API tools faq
paste
Advertisement
Guest User

arteptweb-a.akamaihd.net gnutls error

a guest
May 16th, 2017
619
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.92 KB | None | 0 0
raw download clone embed print report
  1. $ gnutls-cli -d 5 arteptweb-a.akamaihd.net -p 443
  2. |<2>| Initializing PKCS #11 modules
  3. |<2>| p11: Initializing module: p11-kit-trust
  4. |<2>| p11: Initializing module: gnome-keyring
  5. |<3>| ASSERT: pkcs11.c[compat_load]:685
  6. |<3>| p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE
  7. |<3>| p11 attrs: CKA_TRUSTED
  8. |<3>| p11 attrs: CKA_CERTIFICATE_CATEGORY=CA
  9. |<3>| p11 attrs: CKA_CLASS (CERT), CKA_CERTIFICATE_TYPE
  10. |<3>| p11 attrs: CKA_TRUSTED
  11. |<3>| p11 attrs: CKA_CERTIFICATE_CATEGORY=CA
  12. |<3>| ASSERT: pkcs11.c[find_objs_cb]:2763
  13. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_obj_list_import_url3]:3084
  14. Processed 172 CA certificate(s).
  15. Resolving 'arteptweb-a.akamaihd.net:443'...
  16. Connecting to '104.83.4.131:443'...
  17. |<5>| REC[0x1392df8]: Allocating epoch #0
  18. |<3>| ASSERT: constate.c[_gnutls_epoch_get]:600
  19. |<5>| REC[0x1392df8]: Allocating epoch #1
  20. |<4>| HSK[0x1392df8]: Adv. version: 3.3
  21. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_GCM_SHA384 (C0.2C)
  22. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_GCM_SHA384 (C0.87)
  23. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305 (CC.A9)
  24. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CCM (C0.AD)
  25. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 (C0.0A)
  26. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA384 (C0.24)
  27. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_256_CBC_SHA384 (C0.73)
  28. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 (C0.2B)
  29. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_GCM_SHA256 (C0.86)
  30. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CCM (C0.AC)
  31. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 (C0.09)
  32. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 (C0.23)
  33. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_CAMELLIA_128_CBC_SHA256 (C0.72)
  34. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 (C0.08)
  35. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_GCM_SHA384 (C0.30)
  36. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.8B)
  37. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CHACHA20_POLY1305 (CC.A8)
  38. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 (C0.14)
  39. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_256_CBC_SHA384 (C0.28)
  40. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_256_CBC_SHA384 (C0.77)
  41. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_GCM_SHA256 (C0.2F)
  42. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.8A)
  43. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 (C0.13)
  44. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256 (C0.27)
  45. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_CAMELLIA_128_CBC_SHA256 (C0.76)
  46. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 (C0.12)
  47. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_256_GCM_SHA384 (00.9D)
  48. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_GCM_SHA384 (C0.7B)
  49. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CCM (C0.9D)
  50. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA1 (00.35)
  51. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_256_CBC_SHA256 (00.3D)
  52. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA1 (00.84)
  53. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_256_CBC_SHA256 (00.C0)
  54. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_128_GCM_SHA256 (00.9C)
  55. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_GCM_SHA256 (C0.7A)
  56. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CCM (C0.9C)
  57. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA1 (00.2F)
  58. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_AES_128_CBC_SHA256 (00.3C)
  59. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA1 (00.41)
  60. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_CAMELLIA_128_CBC_SHA256 (00.BA)
  61. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_RSA_3DES_EDE_CBC_SHA1 (00.0A)
  62. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_GCM_SHA384 (00.9F)
  63. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_GCM_SHA384 (C0.7D)
  64. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CHACHA20_POLY1305 (CC.AA)
  65. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CCM (C0.9F)
  66. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA1 (00.39)
  67. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_256_CBC_SHA256 (00.6B)
