Skip to content

Instantly share code, notes, and snippets.

@Civil
Created March 29, 2024 14:59
Show Gist options
  • Save Civil/1ae889e7b3729f51244e34de4528c312 to your computer and use it in GitHub Desktop.
Save Civil/1ae889e7b3729f51244e34de4528c312 to your computer and use it in GitHub Desktop.
❯ openssl --version
OpenSSL 3.2.1 30 Jan 2024 (Library: OpenSSL 3.2.1 30 Jan 2024)
~ via 🐍 v3.12.2
❯ openssl s_client -host trex-tgn.cisco.com -port 443
Connecting to 173.36.109.208
CONNECTED(00000005)
depth=0 C=US, ST=California, L=San Jose, O=Cisco Systems Inc., CN=trex-tgn.cisco.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C=US, ST=California, L=San Jose, O=Cisco Systems Inc., CN=trex-tgn.cisco.com
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 C=US, ST=California, L=San Jose, O=Cisco Systems Inc., CN=trex-tgn.cisco.com
verify return:1
---
Certificate chain
0 s:C=US, ST=California, L=San Jose, O=Cisco Systems Inc., CN=trex-tgn.cisco.com
i:C=US, O=IdenTrust, OU=HydrantID Trusted Certificate Service, CN=HydrantID Server CA O1
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Dec 5 12:00:57 2023 GMT; NotAfter: Dec 4 11:59:57 2024 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgIQQAGMOdpPbOFR/OU8yJzH6jANBgkqhkiG9w0BAQsFADBy
MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MS4wLAYDVQQLEyVIeWRy
YW50SUQgVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlMR8wHQYDVQQDExZIeWRy
YW50SUQgU2VydmVyIENBIE8xMB4XDTIzMTIwNTEyMDA1N1oXDTI0MTIwNDExNTk1
N1owbzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcT
CFNhbiBKb3NlMRswGQYDVQQKExJDaXNjbyBTeXN0ZW1zIEluYy4xGzAZBgNVBAMT
EnRyZXgtdGduLmNpc2NvLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3FAocBr910kQD/jgMqtlwdvfA8QNlIPelV4ZRc6V6yesvX7d6d99mQe2mz
FA9LQcCeY2tTKHt6rdLY+uOMCoXIhGqK9TSARf9hh4r6OPSKrEvyJ/GUBlvyuakB
XFOHfZvPg2bnT/1LV5pbA/uBatGBq60n4topMmTDuflrR3FiPtkW0eaixzRLFs6l
Iwdo0QZz4CyVG8KvtwsoC7m+b/R11bgPOKqXdFV7tXmzEh/VP53wjmT0BVRWH/gk
L5ECgo6y7e58KwdjXB4FsJzkLrtHG/wKqfyTnOhj4cjS9juPgLm/LJ0Zjrkx0NE+
aOJvM25rRwd+fh2NEzxBZG30ImECAwEAAaOCAwcwggMDMA4GA1UdDwEB/wQEAwIF
oDCBhQYIKwYBBQUHAQEEeTB3MDAGCCsGAQUFBzABhiRodHRwOi8vY29tbWVyY2lh
bC5vY3NwLmlkZW50cnVzdC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly92YWxpZGF0
aW9uLmlkZW50cnVzdC5jb20vY2VydHMvaHlkcmFudGlkY2FPMS5wN2MwHwYDVR0j
BBgwFoAUibibtp7t+7DGvQ3sZ048o5KdLfkwIQYDVR0gBBowGDAIBgZngQwBAgIw
DAYKYIZIAYb5LwAGAzBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vdmFsaWRhdGlv
bi5pZGVudHJ1c3QuY29tL2NybC9oeWRyYW50aWRjYW8xLmNybDAdBgNVHREEFjAU
ghJ0cmV4LXRnbi5jaXNjby5jb20wHQYDVR0OBBYEFE8zTSjgMGd6r7BgYGBKrgF/
3OPzMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCCAX4GCisGAQQB1nkC
BAIEggFuBIIBagFoAHYAdv+IPwq2+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQA
AAGMOdpS1QAABAMARzBFAiAoAB2dlsil4hIhQv2sZDKKHv4ijRMel1rMaEZ21GRE
ywIhAPfGULJjUl3oWTAMtNy2m2E7UXolrI7ZX8zqdewA8uY0AHcA7s3QZNXbGs7F
XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGMOdpQOwAABAMASDBGAiEAvpbasFIi
1gh1xdYmI9oiL3jJXVPLVWKJvvCOEs1xG1ECIQDnQqwAvRvYPdt/7zDrZ8ZkBEYF
CU8ThvtcB3O6qVVTFAB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/ur
AAABjDnaUDgAAAQDAEYwRAIgF8++AoaMRn08lYt+M85zdPyBp7hB8Ox1Llw3Pznd
gQQCICIwSiHsQbAQRs3u8hpaB53UJoMuDjJpPt5kN0GPMvHdMA0GCSqGSIb3DQEB
CwUAA4IBAQC8WadgLZr5X8HJU/C3WPI+t19+afWgbi/bAPMShy6IolZAsOt6VX+m
4Wr9QH51MXta1+4AkN+Ln0zOslw7qGIqDH6Hyx45gZ0eN59chFsr3AW5Ra/1VMqs
egiHhVexCgUgFAy3wOT8/YtIbbBR+uPr+wv1+PKs1do9raGak/QQuiZ84U653cIh
YA64x0ogLfv4j94qNUmI2rR0rev8CgPWX4X+TSWQQ8H9vLR7YCrZg5vgjTEjA7v/
74kWFtmfef6Yo/SXMFLCHt8YcQS7TSbg03KX6RGX39KhPhqr+uqvYKuv3lxRA1GZ
UkBlEXeLBSj2kPCo12AeORWeK/uk0FUK
-----END CERTIFICATE-----
subject=C=US, ST=California, L=San Jose, O=Cisco Systems Inc., CN=trex-tgn.cisco.com
issuer=C=US, O=IdenTrust, OU=HydrantID Trusted Certificate Service, CN=HydrantID Server CA O1
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, prime256v1, 256 bits
---
SSL handshake has read 2362 bytes and written 452 bytes
Verification error: unable to verify the first certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 8C2F3D054A793774388996ECCC0B94A8286AD9E92873207DF4A8DB5D18D81182
Session-ID-ctx:
Master-Key: 85405A71E3EAB58D588E144BE929527096984A50DBD9DADCFEDD84ACF591DB6C80E0E043E087D65741EC493D86A5C8B3
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 93 8e f9 fa c8 53 22 f0-95 d3 19 70 3e 95 aa cd .....S"....p>...
0010 - c0 84 19 48 b0 7a 1d 85-1d 85 9b f4 b1 a6 46 ad ...H.z........F.
0020 - 95 f8 67 d5 72 a2 4f 2a-7e 9a 8e d8 d3 5e e3 d7 ..g.r.O*~....^..
0030 - b7 47 5d 7d 80 62 9c 57-d5 df f8 bd ce 3f 6e 29 .G]}.b.W.....?n)
0040 - ff 11 b6 d3 55 fc c7 8e-95 c6 91 40 f2 17 36 ed [email protected].
0050 - 7b a8 72 60 12 a2 e7 f2-6a 31 5e ce 3d 89 ea 26 {.r`....j1^.=..&
0060 - ac 5b ac e1 18 a3 05 e6-33 02 f4 98 01 0d e4 13 .[......3.......
0070 - 8a fd a4 ab 8a b7 8b 75-fe fa b5 24 3c 74 6a 6a .......u...$<tjj
0080 - ce e4 66 1f bd ec 92 4d-9d 7d eb 4e 77 d6 82 90 ..f....M.}.Nw...
0090 - eb dd ed ff 44 3c 0d ae-0f 31 32 ff dc 0d 24 e9 ....D<...12...$.
00a0 - ab a9 5d 5f 35 8d 2e 48-3f 4b 86 10 0d 27 71 b0 ..]_5..H?K...'q.
00b0 - bc f8 a1 28 a4 78 43 ac-e9 d2 2d f5 2a 74 b3 33 ...(.xC...-.*t.3
00c0 - 38 aa 55 dd 3b 74 44 ac-81 ca 46 3f 61 08 1d d5 8.U.;tD...F?a...
Start Time: 1711724325
Timeout : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
Extended master secret: no
---
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment