Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # nmap -p443 XXX.XXX.XXX.XXX
- Starting Nmap 6.47 ( http://nmap.org ) at 2017-01-07 23:32 CET
- Nmap scan report for [some-host] (XXX.XXX.XXX.XXX)
- Host is up (0.0021s latency).
- PORT STATE SERVICE
- 443/tcp open https
- Nmap done: 1 IP address (1 host up) scanned in 1.16 seconds
- # openssl s_client -connect XXX.XXX.XXX.XXX:443
- CONNECTED(00000003)
- 3069269200:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
- ---
- no peer certificate available
- ---
- No client certificate CA names sent
- ---
- SSL handshake has read 0 bytes and written 289 bytes
- ---
- New, (NONE), Cipher is (NONE)
- Secure Renegotiation IS NOT supported
- Compression: NONE
- Expansion: NONE
- SSL-Session:
- Protocol : TLSv1.2
- Cipher : 0000
- Session-ID:
- Session-ID-ctx:
- Master-Key:
- Key-Arg : None
- PSK identity: None
- PSK identity hint: None
- SRP username: None
- Start Time: 1483830497
- Timeout : 300 (sec)
- Verify return code: 0 (ok)
- ---
- # nmap -p443 XXX.XXX.XXX.XXX
- Starting Nmap 6.47 ( http://nmap.org ) at 2017-01-08 00:08 CET
- Nmap scan report for [some-host] (XXX.XXX.XXX.XXX)
- Host is up (0.064s latency).
- PORT STATE SERVICE
- 443/tcp filtered https
- Nmap done: 1 IP address (1 host up) scanned in 1.25 seconds
- # openssl s_client -connect localhost:443
- CONNECTED(00000003)
- depth=2 O = [some CA], CN = [some CA] Root CA X3
- verify return:1
- depth=1 C = US, O = [some CA], CN = [some CA] X3
- verify return:1
- depth=0 CN = my.site.com
- verify return:1
- ---
- Certificate chain
- 0 s:/CN=my.site.com
- i:/C=US/O=[some CA]/CN=[some CA] X3
- 1 s:/C=US/O=[some CA]/CN=[some CA] X3
- i:/O=[some CA]/CN=[some CA] Root CA X3
- ---
- Server certificate
- -----BEGIN CERTIFICATE-----
- [some data]
- -----END CERTIFICATE-----
- subject=/CN=my.site.com
- issuer=/C=US/O=[some CA]/CN=[some CA] X3
- ---
- No client certificate CA names sent
- Server Temp Key: ECDH, prime256v1, 256 bits
- ---
- SSL handshake has read 3672 bytes and written 373 bytes
- ---
- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
- Server public key is 4096 bit
- Secure Renegotiation IS supported
- Compression: NONE
- Expansion: NONE
- SSL-Session:
- Protocol : TLSv1.2
- Cipher : ECDHE-RSA-AES256-GCM-SHA384
- Session-ID: F2F71647F95F40CA29C5AA8628D76B466C8B89CFF5A1992B88DDC121FB376345
- Session-ID-ctx:
- Master-Key: [some data]
- Key-Arg : None
- Krb5 Principal: None
- PSK identity: None
- PSK identity hint: None
- TLS session ticket lifetime hint: 300 (seconds)
- TLS session ticket:
- [some data]
- Start Time: 1483840507
- Timeout : 300 (sec)
- Verify return code: 0 (ok)
- ---
Add Comment
Please, Sign In to add comment