Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 914
  • Last Modified:

How to get the public certificate

Hello I am trying to use the openssl s_client option to see the public file of one host which is running on port 1234. Please note this is not web server but a application which uses the SSL cert. How can I see the cert of this app on host on 1234? I am getting below errors. Thanks!

user@hostname:~$ openssl s_client -connect example.company.com:1234
CONNECTED(00000003)
depth=1 /C=US/ST=California/L=San Jose/O=Company, Inc./OU=IT/CN=IT DEV CA/emailAddress=webmasters@company.com
verify error:num=19:self signed certificate in certificate chain
verify return:0
27556:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1102:SSL alert number 40
27556:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Open in new window

0
beer9
Asked:
beer9
  • 2
  • 2
1 Solution
 
gnurlCommented:
Hi,

this is nor really my source of interest, but did you already try to access the https://example.company.com:1234
in a webbrowser, even if it is not a web server? Maybe the browser can handle it, too?

Good luck
gnurl
0
 
Dave HoweSoftware and Hardware EngineerCommented:
effectively you ARE seeing it - its the line:

depth=1 /C=US/ST=California/L=San Jose/O=Company, Inc./OU=IT/CN=IT DEV CA/emailAddress=webmasters@company.com

however, if you want to see the full cert, add

-showcerts

to the command :)
0
 
beer9Author Commented:
Hi DaveHow, I tried with -showcerts but still getting the same error.

verify error:num=19:self signed certificate in certificate chain
verify return:0
29827:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1102:SSL alert number 40
29827:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Open in new window

0
 
Dave HoweSoftware and Hardware EngineerCommented:
odd, just did
openssl -connect 127.0.0.1:143 -showcerts
here and it worked perfectly. try with -debug instead to see if that gives any further information?
0
 
beer9Author Commented:
Thank you! :-)
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now