lidaobing · June 4, 2013 05:11
diff --git a/gistfile1.txt b/gistfile1.txt
 $ echo | openssl s_client -connect mail.google.com:443 2>&1 
 CONNECTED(00000003)
 =depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
 verify error:num=20:unable to get local issuer certificate
 verify return:1
 depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
 verify error:num=27:certificate not trusted
 verify return:1
 depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
 verify error:num=21:unable to verify the first certificate
 verify return:1
 ---
 Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
   i:/C=US/ST=VeriSign, Inc./L=VeriSign Trust Network/O=Terms of use at https://www.verisign.com/rpa/CN=VeriSign Class 3 Extended Validation CA
 ---
 Server certificate
 -----BEGIN CERTIFICATE-----
 MIICtzCCAiCgAwIBAgIKYFVx7gABAACJJzANBgkqhkiG9w0BAQQFADCBsDELMAkG
 A1UEBhMCVVMxFzAVBgNVBAgTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQHExZWZXJp
 U2lnbiBUcnVzdCBOZXR3b3JrMTUwMwYDVQQKEyxUZXJtcyBvZiB1c2UgYXQgaHR0
 cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTEwMC4GA1UEAxMnVmVyaVNpZ24gQ2xh
 c3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIENBMB4XDTEzMDUyMjE1NTExMVoXDTEz
 MTAzMTIzNTk1OVowaTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
 FjAUBgNVBAcTDU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBJbmMxGDAW
 BgNVBAMTD21haWwuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
 gYEAwKdt/R9qRgzyKuoIF1OCXsRYZjsv0ZnP0qQX0BaqQqqt6UBUiZnqvH6GhkiW
 sWyefIExU+ApF6ehpm4oU9s+Hx40jTeDP9PM7q+QP1LFUr4qMDPQN1yGh0Lbblpg
 7UrTIfBJ6ONaCihfwLP8xlLm8vQnr2GDKbL7WviSQlC1qWECAwEAAaMeMBwwGgYD
 VR0RBBMwEYIPbWFpbC5nb29nbGUuY29tMA0GCSqGSIb3DQEBBAUAA4GBAC9h9s/l
 rhE6EZPYJr30/NzCIL7q6+ppyU4i1WeIOxtyfr4LcOaMBeZ3WI7cXuyBjMAzg0c7
 sXLrsjiIxzggSJbuvEB5bA/XDKCypWrnhlfsfSlLKsN7GpGO/DhTuOAlpWXWIx0i
 vp90QoPnfPwttpPWgGg5+1pj+uuDZQi5L836
 -----END CERTIFICATE-----
 subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
 issuer=/C=US/ST=VeriSign, Inc./L=VeriSign Trust Network/O=Terms of use at https://www.verisign.com/rpa/CN=VeriSign Class 3 Extended Validation CA
 ---
 No client certificate CA names sent
 ---
 SSL handshake has read 861 bytes and written 328 bytes
 ---
 New, TLSv1/SSLv3, Cipher is AES256-SHA
 Server public key is 1024 bit
 Secure Renegotiation IS NOT supported
 Compression: NONE
 Expansion: NONE
 SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES256-SHA
    Session-ID: 119EBC96C507EAEF9687D2B03FFEC377A8F284E0906284F75A9A30B12B09FCAB
    Session-ID-ctx: 
    Master-Key: 63F5C7918E51B8AD151F96D49FB4D75D025AD061FA2CB503A4884D7C9DCAE09C2142A5D68320541D8E82B8AC6FE338A4
    Key-Arg   : None
    Start Time: 1370322582
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)
 ---
 DONE
	$ echo \| openssl s_client -connect mail.google.com:443 2>&1
	CONNECTED(00000003)
	=depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
	verify error:num=20:unable to get local issuer certificate
	verify return:1
	depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
	verify error:num=27:certificate not trusted
	verify return:1
	depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
	verify error:num=21:unable to verify the first certificate
	verify return:1
	---
	Certificate chain
	0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
	i:/C=US/ST=VeriSign, Inc./L=VeriSign Trust Network/O=Terms of use at https://www.verisign.com/rpa/CN=VeriSign Class 3 Extended Validation CA
	---
	Server certificate
	-----BEGIN CERTIFICATE-----
	MIICtzCCAiCgAwIBAgIKYFVx7gABAACJJzANBgkqhkiG9w0BAQQFADCBsDELMAkG
	A1UEBhMCVVMxFzAVBgNVBAgTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQHExZWZXJp
	U2lnbiBUcnVzdCBOZXR3b3JrMTUwMwYDVQQKEyxUZXJtcyBvZiB1c2UgYXQgaHR0
	cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTEwMC4GA1UEAxMnVmVyaVNpZ24gQ2xh
	c3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIENBMB4XDTEzMDUyMjE1NTExMVoXDTEz
	MTAzMTIzNTk1OVowaTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
	FjAUBgNVBAcTDU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2dsZSBJbmMxGDAW
	BgNVBAMTD21haWwuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
	gYEAwKdt/R9qRgzyKuoIF1OCXsRYZjsv0ZnP0qQX0BaqQqqt6UBUiZnqvH6GhkiW
	sWyefIExU+ApF6ehpm4oU9s+Hx40jTeDP9PM7q+QP1LFUr4qMDPQN1yGh0Lbblpg
	7UrTIfBJ6ONaCihfwLP8xlLm8vQnr2GDKbL7WviSQlC1qWECAwEAAaMeMBwwGgYD
	VR0RBBMwEYIPbWFpbC5nb29nbGUuY29tMA0GCSqGSIb3DQEBBAUAA4GBAC9h9s/l
	rhE6EZPYJr30/NzCIL7q6+ppyU4i1WeIOxtyfr4LcOaMBeZ3WI7cXuyBjMAzg0c7
	sXLrsjiIxzggSJbuvEB5bA/XDKCypWrnhlfsfSlLKsN7GpGO/DhTuOAlpWXWIx0i
	vp90QoPnfPwttpPWgGg5+1pj+uuDZQi5L836
	-----END CERTIFICATE-----
	subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
	issuer=/C=US/ST=VeriSign, Inc./L=VeriSign Trust Network/O=Terms of use at https://www.verisign.com/rpa/CN=VeriSign Class 3 Extended Validation CA
	---
	No client certificate CA names sent
	---
	SSL handshake has read 861 bytes and written 328 bytes
	---
	New, TLSv1/SSLv3, Cipher is AES256-SHA
	Server public key is 1024 bit
	Secure Renegotiation IS NOT supported
	Compression: NONE
	Expansion: NONE
	SSL-Session:
	Protocol : TLSv1
	Cipher : AES256-SHA
	Session-ID: 119EBC96C507EAEF9687D2B03FFEC377A8F284E0906284F75A9A30B12B09FCAB
	Session-ID-ctx:
	Master-Key: 63F5C7918E51B8AD151F96D49FB4D75D025AD061FA2CB503A4884D7C9DCAE09C2142A5D68320541D8E82B8AC6FE338A4
	Key-Arg : None
	Start Time: 1370322582
	Timeout : 300 (sec)
	Verify return code: 21 (unable to verify the first certificate)
	---
	DONE