Solved

How to get the public certificate

Posted on 2011-02-27
5
889 Views
Last Modified: 2012-06-27
Hello I am trying to use the openssl s_client option to see the public file of one host which is running on port 1234. Please note this is not web server but a application which uses the SSL cert. How can I see the cert of this app on host on 1234? I am getting below errors. Thanks!

user@hostname:~$ openssl s_client -connect example.company.com:1234
CONNECTED(00000003)
depth=1 /C=US/ST=California/L=San Jose/O=Company, Inc./OU=IT/CN=IT DEV CA/emailAddress=webmasters@company.com
verify error:num=19:self signed certificate in certificate chain
verify return:0
27556:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1102:SSL alert number 40
27556:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Open in new window

0
Comment
Question by:beer9
  • 2
  • 2
5 Comments
 
LVL 7

Expert Comment

by:gnurl
ID: 34994646
Hi,

this is nor really my source of interest, but did you already try to access the https://example.company.com:1234
in a webbrowser, even if it is not a web server? Maybe the browser can handle it, too?

Good luck
gnurl
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 34997523
effectively you ARE seeing it - its the line:

depth=1 /C=US/ST=California/L=San Jose/O=Company, Inc./OU=IT/CN=IT DEV CA/emailAddress=webmasters@company.com

however, if you want to see the full cert, add

-showcerts

to the command :)
0
 

Author Comment

by:beer9
ID: 34998288
Hi DaveHow, I tried with -showcerts but still getting the same error.

verify error:num=19:self signed certificate in certificate chain
verify return:0
29827:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1102:SSL alert number 40
29827:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Open in new window

0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 35002055
odd, just did
openssl -connect 127.0.0.1:143 -showcerts
here and it worked perfectly. try with -debug instead to see if that gives any further information?
0
 

Author Closing Comment

by:beer9
ID: 35059621
Thank you! :-)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine a situation that you have installed SSL (http://en.wikipedia.org/wiki/Secure_Sockets_Layer) Certificate on your Cisco ASA (Cisco Adaptive Security Appliance) firewall. Installation of SSL certificate on ASA is an another topic for which you …
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now