API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 5th, 2016
276
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.68 KB | None | 0 0
raw download clone embed print report
  1. Trying to connect with SSL_RSA_WITH_RC4_128_SHA
  2. "write:errno=10054" meaning IIS disconnects.
  3.  
  4. C:\OpenSSL-Win32\bin>openssl.exe s_client -connect MYHOSTNAME:443 -tls1 -cipher RC4-SHA
  5. WARNING: can't open config file: /usr/local/ssl/openssl.cnf
  6. CONNECTED(00000768)
  7. write:errno=10054
  8. ---
  9. no peer certificate available
  10. ---
  11. No client certificate CA names sent
  12. ---
  13. SSL handshake has read 0 bytes and written 0 bytes
  14. ---
  15. New, (NONE), Cipher is (NONE)
  16. Secure Renegotiation IS NOT supported
  17. Compression: NONE
  18. Expansion: NONE
  19. No ALPN negotiated
  20. SSL-Session:
  21. Protocol : TLSv1
  22. Cipher : 0000
  23. Session-ID:
  24. Session-ID-ctx:
  25. Master-Key:
  26. Key-Arg : None
  27. PSK identity: None
  28. PSK identity hint: None
  29. SRP username: None
  30. Start Time: 1470393852
  31. Timeout : 7200 (sec)
  32. Verify return code: 0 (ok)
  33. ---
  34.  
  35.  
  36.  
  37.  
  38.  
  39. Trying to connect with TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  40. (determined by constraining Firefox to TLSv1.0 by setting security.tls.version.max to 1 instead of 3,
  41. listening to the handshake with Wireshark and seeing which cipher the server picks)
  42.  
  43. This works since I get a session ticket.
  44.  
  45. C:\OpenSSL-Win32\bin>openssl.exe s_client -connect MYHOSTNAME:443 -tls1 -cipher ECDHE-RSA-AES256-SHA
  46. WARNING: can't open config file: /usr/local/ssl/openssl.cnf
  47. CONNECTED(00000768)
  48. depth=0 CN = MYFQDN
  49. verify error:num=18:self signed certificate
  50. verify return:1
  51. depth=0 CN = MYFQDN
  52. verify return:1
  53. ---
  54. Certificate chain
  55. 0 s:/CN=MYFQDN
  56. i:/CN=MYFQDN
  57. ---
  58. Server certificate
  59. -----BEGIN CERTIFICATE-----
  60. [certificate elided]
  61. -----END CERTIFICATE-----
  62. subject=/CN=MYFQDN
  63. issuer=/CN=MYFQDN
  64. ---
  65. No client certificate CA names sent
  66. Server Temp Key: ECDH, P-521, 521 bits
  67. ---
  68. SSL handshake has read 2019 bytes and written 305 bytes
  69. ---
  70. New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
  71. Server public key is 2048 bit
  72. Secure Renegotiation IS supported
  73. Compression: NONE
  74. Expansion: NONE
  75. No ALPN negotiated
  76. SSL-Session:
  77. Protocol : TLSv1
  78. Cipher : ECDHE-RSA-AES256-SHA
  79. Session-ID: 068AFA7E226F04F9CCE7092415E334828F6C350FC007F812E347C9BDA8563ABB
  80.  
  81. Session-ID-ctx:
  82. Master-Key: 0BC0694C7AB21EC8CB54E58A96293570A01255FE24D789769F756B20FB417C4B
  83. 5CEFC4D6FAF9A8FA33FC2E3DABA58EA8
  84. Key-Arg : None
  85. PSK identity: None
  86. PSK identity hint: None
  87. SRP username: None
  88. TLS session ticket lifetime hint: 36000 (seconds)
  89. TLS session ticket:
  90. 0000 - 30 82 02 89 06 09 2a 86-48 86 f7 0d 01 07 03 a0 0.....*.H.......
  91. 0010 - 82 02 7a 30 82 02 76 02-01 02 31 82 01 7a a2 82 ..z0..v...1..z..
  92. 0020 - 01 76 02 01 04 30 82 01-38 04 82 01 06 01 00 00 .v...0..8.......
  93. 0030 - 00 d0 8c 9d df 01 15 d1-11 8c 7a 00 c0 4f c2 97 ..........z..O..
  94. 0040 - eb 01 00 00 00 3c 1b ee-9c 23 2b 3f 49 b8 25 4c .....<...#+?I.%L
  95. 0050 - 80 03 3f 2b 5a 00 00 00-00 02 00 00 00 00 00 10 ..?+Z...........
  96. 0060 - 66 00 00 00 01 00 00 20-00 00 00 53 08 48 1c bc f...... ...S.H..
  97. 0070 - 51 27 c3 5d d4 e2 12 7d-a4 e8 c3 2e 8d dd 94 77 Q'.]...}.......w
  98. 0080 - dd 2d 88 ec 2c 3f 08 a7-6d 07 4f 00 00 00 00 0e .-..,?..m.O.....
  99. 0090 - 80 00 00 00 02 00 00 20-00 00 00 b2 9a 2c d7 9e ....... .....,..
  100. 00a0 - 4f 6f 2d 26 ea 6f 89 d2-3f df f2 f7 e5 49 70 17 Oo-&.o..?....Ip.
  101. 00b0 - dc be 6d 72 ad ae 24 37-85 5c 0b 30 00 00 00 60 ..mr..$7.\.0...`
  102. 00c0 - af 2f 8b e6 cc cf 7b b7-98 d3 99 9c b4 8f 2a ce ./....{.......*.
  103. 00d0 - 1f 8b cd d5 55 63 c8 5b-d6 c3 45 cb 51 63 2d 7f ....Uc.[..E.Qc-.
  104. 00e0 - 8d 72 72 d8 97 bd c2 de-0c a2 7d 1e 10 9d 50 40 .rr.......}...P@
  105. 00f0 - 00 00 00 ac 16 d5 e3 f4-cd 4f df 06 9e 95 17 ed .........O......
  106. 0100 - 4a 65 be fc 33 53 7e 5b-7e f9 d1 9d 4d 20 2c db Je..3S~[~...M ,.
  107. 0110 - b2 30 74 90 4a d5 84 20-f7 fc ef f7 79 31 45 fd .0t.J.. ....y1E.
  108. 0120 - b8 1b 51 6d e3 47 98 80-44 44 49 36 fb 0d fe 1f ..Qm.G..DDI6....
  109. 0130 - 90 b7 09 30 2c 06 09 2b-06 01 04 01 82 37 4a 01 ...0,..+.....7J.
  110. 0140 - 30 1f 06 0a 2b 06 01 04-01 82 37 4a 01 08 30 11 0...+.....7J..0.
  111. 0150 - 30 0f 30 0d 0c 05 4c 4f-43 41 4c 0c 04 75 73 65 0.0...LOCAL..use
  112. 0160 - 72 30 0b 06 09 60 86 48-01 65 03 04 01 2d 04 28 r0...`.H.e...-.(
  113. 0170 - bf 48 a8 2f f1 a0 02 c5-37 b7 d8 45 84 2e ad c1 .H./....7..E....
  114. 0180 - 98 a1 0c 47 4f 49 9a 76-26 04 d8 65 df d5 95 7a ...GOI.v&..e...z
  115. 0190 - 07 0c f6 7e 48 6d e8 f2-30 81 f2 06 09 2a 86 48 ...~Hm..0....*.H
  116. 01a0 - 86 f7 0d 01 07 01 30 1e-06 09 60 86 48 01 65 03 ......0...`.H.e.
  117. 01b0 - 04 01 2e 30 11 04 0c 23-fa c1 7b 2b 8a a9 26 c0 ...0...#..{+..&.
  118. 01c0 - c8 53 c9 02 01 10 80 81-c4 04 41 80 af 2c ce 8f .S........A..,..
  119. 01d0 - 55 bb c3 ed 6a dd a5 c8-91 b5 96 83 27 2a 17 b5 U...j.......'*..
  120. 01e0 - 7f ca a8 73 4f e0 62 76-11 8b 8b 6b c4 82 eb 49 ...sO.bv...k...I
  121. 01f0 - 17 a6 20 df 9a ef e2 dd-21 c2 c0 59 c4 51 75 4e .. .....!..Y.QuN
  122. 0200 - 0e d1 f2 c2 0d 71 a2 a3-ef 26 1a 91 91 2c e9 2f .....q...&...,./
  123. 0210 - 78 80 29 4b e6 79 ab bb-1c 68 e8 bf c4 1c 7b 8b x.)K.y...h....{.
  124. 0220 - 33 5e 82 eb 17 07 03 c0-c3 e0 78 33 dd e4 86 46 3^........x3...F
  125. 0230 - e0 f0 da b0 81 b4 1c 18-6e 82 74 85 69 46 ed 79 ........n.t.iF.y
  126. 0240 - e9 6c fb f2 f9 2d 87 df-d6 d0 23 8b 79 eb aa 19 .l...-....#.y...
  127. 0250 - 19 fc 45 5a c0 82 3e e8-39 5b d6 20 39 56 0c 2a ..EZ..>.9[. 9V.*
  128. 0260 - a1 ad c8 4a 5e e0 91 0f-1d de f6 30 90 93 88 c3 ...J^......0....
  129. 0270 - 24 14 a4 66 e0 86 91 9c-77 75 12 a0 2b 99 53 99 $..f....wu..+.S.
  130. 0280 - 4b bf a3 fc 3c 31 5e b6-8f 9a a6 c4 31 K...<1^.....1
  131.  
  132. Start Time: 1470393705
  133. Timeout : 7200 (sec)
  134. Verify return code: 18 (self signed certificate)
  135. ---
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!