On Tue, Apr 03, 2007 at 09:44:43PM +0200, Yoram Kahana wrote: > Hi Richard, > > Thanks for your answer, This is my problem, i cant see any mismatch. Do you > know of any other possibilities or ways of debug it? You can try running the openldap ldapsearch client with the "-d" argument for extra debugging goodness. See the loglevel directive in slapd.conf(5) for acceptable levels. Example truncated output from ldapsearch from package 2.2.26-5ubuntu2.2: # ldapsearch -h ldap.fqdn -ZZ -d 1 -b "" -s base -x ... TLS trace: SSL_connect:before/connect initialization TLS trace: SSL_connect:SSLv2/v3 write client hello A TLS trace: SSL_connect:SSLv3 read server hello A TLS certificate verification: depth: 1, err: 0, subject: [cert subject data removed] TLS certificate verification: depth: 0, err: 0, subject: [cert subject data removed] TLS trace: SSL_connect:SSLv3 read server certificate A TLS trace: SSL_connect:SSLv3 read server certificate request A TLS trace: SSL_connect:SSLv3 read server done A TLS trace: SSL_connect:SSLv3 write client certificate A TLS trace: SSL_connect:SSLv3 write client key exchange A TLS trace: SSL_connect:SSLv3 write change cipher spec A TLS trace: SSL_connect:SSLv3 write finished A TLS trace: SSL_connect:SSLv3 flush data TLS trace: SSL_connect:SSLv3 read finished A ... This will at least tell you what the command is really doing, and what it thinks the subject of the cert is. You should use whatever hostname is contained in the cert (either in the subject or subjectaltname fields) otherwise it'll quite rightly reject you. If your client isn't based on the openldap implementation, then you'll have to debug it using a client based on whatever implementation you are using. Without knowing more about your client and ssl libraries it's hard to suggest what might be broken in their configuration. > Thanks in advance > Yoram > > On 4/2/07, Richard Megginson <rmeggins@xxxxxxxxxx> wrote: > > > >Yoram Kahana wrote: > >> Hi Richard, > >> > >> Indeed it solved one of the problems, I didnt hash the ca certificte > >> in the client side. > >> now i am getting new message > >> > >> TLS: *hostname does not match CN in peer certificate* > >> > >> ** if i understand the meaning the CN and the hostname are not > >> identical but thats not the situation now. > >> > >The CN in the server cert is CN=r1-ows-07.rocaf.org - the server is > >running on r1-ows-07.rocaf.org? > > > >The error message means there is a mismatch somewhere. > >> > >> > >> I have also tried the opensll s_client -debug -connect (the output is > >> enclosed) > >> seems that throgh the openssl it works fine, where am i wrong? > >> > >> Can you see if you have any clue > >> great thanks > >> Yoram > >> > >> > >> > >> On 3/28/07, *Richard Megginson* <rmeggins@xxxxxxxxxx > >> <mailto:rmeggins@xxxxxxxxxx>> wrote: > >> > >> Yoram Kahana wrote: > >> > Hi > >> > > >> > Does anyone has an idea on which format should i save the ca > >> > certificate in the clients (for SSL communication) ? > >> > Is it PEM, DER, BER > >> It depends - what client are you trying to configure? Did you see > >> this > >> - > >> > >http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients > >> > > >> > > >> > Thanks in advance > >> > > >> > Yoram > >> > > >> > >------------------------------------------------------------------------ > >> > >> > > >> > -- > >> > Fedora-directory-users mailing list > >> > Fedora-directory-users@xxxxxxxxxx > >> <mailto:Fedora-directory-users@xxxxxxxxxx> > >> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > >> > > >> > >> -- > >> Fedora-directory-users mailing list > >> Fedora-directory-users@xxxxxxxxxx > >> <mailto:Fedora-directory-users@xxxxxxxxxx> > >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > >> > >> > >> > >> ------------------------------------------------------------------------ > >> > >> > >> openssl s_client -debug -connect r1-ows-07:636 > >> CONNECTED(00000003) > >> write to 00675450 [00675F50] (142 bytes => 142 (0x8E)) > >> 0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ......c... > >..9.. > >> 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 > >8..5............ > >> 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 > >..3..2../.....f. > >> 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 > >.............c.. > >> 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 > >b..a...........@ > >> 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 > >..e..d..`....... > >> 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 24 9c > >..............$. > >> 0070 - 49 e8 7b b6 bf 6a 36 4a-4a f8 04 25 d9 b8 a7 8e > >I.{..j6JJ..%.... > >> 0080 - 57 d7 67 c2 3a 6d 72 d0-d9 37 3f f5 ac 07 W.g.:mr..7?... > >> read from 00675450 [0067B4B0] (7 bytes => 7 (0x7)) > >> 0000 - 16 03 01 08 23 02 ....#. > >> 0007 - <SPACES/NULS> > >> read from 00675450 [0067B4B7] (2081 bytes => 1441 (0x5A1)) > >> 0000 - 00 46 03 01 00 28 82 f7-c8 e3 77 83 de 5f 86 53 > >.F...(....w.._.S > >> 0010 - 5d 5a 76 33 04 fe bd a6-b8 02 ee 88 c4 bd e8 6c > >]Zv3...........l > >> 0020 - 18 b9 ee f6 20 22 92 d7-0e b4 ae aa df c2 83 b7 .... > >".......... > >> 0030 - 07 22 94 af 91 d8 2a 92-da 0c d6 3e d5 7a ee 8f > >."