Last active
December 6, 2015 22:13
-
-
Save gak/de922f94de1649acab69 to your computer and use it in GitHub Desktop.
slack invalid certificate from my host
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ~ > openssl s_client -connect slack.com:443 | |
| CONNECTED(00000003) | |
| depth=1 C = US, ST = California, L = Sunnyvale, O = Fortinet, OU = Certificate Authority, CN = FortiGate CA, emailAddress = [email protected] | |
| verify error:num=19:self signed certificate in certificate chain | |
| --- | |
| Certificate chain | |
| 0 s:/C=US/ST=California/L=San Francisco/O=Slack Technologies, Inc/CN=*.slack.com | |
| i:/C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=Certificate Authority/CN=FortiGate CA/[email protected] | |
| 1 s:/C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=Certificate Authority/CN=FortiGate CA/[email protected] | |
| i:/C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=Certificate Authority/CN=FortiGate CA/[email protected] | |
| --- | |
| Server certificate | |
| -----BEGIN CERTIFICATE----- | |
| MIIDxzCCAq+gAwIBAgIQfP8VnLkNN5a56Pa7AA0t6TANBgkqhkiG9w0BAQsFADCB | |
| pTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVN1 | |
| bm55dmFsZTERMA8GA1UEChMIRm9ydGluZXQxHjAcBgNVBAsTFUNlcnRpZmljYXRl | |
| IEF1dGhvcml0eTEVMBMGA1UEAxMMRm9ydGlHYXRlIENBMSMwIQYJKoZIhvcNAQkB | |
| FhRzdXBwb3J0QGZvcnRpbmV0LmNvbTAeFw0xNTAxMjYwMDAwMDBaFw0xNzAyMTgy | |
| MzU5NTlaMHIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYD | |
| VQQHDA1TYW4gRnJhbmNpc2NvMSAwHgYDVQQKDBdTbGFjayBUZWNobm9sb2dpZXMs | |
| IEluYzEUMBIGA1UEAwwLKi5zbGFjay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB | |
| DwAwggEKAoIBAQDFQ8bWSmAvC5CfvZpRkbJHE+kamFbXIbnZC6ZH/w8/yPNmWRDe | |
| aUtj0M8HLpkWBWjdjf4lZfY9EnWAw+Jhkeo4ijeK15PUnSatNuS3SPxtw6dppnBe | |
| fOjyec2EDvFfjswyZOLe6MpqGRym4WU7WLmMgnSNx91J//o7NNoLQsqY0GfF71e6 | |
| Je1+kl4VaAi1Vj3qL/88065eTfQCb2wrsqt6r48O3RBObHkvozB1nWs5Upetyxlr | |
| veNgFqsxXt3Pkgcmb7ITSR1qR9eaqwjzeK5NeqEaKO6K6Cm7bPST0jKR13a88jWP | |
| Yoy3xWcj1LeqKeUS1a0pa+TiN2Os0ruIqH2xAgMBAAGjJTAjMCEGA1UdEQQaMBiC | |
| Cyouc2xhY2suY29tgglzbGFjay5jb20wDQYJKoZIhvcNAQELBQADggEBABaCG8qv | |
| /k/tRnz0BHqEMu9CPpRAEdnEK8RoZN6Tizos/2KcVDUg9DGNSs2oxsI9XabhhRRw | |
| HwVfMDaT1ldz1MndeU6RIgth/Lj0z3B6KKhjKukIUWpXDFKu2HU+6mdSj4tjx03C | |
| LuErRNvp5jSsjVnqYNkir3M3Th271Ku6uWvEscr5JkWYQCJB/OqTk8J67xxWnq/f | |
| V14M+BZi892LzhN7ypK107OImkUt4tRmatdk1b4veZn0ZSeyWOjKb2Be3wYfYn46 | |
| pdNurQyLLVV2tNLtE2IL3QpbRA/1jxJ/kK5wgPW8opS/Gx45z5NtYtPtXaD/wRYs | |
| jS/1dT/AF+Av82k= | |
| -----END CERTIFICATE----- | |
| subject=/C=US/ST=California/L=San Francisco/O=Slack Technologies, Inc/CN=*.slack.com | |
| issuer=/C=US/ST=California/L=Sunnyvale/O=Fortinet/OU=Certificate Authority/CN=FortiGate CA/[email protected] | |
| --- | |
| No client certificate CA names sent | |
| --- | |
| SSL handshake has read 2274 bytes and written 636 bytes | |
| --- | |
| New, TLSv1/SSLv3, Cipher is AES256-GCM-SHA384 | |
| Server public key is 2048 bit | |
| Secure Renegotiation IS supported | |
| Compression: NONE | |
| Expansion: NONE | |
| No ALPN negotiated | |
| SSL-Session: | |
| Protocol : TLSv1.2 | |
| Cipher : AES256-GCM-SHA384 | |
| Session-ID: B0A7F33109DA55B49106A8ADE4F44AEDB29170DAD92F20ED9640819321CDC7A8 | |
