Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- openssl s_client -connect odps03:636 -showcerts -state -CAfile /etc/ssl/certs/cacert.pem
- CONNECTED(00000005)
- SSL_connect:before SSL initialization
- SSL_connect:SSLv3/TLS write client hello
- SSL_connect:SSLv3/TLS write client hello
- SSL_connect:SSLv3/TLS read server hello
- depth=1 CN = Example Comapny
- verify return:1
- depth=0 CN = odps03, O = Example Comapny
- verify return:1
- SSL_connect:SSLv3/TLS read server certificate
- SSL_connect:SSLv3/TLS read server key exchange
- SSL_connect:SSLv3/TLS read server done
- SSL_connect:SSLv3/TLS write client key exchange
- SSL_connect:SSLv3/TLS write change cipher spec
- SSL_connect:SSLv3/TLS write finished
- SSL_connect:SSLv3/TLS write finished
- SSL_connect:SSLv3/TLS read change cipher spec
- SSL_connect:SSLv3/TLS read finished
- ---
- Certificate chain
- 0 s:CN = odps03, O = Example Comapny
- i:CN = Example Comapny
- -----BEGIN CERTIFICATE-----
- MIIDZDCCAcygAwIBAgIMXSR3ljZZEpjKqMTvMA0GCSqGSIb3DQEBCwUAMC8xLTAr
- BgNVBAMTJFBHTmlHIE9EIE9icm90IERldGFsaWN6bnkgU3AuIHogby5vLjAeFw0x
- OTA3MDkxMTE2MzhaFw0yMDA3MDgxMTE2MzhaMD0xDzANBgNVBAMTBm9kcHMwMzEq
- MCgGA1UEChMhUEdOaUcgT2Jyb3QgRGV0YWxpY3pueSBTcC4geiBvLm8uMIGfMA0G
- CSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/WXWNYXoTjwU5ZkNo9wjWf0OqdlkB0fat
- mlX3dx167mDPRI0yF5wIjh7uj1L6DTcjVTL8+p7EYS0Bf98AumTZVVBj7k9U2QZO
- zeFThoc+SmabLqd92o3nrzBOwyEigBV18MZGr3IfmUgbRy6VseqU67a9BBhcl0+3
- uGmXm1P0sQIDAQABo3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUF
- BwMBMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFC2dY36t5OaMfplyaljU8asy
- qxupMB8GA1UdIwQYMBaAFHKlhTlGegvaf5tc7ierwq2cQDXlMA0GCSqGSIb3DQEB
- CwUAA4IBgQAMdXt0aeLt6KwTAsWCre855+4aS26W67Dv27jXlKpyyTR+xAS567AO
- wUXoPwVDAZ+XYgmO5h8guGQcfUI9imIpPCJUQJKSu6Fsz3/hSx+w5PnK9Tk3HMMs
- ZeW4WLP1n7bOp8rJS7a3pQcW3yFzpffyq5LH4MP5dAEsKEaivyaOAEfuWJ348dRo
- uqpPY4FcNlLc1HYIxfixwtf8XohdkRgEIrDi/QmPGfYsm76K3eFBPIHRtFhvBnmP
- kRWGxeoInUgcWgns/G/WDwB2y3Fw5zcf0KYVdDvBFagBEAFc8JAJTyAYDVputX1I
- KnsUXRY5/PqXflwWQnfb8kuRcxpOHtEtQN49gPpigmH+zpt7vN2UM0skaa0Fou88
- X6i/kGVU8XPxEWLdP91HGjKVlw7cxADfj+O8CMAmjxqDOxInkX4uFXJHoxBHb9LQ
- 8O+C4WhGTvt66VQDxOXZ+wVCrS2TK0Ug8xKmaTpBQAhlCcNWMWoyW7EorbFxJedo
- KrsPfZiWmHU=
- -----END CERTIFICATE-----
- 1 s:CN = Example Comapny
- i:CN = Example Comapny
- -----BEGIN CERTIFICATE-----
- MIIEJzCCAo+gAwIBAgIMW/Z8+RnPzxfpb3SDMA0GCSqGSIb3DQEBCwUAMC8xLTAr
- BgNVBAMTJFBHTmlHIE9EIE9icm90IERldGFsaWN6bnkgU3AuIHogby5vLjAeFw0x
- ODExMjIwOTU1MDVaFw0xOTExMjIwOTU1MDVaMC8xLTArBgNVBAMTJFBHTmlHIE9E
- IE9icm90IERldGFsaWN6bnkgU3AuIHogby5vLjCCAaIwDQYJKoZIhvcNAQEBBQAD
- ggGPADCCAYoCggGBANypN6Uq9ol8MULj0ErS1Pii8/GLTUcjXJW6zaS/VTl7dUiG
- dl+am2IQSozVIIfnvtoSrCIjebQm2PcW82Cprq9vz7p4rivHO2HQ3WjvSDmXBI1G
- 7tFe4xnrZYOscvoaf4IRc0okOQgI8h2B9rJWyppB6qFW55QRUStvhrW7EgVqWrWF
- 5NCtBMG2ThjO3nXOWbv8ApXklp3lW/JU1yf7H+XvHgjLs48QUyrsFElCS+Ve0Kve
- lSYaZccqhGbLGROTPO02boiIoT7kfMPykjV/h9B9oxAUw4lP1degk74k/MVML68U
- OBbY8uaO6SktxvLVQhmnk/u7jmF2qdMNy7H0magjEies/ctqd+QV7OP3rUxpAQsO
- K/PtWqtqiSt/ppeMbAvSzR5wsv1W0z1rW/EZHzaNKU5XkWfhJ9apeCRRR3niExk/
- d57F1PofgK5ZsV6TOx9kfdVBlVtxroRoKEa7fCTKFq5XtX617W7sbuE3LpUtsdcN
- ifYJ1RU/Ta2/SGQWOQIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB
- /wQFAwMHBAAwHQYDVR0OBBYEFHKlhTlGegvaf5tc7ierwq2cQDXlMA0GCSqGSIb3
- DQEBCwUAA4IBgQBy0fuBros12hM/16tlyqMXWQp9yeZ7rBCVXR1Rr9NVhLOK2Pny
- 29LHrcXMxcWTtgqrmmozgxLPZ0rNwNQtBO3KF1plKHjD9HkQbVK26ghW0+oKb7qA
- TlWvF3bqmbQg2zaECaFGkadWuNKwgbdUi3JuIsL7Zy0JJp6a2P/wqzjV2io06vqB
- 5yWVoiyMvakR7qKyz8VKmFobmWfHrzvXW6Igl4x9KUZCn8SbcmX7wbNqTHEt7I04
- jbjkH+/PusIifi581N26Od7mW1gq37nKJl5J1Rm5IgrwRS14nzSnX7oOyUwIad67
- GkE0AhHTi2FHqKru0GyH9XIPFdWt0oY3mqdJxnVJQ+m6woyNu48kV5UeIMbqZoJ3
- Qzgo+XAjqMtulh7tJnyQ6NkebRpAcbQNJAl/ojIeK6wQtxh7SLrLE6dV8052Hwhz
- FuxcECpGMosPyrARDplgMQWpa0iL9cgMI2nZCDDXtevqDQHIKNYOeMabRaLY0pyn
- B0L3Zy0ccHc4u7o=
- -----END CERTIFICATE-----
- ---
- Server certificate
- subject=CN = odps03, O = Example Comapny
- issuer=CN = Example Comapny
- ---
- No client certificate CA names sent
- Peer signing digest: SHA256
- Peer signature type: RSA
- Server Temp Key: ECDH, P-256, 256 bits
- ---
- SSL handshake has read 2323 bytes and written 437 bytes
- Verification: OK
- ---
- New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
- Server public key is 1024 bit
- Secure Renegotiation IS supported
- Compression: NONE
- Expansion: NONE
- No ALPN negotiated
- SSL-Session:
- Protocol : TLSv1.2
- Cipher : ECDHE-RSA-AES256-GCM-SHA384
- Session-ID: F2623A750CED893A63D3342B002F4AD963198DCA19BFC9740E0C4B6FD473BAE8
- Session-ID-ctx:
- Master-Key: B86C77D94565AC82396FAB12648AC5ACF4A0F707506C09DD7D8EE7A7D8ED61870E33E0C858A43DFCB219F78FEB388D9D
- PSK identity: None
- PSK identity hint: None
- SRP username: None
- Start Time: 1562933947
- Timeout : 7200 (sec)
- Verify return code: 0 (ok)
- Extended master secret: yes
- ---
- ldapsearch -Z -H "ldaps://odps03:636" -D "cn=admin,dc=od,dc=pgnig,dc=pl" -d-1 "givenName=*"
- ldap_url_parse_ext(ldaps://odps03:636)
- ldap_create
- ldap_url_parse_ext(ldaps://odps03:636/??base)
- ldap_extended_operation_s
- ldap_extended_operation
- ldap_send_initial_request
- ldap_new_connection 1 1 0
- ldap_int_open_connection
- ldap_connect_to_host: TCP odps03:636
- ldap_new_socket: 3
- ldap_prepare_socket: 3
- ldap_connect_to_host: Trying 10.66.64.11:636
- ldap_pvt_connect: fd: 3 tm: -1 async: 0
- attempting to connect:
- connect success
- ldap_err2string
- ldap_start_tls: Can't contact LDAP server (-1)
- ldap_sasl_bind
- ldap_send_initial_request
- ldap_send_server_request
- ldap_err2string
- ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
- gdb ldapsearch
- set args -Z -LLL -H "ldaps://odps03:636" -D "cn=admin,dc=example.com" -b "cn=Users,dc=example,dc=com" -d -1 -W
- run
- ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
- [Inferior 1 (process 4388) exited with code 0377]
- strace -f -o /tmp/lddapsearch.log ldapsearch -x -Z -H "ldaps://odps03:636" -D "cn=admin,dc=example,dc=com" -b "cn=Users,dc=example,dc=com" -d-1 -W
- 12773 openat(AT_FDCWD, "/etc/ssl/certs/cacert.pem #ca-certificate.crt", O_RDONLY) = 2
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement