Recent Changes - Search:


Code:


Social:


My journals will take the place of a blog. If you go to the Journal page there is an RSS feed to subscribe with.

« September 2017 
SunMonTueWedThuFriSat
     12
3456789
10111213141516
17181920212223
24252627282930

Sites I take responsibility for

West Volusia, Florida

Documents

Technical

General

Me

Living

Places I frequent

Hobbies

Humor

Items for sale:


Clipboard

edit SideBar

SSL HOWTO's

Include our styles below Infobox - invoke as >>infobox<< ... >><<

Codebox: - invoke as >>codebox<< ... >><<

warnbox: - invoke as >>codebox<< ... >><<

editingbox: - invoke as >>codebox<< ... >><<

noticebox: - invoke as >>codebox<< ... >><<

Page bread crumbs: Welcome to ke3vin.org! - My Public Technical Notes - Software And Operating Systems - Software - Server - Web - SSL

Pages by tags: (:listtags:)
Subscribe to this wiki: RSS Feed RSS or subscribe to this page for changes: RSS Feed RSS
496 articles have been published so far. Recent changes
Share

2016-03-22: This site is being moved to my main site at https://kevininscoe.com/wiki as part of a consolidation to one domain.


See also Apache SSL Certificates

Testing a SSL servers certificate:

This is using OpenSSL

Check the default certificate server name:

This was done on a Linux host running

$ openssl version 
OpenSSL 1.0.1f 6 Jan 2014
$ nslookup encrypted.google.com         
Server:         10.88.58.26
Address:        10.88.58.26#53

Non-authoritative answer:
encrypted.google.com    canonical name = www3.l.google.com.
Name:   www3.l.google.com
Address: 74.125.226.37
Name:   www3.l.google.com
Address: 74.125.226.38
Name:   www3.l.google.com
Address: 74.125.226.39
Name:   www3.l.google.com
Address: 74.125.226.40
Name:   www3.l.google.com
Address: 74.125.226.41
Name:   www3.l.google.com
Address: 74.125.226.46
Name:   www3.l.google.com
Address: 74.125.226.32
Name:   www3.l.google.com
Address: 74.125.226.33
Name:   www3.l.google.com
Address: 74.125.226.34
Name:   www3.l.google.com
Address: 74.125.226.35
Name:   www3.l.google.com
Address: 74.125.226.36