....*....>.z.. > >> 0040 - 7f 26 28 3a 56 00 35 00-0b 00 06 dd 00 06 da 00 .&(:V.5........ > >. > >> 0050 - 03 6e 30 82 03 6a 30 82-02 d3 a0 03 02 01 02 02 > >.n0..j0......... > >> 0060 - 01 01 30 0d 06 09 2a 86-48 86 f7 0d 01 01 04 05 > >..0...*.H....... > >> 0070 - 00 30 81 83 31 0b 30 09-06 03 55 04 06 13 02 49 > >.0..1.0...U....I > >> 0080 - 4c 31 0f 30 0d 06 03 55-04 08 13 06 49 73 72 61 > >L1.0...U....Isra > >> 0090 - 65 6c 31 10 30 0e 06 03-55 04 07 13 07 54 65 6c > >el1.0...U....Tel > >> 00a0 - 41 76 69 76 31 11 30 0f-06 03 55 04 0a 13 08 4e > >Aviv1.0...U....N > >> 00b0 - 65 73 73 20 4c 74 64 31-0e 30 0c 06 03 55 04 0b ess Ltd1.0...U. > >. > >> 00c0 - 13 05 4c 4d 41 44 53 31-0e 30 0c 06 03 55 04 03 > >..LMADS1.0...U.. > >> 00d0 - 13 05 59 6f 72 61 6d 31-1e 30 1c 06 09 2a 86 48 > >..Yoram1.0...*.H > >> 00e0 - 86 f7 0d 01 09 01 16 0f-79 6f 72 61 6d 40 62 61 > >........yoram@ba > >> 00f0 - 6d 61 6d 2e 63 6f 6d 30-1e 17 0d 30 37 30 33 32 > >mam.com0...07032 > >> 0100 - 39 31 33 35 31 35 35 5a-17 0d 30 38 30 33 32 38 > >9135155Z..080328 > >> 0110 - 31 33 35 31 35 35 5a 30-5f 31 0b 30 09 06 03 55 > >135155Z0_1.0...U > >> 0120 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 > >....IL1.0...U... > >> 0130 - 06 49 73 72 61 65 6c 31-11 30 0f 06 03 55 04 0a > >.Israel1.0...U.. > >> 0140 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness Ltd1.0.. > >. > >> 0150 - 55 04 0b 13 05 4c 4d 41-44 53 31 1c 30 1a 06 03 > >U....LMADS1.0... > >> 0160 - 55 04 03 13 13 72 31 2d-6f 77 73 2d 30 37 2e 72 U....r1- > >ows-07.r > >> 0170 - 6f 63 61 66 2e 6f 72 67-30 81 9f 30 0d 06 09 2a > >ocaf.org0..0...* > >> 0180 - 86 48 86 f7 0d 01 01 01-05 00 03 81 8d 00 30 81 > >.H............0. > >> 0190 - 89 02 81 81 00 c5 12 31-28 e2 de c6 4a 3d 59 7e > >.......1(...J=Y~ > >> 01a0 - d8 f2 c4 5e ca 00 6a 08-52 c1 58 ce 3a 38 dc 58 ...^..j.R.X.: > >8.X > >> 01b0 - 7d 0b c9 83 5d 9e 77 bc-09 9f c4 6e 5a 54 19 ff > >}...].w....nZT.. > >> 01c0 - 7b 3f 14 6b 40 51 ed 42-ba 34 d8 89 49 07 21 2b {?.k@ > >Q.B.4..I.!+ > >> 01d0 - 89 4f bf 9c 5c 15 1b 61-03 1f 2f 95 b3 23 1b 6f > >.O..\..a../..#.o > >> 01e0 - c2 a9 a2 21 17 ab 62 10-ef 27 27 ae d8 46 84 4b > >...!..b..''..F.K > >> 01f0 - 86 b6 f2 8d b1 3e 45 0d-16 1a 8e 99 90 6d a4 5e > >.....>E......m.^ > >> 0200 - 6e 9a f6 f2 b5 d0 fb cb-c2 ec f0 a3 7a 5b 20 59 n...........z[ > >Y > >> 0210 - 02 00 13 80 0f 02 03 01-00 01 a3 82 01 0f 30 82 > >..............0. > >> 0220 - 01 0b 30 09 06 03 55 1d-13 04 02 30 00 30 2c 06 > >..0...U....0.0,. > >> 0230 - 09 60 86 48 01 86 f8 42-01 0d 04 1f 16 1d 4f 70 > >.`.H...B......Op > >> 0240 - 65 6e 53 53 4c 20 47 65-6e 65 72 61 74 65 64 20 enSSL Generated > >> 0250 - 43 65 72 74 69 66 69 63-61 74 65 30 1d 06 03 55 > >Certificate0...U > >> 0260 - 1d 0e 04 16 04 14 f8 72-da cb af d2 d8 e1 18 17 > >.......r........ > >> 0270 - ec 9e 80 10 89 d1 13 07-a6 e3 30 81 b0 06 03 55 > >..........0....U > >> 0280 - 1d 23 04 81 a8 30 81 a5-80 14 26 9a 3c 03 60 32 > >.#...0....&.<.`2 > >> 0290 - a4 25 36 ce 56 ae 33 a1-30 45 e2 85 27 a2 a1 81 > >.%6.V.3.0E..'... > >> 02a0 - 89 a4 81 86 30 81 83 31-0b 30 09 06 03 55 04 06 > >....0..1.0...U.. > >> 02b0 - 13 02 49 4c 31 0f 30 0d-06 03 55 04 08 13 06 49 > >..IL1.0...U....I > >> 02c0 - 73 72 61 65 6c 31 10 30-0e 06 03 55 04 07 13 07 srael1.0...U... > >. > >> 02d0 - 54 65 6c 41 76 69 76 31-11 30 0f 06 03 55 04 0a TelAviv1.0...U. > >. > >> 02e0 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness Ltd1.0.. > >. > >> 02f0 - 55 04 0b 13 05 4c 4d 41-44 53 31 0e 30 0c 06 03 > >U....LMADS1.0... > >> 0300 - 55 04 03 13 05 59 6f 72-61 6d 31 1e 30 1c 06 09 > >U....Yoram1.0... > >> 0310 - 2a 86 48 86 f7 0d 01 09-01 16 0f 79 6f 72 61 6d > >*.H........yoram > >> 0320 - 40 62 61 6d 61 6d 2e 63-6f 6d 82 01 00 30 0d 06 @bamam.com...0. > >. > >> 0330 - 09 2a 86 48 86 f7 0d 01-01 04 05 00 03 81 81 00 > >.*.H............ > >> 0340 - 88 38 ad c8 e4 df c9 85-68 2f e6 8b d0 1f 37 fd > >.8......h/....7. > >> 0350 - c4 7d 0c ca 01 5f 58 fb-3d 00 d4 f0 d0 f3 fe bb > >.}..._X.=....... > >> 0360 - e5 7f e2 44 6f 8c 43 7a-9f cc d6 6b 85 40 9c 04 > >...Do.Cz...k.@.. > >> 0370 - 22 20 28 32 bf f9 d9 a5-85 e3 62 7a fb e7 2c 54 " > >(2......bz..,T > >> 0380 - 7a 45 bc b8 a9 4e ce 9e-9d 87 37 d0 06 4b 06 c7 > >zE...N....7..K.. > >> 0390 - 51 d4 27 c9 77 f7 e7 c2-2d ac 3d bb 4e 43 df 69 > >Q.'.w...-.=.NC.i > >> 03a0 - b8 54 8c 80 4e 86 d7 a0-86 3a c2 a3 7d 15 ab 31 > >.T..N....:..}..1 > >> 03b0 - 3f 19 6a d7 09 bb 89 5b-ce 30 83 33 4c 7a bc 5c > >?.j....[.0.3Lz.\ > >> 03c0 - 00 03 66 30 82 03 62 30-82 02 cb a0 03 02 01 02 > >..f0..b0........ > >> 03d0 - 02 01 00 30 0d 06 09 2a-86 48 86 f7 0d 01 01 04 > >...0...*.H...... > >> 03e0 - 05 00 30 81 83 31 0b 30-09 06 03 55 04 06 13 02 > >..0..1.0...U.... > >> 03f0 - 49 4c 31 0f 30 0d 06 03-55 04 08 13 06 49 73 72 > >IL1.0...U....Isr > >> 0400 - 61 65 6c 31 10 30 0e 06-03 55 04 07 13 07 54 65 > >ael1.0...U....Te > >> 0410 - 6c 41 76 69 76 31 11 30-0f 06 03 55 04 0a 13 08 lAviv1.0...U... > >. > >> 0420 - 4e 65 73 73 20 4c 74 64-31 0e 30 0c 06 03 55 04 Ness Ltd1.0...U > >. > >> 0430 - 0b 13 05 4c 4d 41 44 53-31 0e 30 0c 06 03 55 04 > >...LMADS1.0...U. > >> 0440 - 03 13 05 59 6f 72 61 6d-31 1e 30 1c 06 09 2a 86 > >...Yoram1.0...*. > >> 0450 - 48 86 f7 0d 01 09 01 16-0f 79 6f 72 61 6d 40 62 > >H........yoram@b > >> 0460 - 61 6d 61 6d 2e 63 6f 6d-30 1e 17 0d 30 37 30 33 > >amam.com0...0703 > >> 0470 - 32 39 31 33 35 31 33 34-5a 17 0d 30 38 30 33 32 > >29135134Z..08032 > >> 0480 - 38 31 33 35 31 33 34 5a-30 81 83 31 0b 30 09 06 > >8135134Z0..1.0.. > >> 0490 - 03 55 04 06 13 02 49 4c-31 0f 30 0d 06 03 55 04 > >.U....IL1.0...U. > >> 04a0 - 08 13 06 49 73 72 61 65-6c 31 10 30 0e 06 03 55 > >...Israel1.0...U > >> 04b0 - 04 07 13 07 54 65 6c 41-76 69 76 31 11 30 0f 06 > >....TelAviv1.0.. > >> 04c0 - 03 55 04 0a 13 08 4e 65-73 73 20 4c 74 64 31 0e .U....Ness > >Ltd1. > >> 04d0 - 30 0c 06 03 55 04 0b 13-05 4c 4d 41 44 53 31 0e > >0...U....LMADS1. > >> 04e0 - 30 0c 06 03 55 04 03 13-05 59 6f 72 61 6d 31 1e > >0...U....Yoram1. > >> 04f0 - 30 1c 06 09 2a 86 48 86-f7 0d 01 09 01 16 0f 79 > >0...*.H........y > >> 0500 - 6f 72 61 6d 40 62 61 6d-61 6d 2e 63 6f 6d 30 81 oram@xxxxxxxxxx > >. > >> 0510 - 9f 30 0d 06 09 2a 86 48-86 f7 0d 01 01 01 05 00 > >.0...*.H........ > >> 0520 - 03 81 8d 00 30 81 89 02-81 81 00 a1 9c f4 b7 8b > >....0........... > >> 0530 - 80 35 c5 b7 60 73 da bb-01 7d 33 36 74 1f 67 5d > >.5..`s...}36t.g] > >> 0540 - eb ff b5 ca 79 1a 1b 3a-9d ce da 62 4c c8 19 0b > >....y..:...bL... > >> 0550 - 80 e0 7c 4a 4f bb 8f 59-05 b7 a8 c2 ae 5b fe 7c > >..|JO..Y.....[.| > >> 0560 - 74 91 e5 cf d3 54 3b 4e-88 24 50 84 24 b2 16 d8 > >t....T;N.$P.$... > >> 0570 - 9c 1d bd 8c 31 8b d7 28-df 06 24 a8 e1 76 b7 72 > >....1..(..$..v.r > >> 0580 - ee 37 75 e2 89 84 b7 ed-51 76 2c b3 1a eb 6c 5c > >.7u.....Qv,...l\ > >> 0590 - 64 87 7d 3a 12 39 4b c0-23 fa a8 63 0e a0 77 c8 > >d.}:.9K.#..c..w. > >> 05a0 - 4d M > >> read from 00675450 [0067BA58] (640 bytes => 640 (0x280)) > >> 0000 - 9c b7 59 cc 06 a3 ad 79-6c 53 02 03 01 00 01 a3 > >..Y....ylS...... > >> 0010 - 81 e3 30 81 e0 30 1d 06-03 55 1d 0e 04 16 04 14 > >..0..0...U...... > >> 0020 - 26 9a 3c 03 60 32 a4 25-36 ce 56 ae 33 a1 30 45 > >&.<.`2.%6.V.3.0E > >> 0030 - e2 85 27 a2 30 81 b0 06-03 55 1d 23 04 81 a8 30 > >..'.0....U.#...0 > >> 0040 - 81 a5 80 14 26 9a 3c 03-60 32 a4 25 36 ce 56 ae > >....&.<.`2.%6.V. > >> 0050 - 33 a1 30 45 e2 85 27 a2-a1 81 89 a4 81 86 30 81 3.0E..'.......0 > >. > >> 0060 - 83 31 0b 30 09 06 03 55-04 06 13 02 49 4c 31 0f > >.1.0...U....IL1. > >> 0070 - 30 0d 06 03 55 04 08 13-06 49 73 72 61 65 6c 31 > >0...U....Israel1 > >> 0080 - 10 30 0e 06 03 55 04 07-13 07 54 65 6c 41 76 69 > >.0...U....TelAvi > >> 0090 - 76 31 11 30 0f 06 03 55-04 0a 13 08 4e 65 73 73 > >v1.0...U....Ness > >> 00a0 - 20 4c 74 64 31 0e 30 0c-06 03 55 04 0b 13 05 4c > >Ltd1.0...U....L > >> 00b0 - 4d 41 44 53 31 0e 30 0c-06 03 55 04 03 13 05 59 > >MADS1.0...U....Y > >> 00c0 - 6f 72 61 6d 31 1e 30 1c-06 09 2a 86 48 86 f7 0d oram1.0...*.H.. > >. > >> 00d0 - 01 09 01 16 0f 79 6f 72-61 6d 40 62 61 6d 61 6d > >.....yoram@bamam > >> 00e0 - 2e 63 6f 6d 82 01 00 30-0c 06 03 55 1d 13 04 05 > >.com...0...U.... > >> 00f0 - 30 03 01 01 ff 30 0d 06-09 2a 86 48 86 f7 0d 01 > >0....0...*.H.... > >> 0100 - 01 04 05 00 03 81 81 00-39 46 ea ff b6 f0 6f 69 > >........9F....oi > >> 0110 - e4 69 d5 bd a6 d5 86 be-a5 91 a2 53 46 75 db c6 > >.i.........SFu.. > >> 0120 - 5f 60 a1 f8 dc b2 54 27-d5 e6 d5 e1 ad d6 08 cd > >_`....T'........ > >> 0130 - 42 5a 07 e7 e3 4f 0b 45-23 47 36 98 3e b1 be 09 > >BZ...O.E#G6.>... > >> 0140 - 12 fe bc 50 e4 1a 93 6d-4a aa d5 56 f4 40 94 26 > >...P...mJ..V.@.& > >> 0150 - 69 b9 a1 21 3c 04 46 17-84 4b 96 88 1c 20 9b 9a i..!<.F..K... > >.. > >> 0160 - 5b 6d 33 d6 4d ce 64 1d-15 85 78 3c 2a 1f 33 38 [m3.M.d...x > ><*.38 > >> 0170 - 96 39 58 39 88 ba 36 cc-af ce 8c 40 fc 45 5a b1 > >.9X9..6....@.EZ. > >> 0180 - 65 ba 8c 15 24 d1 52 b6-0d 00 00 f0 02 01 02 00 > >e...$.R......... > >> 0190 - eb 00 61 30 5f 31 0b 30-09 06 03 55 04 06 13 02 > >..a0_1.0...U.... > >> 01a0 - 55 53 31 20 30 1e 06 03-55 04 0a 13 17 52 53 41 US1 > >0...U....RSA > >> 01b0 - 20 44 61 74 61 20 53 65-63 75 72 69 74 79 2c 20 Data Security, > >> 01c0 - 49 6e 63 2e 31 2e 30 2c-06 03 55 04 0b 13 25 53 Inc.1.0 > >,..U...%S > >> 01d0 - 65 63 75 72 65 20 53 65-72 76 65 72 20 43 65 72 ecure Server > >Cer > >> 01e0 - 74 69 66 69 63 61 74 69-6f 6e 20 41 75 74 68 6f tification > >Autho > >> 01f0 - 72 69 74 79 00 86 30 81-83 31 0b 30 09 06 03 55 > >rity..0..1.0...U > >> 0200 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 > >....IL1.0...U... > >> 0210 - 06 49 73 72 61 65 6c 31-10 30 0e 06 03 55 04 07 > >.Israel1.0...U.. > >> 0220 - 13 07 54 65 6c 41 76 69-76 31 11 30 0f 06 03 55 > >..TelAviv1.0...U > >> 0230 - 04 0a 13 08 4e 65 73 73-20 4c 74 64 31 0e 30 0c ....Ness Ltd1.0 > >. > >> 0240 - 06 03 55 04 0b 13 05 4c-4d 41 44 53 31 0e 30 0c > >..U....LMADS1.0. > >> 0250 - 06 03 55 04 03 13 05 59-6f 72 61 6d 31 1e 30 1c > >..U....Yoram1.0. > >> 0260 - 06 09 2a 86 48 86 f7 0d-01 09 01 16 0f 79 6f 72 > >..*.H........yor > >> 0270 - 61 6d 40 62 61 6d 61 6d-2e 63 6f 6d 0e am@xxxxxxxxxx > >> 0280 - <SPACES/NULS> > >> depth=1 /C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@xxxxxxxxx > >> verify error:num=19:self signed certificate in certificate chain > >> verify return:0 > >> write to 00675450 [00687150] (12 bytes => 12 (0xC)) > >> 0000 - 16 03 01 00 07 0b 00 00-03 ......... > >> 000c - <SPACES/NULS> > >> write to 00675450 [00687150] (139 bytes => 139 (0x8B)) > >> 0000 - 16 03 01 00 86 10 00 00-82 00 80 37 d0 c6 7a 6b > >...........7..zk > >> 0010 - 54 18 16 df d0 6f 90 8f-b1 8a 45 45 7f 15 47 04 > >T....o....EE..G. > >> 0020 - 10 ba 23 1a f9 f7 54 50-05 ee 4c e9 79 fe 31 1a > >..#...TP..L.y.1. > >> 0030 - e2 c1 4a e9 f5 e2 b9 e1-d5 17 e6 e8 28 a9 ee 76 > >..J.........(..v > >> 0040 - b9 ce 5f 59 68 62 a3 8c-07 ee e0 0e 91 b4 df 0d > >.._Yhb.......... > >> 0050 - 71 9b ce 38 d2 4b 3d d9-c4 1f e9 74 0e 96 c5 cb > >q..8.K=....t.... > >> 0060 - d3 12 57 6c 9a 0c 3b fd-83 3a e4 fd a6 2a ee 8c > >..Wl..;..:...*.. > >> 0070 - e1 67 eb d2 11 3b 6a 03-9c a0 73 38 10 76 89 f0 > >.g...;j...s8.v.. > >> 0080 - 81 03 dd 91 4d 43 7d 99-f4 a4 b6 ....MC}.... > >> write to 00675450 [00687150] (6 bytes => 6 (0x6)) > >> 0000 - 14 03 01 00 01 01 ...... > >> write to 00675450 [00687150] (53 bytes => 53 (0x35)) > >> 0000 - 16 03 01 00 30 09 40 51-48 34 87 0b 53 20 ff 0d ....0.@xxxxxx > >.. > >> 0010 - 2f 7c 96 04 a6 cc 0d bf-4a 76 b1 4e 4d bb fa 39 > >/|......Jv.NM..9 > >> 0020 - 4b 60 6e 47 3e 87 41 77-9c a2 e3 7b 1b 36 0e 9e > >K`nG>.Aw...{.6.. > >> 0030 - c6 4c 74 eb 7a .Lt.z > >> read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > >> 0000 - 14 03 01 00 01 ..... > >> read from 00675450 [0067B4B5] (1 bytes => 1 (0x1)) > >> 0000 - 01 . > >> read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > >> 0000 - 16 03 01 00 30 ....0 > >> read from 00675450 [0067B4B5] (48 bytes => 48 (0x30)) > >> 0000 - 75 da a7 8d 28 fb 5d c1-b5 04 0a 9e c1 00 d1 19 > >u...(.]......... > >> 0010 - 9f 74 ff 44 38 4b f3 57-73 e7 f4 0f d1 8b 9c a5 > >.t.D8K.Ws....... > >> 0020 - 92 39 22 4d 7e 78 c9 66-ff d4 48 81 8a 15 2b e1 > >.9"M~x.f..H...+. > >> --- > >> Certificate chain > >> 0 s:/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > >> i:/C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@xxxxxxxxx > >> 1 s:/C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@xxxxxxxxx > >> i:/C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@xxxxxxxxx > >> --- > >> Server certificate > >> -----BEGIN CERTIFICATE----- > >> MIIDajCCAtOgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBgzELMAkGA1UEBhMCSUwx > >> DzANBgNVBAgTBklzcmFlbDEQMA4GA1UEBxMHVGVsQXZpdjERMA8GA1UEChMITmVz > >> cyBMdGQxDjAMBgNVBAsTBUxNQURTMQ4wDAYDVQQDEwVZb3JhbTEeMBwGCSqGSIb3 > >> DQEJARYPeW9yYW1AYmFtYW0uY29tMB4XDTA3MDMyOTEzNTE1NVoXDTA4MDMyODEz > >> NTE1NVowXzELMAkGA1UEBhMCSUwxDzANBgNVBAgTBklzcmFlbDERMA8GA1UEChMI > >> TmVzcyBMdGQxDjAMBgNVBAsTBUxNQURTMRwwGgYDVQQDExNyMS1vd3MtMDcucm9j > >> YWYub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFEjEo4t7GSj1Zftjy > >> xF7KAGoIUsFYzjo43Fh9C8mDXZ53vAmfxG5aVBn/ez8Ua0BR7UK6NNiJSQchK4lP > >> v5xcFRthAx8vlbMjG2/CqaIhF6tiEO8nJ67YRoRLhrbyjbE+RQ0WGo6ZkG2kXm6a > >> 9vK10PvLwuzwo3pbIFkCABOADwIDAQABo4IBDzCCAQswCQYDVR0TBAIwADAsBglg > >> hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O > >> BBYEFPhy2suv0tjhGBfsnoAQidETB6bjMIGwBgNVHSMEgagwgaWAFCaaPANgMqQl > >> Ns5WrjOhMEXihSeioYGJpIGGMIGDMQswCQYDVQQGEwJJTDEPMA0GA1UECBMGSXNy > >> YWVsMRAwDgYDVQQHEwdUZWxBdml2MREwDwYDVQQKEwhOZXNzIEx0ZDEOMAwGA1UE > >> CxMFTE1BRFMxDjAMBgNVBAMTBVlvcmFtMR4wHAYJKoZIhvcNAQkBFg95b3JhbUBi > >> YW1hbS5jb22CAQAwDQYJKoZIhvcNAQEEBQADgYEAiDityOTfyYVoL+aL0B83/cR9 > >> DMoBX1j7PQDU8NDz/rvlf+JEb4xDep/M1muFQJwEIiAoMr/52aWF42J6++csVHpF > >> vLipTs6enYc30AZLBsdR1CfJd/fnwi2sPbtOQ99puFSMgE6G16CGOsKjfRWrMT8Z > >> atcJu4lbzjCDM0x6vFw= > >> -----END CERTIFICATE----- > >> subject=/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > >> issuer=/C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@xxxxxxxxx > >> --- > >> Acceptable client certificate CA names > >> /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority > >> /C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress= > >yoram@xxxxxxxxx > >> --- > >> SSL handshake has read 2147 bytes and written 352 bytes > >> --- > >> New, TLSv1/SSLv3, Cipher is AES256-SHA > >> Server public key is 1024 bit > >> SSL-Session: > >> Protocol : TLSv1 > >> Cipher : AES256-SHA > >> Session-ID: > >2292D70EB4AEAADFC283B7072294AF91D82A92DA0CD63ED57AEE8F7F26283A56 > >> Session-ID-ctx: > >> Master-Key: > >5D9CC7C076BF70BBAECB1BC1588E666C75EB12956F231AF9B3E2F3F4E164AF7BFEEAC912F7482E286F9C819F199FB3E1 > >> Key-Arg : None > >> Krb5 Principal: None > >> Start Time: 1175181192 > >> Timeout : 300 (sec) > >> Verify return code: 19 (self signed certificate in certificate > >chain) > >> --- > >> > >> > >> > >> ------------------------------------------------------------------------ > >> > >> -- > >> Fedora-directory-users mailing list > >> Fedora-directory-users@xxxxxxxxxx > >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > >> > > > >-- > >Fedora-directory-users mailing list > >Fedora-directory-users@xxxxxxxxxx > >https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-directory-users -- Jonathan Barber High Performance Computing Analyst Tel. +44 (0) 1382 386389 -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users