  68. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 (00.88)
  69. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA256 (00.C4)
  70. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_GCM_SHA256 (00.9E)
  71. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_GCM_SHA256 (C0.7C)
  72. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CCM (C0.9E)
  73. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA1 (00.33)
  74. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_AES_128_CBC_SHA256 (00.67)
  75. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1 (00.45)
  76. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA256 (00.BE)
  77. |<4>| HSK[0x1392df8]: Keeping ciphersuite: GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1 (00.16)
  78. |<4>| EXT[0x1392df8]: Sending extension Extended Master Secret (0 bytes)
  79. |<4>| EXT[0x1392df8]: Sending extension Encrypt-then-MAC (0 bytes)
  80. |<4>| EXT[0x1392df8]: Sending extension OCSP Status Request (5 bytes)
  81. |<2>| HSK[0x1392df8]: sent server name: 'arteptweb-a.akamaihd.net'
  82. |<4>| EXT[0x1392df8]: Sending extension Server Name Indication (29 bytes)
  83. |<4>| EXT[0x1392df8]: Sending extension Safe Renegotiation (1 bytes)
  84. |<4>| EXT[0x1392df8]: Sending extension Session Ticket (0 bytes)
  85. |<4>| EXT[0x1392df8]: Sending extension Supported curves (12 bytes)
  86. |<4>| EXT[0x1392df8]: Sending extension Supported ECC Point Formats (2 bytes)
  87. |<4>| EXT[0x1392df8]: sent signature algo (4.1) RSA-SHA256
  88. |<4>| EXT[0x1392df8]: sent signature algo (4.3) ECDSA-SHA256
  89. |<4>| EXT[0x1392df8]: sent signature algo (5.1) RSA-SHA384
  90. |<4>| EXT[0x1392df8]: sent signature algo (5.3) ECDSA-SHA384
  91. |<4>| EXT[0x1392df8]: sent signature algo (6.1) RSA-SHA512
  92. |<4>| EXT[0x1392df8]: sent signature algo (6.3) ECDSA-SHA512
  93. |<4>| EXT[0x1392df8]: sent signature algo (3.1) RSA-SHA224
  94. |<4>| EXT[0x1392df8]: sent signature algo (3.3) ECDSA-SHA224
  95. |<4>| EXT[0x1392df8]: sent signature algo (2.1) RSA-SHA1
  96. |<4>| EXT[0x1392df8]: sent signature algo (2.3) ECDSA-SHA1
  97. |<4>| EXT[0x1392df8]: Sending extension Signature Algorithms (22 bytes)
  98. |<4>| HSK[0x1392df8]: CLIENT HELLO was queued [266 bytes]
  99. |<5>| REC[0x1392df8]: Preparing Packet Handshake(22) with length: 266 and min pad: 0
  100. |<5>| REC[0x1392df8]: Sent Packet[1] Handshake(22) in epoch 0 and length: 271
  101. |<3>| ASSERT: buffers.c[get_last_packet]:1159
  102. |<5>| REC[0x1392df8]: SSL 3.3 Handshake packet received. Epoch 0, length: 60
  103. |<5>| REC[0x1392df8]: Expected Packet Handshake(22)
  104. |<5>| REC[0x1392df8]: Received Packet Handshake(22) with length: 60
  105. |<5>| REC[0x1392df8]: Decrypted Packet[0] Handshake(22) with length: 60
  106. |<4>| HSK[0x1392df8]: SERVER HELLO (2) was received. Length 56[56], frag offset 0, frag length: 56, sequence: 0
  107. |<4>| HSK[0x1392df8]: Server's version: 3.3
  108. |<4>| HSK[0x1392df8]: SessionID length: 0
  109. |<4>| HSK[0x1392df8]: SessionID: c0
  110. |<4>| HSK[0x1392df8]: Selected cipher suite: ECDHE_ECDSA_AES_256_GCM_SHA384
  111. |<4>| HSK[0x1392df8]: Selected compression method: NULL (0)
  112. |<4>| EXT[0x1392df8]: Parsing extension 'Supported ECC Point Formats/11' (4 bytes)
  113. |<4>| EXT[0x1392df8]: Parsing extension 'Session Ticket/35' (0 bytes)
  114. |<4>| EXT[0x1392df8]: Parsing extension 'OCSP Status Request/5' (0 bytes)
  115. |<4>| HSK[0x1392df8]: Allowing unsafe initial negotiation
  116. |<3>| ASSERT: buffers.c[get_last_packet]:1159
  117. |<5>| REC[0x1392df8]: SSL 3.3 Handshake packet received. Epoch 0, length: 2361
  118. |<5>| REC[0x1392df8]: Expected Packet Handshake(22)
  119. |<5>| REC[0x1392df8]: Received Packet Handshake(22) with length: 2361
  120. |<5>| REC[0x1392df8]: Decrypted Packet[1] Handshake(22) with length: 2361
  121. |<4>| HSK[0x1392df8]: CERTIFICATE (11) was received. Length 2357[2357], frag offset 0, frag length: 2357, sequence: 0
  122. |<3>| ASSERT: common.c[x509_read_value]:698
  123. |<3>| ASSERT: common.c[x509_read_value]:698
  124. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  125. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  126. |<3>| ASSERT: buffers.c[get_last_packet]:1159
  127. |<5>| REC[0x1392df8]: SSL 3.3 Handshake packet received. Epoch 0, length: 1043
  128. |<5>| REC[0x1392df8]: Expected Packet Handshake(22)
  129. |<5>| REC[0x1392df8]: Received Packet Handshake(22) with length: 1043
  130. |<5>| REC[0x1392df8]: Decrypted Packet[2] Handshake(22) with length: 1043
  131. |<4>| HSK[0x1392df8]: CERTIFICATE STATUS (22) was received. Length 1039[1039], frag offset 0, frag length: 1039, sequence: 0
  132. - Certificate type: X.509
  133. - Got a certificate list of 2 certificates.
  134. |<3>| ASSERT: common.c[x509_read_value]:698
  135. |<3>| ASSERT: common.c[x509_read_value]:698
  136. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  137. - Certificate[0] info:
  138. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  139. - subject `CN=a248.e.akamai.net,O=Akamai Technologies\, Inc.,L=Cambridge,ST=Massachusetts,C=US', issuer `CN=Symantec Class 3 ECC 256 bit SSL CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US', serial 0x63b9ec7eff988335f113d67d2f864d35, EC/ECDSA key 256 bits, signed using ECDSA-SHA256, activated `2016-07-28 00:00:00 UTC', expires `2017-07-28 23:59:59 UTC', pin-sha256="zuIdY8msZFsfzYCPVJRwXrljgnZRonhO4XXMzgE5WSs="
  140. Public Key ID:
  141. sha1:d8bfb32db690aa2829b3b2e760b4d4dcf4970978
  142. sha256:cee21d63c9ac645b1fcd808f5494705eb963827651a2784ee175ccce0139592b
  143. Public Key PIN:
  144. pin-sha256:zuIdY8msZFsfzYCPVJRwXrljgnZRonhO4XXMzgE5WSs=
  145. Public key's random art:
  146. +--[SECP256R1]----+
  147. | |
  148. | . |
  149. | o E |
  150. | o o oo. o |
  151. | o o ...S+ |
  152. |o . .o |
  153. |.+ o . |
  154. |B... . .+o |
  155. |=Bo ... .+=. |
  156. +-----------------+
  157.  
  158. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  159. - Certificate[1] info:
  160. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  161. - subject `CN=Symantec Class 3 ECC 256 bit SSL CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US', issuer `CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=(c) 2006 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US', serial 0x3f9287be9d1da4a37a9df6282e775ac4, EC/ECDSA key 256 bits, signed using RSA-SHA256, activated `2015-05-12 00:00:00 UTC', expires `2025-05-11 23:59:59 UTC', pin-sha256="pvsOo/07kXBfe36yjJgm6H46EJRe7gurjSAeunJgFyg="
  162. |<3>| ASSERT: common.c[x509_read_value]:698
  163. |<3>| ASSERT: common.c[x509_read_value]:698
  164. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  165. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  166. |<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1522
  167. |<3>| ASSERT: ocsp.c[find_signercert]:1906
  168. |<3>| ASSERT: common.c[x509_read_value]:698
  169. |<3>| ASSERT: common.c[x509_read_value]:698
  170. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  171. |<3>| ASSERT: common.c[_gnutls_x509_der_encode]:865
  172. |<3>| ASSERT: ocsp.c[find_signercert]:1960
  173. |<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1522
  174. |<3>| ASSERT: ocsp.c[gnutls_ocsp_resp_verify]:2218
  175. |<3>| ASSERT: common.c[_gnutls_x509_get_raw_field2]:1522
  176. |<3>| ASSERT: ocsp.c[find_signercert]:1906
  177. |<3>| ASSERT: common.c[x509_read_value]:698
  178. |<3>| ASSERT: common.c[x509_read_value]:698
  179. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  180. |<3>| ASSERT: common.c[_gnutls_x509_der_encode]:865
  181. |<3>| ASSERT: ocsp.c[find_signercert]:1960
  182. |<3>| ASSERT: pk.c[_wrap_nettle_pk_verify]:679
  183. |<3>| ASSERT: pubkey.c[pubkey_verify_data]:1962
  184. |<3>| ASSERT: pubkey.c[gnutls_pubkey_verify_data2]:1630
  185. |<3>| ASSERT: ocsp.c[_ocsp_resp_verify_direct]:2022
  186. |<3>| ASSERT: x509.c[check_ocsp_response]:147
  187. |<3>| ASSERT: common.c[x509_read_value]:698
  188. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  189. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  190. |<3>| ASSERT: verify.c[verify_crt]:604
  191. |<2>| GNUTLS_SEC_PARAM_LOW: certificate's issuer security level is unacceptable
  192. |<3>| ASSERT: verify.c[is_level_acceptable]:429
  193. |<3>| ASSERT: verify.c[verify_crt]:714
  194. |<3>| ASSERT: verify.c[verify_crt]:743
  195. |<3>| ASSERT: verify.c[_gnutls_verify_crt_status]:913
  196. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  197. |<3>| ASSERT: verify.c[verify_crt]:604
  198. |<2>| GNUTLS_SEC_PARAM_LOW: certificate's issuer security level is unacceptable
  199. |<3>| ASSERT: verify.c[is_level_acceptable]:429
  200. |<3>| ASSERT: verify.c[verify_crt]:714
  201. |<3>| ASSERT: verify.c[verify_crt]:743
  202. |<3>| ASSERT: verify.c[_gnutls_verify_crt_status]:913
  203. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  204. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  205. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  206. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  207. |<2>| crt_is_known: did not find cert, using issuer DN + serial, using DN only