| Session-ID-ctx: | |
| Master-Key: C9700C35900890BE764F169B3F1D14A0C756D831E97A8F97691DC8470BA57CA9A3DC97DAD0E26B42DC73900DE4BEEADF | |
| Key-Arg : None | |
| PSK identity: None | |
| PSK identity hint: None | |
| SRP username: None | |
| TLS session ticket lifetime hint: 300 (seconds) | |
| TLS session ticket: | |
| 0000 - 42 24 b7 9b 4d 7a 60 ba-fd 7a fe 51 2d b4 c0 60 B$..Mz`..z.Q-..` | |
| 0010 - ad 53 45 e4 07 44 98 03-47 c3 fd ac 77 99 75 37 .SE..D..G...w.u7 | |
| 0020 - 77 35 e2 bc 9c 0d 75 7b-55 f9 a4 66 a1 37 cd 92 w5....u{U..f.7.. | |
| 0030 - 88 99 12 90 16 2a 46 69-5a 9e 61 d4 57 35 fe 84 .....*FiZ.a.W5.. | |
| 0040 - b5 3b 2b c8 3f 00 b7 48-29 34 5a c6 82 34 4d b1 .;+.?..H)4Z..4M. | |
| 0050 - 3d eb 95 99 a0 c0 02 a5-2d 6d fe 99 96 42 08 8f =.......-m...B.. | |
| 0060 - d2 0f f9 4b b4 54 cf 59-f6 98 46 db e6 81 83 53 ...K.T.Y..F....S | |
| 0070 - 51 cb 59 6b 18 2d 61 12-5c 95 07 3d 1b cb f1 74 Q.Yk.-a.\..=...t | |
| 0080 - 5f f4 0c 6f d9 c6 64 6d-e5 c7 d6 de 73 e9 f3 d7 _..o..dm....s... | |
| 0090 - ac 29 66 0d 77 95 af b6-0e 1b 04 a2 95 a5 c8 e4 .)f.w........... | |
| Start Time: 1449439346 | |
| Timeout : 300 (sec) | |
| Verify return code: 19 (self signed certificate in certificate chain) | |
| --- | |
| ^C | |
| ~ > ping slack.com | |
| PING slack.com (107.23.217.39) 56(84) bytes of data. | |
| ^C64 bytes from 107.23.217.39: icmp_seq=1 ttl=50 time=261 ms |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ~ > openssl s_client -connect slack.com:443 | |
| CONNECTED(00000003) | |
| depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA | |
| verify return:1 | |
| depth=1 C = US, O = GeoTrust Inc., CN = GeoTrust SSL CA - G3 | |
| verify return:1 | |
| depth=0 C = US, ST = California, L = San Francisco, O = "Slack Technologies, Inc", CN = *.slack.com | |
| verify return:1 | |
| --- | |
| Certificate chain | |
| 0 s:/C=US/ST=California/L=San Francisco/O=Slack Technologies, Inc/CN=*.slack.com | |
| i:/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G3 | |
| 1 s:/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G3 | |
| i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA | |
| --- | |
| Server certificate | |
| -----BEGIN CERTIFICATE----- | |
| MIIE7jCCA9agAwIBAgIQJ85dBpYNN5a56Pa7AA0t6TANBgkqhkiG9w0BAQsFADBE | |
| MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU | |
| R2VvVHJ1c3QgU1NMIENBIC0gRzMwHhcNMTUwMTI2MDAwMDAwWhcNMTcwMjE4MjM1 | |
| OTU5WjByMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UE | |
| BwwNU2FuIEZyYW5jaXNjbzEgMB4GA1UECgwXU2xhY2sgVGVjaG5vbG9naWVzLCBJ | |
| bmMxFDASBgNVBAMMCyouc2xhY2suY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A | |
| MIIBCgKCAQEA34++uRDAttV+Kk7pQyryqQDBFBh3jqiqK+sXWj22peZJpuXXuIvf | |
| 9/sZykydlypTjipopgJqiyK0ui+Rrc05uhlFg8NfUxu5uibG1J02N1oA7gDJmB9V | |
| ijAYFixQXG6iMjrskp6PLdqGEPVELMDQvbNKwllKzN+gx0DW5F+HSTN7jviVThB8 | |
| PgxZ0XPjQbbx63Ttc1XbPHsOiQvJGWuDxf2ZRN9tT7UZguriRtB5ieDrxvupX7Pp | |
| oWmchVqubWI3BnhgQl4H2Yu5kZb5LhieudDic0lag3dtrT1xdTwxt+pOjBA3c71j | |
| 4+K+0DwXNfPb4x5mCsisRkYguwU76I6DewIDAQABo4IBrDCCAagwIQYDVR0RBBow | |
| GIILKi5zbGFjay5jb22CCXNsYWNrLmNvbTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQE | |
| AwIFoDArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vZ24uc3ltY2IuY29tL2duLmNy | |
| bDCBoQYDVR0gBIGZMIGWMIGTBgpghkgBhvhFAQc2MIGEMD8GCCsGAQUFBwIBFjNo | |
| dHRwczovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL3JlcG9zaXRvcnkvbGVn | |
| YWwwQQYIKwYBBQUHAgIwNQwzaHR0cHM6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291 | |
| cmNlcy9yZXBvc2l0b3J5L2xlZ2FsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF | |
| BQcDAjAfBgNVHSMEGDAWgBTSb/eW9IU/cjwwfSPahXibo3xafDBXBggrBgEFBQcB | |
| AQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nbi5zeW1jZC5jb20wJgYIKwYBBQUH | |
| MAKGGmh0dHA6Ly9nbi5zeW1jYi5jb20vZ24uY3J0MA0GCSqGSIb3DQEBCwUAA4IB | |
| AQCwg6K1Ro+cEyd37PK6Tz8Lq8eVypxT7oG/v1qMC8XXkmadZqI+LVxjltsn/sB1 | |
| PgJzUeRbVZVYXUtsmFVhmSYStmXdK0xG4Vdkvu0eHpRvAp7hBRelCSMANd/l5k/z | |
| FCj6kVTnIej3zqT6yKHxxCb+alB2og18+yj3vUScUOPqJN8eeo3MYrT1RgbGu+dl | |
| vlK2bdxLFvvMQlj70d+qUwrm7Ayt0fMDqYoVah1XUDGFLfPZkHy8LG9V0qWuf+fQ | |
| f3+XJH9AuevP3QlfkyTFow3BtKkCbwkcToSA4p1kHm/N6tcQL8FsXdKQybZgqLzF | |
| ggLk2IYTdtzZsxYK96maAwmg | |
| -----END CERTIFICATE----- | |
| subject=/C=US/ST=California/L=San Francisco/O=Slack Technologies, Inc/CN=*.slack.com | |
| issuer=/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G3 | |
| --- | |
| No client certificate CA names sent | |
| Peer signing digest: SHA512 | |
| Server Temp Key: ECDH, P-256, 256 bits | |
| --- | |
| SSL handshake has read 3030 bytes and written 444 bytes | |
| --- | |
| New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 | |
| Server public key is 2048 bit | |
| Secure Renegotiation IS supported | |
| Compression: NONE | |
| Expansion: NONE | |
| No ALPN negotiated | |
| SSL-Session: | |
| Protocol : TLSv1.2 | |
| Cipher : ECDHE-RSA-AES128-GCM-SHA256 | |
| Session-ID: 942A0ACE9ADCFD4D1B1AB1FFE7B304343B258F44557851DBEAE9D60FE536B824 | |
| Session-ID-ctx: | |
| Master-Key: 7F4CF610D236C22B9842D3B469F8D9CBD55ACA60774CFF8E7A96E76572760930237A0DFC3FF9853DFA6F5C61A715042C | |
| Key-Arg : None | |
| PSK identity: None | |
| PSK identity hint: None | |
| SRP username: None | |
| TLS session ticket lifetime hint: 300 (seconds) | |
| TLS session ticket: | |
| 0000 - 67 90 6b 02 c5 0b 59 27-0f 42 55 27 54 d4 98 e6 g.k...Y'.BU'T... | |
| 0010 - f5 9a 25 07 79 69 95 cd-89 c9 95 e6 2e 94 5c a4 ..%.yi........\. | |
| 0020 - 87 8b d2 1f 71 bb 8f 68-97 af 3b ca 05 62 87 5d ....q..h..;..b.] | |
| 0030 - 9b 4a ed 9a 40 68 c5 91-b7 28 77 72 ce c1 73 8c .J..@h...(wr..s. | |
| 0040 - d1 0f 7d 89 c9 ad 61 62-9c 94 13 f5 cf 5f 00 11 ..}...ab....._.. | |
| 0050 - 2e db a7 c7 49 2d 14 cd-2b 31 3d 69 3d 4c ed 74 ....I-..+1=i=L.t | |
| 0060 - 6c 24 11 9f 30 55 3d 79-9b 01 f7 8a 59 33 68 4f l$..0U=y....Y3hO | |
| 0070 - 3a 4f da 9d 19 8a f4 ac-30 66 2e 5b 21 19 d1 2b :O......0f.[!..+ | |
| 0080 - 90 26 9d 3f b6 0d d3 b4-e7 da cd e2 25 25 ef 78 .&.?........%%.x | |
| 0090 - 3e 46 97 5e da 87 d8 64-1f f5 fd d2 43 14 d1 e2 >F.^...d....C... | |
| Start Time: 1449439385 | |
| Timeout : 300 (sec) | |
| Verify return code: 0 (ok) | |
| --- | |
| closed | |
| ~ > | |
| ~ > ping slack.com | |
| PING slack.com (54.164.204.227) 56(84) bytes of data. | |
| 64 bytes from ec2-54-164-204-227.compute-1.amazonaws.com (54.164.204.227): icmp_seq=1 ttl=50 time=256 ms | |
| ^C |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment