C:\OpenSSL-Win64\bin>openssl s_client -connect truc.fr:443 -servername truc.fr
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Loading 'screen' into random state - done
CONNECTED(00000194)
depth=2 C = US, O = "thawte, Inc.", OU = Certification Services Division, OU = "
(c) 2006 thawte, Inc. - For authorized use only", CN = thawte Primary Root CA
verify error:num=19:self signed certificate in certificate chain
verify return:0
9244:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:.\ssl\s3_pkt.c:1256:SSL alert number 40
9244:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:.\ssl\s23_lib.c:177:
---
Certificate chain
0 s:/C=FR/ST=LA/L=ICI/O=SITE/OU=DSI/CN=*.site.fr
i:/C=US/O=Thawte, Inc./CN=Thawte SSL CA
1 s:/C=FR/ST=LA/L=ICI/O=SITE/OU=DSI/CN=*.site.fr
i:/C=US/O=Thawte, Inc./CN=Thawte SSL CA
2 s:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
3 s:/C=US/O=Thawte, Inc./CN=Thawte SSL CA
i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 thawte,
Inc. - For authorized use only/CN=thawte Primary Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
M(...)Q==
-----END CERTIFICATE-----
subject=/C=FR/ST=LA/L=ICI/O=site/OU=DSI/CN=*.site.fr
issuer=/C=US/O=Thawte, Inc./CN=Thawte SSL CA
---
Acceptable client certificate CA names
/DC=fr/DC=site/CN=site Certification Authority
---
SSL handshake has read 4654 bytes and written 370 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : A0000-SHA256
Session-ID:
Session-ID-ctx:
Master-Key: A(...)7
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1370532757
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---
Partager