API tools faq
paste
Advertisement
genBTC

openssl TLS 1.1 disabled TLS 1.2 works verification

genBTC
Jun 10th, 2020
122
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.46 KB | None | 0 0
raw download clone embed print report
  1. myuser@MYCOMPUTER:~$ openssl s_client -connect XXXX.com:443 -tls1_1
  2. CONNECTED(00000003)
  3. 140277846926464:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:../ssl/record/rec_layer_s3.c:1544:SSL alert number 70
  4. ---
  5. no peer certificate available
  6. ---
  7. No client certificate CA names sent
  8. ---
  9. SSL handshake has read 7 bytes and written 121 bytes
  10. Verification: OK
  11. ---
  12. New, (NONE), Cipher is (NONE)
  13. Secure Renegotiation IS NOT supported
  14. Compression: NONE
  15. Expansion: NONE
  16. No ALPN negotiated
  17. SSL-Session:
  18. Protocol : TLSv1.1
  19. Cipher : 0000
  20. Session-ID:
  21. Session-ID-ctx:
  22. Master-Key:
  23. PSK identity: None
  24. PSK identity hint: None
  25. SRP username: None
  26. Start Time: 1591822621
  27. Timeout : 7200 (sec)
  28. Verify return code: 0 (ok)
  29. Extended master secret: no
  30. ---
  31. myuser@MYCOMPUTER:~$ openssl s_client -connect XXXX.com:443 -tls1_2
  32. CONNECTED(00000003)
  33. depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
  34. verify return:1
  35. depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
  36. verify return:1
  37. depth=0 CN = XXXX.com
  38. verify return:1
  39. ---
  40. Certificate chain
  41. 0 s:CN = XXXX.com
  42. i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
  43. 1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
  44. i:O = Digital Signature Trust Co., CN = DST Root CA X3
  45. ---
  46. Server certificate
  47. -----BEGIN CERTIFICATE-----
  48. ASBADHFGDFJKBGSFLGJSF{G
  49. ASBADHFGDFJKBGSFLGJSF{G
  50. ADHADIOGHP0i-BLAHHHHH
  51. -----END CERTIFICATE-----
  52. subject=CN = XXXX.com
  53.  
  54. issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
  55.  
  56. ---
  57. No client certificate CA names sent
  58. Peer signing digest: SHA256
  59. Peer signature type: RSA-PSS
  60. Server Temp Key: X448, 448 bits
  61. ---
  62. SSL handshake has read 3550 bytes and written 322 bytes
  63. Verification: OK
  64. ---
  65. New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
  66. Server public key is 4096 bit
  67. Secure Renegotiation IS supported
  68. Compression: NONE
  69. Expansion: NONE
  70. No ALPN negotiated
  71. SSL-Session:
  72. Protocol : TLSv1.2
  73. Cipher : ECDHE-RSA-AES256-GCM-SHA384
  74. Session-ID: EE2F9D68BA254831A8EB11A34E78E2A7CA204D9BC0A356F37781B276750BE0D9
  75. Session-ID-ctx:
  76. Master-Key: 55ADA9B445C01AA09496F7F1D5944BF9E6A9BE2EF70D11F67D996C6A163305958E611EB2C74A941B745CF328D2E7EDD6
  77. PSK identity: None
  78. PSK identity hint: None
  79. SRP username: None
  80. Start Time: 1591822597
  81. Timeout : 7200 (sec)
  82. Verify return code: 0 (ok)
  83. Extended master secret: yes
  84. ---
  85. closed
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!