Hi Everyone,
I need your suggestions, I am trying to setup TLS for an exchange 2007 server and sonicwall ES3300 appliance and I have an error I do not understand.
I have configured the setup as recommended by MS support and Sonicwall support and I beleive that I have a certificate error now but I do not understand what the error is.
The error I am getting is: Cert NOT VALIDATED: unable to get local issuer certificate - So email is encrypted but the domain is not verified
I am checking the setup via
http://checktls.com and everything passes except the cert test.
Thanks in advance for any of your suggestions or help.
TheSonicGod
here are the test results (BOLD on the error message):
Checking USER@mydomain.com
looking up MX hosts on domain " mydomain.com"
1. mail. mydomain.com (preference:10)
Trying TLS on mail. mydomain.com[64.40.XXX.X] (10):
seconds test stage and result
[000.098] Connected to server
[000.176] <-- 220 mail.mydomain.com ESMTP mail.mydomain.com
[000.177] We are allowed to connect
[000.177] --> EHLO checktls.com
[000.380] <-- 250-mail.mydomain.com
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-DSN
250-STARTTLS
250 SIZE 31457280
[000.381] We can use this server
[000.381] TLS is an option on this server
[000.381] --> STARTTLS
[000.472] <-- 220 2.2.0 Ready to start TLS
[000.473] STARTTLS command works on this server
[000.675] ssl : new ctx 33617352
: start handshake
: ssl handshake not started
: set socket to non-blocking to enforce timeout=30
: Net::SSLeay::connect -> -1
: ssl handshake in progress
: waiting for fd to become ready: SSL wants a read first
: socket ready, retrying connect
: ok=0 cert=34553944
: ok=0 cert=34553944
: ok=0 cert=34553944
: Net::SSLeay::connect -> -1
: ssl handshake in progress
: waiting for fd to become ready: SSL wants a read first
: socket ready, retrying connect
: Net::SSLeay::connect -> 1
: ssl handshake done
[000.676] Cipher in use: AES256-SHA
[000.676] Connection converted to SSL
[000.677] Cert Authority: /C=US/O=Thawte, Inc./OU=Domain Validated SSL/CN=Thawte DV SSL CA
[000.677] Cert Owner: /O=mail.mydomain.com/OU=Go
to
https://www.thawte.com/repository/index.html/OU=Thawte SSL123 certificate/OU=Domain Validated/CN=mail.mydomain
.com
[000.710] ssl Certificate 1 of 3 in chain:
-----BEGIN CERTIFICATE-----
MIIERjCCAy6gAwIBAgIQCO7R53
NaPPDmnMbx
x46iizANBg
kqhkiG9w0B
AQUFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1
UEChMMVGhh
d3RlLCBJbm
MuMR0wGwYD
VQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTD
EZMBcGA1UE
AxMQVGhhd3
RlIERWIFNT
TCBDQTAe
Fw0xMTEwMzEwMDAwMDBaFw0xMj
EwMzAyMzU5
NTlaMIG8MR
4wHAYDVQQK
ExVtYWls
LmNpcGhlcnBoYXJtYS5jb20xOz
A5BgNVBAsT
MkdvIHRvIG
h0dHBzOi8v
d3d3LnRo
YXd0ZS5jb20vcmVwb3NpdG9yeS
9pbmRleC5o
dG1sMSIwIA
YDVQQLExlU
aGF3dGUg
U1NMMTIzIGNlcnRpZmljYXRlMR
kwFwYDVQQL
ExBEb21haW
4gVmFsaWRh
dGVkMR4w
HAYDVQQDExVtYWlsLmNpcGhlcn
BoYXJtYS5j
b20wggEiMA
0GCSqGSIb3
DQEBAQUA
A4IBDwAwggEKAoIBAQC7v1lnbO
LWXLD/VG6o
GSAPWMSzj+
QkerAa/e/K
XVzqyJ5o
xtTnik80mdoN9tvK9XTBAscWG1
5KwyGUJx1T
XDPuYl5/Yr
asrdPEnjlx
NQJ0bBjv
5zIgIi22J0QrdthGIuImXyeQR/
rRTMubeOqa
2rr83Bcojj
w5JdOd6slo
wXuk5aV0
dIYTyTuP+iLs8W5XU9DdjY1+3C
7LGQAyV8xH
ZBU97RAdDZ
XFL3kEQiTg
y5YSqZUt
OhMQvGF5SFJeKDB2oJ1aH5vZMa
zwhctYMxgl
MxBV//gWso
WzU7yxEr2E
eXb8GXV0
pmq+kEItr2eLdw+w8/KxzQfOYJ
C2iSHIcmSS
2OZbAgMBAA
GjgaAwgZ0w
DAYDVR0T
AQH/BAIwADA6BgNVHR8EMzAxMC
+gLaArhilo
dHRwOi8vc3
ZyLWR2LWNy
bC50aGF3
dGUuY29tL1RoYXd0ZURWLmNybD
AdBgNVHSUE
FjAUBggrBg
EFBQcDAQYI
KwYBBQUH
AwIwMgYIKwYBBQUHAQEEJjAkMC
IGCCsGAQUF
BzABhhZodH
RwOi8vb2Nz
cC50aGF3
dGUuY29tMA0GCSqGSIb3DQEBBQ
UAA4IBAQC9
07NzdPhRmm
60YVuWvA0b
sABUcSN8
0omG6xbUoTJYPRbvzTR1HrdrSJ
YCHLqfrqZz
twr0JfzG6b
5catmUkjMU
kQ51qIlA
pvs+8phBYpnHt7uAxkZKgoDCAF
SeCUl1IvvT
qXcEgvPqDX
VtMhDX5+5G
ya5sXdfM
YlC6pA7FsC4MBortSQhBXEhAro
/UR5FRuDcY
EFbE/QrQW6
kLuU0iwNVh
NgaL8ioM
WpYLi7E7s9glP1QUMtqBEEP76b
w5G6FfBgRH
uReStm/nCR
XMJjMuMeVc
HOhcdmMh
IwehLLLpQhDV74O4CywcHP/Nn7
1mc7zsSO6F
Jnymu5fdMa
YyaeWdUiL8
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ee:d1:e7:73:5a:3c:f0:e6
:9c:c6:f1:
c7:8e:a2:8
b
Signature Algorithm: sha1WithRSAEncryption
Issuer:
countryName = US
organizationName = Thawte, Inc.
organizationalUnitName = Domain Validated SSL
commonName = Thawte DV SSL CA
Validity
Not Before: Oct 31 00:00:00 2011 GMT
Not After : Oct 30 23:59:59 2012 GMT
Subject:
organizationName = mail.mydomain.com
organizationalUnitName = Go to
https://www.thawte.com/repository/index.html
organizationalUnitName = Thawte SSL123 certificate
organizationalUnitName = Domain Validated
commonName = mail.mydomain.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bb:bf:59:67:6c:e2:d6:5c
:b0:ff:54:
6e:a8:19:
20:0f:58:c4:b3:8f:e4:24:7a
:b0:1a:fd:
ef:ca:5d:
5c:ea:c8:9e:68:c6:d4:e7:8a
:4f:34:99:
da:0d:f6:
db:ca:f5:74:c1:02:c7:16:1b
:5e:4a:c3:
21:94:27:
1d:53:5c:33:ee:62:5e:7f:62
:b6:ac:ad:
d3:c4:9e:
39:71:35:02:74:6c:18:ef:e7
:32:20:22:
2d:b6:27:
44:2b:76:d8:46:22:e2:26:5f
:27:90:47:
fa:d1:4c:
cb:9b:78:ea:9a:da:ba:fc:dc
:17:28:8e:
3c:39:25:
d3:9d:ea:c9:68:c1:7b:a4:e5
:a5:74:74:
86:13:c9:
3b:8f:fa:22:ec:f1:6e:57:53
:d0:dd:8d:
8d:7e:dc:
2e:cb:19:00:32:57:cc:47:64
:15:3d:ed:
10:1d:0d:
95:c5:2f:79:04:42:24:e0:cb
:96:12:a9:
95:2d:3a:
13:10:bc:61:79:48:52:5e:28
:30:76:a0:
9d:5a:1f:
9b:d9:31:ac:f0:85:cb:58:33
:18:25:33:
10:55:ff:
f8:16:b2:85:b3:53:bc:b1:12
:bd:84:79:
76:fc:19:
75:74:a6:6a:be:90:42:2d:af
:67:8b:77:
0f:b0:f3:
f2:b1:cd:07:ce:60:90:b6:89
:21:c8:72:
64:92:d8:
e6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
Full Name:
URI:
http://svr-dv-crl.thawte.com/ThawteDV.crl
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Authority Information Access:
OCSP - URI:
http://ocsp.thawte.com
Signature Algorithm: sha1WithRSAEncryption
bd:d3:b3:73:74:f8:51:9a:6e
:b4:61:5b:
96:bc:0d:1
b:b0:00:
54:71:23:7c:d2:89:86:eb:16
:d4:a1:32:
58:3d:16:e
f:cd:34:
75:1e:b7:6b:48:96:02:1c:ba
:9f:ae:a6:
73:b7:0a:f
4:25:fc:
c6:e9:be:5c:6a:d9:94:92:33
:14:91:0e:
75:a8:89:4
0:a6:fb:
3e:f2:98:41:62:99:c7:b7:bb
:80:c6:46:
4a:82:80:c
2:00:54:
9e:09:49:75:22:fb:d3:a9:77
:04:82:f3:
ea:0d:75:6
d:32:10:
d7:e7:ee:46:c9:ae:6c:5d:d7
:cc:62:50:
ba:a4:0e:c
5:b0:2e:
0c:06:8a:ed:49:08:41:5c:48
:40:ae:8f:
d4:47:91:5
1:b8:37:
18:10:56:c4:fd:0a:d0:5b:a9
:0b:b9:4d:
22:c0:d5:6
1:36:06:
8b:f2:2a:0c:5a:96:0b:8b:b1
:3b:b3:d8:
25:3f:54:1
4:32:da:
81:10:43:fb:e9:bc:39:1b:a1
:5f:06:04:
47:b9:17:9
2:b6:6f:
e7:09:15:cc:26:33:2e:31:e5
:5c:1c:e8:
5c:76:63:2
1:23:07:
a1:2c:b2:e9:42:10:d5:ef:83
:b8:0b:2c:
1c:1c:ff:c
d:9f:bd:
66:73:bc:ec:48:ee:85:26:7c
:a6:bb:97:
dd:31:a6:3
2:69:e5:
9d:52:22:fc
[000.742] ssl Certificate 2 of 3 in chain:
-----BEGIN CERTIFICATE-----
MIIERjCCAy6gAwIBAgIQCO7R53
NaPPDmnMbx
x46iizANBg
kqhkiG9w0B
AQUFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1
UEChMMVGhh
d3RlLCBJbm
MuMR0wGwYD
VQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTD
EZMBcGA1UE
AxMQVGhhd3
RlIERWIFNT
TCBDQTAe
Fw0xMTEwMzEwMDAwMDBaFw0xMj
EwMzAyMzU5
NTlaMIG8MR
4wHAYDVQQK
ExVtYWls
LmNpcGhlcnBoYXJtYS5jb20xOz
A5BgNVBAsT
MkdvIHRvIG
h0dHBzOi8v
d3d3LnRo
YXd0ZS5jb20vcmVwb3NpdG9yeS
9pbmRleC5o
dG1sMSIwIA
YDVQQLExlU
aGF3dGUg
U1NMMTIzIGNlcnRpZmljYXRlMR
kwFwYDVQQL
ExBEb21haW
4gVmFsaWRh
dGVkMR4w
HAYDVQQDExVtYWlsLmNpcGhlcn
BoYXJtYS5j
b20wggEiMA
0GCSqGSIb3
DQEBAQUA
A4IBDwAwggEKAoIBAQC7v1lnbO
LWXLD/VG6o
GSAPWMSzj+
QkerAa/e/K
XVzqyJ5o
xtTnik80mdoN9tvK9XTBAscWG1
5KwyGUJx1T
XDPuYl5/Yr
asrdPEnjlx
NQJ0bBjv
5zIgIi22J0QrdthGIuImXyeQR/
rRTMubeOqa
2rr83Bcojj
w5JdOd6slo
wXuk5aV0
dIYTyTuP+iLs8W5XU9DdjY1+3C
7LGQAyV8xH
ZBU97RAdDZ
XFL3kEQiTg
y5YSqZUt
OhMQvGF5SFJeKDB2oJ1aH5vZMa
zwhctYMxgl
MxBV//gWso
WzU7yxEr2E
eXb8GXV0
pmq+kEItr2eLdw+w8/KxzQfOYJ
C2iSHIcmSS
2OZbAgMBAA
GjgaAwgZ0w
DAYDVR0T
AQH/BAIwADA6BgNVHR8EMzAxMC
+gLaArhilo
dHRwOi8vc3
ZyLWR2LWNy
bC50aGF3
dGUuY29tL1RoYXd0ZURWLmNybD
AdBgNVHSUE
FjAUBggrBg
EFBQcDAQYI
KwYBBQUH
AwIwMgYIKwYBBQUHAQEEJjAkMC
IGCCsGAQUF
BzABhhZodH
RwOi8vb2Nz
cC50aGF3
dGUuY29tMA0GCSqGSIb3DQEBBQ
UAA4IBAQC9
07NzdPhRmm
60YVuWvA0b
sABUcSN8
0omG6xbUoTJYPRbvzTR1HrdrSJ
YCHLqfrqZz
twr0JfzG6b
5catmUkjMU
kQ51qIlA
pvs+8phBYpnHt7uAxkZKgoDCAF
SeCUl1IvvT
qXcEgvPqDX
VtMhDX5+5G
ya5sXdfM
YlC6pA7FsC4MBortSQhBXEhAro
/UR5FRuDcY
EFbE/QrQW6
kLuU0iwNVh
NgaL8ioM
WpYLi7E7s9glP1QUMtqBEEP76b
w5G6FfBgRH
uReStm/nCR
XMJjMuMeVc
HOhcdmMh
IwehLLLpQhDV74O4CywcHP/Nn7
1mc7zsSO6F
Jnymu5fdMa
YyaeWdUiL8
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ee:d1:e7:73:5a:3c:f0:e6
:9c:c6:f1:
c7:8e:a2:8
b
Signature Algorithm: sha1WithRSAEncryption
Issuer:
countryName = US
organizationName = Thawte, Inc.
organizationalUnitName = Domain Validated SSL
commonName = Thawte DV SSL CA
Validity
Not Before: Oct 31 00:00:00 2011 GMT
Not After : Oct 30 23:59:59 2012 GMT
Subject:
organizationName = mail.mydomain.com
organizationalUnitName = Go to
https://www.thawte.com/repository/index.html
organizationalUnitName = Thawte SSL123 certificate
organizationalUnitName = Domain Validated
commonName = mail.mydomain.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bb:bf:59:67:6c:e2:d6:5c
:b0:ff:54:
6e:a8:19:
20:0f:58:c4:b3:8f:e4:24:7a
:b0:1a:fd:
ef:ca:5d:
5c:ea:c8:9e:68:c6:d4:e7:8a
:4f:34:99:
da:0d:f6:
db:ca:f5:74:c1:02:c7:16:1b
:5e:4a:c3:
21:94:27:
1d:53:5c:33:ee:62:5e:7f:62
:b6:ac:ad:
d3:c4:9e:
39:71:35:02:74:6c:18:ef:e7
:32:20:22:
2d:b6:27:
44:2b:76:d8:46:22:e2:26:5f
:27:90:47:
fa:d1:4c:
cb:9b:78:ea:9a:da:ba:fc:dc
:17:28:8e:
3c:39:25:
d3:9d:ea:c9:68:c1:7b:a4:e5
:a5:74:74:
86:13:c9:
3b:8f:fa:22:ec:f1:6e:57:53
:d0:dd:8d:
8d:7e:dc:
2e:cb:19:00:32:57:cc:47:64
:15:3d:ed:
10:1d:0d:
95:c5:2f:79:04:42:24:e0:cb
:96:12:a9:
95:2d:3a:
13:10:bc:61:79:48:52:5e:28
:30:76:a0:
9d:5a:1f:
9b:d9:31:ac:f0:85:cb:58:33
:18:25:33:
10:55:ff:
f8:16:b2:85:b3:53:bc:b1:12
:bd:84:79:
76:fc:19:
75:74:a6:6a:be:90:42:2d:af
:67:8b:77:
0f:b0:f3:
f2:b1:cd:07:ce:60:90:b6:89
:21:c8:72:
64:92:d8:
e6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
Full Name:
URI:
http://svr-dv-crl.thawte.com/ThawteDV.crl
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Authority Information Access:
OCSP - URI:
http://ocsp.thawte.com
Signature Algorithm: sha1WithRSAEncryption
bd:d3:b3:73:74:f8:51:9a:6e
:b4:61:5b:
96:bc:0d:1
b:b0:00:
54:71:23:7c:d2:89:86:eb:16
:d4:a1:32:
58:3d:16:e
f:cd:34:
75:1e:b7:6b:48:96:02:1c:ba
:9f:ae:a6:
73:b7:0a:f
4:25:fc:
c6:e9:be:5c:6a:d9:94:92:33
:14:91:0e:
75:a8:89:4
0:a6:fb:
3e:f2:98:41:62:99:c7:b7:bb
:80:c6:46:
4a:82:80:c
2:00:54:
9e:09:49:75:22:fb:d3:a9:77
:04:82:f3:
ea:0d:75:6
d:32:10:
d7:e7:ee:46:c9:ae:6c:5d:d7
:cc:62:50:
ba:a4:0e:c
5:b0:2e:
0c:06:8a:ed:49:08:41:5c:48
:40:ae:8f:
d4:47:91:5
1:b8:37:
18:10:56:c4:fd:0a:d0:5b:a9
:0b:b9:4d:
22:c0:d5:6
1:36:06:
8b:f2:2a:0c:5a:96:0b:8b:b1
:3b:b3:d8:
25:3f:54:1
4:32:da:
81:10:43:fb:e9:bc:39:1b:a1
:5f:06:04:
47:b9:17:9
2:b6:6f:
e7:09:15:cc:26:33:2e:31:e5
:5c:1c:e8:
5c:76:63:2
1:23:07:
a1:2c:b2:e9:42:10:d5:ef:83
:b8:0b:2c:
1c:1c:ff:c
d:9f:bd:
66:73:bc:ec:48:ee:85:26:7c
:a6:bb:97:
dd:31:a6:3
2:69:e5:
9d:52:22:fc
[000.812] ssl Certificate 3 of 3 in chain:
-----BEGIN CERTIFICATE-----
MIIERjCCAy6gAwIBAgIQCO7R53
NaPPDmnMbx
x46iizANBg
kqhkiG9w0B
AQUFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1
UEChMMVGhh
d3RlLCBJbm
MuMR0wGwYD
VQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTD
EZMBcGA1UE
AxMQVGhhd3
RlIERWIFNT
TCBDQTAe
Fw0xMTEwMzEwMDAwMDBaFw0xMj
EwMzAyMzU5
NTlaMIG8MR
4wHAYDVQQK
ExVtYWls
LmNpcGhlcnBoYXJtYS5jb20xOz
A5BgNVBAsT
MkdvIHRvIG
h0dHBzOi8v
d3d3LnRo
YXd0ZS5jb20vcmVwb3NpdG9yeS
9pbmRleC5o
dG1sMSIwIA
YDVQQLExlU
aGF3dGUg
U1NMMTIzIGNlcnRpZmljYXRlMR
kwFwYDVQQL
ExBEb21haW
4gVmFsaWRh
dGVkMR4w
HAYDVQQDExVtYWlsLmNpcGhlcn
BoYXJtYS5j
b20wggEiMA
0GCSqGSIb3
DQEBAQUA
A4IBDwAwggEKAoIBAQC7v1lnbO
LWXLD/VG6o
GSAPWMSzj+
QkerAa/e/K
XVzqyJ5o
xtTnik80mdoN9tvK9XTBAscWG1
5KwyGUJx1T
XDPuYl5/Yr
asrdPEnjlx
NQJ0bBjv
5zIgIi22J0QrdthGIuImXyeQR/
rRTMubeOqa
2rr83Bcojj
w5JdOd6slo
wXuk5aV0
dIYTyTuP+iLs8W5XU9DdjY1+3C
7LGQAyV8xH
ZBU97RAdDZ
XFL3kEQiTg
y5YSqZUt
OhMQvGF5SFJeKDB2oJ1aH5vZMa
zwhctYMxgl
MxBV//gWso
WzU7yxEr2E
eXb8GXV0
pmq+kEItr2eLdw+w8/KxzQfOYJ
C2iSHIcmSS
2OZbAgMBAA
GjgaAwgZ0w
DAYDVR0T
AQH/BAIwADA6BgNVHR8EMzAxMC
+gLaArhilo
dHRwOi8vc3
ZyLWR2LWNy
bC50aGF3
dGUuY29tL1RoYXd0ZURWLmNybD
AdBgNVHSUE
FjAUBggrBg
EFBQcDAQYI
KwYBBQUH
AwIwMgYIKwYBBQUHAQEEJjAkMC
IGCCsGAQUF
BzABhhZodH
RwOi8vb2Nz
cC50aGF3
dGUuY29tMA0GCSqGSIb3DQEBBQ
UAA4IBAQC9
07NzdPhRmm
60YVuWvA0b
sABUcSN8
0omG6xbUoTJYPRbvzTR1HrdrSJ
YCHLqfrqZz
twr0JfzG6b
5catmUkjMU
kQ51qIlA
pvs+8phBYpnHt7uAxkZKgoDCAF
SeCUl1IvvT
qXcEgvPqDX
VtMhDX5+5G
ya5sXdfM
YlC6pA7FsC4MBortSQhBXEhAro
/UR5FRuDcY
EFbE/QrQW6
kLuU0iwNVh
NgaL8ioM
WpYLi7E7s9glP1QUMtqBEEP76b
w5G6FfBgRH
uReStm/nCR
XMJjMuMeVc
HOhcdmMh
IwehLLLpQhDV74O4CywcHP/Nn7
1mc7zsSO6F
Jnymu5fdMa
YyaeWdUiL8
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ee:d1:e7:73:5a:3c:f0:e6
:9c:c6:f1:
c7:8e:a2:8
b
Signature Algorithm: sha1WithRSAEncryption
Issuer:
countryName = US
organizationName = Thawte, Inc.
organizationalUnitName = Domain Validated SSL
commonName = Thawte DV SSL CA
Validity
Not Before: Oct 31 00:00:00 2011 GMT
Not After : Oct 30 23:59:59 2012 GMT
Subject:
organizationName = mail.mydomain.com
organizationalUnitName = Go to
https://www.thawte.com/repository/index.html
organizationalUnitName = Thawte SSL123 certificate
organizationalUnitName = Domain Validated
commonName = mail.mydomain.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bb:bf:59:67:6c:e2:d6:5c
:b0:ff:54:
6e:a8:19:
20:0f:58:c4:b3:8f:e4:24:7a
:b0:1a:fd:
ef:ca:5d:
5c:ea:c8:9e:68:c6:d4:e7:8a
:4f:34:99:
da:0d:f6:
db:ca:f5:74:c1:02:c7:16:1b
:5e:4a:c3:
21:94:27:
1d:53:5c:33:ee:62:5e:7f:62
:b6:ac:ad:
d3:c4:9e:
39:71:35:02:74:6c:18:ef:e7
:32:20:22:
2d:b6:27:
44:2b:76:d8:46:22:e2:26:5f
:27:90:47:
fa:d1:4c:
cb:9b:78:ea:9a:da:ba:fc:dc
:17:28:8e:
3c:39:25:
d3:9d:ea:c9:68:c1:7b:a4:e5
:a5:74:74:
86:13:c9:
3b:8f:fa:22:ec:f1:6e:57:53
:d0:dd:8d:
8d:7e:dc:
2e:cb:19:00:32:57:cc:47:64
:15:3d:ed:
10:1d:0d:
95:c5:2f:79:04:42:24:e0:cb
:96:12:a9:
95:2d:3a:
13:10:bc:61:79:48:52:5e:28
:30:76:a0:
9d:5a:1f:
9b:d9:31:ac:f0:85:cb:58:33
:18:25:33:
10:55:ff:
f8:16:b2:85:b3:53:bc:b1:12
:bd:84:79:
76:fc:19:
75:74:a6:6a:be:90:42:2d:af
:67:8b:77:
0f:b0:f3:
f2:b1:cd:07:ce:60:90:b6:89
:21:c8:72:
64:92:d8:
e6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
Full Name:
URI:
http://svr-dv-crl.thawte.com/ThawteDV.crl
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Authority Information Access:
OCSP - URI:
http://ocsp.thawte.com
Signature Algorithm: sha1WithRSAEncryption
bd:d3:b3:73:74:f8:51:9a:6e
:b4:61:5b:
96:bc:0d:1
b:b0:00:
54:71:23:7c:d2:89:86:eb:16
:d4:a1:32:
58:3d:16:e
f:cd:34:
75:1e:b7:6b:48:96:02:1c:ba
:9f:ae:a6:
73:b7:0a:f
4:25:fc:
c6:e9:be:5c:6a:d9:94:92:33
:14:91:0e:
75:a8:89:4
0:a6:fb:
3e:f2:98:41:62:99:c7:b7:bb
:80:c6:46:
4a:82:80:c
2:00:54:
9e:09:49:75:22:fb:d3:a9:77
:04:82:f3:
ea:0d:75:6
d:32:10:
d7:e7:ee:46:c9:ae:6c:5d:d7
:cc:62:50:
ba:a4:0e:c
5:b0:2e:
0c:06:8a:ed:49:08:41:5c:48
:40:ae:8f:
d4:47:91:5
1:b8:37:
18:10:56:c4:fd:0a:d0:5b:a9
:0b:b9:4d:
22:c0:d5:6
1:36:06:
8b:f2:2a:0c:5a:96:0b:8b:b1
:3b:b3:d8:
25:3f:54:1
4:32:da:
81:10:43:fb:e9:bc:39:1b:a1
:5f:06:04:
47:b9:17:9
2:b6:6f:
e7:09:15:cc:26:33:2e:31:e5
:5c:1c:e8:
5c:76:63:2
1:23:07:
a1:2c:b2:e9:42:10:d5:ef:83
:b8:0b:2c:
1c:1c:ff:c
d:9f:bd:
66:73:bc:ec:48:ee:85:26:7c
:a6:bb:97:
dd:31:a6:3
2:69:e5:
9d:52:22:fc
[000.812] Cert NOT VALIDATED: unable to get local issuer certificate
[000.812] So email is encrypted but the domain is not verified
[000.813] ssl : scheme=http cert=34553944
: identity=mail.mydomain.com
cn=mail.mydomain.com alt=
[000.813] Cert Hostname VERIFIED (mail.mydomain.com)
[000.813] ~~> EHLO checktls.com
[000.814] ssl write_all VM at entry=vm_unknown
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 1890
partial `EHLO checktls.com
'
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 1893
written so far 19:19 bytes (VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 2012
[000.979] ssl got `250 SIZE 31457280
' (19:0 bytes, VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/d
ebug_read.
al) line 1837
[000.979] <~~ 250-mail.mydomain.com
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-DSN
250 SIZE 31457280
[000.980] TLS successfully started on this server
[000.980] ~~> MAIL FROM: <test@checktls.com>
[000.981] ssl write_all VM at entry=vm_unknown
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 1890
partial `MAIL FROM:
'
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 1893
written so far 32:32 bytes (VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 2012
[001.060] ssl got `250 2.1.0 MAIL ok
' (19:0 bytes, VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/d
ebug_read.
al) line 1837
[001.061] <~~ 250 2.1.0 MAIL ok
[001.061] Sender is OK
[001.061] ~~> RCPT TO: <jchan@mydomain.com>
[001.062] ssl write_all VM at entry=vm_unknown
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 1890
partial `RCPT TO:
'
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 1893
written so far 35:35 bytes (VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 2012
[001.143] ssl got `250 2.0.0 Ok
' (14:0 bytes, VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/d
ebug_read.
al) line 1837
[001.143] <~~ 250 2.0.0 Ok
[001.143] Recipient OK, E-mail address proofed
[001.144] ~~> QUIT
[001.145] ssl write_all VM at entry=vm_unknown
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 1890
partial `QUIT
'
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 1893
written so far 6:6 bytes (VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/s
sl_write_a
ll.al) line 2012
[001.224] ssl got `221 2.0.0 Bye
' (15:0 bytes, VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/d
ebug_read.
al) line 1837
[001.224] <~~ 221 2.0.0 Bye
[001.228] ssl : free ctx 33617352 open=33617352
: free ctx 33617352 callback
: OK free ctx 33617352