzaTNC9uzpFlgOIg7rR25xoynUxv8vNmkq7zdPGHXkxWY7oG9j+JkRyBABk7X rJfoucBZEqFJJSPk7XA0LKW0Y3z5oz2D0c1tJKwHAgMBAAGjggEzMIIBLzAOBgNV HQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1Ud EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJjR+G4Q68+b7GCfGJAboOt9Cf0rMB8G A1UdIwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMDUGCCsGAQUFBwEBBCkwJzAl BggrBgEFBQcwAYYZaHR0cDovL29jc3AucGtpLmdvb2cvZ3NyMjAyBgNVHR8EKzAp MCegJaAjhiFodHRwOi8vY3JsLnBraS5nb29nL2dzcjIvZ3NyMi5jcmwwPwYDVR0g BDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9wa2kuZ29vZy9y ZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAGoA+Nnn78y6pRjd9XlQWNa7H TgiZ/r3RNGkmUmYHPQq6Scti9PEajvwRT2iWTHQr02fesqOqBY2ETUwgZQ+lltoN FvhsO9tvBCOIazpswWC9aJ9xju4tWDQH8NVU6YZZ/XteDSGU9YzJqPjY8q3MDxrz mqepBCf5o8mw/wJ4a2G6xzUr6Fb6T8McDO22PLRL6u3M4Tzs3A2M1j6bykJYi8wW IRdAvKLWZu/axBVbzYmqmwkm5zLSDW5nIAJbELCQCZwMH56t2Dvqofxs6BBcCFIZ USpxu6x6td0V7SvJCCosirSmIatj/9dSSVDQibet8q/7UK4v4ZUN80atnZz1yg== -----ENDCERTIFICATE----- --- Servercertificate subject=/C=US/ST=California/L=MountainView/O=GoogleLLC/CN=dns.google issuer=/C=US/O=GoogleTrustServices/CN=GTSCA1O1 --- NoclientcertificateCAnamessent ServerTempKey:ECDH,X25519,253bits --- SSLhandshakehasread3351bytesandwritten281bytes --- New,TLSv1/SSLv3,CipherisECDHE-RSA-CHACHA20-POLY1305 Serverpublickeyis2048bit SecureRenegotiationISsupported Compression:NONE Expansion:NONE NoALPNnegotiated SSL-Session: Protocol:TLSv1.2 Cipher:ECDHE-RSA-CHACHA20-POLY1305 Session-ID:47BCFDC6F09F1C08656913CAB4851B105FC0366BBDA0469857CF32491EE2459E Session-ID-ctx: Master-Key:709A838FB4591838009662B8444D0392728187586EF01A5308004512FA9A78D94FB6A390C136EB772E7AB4B6D5C02801 TLSsessionticketlifetimehint:100800(seconds) TLSsessionticket: 0000-0167b101e75c5642-e225d667473f8faf.g...\VB.%.gG?.. 0010-0879f0bed4873a6b-3babf3a8011511ce.y....:k;....... 0020-f5f6db3f2d8af335-281cb16a457aa84b...?-..5(..jEz.K 0030-839492809893656d-454b67e0e8b6423b......emEKg...B; 0040-ab67b2a34f39a48a-7907a524aedae593.g..O9..y..$.... 0050-62d6ec48efda9bb1-4a2140ac9a79baf4[email protected] 0060-77627e6f0ba6df32-21e00555263e1a6ewb~o...2!..U&>.n 0070-2a270fdf93e24ba2-6fd64fc1a5452c9e*'....K.o.O..E,. 0080-1e2770b102c76ca5-7c2aeb5d8780b8c9.'p...l.|*.].... 0090-7ed086f42ade5a5b-f4858edb5b8a2768~...*.Z[....[.'h 00a0-4af6487ad7d79d7e-4407a946f8ec3893J.Hz...~D..F..8. 00b0-2392b4d0b6d82cac-46ad124b59318e6a#.....,.F..KY1.j 00c0-8e2c4dad392f6733-2b4046ad2762ba25.,M.9/[email protected]'b.% 00d0-2f5260a4747198d0-f76d3ddb65/R`.tq...m=.e StartTime:1610933223 Timeout:7200(sec) Verifyreturncode:0(ok) --- Use-tls1_2TLS1.2only: $openssls_client-connectdns.google:853-tls1_2 CONNECTED(00000006) depth=2OU=GlobalSignRootCA-R2,O=GlobalSign,CN=GlobalSign verifyreturn:1 depth=1C=US,O=GoogleTrustServices,CN=GTSCA1O1 verifyreturn:1 depth=0C=US,ST=California,L=MountainView,O=GoogleLLC,CN=dns.google verifyreturn:1 --- Certificatechain 0s:/C=US/ST=California/L=MountainView/O=GoogleLLC/CN=dns.google i:/C=US/O=GoogleTrustServices/CN=GTSCA1O1 1s:/C=US/O=GoogleTrustServices/CN=GTSCA1O1 i:/OU=GlobalSignRootCA-R2/O=GlobalSign/CN=GlobalSign --- Servercertificate -----BEGINCERTIFICATE----- MIIGIjCCBQqgAwIBAgIRAJTRUTehSoT8AwAAAADDI0EwDQYJKoZIhvcNAQELBQAw QjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczET MBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMDEyMTUxNDM2MjZaFw0yMTAzMDkxNDM2 MjVaMGQxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH Ew1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRMwEQYDVQQDEwpk bnMuZ29vZ2xlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/ulxhYN FowGZ+8VIk8eIWsj/tHekcfTtmtIP9KgdhyXlmXXlntHx330XiX9UfCSfbnu3UP5 Za/BM8rRm+3yVCsi0QVU+mey35hLLdBaKvdmrTQkYIdVhHDWGQN8C1f6UGq8nNPN X7HLyxxXa03vEpLvtaSzULVprYfppGlqDLvUqqVbF9loTtZp6sdtPYAM0j8O71SK DnUCdMu3WGPEhK2ImyUdk6Oq+CFueRNLbBL6Lfkd1NWLyebpbKQcMNmSbQfphZga 4WXmfhXWF5Vblyn4FBxarw96O1FDX/jUdOFbKRfR0GxvhS5Qt+dPEhom52JdTth6 dfLtmbvdnqPcAwIDAQABo4IC7zCCAuswDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQM MAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJrgW406vF0JgE8F CJd5Cgc1/RDOMB8GA1UdIwQYMBaAFJjR+G4Q68+b7GCfGJAboOt9Cf0rMGgGCCsG AQUFBwEBBFwwWjArBggrBgEFBQcwAYYfaHR0cDovL29jc3AucGtpLmdvb2cvZ3Rz MW8xY29yZTArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nL2dzcjIvR1RTMU8x LmNydDCBrAYDVR0RBIGkMIGhggpkbnMuZ29vZ2xlghAqLmRucy5nb29nbGUuY29t ggs4ODg4Lmdvb2dsZYIOZG5zLmdvb2dsZS5jb22CEGRuczY0LmRucy5nb29nbGWH ECABSGBIYAAAAAAAAAAAAGSHECABSGBIYAAAAAAAAAAAZGSHECABSGBIYAAAAAAA AAAAiESHECABSGBIYAAAAAAAAAAAiIiHBAgIBASHBAgICAgwIQYDVR0gBBowGDAI BgZngQwBAgIwDAYKKwYBBAHWeQIFAzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8v Y3JsLnBraS5nb29nL0dUUzFPMWNvcmUuY3JsMIIBAwYKKwYBBAHWeQIEAgSB9ASB 8QDvAHUA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAF2ZwuscwAA BAMARjBEAiAWqt7W7bSnzvbUwayFoEbGWagFR2K+itqZCW5NF4WG2AIgJ38Z6+ZF eCnzIrOcZejKC/uj095tb1fIhhALpfNJEMIAdgCUILwejtWNbIhzH4KLIiwN0dpN XmxPlD1h204vWE2iwgAAAXZnC6x9AAAEAwBHMEUCIQC/+FJmLcs2ijzNDaw8spRE y5+9x53+ZzSUS55Dvun5GQIgV7cuRxpIdZ80U4d4B8zXliMiCMX2ppZ11R2Yof27 /5cwDQYJKoZIhvcNAQELBQADggEBADuBZ8NVva0NDcVcBDsy571lS/05TbHvq9u4 xzbqIwEjrX8LhJpEs9n/ZNcClzS63laDGSB8NtOLy1X4BIUoQXOBZ59Nhm43bJCO ObwlZVOJvU8tQ3RajQeJ6vvBQEFtbTxPAphjrPWcrmt5Rn4nIToHRApd8SPgBAXo e+T9S2MKFJh7M18VcSUpi8qUphwKoc3w1AMcZnrbM2WE6xdY/7H48pVijdNgyMau VwAMTKh7a2fEs6/jAZHWbAnjtQQc3ltOWZO/h7MbG38TKbvTud8+JZQdcwCM5cS5 MnwzXvYoyKQEc4sHj9scMKnXyM9Cgbqh0wGH0eaIscCNIu7ULeU= -----ENDCERTIFICATE----- subject=/C=US/ST=California/L=MountainView/O=GoogleLLC/CN=dns.google issuer=/C=US/O=GoogleTrustServices/CN=GTSCA1O1 --- NoclientcertificateCAnamessent ServerTempKey:ECDH,X25519,253bits --- SSLhandshakehasread3351bytesandwritten281bytes --- New,TLSv1/SSLv3,CipherisECDHE-RSA-CHACHA20-POLY1305 Serverpublickeyis2048bit SecureRenegotiationISsupported Compression:NONE Expansion:NONE NoALPNnegotiated SSL-Session: Protocol:TLSv1.2 Cipher:ECDHE-RSA-CHACHA20-POLY1305 Session-ID:CC4A9A166E0DCF512A3206AC219AEFEB0496CBF05FB2EED933CB0AA942DACDD5 Session-ID-ctx: Master-Key:D930863734390E930804BC6818721FFD2416246EA08F7EF4060D2D45FAD6B66640BC2579B56EA3E3C9033DE556FC123E TLSsessionticketlifetimehint:100799(seconds) TLSsessionticket: 0000-0156db77af6f7983-c8d1362b85d6e415.V.w.oy...6+.... 0010-333f32e090c32414-8299164f2a5ef9e73?2...$....O*^.. 0020-d030fb52600c16f3-5b727eca82f3662b.0.R`...[r~...f+ 0030-4e4d18ed2ced9639-47617f24df175c32NM..,..9Ga.$..\2 0040-92f5072bed9b1967-05c0c2e8895118dc...+...g.....Q.. 0050-f42e67686418b2cb-cf20ca0c1a3b9660..ghd.......;.` 0060-394d51b790ba6e4d-6e3634d5a6fe5e569MQ...nMn64...^V 0070-2f7dbf12c622596a-7c9179a66a2559dd/}..."Yj|.y.j%Y. 0080-ceb14325e2dcca90-f49947070bebfbd8..C%......G..... 0090-7e3a2a3d77fd9ad1-c1a83e7d6a67781e~:*=w.....>}jgx. 00a0-dcd9ef52207be910-a9ab66c6c1a2dedd...R{....f..... 00b0-53670d56171bd86f-202ccfe8b97726f5Sg.V...o,...w&. 00c0-52ce7dd57187604e-b876cb3c471e71b0R.}.q.`N.v.cert.pem $catcert.pem -----BEGINCERTIFICATE----- MIIG1TCCBb2gAwIBAgIQD74IsIVNBXOKsMzhya/uyTANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQ... vUzLnF7QYsJhvYtaYrZ2MLxGD+NFI8BkXw== -----ENDCERTIFICATE----- Sampleerrorwhenconnecttonon-TLSserver $openssls_client-connectgoogle.com:80 CONNECTED(00000005) 4436717228:error:1400410B:SSLroutines:CONNECT_CR_SRVR_HELLO:wrongversionnumber:/AppleInternal/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-56.60.2/libressl-2.8/ssl/ssl_pkt.c:386: --- nopeercertificateavailable --- NoclientcertificateCAnamessent --- SSLhandshakehasread5bytesandwritten0bytes --- New,(NONE),Cipheris(NONE) SecureRenegotiationISNOTsupported Compression:NONE Expansion:NONE NoALPNnegotiated SSL-Session: Protocol:TLSv1.2 Cipher:0000 Session-ID: Session-ID-ctx: Master-Key: StartTime:1610933751 Timeout:7200(sec) Verifyreturncode:0(ok) --- References manpage:openssl-s_client Feedback Wasthispagehelpful? Yes No Gladtohearit! Sorrytohearthat. ←Previous Next→

請為這篇文章評分?

延伸文章資訊