Advertisement
Guest User

arteptweb-a.akamaihd.net gnutls error

a guest
May 16th, 2017
606
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. $ gnutls-cli -d 5 arteptweb-a.akamaihd.net -p 443
  2. |<2>| Initializing PKCS #11 modules
  3. |<2>| p11: Initializing module: p11-kit-trust
  4. |<2>| p11: Initializing module: gnome-keyring
  5. |<3>| ASSERT: pkcs11.c[compat_load]:685
  6. |<3>| p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE
  7. |<3>| p11 attrs: CKA_TRUSTED
  8. |<3>| p11 attrs: CKA_CERTIFICATE_CATEGORY=CA
  9. |<3>| p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE
  10. |<3>| p11 attrs: CKA_TRUSTED
  11. |<3>| p11 attrs: CKA_CERTIFICATE_CATEGORY=CA
  12. |<3>| ASSERT: pkcs11.c[find_objs_cb]:2763
  13. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_obj_list_import_url3]:3084
  14. Processed 172 CA certificate(s).
  15. Resolving 'arteptweb-a.akamaihd.net:443'...
  16. Connecting to '104.83.4.131:443'...
  17. |<5>| REC[0x1392df8]: Allocating epoch #0
  18. |<3>| ASSERT: constate.c[_gnutls_epoch_get]:600
  19. |<5>| REC[0x1392df8]: Allocating epoch #1
  20. |<4>| HSK[0x1392df8]: Adv. version: 3.3
  21. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
  22. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
  23. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305 (CC.A9)
  24. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CCM (C0.AD)
  25. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
  26. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
  27. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 (C0.73)
  28. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
  29. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
  30. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CCM (C0.AC)
  31. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
  32. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
  33. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 (C0.72)
  34. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
  35. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
  36. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
  37. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CHACHA20_POLY1305 (CC.A8)
  38. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
  39. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 (C0.28)
  40. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 (C0.77)
  41. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
  42. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
  43. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
  44. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
  45. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 (C0.76)
  46. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
  47. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_256_GCM_SHA384 (00.9D)
  48. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
  49. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CCM (C0.9D)
  50. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA1 (00.35)
  51. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA256 (00.3D)
  52. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 (00.84)
  53. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 (00.C0)
  54. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_128_GCM_SHA256 (00.9C)
  55. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
  56. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CCM (C0.9C)
  57. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA1 (00.2F)
  58. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA256 (00.3C)
  59. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 (00.41)
  60. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 (00.BA)
  61. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_3DES_EDE_CBC_SHA1 (00.0A)
  62. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_GCM_SHA384 (00.9F)
  63. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
  64. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CHACHA20_POLY1305 (CC.AA)
  65. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CCM (C0.9F)
  66. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA1 (00.39)
  67. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA256 (00.6B)
  68. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
  69. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 (00.C4)
  70. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_GCM_SHA256 (00.9E)
  71. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
  72. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CCM (C0.9E)
  73. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA1 (00.33)
  74. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA256 (00.67)
  75. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
  76. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 (00.BE)
  77. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
  78. |<4>| EXT[0x1392df8]: Sending extension Extended Master Secret (0 bytes)
  79. |<4>| EXT[0x1392df8]: Sending extension Encrypt-then-MAC (0 bytes)
  80. |<4>| EXT[0x1392df8]: Sending extension OCSP Status Request (5 bytes)
  81. |<2>| HSK[0x1392df8]: sent server name: 'arteptweb-a.akamaihd.net'
  82. |<4>| EXT[0x1392df8]: Sending extension Server Name Indication (29 bytes)
  83. |<4>| EXT[0x1392df8]: Sending extension Safe Renegotiation (1 bytes)
  84. |<4>| EXT[0x1392df8]: Sending extension Session Ticket (0 bytes)
  85. |<4>| EXT[0x1392df8]: Sending extension Supported curves (12 bytes)
  86. |<4>| EXT[0x1392df8]: Sending extension Supported ECC Point Formats (2 bytes)
  87. |<4>| EXT[0x1392df8]: sent signature algo (4.1) RSA-SHA256
  88. |<4>| EXT[0x1392df8]: sent signature algo (4.3) ECDSA-SHA256
  89. |<4>| EXT[0x1392df8]: sent signature algo (5.1) RSA-SHA384
  90. |<4>| EXT[0x1392df8]: sent signature algo (5.3) ECDSA-SHA384
  91. |<4>| EXT[0x1392df8]: sent signature algo (6.1) RSA-SHA512
  92. |<4>| EXT[0x1392df8]: sent signature algo (6.3) ECDSA-SHA512
  93. |<4>| EXT[0x1392df8]: sent signature algo (3.1) RSA-SHA224
  94. |<4>| EXT[0x1392df8]: sent signature algo (3.3) ECDSA-SHA224
  95. |<4>| EXT[0x1392df8]: sent signature algo (2.1) RSA-SHA1
  96. |<4>| EXT[0x1392df8]: sent signature algo (2.3) ECDSA-SHA1
  97. |<4>| EXT[0x1392df8]: Sending extension Signature Algorithms (22 bytes)
  98. |<4>| HSK[0x1392df8]: CLIENT HELLO was queued [266 bytes]
  99. |<5>| REC[0x1392df8]: Preparing Packet Handshake(22) with length: 266 and min pad: 0
  100. |<5>| REC[0x1392df8]: Sent Packet[1] Handshake(22) in epoch 0 and length: 271
  101. |<3>| ASSERT: buffers.c[get_last_packet]:1159
  102. |<5>| REC[0x1392df8]: SSL 3.3 Handshake packet received. Epoch 0, length: 60
  103. |<5>| REC[0x1392df8]: Expected Packet Handshake(22)
  104. |<5>| REC[0x1392df8]: Received Packet Handshake(22) with length: 60
  105. |<5>| REC[0x1392df8]: Decrypted Packet[0] Handshake(22) with length: 60
  106. |<4>| HSK[0x1392df8]: SERVER HELLO (2) was received. Length 56[56], frag offset 0, frag length: 56, sequence: 0
  107. |<4>| HSK[0x1392df8]: Server's version: 3.3
  108. |<4>| HSK[0x1392df8]: SessionID length: 0
  109. |<4>| HSK[0x1392df8]: SessionID: c0
  110. |<4>| HSK[0x1392df8]: Selected cipher suite: ECDHE_ECDSA_AES_256_GCM_SHA384
  111. |<4>| HSK[0x1392df8]: Selected compression method: NULL (0)
  112. |<4>| EXT[0x1392df8]: Parsing extension 'Supported ECC Point Formats/11' (4 bytes)
  113. |<4>| EXT[0x1392df8]: Parsing extension 'Session Ticket/35' (0 bytes)
  114. |<4>| EXT[0x1392df8]: Parsing extension 'OCSP Status Request/5' (0 bytes)
  115. |<4>| HSK[0x1392df8]: Allowing unsafe initial negotiation
  116. |<3>| ASSERT: buffers.c[get_last_packet]:1159
  117. |<5>| REC[0x1392df8]: SSL 3.3 Handshake packet received. Epoch 0, length: 2361
  118. |<5>| REC[0x1392df8]: Expected Packet Handshake(22)
  119. |<5>| REC[0x1392df8]: Received Packet Handshake(22) with length: 2361
  120. |<5>| REC[0x1392df8]: Decrypted Packet[1] Handshake(22) with length: 2361
  121. |<4>| HSK[0x1392df8]: CERTIFICATE (11) was received. Length 2357[2357], frag offset 0, frag length: 2357, sequence: 0
  122. |<3>| ASSERT: common.c[x509_read_value]:698
  123. |<3>| ASSERT: common.c[x509_read_value]:698
  124. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  125. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  126. |<3>| ASSERT: buffers.c[get_last_packet]:1159
  127. |<5>| REC[0x1392df8]: SSL 3.3 Handshake packet received. Epoch 0, length: 1043
  128. |<5>| REC[0x1392df8]: Expected Packet Handshake(22)
  129. |<5>| REC[0x1392df8]: Received Packet Handshake(22) with length: 1043
  130. |<5>| REC[0x1392df8]: Decrypted Packet[2] Handshake(22) with length: 1043
  131. |<4>| HSK[0x1392df8]: CERTIFICATE STATUS (22) was received. Length 1039[1039], frag offset 0, frag length: 1039, sequence: 0
  132. - Certificate type: X.509
  133. - Got a certificate list of 2 certificates.
  134. |<3>| ASSERT: common.c[x509_read_value]:698
  135. |<3>| ASSERT: common.c[x509_read_value]:698
  136. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  137. - Certificate[0] info:
  138. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  139. - subject `CN=a248.e.akamai.net,O=Akamai Technologies\, Inc.,L=Cambridge,ST=Massachusetts,C=US', issuer `CN=Symantec Class 3 ECC 256 bit SSL CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US', serial 0x63b9ec7eff988335f113d67d2f864d35, EC/ECDSA key 256 bits, signed using ECDSA-SHA256, activated `2016-07-28 00:00:00 UTC', expires `2017-07-28 23:59:59 UTC', pin-sha256="zuIdY8msZFsfzYCPVJRwXrljgnZRonhO4XXMzgE5WSs="
  140. Public Key ID:
  141. sha1:d8bfb32db690aa2829b3b2e760b4d4dcf4970978
  142. sha256:cee21d63c9ac645b1fcd808f5494705eb963827651a2784ee175ccce0139592b
  143. Public Key PIN:
  144. pin-sha256:zuIdY8msZFsfzYCPVJRwXrljgnZRonhO4XXMzgE5WSs=
  145. Public key's random art:
  146. +--[SECP256R1]----+
  147. | |
  148. | . |
  149. | o E |
  150. | o o oo. o |
  151. | o o ...S+ |
  152. |o . .o |
  153. |.+ o . |
  154. |B... . .+o |
  155. |=Bo ... .+=. |
  156. +-----------------+
  157.  
  158. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  159. - Certificate[1] info:
  160. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  161. - subject `CN=Symantec Class 3 ECC 256 bit SSL CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US', issuer `CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US', serial 0x3f9287be9d1da4a37a9df6282e775ac4, EC/ECDSA key 256 bits, signed using RSA-SHA256, activated `2015-05-12 00:00:00 UTC', expires `2025-05-11 23:59:59 UTC', pin-sha256="pvsOo/07kXBfe36yjJgm6H46EJRe7gurjSAeunJgFyg="
  162. |<3>| ASSERT: common.c[x509_read_value]:698
  163. |<3>| ASSERT: common.c[x509_read_value]:698
  164. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  165. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  166. |<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1522
  167. |<3>| ASSERT: ocsp.c[find_signercert]:1906
  168. |<3>| ASSERT: common.c[x509_read_value]:698
  169. |<3>| ASSERT: common.c[x509_read_value]:698
  170. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  171. |<3>| ASSERT: common.c[_gnutls_x509_der_encode]:865
  172. |<3>| ASSERT: ocsp.c[find_signercert]:1960
  173. |<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1522
  174. |<3>| ASSERT: ocsp.c[gnutls_ocsp_resp_verify]:2218
  175. |<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1522
  176. |<3>| ASSERT: ocsp.c[find_signercert]:1906
  177. |<3>| ASSERT: common.c[x509_read_value]:698
  178. |<3>| ASSERT: common.c[x509_read_value]:698
  179. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  180. |<3>| ASSERT: common.c[_gnutls_x509_der_encode]:865
  181. |<3>| ASSERT: ocsp.c[find_signercert]:1960
  182. |<3>| ASSERT: pk.c[_wrap_nettle_pk_verify]:679
  183. |<3>| ASSERT: pubkey.c[pubkey_verify_data]:1962
  184. |<3>| ASSERT: pubkey.c[gnutls_pubkey_verify_data2]:1630
  185. |<3>| ASSERT: ocsp.c[_ocsp_resp_verify_direct]:2022
  186. |<3>| ASSERT: x509.c[check_ocsp_response]:147
  187. |<3>| ASSERT: common.c[x509_read_value]:698
  188. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  189. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  190. |<3>| ASSERT: verify.c[verify_crt]:604
  191. |<2>| GNUTLS_SEC_PARAM_LOW: certificate's issuer security level is unacceptable
  192. |<3>| ASSERT: verify.c[is_level_acceptable]:429
  193. |<3>| ASSERT: verify.c[verify_crt]:714
  194. |<3>| ASSERT: verify.c[verify_crt]:743
  195. |<3>| ASSERT: verify.c[_gnutls_verify_crt_status]:913
  196. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  197. |<3>| ASSERT: verify.c[verify_crt]:604
  198. |<2>| GNUTLS_SEC_PARAM_LOW: certificate's issuer security level is unacceptable
  199. |<3>| ASSERT: verify.c[is_level_acceptable]:429
  200. |<3>| ASSERT: verify.c[verify_crt]:714
  201. |<3>| ASSERT: verify.c[verify_crt]:743
  202. |<3>| ASSERT: verify.c[_gnutls_verify_crt_status]:913
  203. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  204. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  205. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  206. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  207. |<2>| crt_is_known: did not find cert, using issuer DN + serial, using DN only
  208. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4092
  209. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  210. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  211. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  212. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4105
  213. |<2>| crt_is_known: did not find any cert
  214. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  215. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  216. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  217. |<2>| crt_is_known: did not find cert, using issuer DN + serial, using DN only
  218. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4092
  219. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  220. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  221. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  222. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4105
  223. |<2>| crt_is_known: did not find any cert
  224. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  225. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  226. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  227. |<2>| crt_is_known: did not find cert, using issuer DN + serial, using DN only
  228. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4092
  229. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  230. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  231. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  232. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4105
  233. |<2>| crt_is_known: did not find any cert
  234. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  235. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  236. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  237. |<2>| crt_is_known: did not find cert, using issuer DN + serial, using DN only
  238. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4092
  239. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  240. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  241. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  242. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4105
  243. |<2>| crt_is_known: did not find any cert
  244. |<3>| ASSERT: common.c[x509_read_value]:698
  245. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  246. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  247. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  248. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  249. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  250. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  251. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  252. |<3>| ASSERT: common.c[x509_read_value]:698
  253. |<2>| looking for key purpose '1.3.6.1.5.5.7.3.1', but have '1.3.6.1.5.5.7.3.4'
  254. |<3>| ASSERT: common.c[x509_read_value]:698
  255. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  256. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  257. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  258. |<3>| ASSERT: common.c[x509_read_value]:698
  259. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  260. |<3>| ASSERT: name_constraints.c[gnutls_x509_crt_get_name_constraints]:470
  261. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  262. |<3>| ASSERT: mpi.c[_gnutls_x509_read_uint]:246
  263. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  264. |<3>| ASSERT: common.c[x509_read_value]:698
  265. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  266. |<3>| ASSERT: name_constraints.c[gnutls_x509_crt_get_name_constraints]:470
  267. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  268. |<3>| ASSERT: common.c[x509_read_value]:698
  269. - Status: The certificate is NOT trusted. The received OCSP status response is invalid.
  270. *** PKI verification of server certificate failed...
  271. |<3>| ASSERT: handshake.c[run_verify_callback]:2751
  272. |<3>| ASSERT: handshake.c[handshake_client]:2862
  273. *** Fatal error: Error in the certificate.
  274. |<5>| REC: Sending Alert[2|42] - Certificate is bad
  275. |<5>| REC[0x1392df8]: Preparing Packet Alert(21) with length: 2 and min pad: 0
  276. |<5>| REC[0x1392df8]: Sent Packet[2] Alert(21) in epoch 0 and length: 7
  277. *** handshake has failed: Error in the certificate.
Advertisement
RAW Paste Data Copied
Advertisement