$ openssl s_client -connect 74.125.226.37:443 -servername encrypted.google.com
CONNECTED(00000003)
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN =
*.google.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.google.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority G2
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHPzCCBiegAwIBAgIIYPRLWfstowgwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwMjEyMTQ1ODEwWhcNMTQwNjEyMDAwMDAw
WjBmMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEVMBMGA1UEAwwMKi5n
b29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3GrFAAI
chwKjqYKFad/RntsVBqu/kmn8tSMytNs4JrHlMCb6rVQhbus3l3OoDyD7+BVOGG2
qH90IDBr+BwuAOAyZ/uOPrkIqjFJalSsr/eD9+UA8JkM1+KtWa+XiceTr/phnqQB
Lfaf6Vsl+ENXh8gBLBaA6EWxCPSAGq7tRi67i9VEOEA63sqnJjPqQGuBsqfRqw4s
LF0gCo0IRcf7KjWWCj/M9bUZ3LR7aFvaA8fqWon7UQNLbCR0OdouUuV6kMBoA6QX
abnbYuwBrs5RdYljyChBBay6yjfJPeU6G4/LnNwHm+RxdQieh1c/IxK3LdkveV19
Xvcd+I2TpwRUAQIDAQABo4IEDDCCBAgwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMIIC4gYDVR0RBIIC2TCCAtWCDCouZ29vZ2xlLmNvbYINKi5hbmRyb2lk
LmNvbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYISKi5jbG91ZC5nb29nbGUuY29t
ghYqLmdvb2dsZS1hbmFseXRpY3MuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUu
Y2yCDiouZ29vZ2xlLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28u
dWuCDyouZ29vZ2xlLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5j
b20uYnKCDyouZ29vZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2ds
ZS5jb20udHKCDyouZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xl
LmVzggsqLmdvb2dsZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdv
b2dsZS5ubIILKi5nb29nbGUucGyCCyouZ29vZ2xlLnB0gg8qLmdvb2dsZWFwaXMu
Y26CFCouZ29vZ2xlY29tbWVyY2UuY29tghEqLmdvb2dsZXZpZGVvLmNvbYINKi5n
c3RhdGljLmNvbYIKKi5ndnQxLmNvbYIMKi51cmNoaW4uY29tghAqLnVybC5nb29n
bGUuY29tghYqLnlvdXR1YmUtbm9jb29raWUuY29tgg0qLnlvdXR1YmUuY29tghYq
LnlvdXR1YmVlZHVjYXRpb24uY29tggsqLnl0aW1nLmNvbYILYW5kcm9pZC5jb22C
BGcuY2+CBmdvby5nbIIUZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22C
Emdvb2dsZWNvbW1lcmNlLmNvbYIKdXJjaGluLmNvbYIIeW91dHUuYmWCC3lvdXR1
YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbTBoBggrBgEFBQcBAQRcMFowKwYI
KwYBBQUHMAKGH2h0dHA6Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcnQwKwYIKwYB
BQUHMAGGH2h0dHA6Ly9jbGllbnRzMS5nb29nbGUuY29tL29jc3AwHQYDVR0OBBYE
FAd5xKqu42Xw8Q4AusFa9u0OJirvMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU
St0GFhu89mi1dvWBtrtiGrpagS8wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMDAG
A1UdHwQpMCcwJaAjoCGGH2h0dHA6Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcmww
DQYJKoZIhvcNAQEFBQADggEBABzroFpw20fXMQb1min8q0nVRQdT0hvgPmVSRQkk
dZ0eTscsvTuSi3LKteen7P2zvi+a3LLCL0d23OnbFdZJFZ9JHYSgzXHRZWiTde8a
ZhBmttbHhyenFGawGd8tPHcLvbW5siU/fbaHm0Y5dbD4Lhs622VPGWgFdCN61W82
9ie/wwpXgUpASGDv7eN1W1dFbS7O/EFqFTxyNdkNwliBtYrPt53m/J590bHgkqOn
4JuHfbqfhwiCKu2EN1rCTVteVAygNYTCC3AIKrbjZXlhpym1+fVPQbXmFUbIpLxX
WCk1TIHDCtShQG/qAym1JweulHSeoE8bcxTr7Sqwa8+8Q4A=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.google.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
---
No client certificate CA names sent
---
SSL handshake has read 4477 bytes and written 475 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 62B47A4AABF8EE6CD47A1B745584EC1B0E38E9621D19646EB16219DEFA440AA3
    Session-ID-ctx: 
    Master-Key:
98EC19CB3063798F08F548DD4F3D939FC6823F344B31C093541B0CBCDA1FA3676D3B34E8AF9E5602C1148FD211177475
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - 97 85 f0 5f ed 87 4d a4-5f 22 e7 4c b6 d5 22 be   ..._..M._".L..".
    0010 - 81 b5 bd 27 9b c4 7c 75-84 e0 5e ff 4c c1 db 7f   ...'..|u..^.L...
    0020 - 61 8e 42 b8 9e ef 7a 9f-3f c0 7a 55 5d d1 20 69   a.B...z.?.zU]. i
    0030 - 81 8d 8d 30 fe bf 01 d5-08 fc 87 c3 69 5e 2a ce   ...0........i^*.
    0040 - 12 be 81 59 9b a8 aa 0a-45 0f b6 1c 55 b4 95 77   ...Y....E...U..w
    0050 - 54 4f c3 af 94 72 1d c5-b7 6b 9b b9 75 3a f5 f5   TO...r...k..u:..
    0060 - 33 f9 9a 27 39 bb a5 45-a1 32 98 cf 76 e5 2c d1   3..'9..E.2..v.,.
    0070 - c6 81 9d 84 21 45 db d0-98 01 fe 87 1b 5d e5 9c   ....!E.......]..
    0080 - 06 bb 95 ff ff f0 93 90-f7 b6 b2 2d e9 6f 56 24   ...........-.oV$
    0090 - 01 6c b7 e4 e1 e4 cf cf-a2 47 c4 6f 34 f6 b6 eb   .l.......G.o4...
    00a0 - 81 d4 a4 2b 34 ae 31 14-12 fa 52 a9 1f c5 f5 c5   ...+4.1...R.....
    00b0 - a5 76 c4 a7                                       .v..

    Start Time: 1393262327
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
^C

Kevin's Public Wiki maintained and created by Kevin P. Inscoe is licensed under a
Creative Commons Attribution 3.0 United States License.

Back to my web site - http://kevininscoe.com

Edit - History - Print - Recent Changes - Search
Page last modified on February 24, 2014, at 03:26 PM EST