Skip to content

Instantly share code, notes, and snippets.

@pentago

pentago/tls.md

Created September 3, 2024 09:09
Show Gist options
  • Save pentago/09491ab4a8d1b81b8b2a4ce232b9855c to your computer and use it in GitHub Desktop.
Save pentago/09491ab4a8d1b81b8b2a4ce232b9855c to your computer and use it in GitHub Desktop.
Download ZIP
tls
Raw
tls.md

/ # openssl s_client -connect thanos-receive.monitoring.origo.dev:443 Connecting to 10.159.1.101 CONNECTED(00000003) depth=0 CN=monitoring.origo.dev verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 CN=monitoring.origo.dev verify error:num=21:unable to verify the first certificate verify return:1 depth=0 CN=monitoring.origo.dev verify return:1

Certificate chain 0 s:CN=monitoring.origo.dev i:C=US, O=Let's Encrypt, CN=R11 a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256 v:NotBefore: Jul 24 05:00:34 2024 GMT; NotAfter: Oct 22 05:00:33 2024 GMT

Server certificate -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISA7j3QB8Jrw1Nc47JwjqfIV2mMA0GCSqGSIb3DQEBCwUA MDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQD EwNSMTEwHhcNMjQwNzI0MDUwMDM0WhcNMjQxMDIyMDUwMDMzWjAfMR0wGwYDVQQD ExRtb25pdG9yaW5nLm9yaWdvLmRldjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBAOzkl2jS/ccaKz0nYlbyPjj4tPwtGSLR15pc7R9n5HhqDc4X1fJUE6og TzV1SuLK3aK/R0OBcyRsEOhp81qlkREojH0d9BtB7q5lbSXdjl6THztX5hk/GGng oQ0KC8tPHT0f50gsMZIIldaEcRozaB3JUmfkNBbqkEtBYLMiAMKzt5SdQNdzonZA i8ASD8lWp+SXnwjoGSeQ9zZ9Tj9luBNrXhcNKCSUIbHIKg8+v7cvh43x5GoN5YKF zFaixXPOV3KYnbWP0Gtbde5fo6sy/72mVay3R5oP6IMLj8Nc00kKyZFhKOK0kpty docqcvdcRR2VZQ5lFLvYJiCumZmvFV0CAwEAAaOCAi8wggIrMA4GA1UdDwEB/wQE AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw ADAdBgNVHQ4EFgQU6+39QjzeZzNj+HOQjCcMhT7s9MUwHwYDVR0jBBgwFoAUxc9G pOr0w8B6bJXELbBeki8m47kwVwYIKwYBBQUHAQEESzBJMCIGCCsGAQUFBzABhhZo dHRwOi8vcjExLm8ubGVuY3Iub3JnMCMGCCsGAQUFBzAChhdodHRwOi8vcjExLmku bGVuY3Iub3JnLzA3BgNVHREEMDAughYqLm1vbml0b3Jpbmcub3JpZ28uZGV2ghRt b25pdG9yaW5nLm9yaWdvLmRldjATBgNVHSAEDDAKMAgGBmeBDAECATCCAQMGCisG AQQB1nkCBAIEgfQEgfEA7wB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdM Wjp0AAABkONTvtkAAAQDAEYwRAIgcg96cfcmE0jl631uzNcUuO7Yb6m+oxWPIhzM C1GpK6cCIEIL6KOFKXVPwD8dtC+GSoD8hinrcj5NmgIRUSLR1wVfAHYASLDja9qm RzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGQ41PCkwAABAMARzBFAiEAkoRw r/5t3vadDk4zqW7y2zKTsBiXkczRnRQmKPArIe8CIHbRYceDpOgivfP04FPYoQ2C sH54YRVzD9BT89qQMGJpMA0GCSqGSIb3DQEBCwUAA4IBAQBlLOlqlUiybTNoaV8z Eaubp2xrNpPkH9vWgtwqbxYsd8GQZM00vVNs7AHqx6q8e/UBx2jJvY5qE5UjKMEJ AUJyHq6ZNXR6ZQT7OUa8Y51g3A2/rA+udbl0YvxpDFmWVEqTx2k8SYtbAAi+89bB tio2Js7P770bl2ubrVIftIfNHKs1E9/GbUjHZNs7OYQi8JDNfRZeHGMFQqZe8HON OQGoOoDVzTogywGNoy+nLhAHQ9ql7NiWW9M3kZtXst2k1qJvuEbPUn0HtJKX9F6C OW9yr/hQzk7hCcmTM8mHFgl8dc2fv7+yhT3QS1B965XYNDlwjYBvwSOEKk8q3UZy WtNz -----END CERTIFICATE----- subject=CN=monitoring.origo.dev issuer=C=US, O=Let's Encrypt, CN=R11

No client certificate CA names sent Peer signing digest: SHA512 Peer signature type: RSA Server Temp Key: ECDH, prime256v1, 256 bits

SSL handshake has read 2005 bytes and written 469 bytes Verification error: unable to verify the first certificate

New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: 8FDD69E096C0064A0F47BCD085116E4C04318DDCC29F34792FA718AD7893672B Session-ID-ctx: Master-Key: 2487E03DA8C65F3B3966A7C05568E4A37C3113A6101AA8F0E1331BF6702FB65B0FA56CF90BAF211B4F675577DA3392A7 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - 9a b4 cc b2 17 6f dd 33-19 3b e2 c5 97 0b 6b a6 .....o.3.;....k. 0010 - d9 86 a0 fa 54 28 c2 fb-69 52 0b 0c 48 46 40 5e ....T(..iR..HF@^ 0020 - a7 72 4f cc fc 74 01 ec-e0 d0 6e fa 5f bd 31 6d .rO..t....n..1m 0030 - 66 72 a6 6a 25 3a d9 3c-3d 43 8e 1e 58 e7 17 07 fr.j%:.<=C..X... 0040 - bc 1d 7f 28 b3 78 49 b9-5c 07 70 c3 8c a6 63 a5 ...(.xI..p...c. 0050 - 8b 0b da 1a e0 80 bd df-8f 1b b3 ac d0 a9 2d 98 ..............-. 0060 - 19 c1 6c e6 48 49 da 09-4f da 78 99 14 69 94 5d ..l.HI..O.x..i.] 0070 - a2 ab 00 b1 a6 24 13 40-ef 6e 66 4e 8c c4 e3 64 .....$[email protected]...d 0080 - 98 ee c7 0b dc 40 32 2b-f4 1f 8b 7a 42 03 fc 44 .....@2+...zB..D 0090 - c1 62 b8 63 16 fe 0a e4-ca b4 56 8d e8 5b 2a 5f .b.c......V..[* 00a0 - 4d 8e 68 a1 f3 72 4d 94-da 60 a4 90 af 20 7c fb M.h..rM..`... |. 00b0 - b1 9d e1 d3 9e 96 fe 04-39 c2 ce f1 a3 a3 41 ad ........9.....A. 00c0 - 8a f8 d3 9b e0 6f a9 02-0c e8 17 72 8c 39 c2 40 .....o.....r.9.@ Start Time: 1725354518 Timeout : 7200 (sec) Verify return code: 21 (unable to verify the first certificate) Extended master secret: no

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment