[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: nntp and ssl
From: |
Antoine Junod |
Subject: |
Re: nntp and ssl |
Date: |
Sun, 30 Apr 2006 09:15:31 +0200 |
User-agent: |
Mozilla Thunderbird 1.0.2 (X11/20050317) |
m. kolb wrote:
Antoine Junod <antoine.junod@epfl.ch> writes:
>
> hum, it freeze with the following line:
>
> Loading ssl...done
Unfortunately I'm not sure what is happening there. Can you just
openssl s_client -connect newshost:563 from your machine and see what is
happening?
It seems to work fine:
$> openssl s_client -connect newse.fpl.ch:563
CONNECTED(00000003)
depth=0
/C=CH/ST=Vaud/L=Lausanne/O=EPFL/CN=news.epfl.ch/emailAddress=Franck.Perrot@epfl.ch
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
/C=CH/ST=Vaud/L=Lausanne/O=EPFL/CN=news.epfl.ch/emailAddress=Franck.Perrot@epfl.ch
verify error:num=27:certificate not trusted
verify return:1
depth=0
/C=CH/ST=Vaud/L=Lausanne/O=EPFL/CN=news.epfl.ch/emailAddress=Franck.Perrot@epfl.ch
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0
s:/C=CH/ST=Vaud/L=Lausanne/O=EPFL/CN=news.epfl.ch/emailAddress=Franck.Perrot@epfl.ch
i:/C=CH/ST=Vaud/L=Lausanne/O=EPFL/CN=EPFL Certification
Authority/emailAddress=cert-auth@epfl.ch
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICqTCCAhKgAwIBAgICB3EwDQYJKoZIhvcNAQEEBQAwgYcxCzAJBgNVBAYTAkNI
MQ0wCwYDVQQIEwRWYXVkMREwDwYDVQQHEwhMYXVzYW5uZTENMAsGA1UEChMERVBG
TDElMCMGA1UEAxMcRVBGTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEgMB4GCSqG
SIb3DQEJARYRY2VydC1hdXRoQGVwZmwuY2gwHhcNMDYwMzE2MTEwODQ1WhcNMTIw
MTE0MTEwODQ1WjB7MQswCQYDVQQGEwJDSDENMAsGA1UECBMEVmF1ZDERMA8GA1UE
BxMITGF1c2FubmUxDTALBgNVBAoTBEVQRkwxFTATBgNVBAMTDG5ld3MuZXBmbC5j
aDEkMCIGCSqGSIb3DQEJARYVRnJhbmNrLlBlcnJvdEBlcGZsLmNoMIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQCofko/xRXXuY545eh9SrN74VV0+VdV+/Sf3mSU
XiUvR1BSijiQQ/AvJxK+aap284txZ2s7442UnZ1kypGjqZVx6gGq4nps9GuN15zN
/aeCVZHEwKgxB2ULCWPPArISWdMO57ZqkCDQjQhjpyAVtS4yRd951XkTtsclZ19k
u9n2nQIDAQABoy8wLTArBgNVHREEJDAighBlcGZsbmV3cy5lcGZsLmNogg5mb3J1
bXMuZXBmbC5jaDANBgkqhkiG9w0BAQQFAAOBgQApm6IM+sNxMQ9isRP8CIIbD1PP
1cLdFRUuB3hqC/MSWdQITEFknWWHnjGwVyOZMCp8sqoDmh+qXb05n6lKWbvsrdX7
wpHeCBXkXrxU6bJLtgn+9nnpMNJGQv8KQehaqEQgZhSnAZFADT6g2ciqiL+ZrOMu
BuL+yYbAwZ9TYmyblw==
-----END CERTIFICATE-----
subject=/C=CH/ST=Vaud/L=Lausanne/O=EPFL/CN=news.epfl.ch/emailAddress=Franck.Perrot@epfl.ch
issuer=/C=CH/ST=Vaud/L=Lausanne/O=EPFL/CN=EPFL Certification
Authority/emailAddress=cert-auth@epfl.ch
---
No client certificate CA names sent
---
SSL handshake has read 847 bytes and written 346 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID:
9FB22FCA52BC2E7938D0746223ACEE033B951D662BA5DEB21D8AD342F2E0F9D8
Session-ID-ctx:
Master-Key:
D0F0A77AC81973EC392A5C8D8FA547748C6ABDD8F430406B254E115F3ED7B7CD8FB65C910757726BBCFD01C92AC01056
Key-Arg : None
Start Time: 1146377081
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
200 Bienvenue sur le serveur News de l'EPFL - Welcome to the EPFL's News
server
Thanks a lot for your help
-AH