  208. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4092
  209. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  210. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  211. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  212. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4105
  213. |<2>| crt_is_known: did not find any cert
  214. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  215. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  216. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  217. |<2>| crt_is_known: did not find cert, using issuer DN + serial, using DN only
  218. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4092
  219. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  220. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  221. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  222. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4105
  223. |<2>| crt_is_known: did not find any cert
  224. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  225. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  226. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  227. |<2>| crt_is_known: did not find cert, using issuer DN + serial, using DN only
  228. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4092
  229. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  230. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  231. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  232. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4105
  233. |<2>| crt_is_known: did not find any cert
  234. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  235. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  236. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  237. |<2>| crt_is_known: did not find cert, using issuer DN + serial, using DN only
  238. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4092
  239. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  240. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  241. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3552
  242. |<3>| ASSERT: pkcs11.c[gnutls_pkcs11_crt_is_known]:4105
  243. |<2>| crt_is_known: did not find any cert
  244. |<3>| ASSERT: common.c[x509_read_value]:698
  245. |<3>| ASSERT: pkcs11.c[find_cert_cb]:3727
  246. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  247. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  248. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  249. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  250. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  251. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  252. |<3>| ASSERT: common.c[x509_read_value]:698
  253. |<2>| looking for key purpose '1.3.6.1.5.5.7.3.1', but have '1.3.6.1.5.5.7.3.4'
  254. |<3>| ASSERT: common.c[x509_read_value]:698
  255. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  256. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  257. |<3>| ASSERT: dn.c[_gnutls_x509_compare_raw_dn]:1003
  258. |<3>| ASSERT: common.c[x509_read_value]:698
  259. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  260. |<3>| ASSERT: name_constraints.c[gnutls_x509_crt_get_name_constraints]:470
  261. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  262. |<3>| ASSERT: mpi.c[_gnutls_x509_read_uint]:246
  263. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  264. |<3>| ASSERT: common.c[x509_read_value]:698
  265. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  266. |<3>| ASSERT: name_constraints.c[gnutls_x509_crt_get_name_constraints]:470
  267. |<3>| ASSERT: extensions.c[_gnutls_get_extension]:65
  268. |<3>| ASSERT: common.c[x509_read_value]:698
  269. - Status: The certificate is NOT trusted. The received OCSP status response is invalid.
  270. *** PKI verification of server certificate failed...
  271. |<3>| ASSERT: handshake.c[run_verify_callback]:2751
  272. |<3>| ASSERT: handshake.c[handshake_client]:2862
  273. *** Fatal error: Error in the certificate.
  274. |<5>| REC: Sending Alert[2|42] - Certificate is bad
  275. |<5>| REC[0x1392df8]: Preparing Packet Alert(21) with length: 2 and min pad: 0
  276. |<5>| REC[0x1392df8]: Sent Packet[2] Alert(21) in epoch 0 and length: 7
  277. *** handshake has failed: Error in the certificate.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!