curl-users
Re: Help with an X509 certificate and cURL request
From: thomas Armstrong <tarmstrong_at_gmail.com>
Date: Wed, 23 Jan 2008 10:40:54 +0100
Date: Wed, 23 Jan 2008 10:40:54 +0100
> openssl s_client takes host names, not URLs. Try
> openssl s_client -connect www.domain.com:443
yep, you'right.
[]# openssl s_client -connect www.domain.com:443 -cert ssl.crt -key ssl.key
Error message:
---------
CONNECTED(00000003)
depth=0 /C=US/ST=California/L=San Francisco/O=My Company/OU=IT/CN=www.domain.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=US/ST=California/L=San Francisco/O=My Company/OU=IT/CN=www.domain.com
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=US/ST=California/L=San Francisco/O=My Company/OU=IT/CN=www.domain.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=San Francisco/O=My Company/OU=IT/CN=www.domain.com
i:/C=US/O=Security Firm/CN=Security CA-1
---
...
---
No client certificate CA names sent
---
SSL handshake has read 944 bytes and written 324 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 1024 bit
SSL-Session:
Protocol : TLSv1
Cipher : RC4-MD5
Session-ID: B504440030B7B50633ECD7FED781458B190213F63EA0B5B8A966615B98E6F2AA
Session-ID-ctx:
Master-Key:
3BB9246CF8456FF525E4695X4440017FB3B00CB29493BB5A2BTBF80EBAFB7A59599CF9A5497C599AB8FF9FAAD8390A0B
Key-Arg : None
Krb5 Principal: None
Start Time: 1201080084
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
Received on 2008-01-23