lidaobing · June 4, 2013 05:07
diff --git a/gistfile1.txt b/gistfile1.txt
 $ echo | openssl s_client -connect login.live.com:443 2>&1 
 CONNECTED(00000003)
 depth=0 /1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
 verify error:num=20:unable to get local issuer certificate
 verify return:1
 depth=0 /1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
 verify error:num=27:certificate not trusted
 verify return:1
 depth=0 /1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
 verify error:num=21:unable to verify the first certificate
 verify return:1
 ---
 Certificate chain
 0 s:/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
   i:/C=US/ST=VeriSign, Inc./L=VeriSign Trust Network/O=Terms of use at https://www.verisign.com/rpa/CN=VeriSign Class 3 Extended Validation CA
 ---
 Server certificate
 -----BEGIN CERTIFICATE-----
 MIIDZDCCAs2gAwIBAgIQbHOBgVFufmxPtXwBqr6HiDANBgkqhkiG9w0BAQQFADCB
 sDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQH
 ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTUwMwYDVQQKEyxUZXJtcyBvZiB1c2Ug
 YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTEwMC4GA1UEAxMnVmVyaVNp
 Z24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIENBMB4XDTEyMDkxODAwMDAw
 MFoXDTE0MDkxOTIzNTk1OVowggEPMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYL
 KwYBBAGCNzwCAQITCldhc2hpbmd0b24xHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5p
 emF0aW9uMRIwEAYDVQQFEwk2MDA0MTM0ODUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQR
 FAU5ODA1MjETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxQHUmVkbW9uZDEY
 MBYGA1UECRQPMSBNaWNyb3NvZnQgV2F5MR4wHAYDVQQKFBVNaWNyb3NvZnQgQ29y
 cG9yYXRpb24xETAPBgNVBAsUCFBhc3Nwb3J0MRcwFQYDVQQDFA5sb2dpbi5saXZl
 LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwKdt/R9qRgzyKuoIF1OC
 XsRYZjsv0ZnP0qQX0BaqQqqt6UBUiZnqvH6GhkiWsWyefIExU+ApF6ehpm4oU9s+
 Hx40jTeDP9PM7q+QP1LFUr4qMDPQN1yGh0Lbblpg7UrTIfBJ6ONaCihfwLP8xlLm
 8vQnr2GDKbL7WviSQlC1qWECAwEAAaMdMBswGQYDVR0RBBIwEIIObG9naW4ubGl2
 ZS5jb20wDQYJKoZIhvcNAQEEBQADgYEAIV7Ii2rNBciTPkEZVigB+27npcI2O00A
 axqGBM7lFjexoqokK0gBiKV+lolKP+wpVXYUMl2Z1H8nORN1KSHne4Rf6bdoYEGn
 U5ckvaEDyrGi07PVFYukcVg6EnIP7ZoQcc2q0etxfrqqhgohjmIXZvs8xmLB/kaF
 ccxHfjRxM+0=
 -----END CERTIFICATE-----
 subject=/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
 issuer=/C=US/ST=VeriSign, Inc./L=VeriSign Trust Network/O=Terms of use at https://www.verisign.com/rpa/CN=VeriSign Class 3 Extended Validation CA
 ---
 No client certificate CA names sent
 ---
 SSL handshake has read 1034 bytes and written 328 bytes
 ---
 New, TLSv1/SSLv3, Cipher is AES256-SHA
 Server public key is 1024 bit
 Secure Renegotiation IS NOT supported
 Compression: NONE
 Expansion: NONE
 SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES256-SHA
    Session-ID: DC1E9819B899C4ECB547C7C8EBA47A3165C32445635DF6619EB355DBA4C33A39
    Session-ID-ctx: 
    Master-Key: E1396ADA09C69145BDD207692F0010042520639493D64B17BFC5CCB545CE741CA60086CD1BD4A57C814306EBA537ECEC
    Key-Arg   : None
    Start Time: 1370322395
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)
 ---
 DONE
	$ echo \| openssl s_client -connect login.live.com:443 2>&1
	CONNECTED(00000003)
	depth=0 /1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
	verify error:num=20:unable to get local issuer certificate
	verify return:1
	depth=0 /1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
	verify error:num=27:certificate not trusted
	verify return:1
	depth=0 /1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
	verify error:num=21:unable to verify the first certificate
	verify return:1
	---
	Certificate chain
	0 s:/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
	i:/C=US/ST=VeriSign, Inc./L=VeriSign Trust Network/O=Terms of use at https://www.verisign.com/rpa/CN=VeriSign Class 3 Extended Validation CA
	---
	Server certificate
	-----BEGIN CERTIFICATE-----
	MIIDZDCCAs2gAwIBAgIQbHOBgVFufmxPtXwBqr6HiDANBgkqhkiG9w0BAQQFADCB
	sDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQH
	ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTUwMwYDVQQKEyxUZXJtcyBvZiB1c2Ug
	YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTEwMC4GA1UEAxMnVmVyaVNp
	Z24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIENBMB4XDTEyMDkxODAwMDAw
	MFoXDTE0MDkxOTIzNTk1OVowggEPMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYL
	KwYBBAGCNzwCAQITCldhc2hpbmd0b24xHTAbBgNVBA8TFFByaXZhdGUgT3JnYW5p
	emF0aW9uMRIwEAYDVQQFEwk2MDA0MTM0ODUxCzAJBgNVBAYTAlVTMQ4wDAYDVQQR
	FAU5ODA1MjETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxQHUmVkbW9uZDEY
	MBYGA1UECRQPMSBNaWNyb3NvZnQgV2F5MR4wHAYDVQQKFBVNaWNyb3NvZnQgQ29y
	cG9yYXRpb24xETAPBgNVBAsUCFBhc3Nwb3J0MRcwFQYDVQQDFA5sb2dpbi5saXZl
	LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwKdt/R9qRgzyKuoIF1OC
	XsRYZjsv0ZnP0qQX0BaqQqqt6UBUiZnqvH6GhkiWsWyefIExU+ApF6ehpm4oU9s+
	Hx40jTeDP9PM7q+QP1LFUr4qMDPQN1yGh0Lbblpg7UrTIfBJ6ONaCihfwLP8xlLm
	8vQnr2GDKbL7WviSQlC1qWECAwEAAaMdMBswGQYDVR0RBBIwEIIObG9naW4ubGl2
	ZS5jb20wDQYJKoZIhvcNAQEEBQADgYEAIV7Ii2rNBciTPkEZVigB+27npcI2O00A
	axqGBM7lFjexoqokK0gBiKV+lolKP+wpVXYUMl2Z1H8nORN1KSHne4Rf6bdoYEGn
	U5ckvaEDyrGi07PVFYukcVg6EnIP7ZoQcc2q0etxfrqqhgohjmIXZvs8xmLB/kaF
	ccxHfjRxM+0=
	-----END CERTIFICATE-----
	subject=/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Washington/businessCategory=Private Organization/serialNumber=600413485/C=US/postalCode=98052/ST=Washington/L=Redmond/street=1 Microsoft Way/O=Microsoft Corporation/OU=Passport/CN=login.live.com
	issuer=/C=US/ST=VeriSign, Inc./L=VeriSign Trust Network/O=Terms of use at https://www.verisign.com/rpa/CN=VeriSign Class 3 Extended Validation CA
	---
	No client certificate CA names sent
	---
	SSL handshake has read 1034 bytes and written 328 bytes
	---
	New, TLSv1/SSLv3, Cipher is AES256-SHA
	Server public key is 1024 bit
	Secure Renegotiation IS NOT supported
	Compression: NONE
	Expansion: NONE
	SSL-Session:
	Protocol : TLSv1
	Cipher : AES256-SHA
	Session-ID: DC1E9819B899C4ECB547C7C8EBA47A3165C32445635DF6619EB355DBA4C33A39
	Session-ID-ctx:
	Master-Key: E1396ADA09C69145BDD207692F0010042520639493D64B17BFC5CCB545CE741CA60086CD1BD4A57C814306EBA537ECEC
	Key-Arg : None
	Start Time: 1370322395
	Timeout : 300 (sec)
	Verify return code: 21 (unable to verify the first certificate)
	---
	DONE