Hi Does anyone has an idea on which format should i save the ca certificate in the clients (for SSL communication) ? Is it PEM, DER, BER Thanks in advance Yoram
Richard Megginson
2007-Mar-28 19:18 UTC
Re: [Fedora-directory-users] CA certificate format
Yoram Kahana wrote:> Hi > > Does anyone has an idea on which format should i save the ca > certificate in the clients (for SSL communication) ? > Is it PEM, DER, BERIt depends - what client are you trying to configure? Did you see this - http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients> > > Thanks in advance > > Yoram > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Hi Richard, Great thanks for the link, i''ll check it tomorrow morning (it''s late in the evening here). I am using RHEL update 4. Seems that the link contain answers for all i need again Great thanks Yoram On 3/28/07, Richard Megginson <rmeggins@redhat.com> wrote:> > Yoram Kahana wrote: > > Hi > > > > Does anyone has an idea on which format should i save the ca > > certificate in the clients (for SSL communication) ? > > Is it PEM, DER, BER > It depends - what client are you trying to configure? Did you see this > - http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients > > > > > > Thanks in advance > > > > Yoram > > ------------------------------------------------------------------------ > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > >
Hi Richard, Indeed it solved one of the problems, I didnt hash the ca certificte in the client side. now i am getting new message TLS: *hostname does not match CN in peer certificate* ** if i understand the meaning the CN and the hostname are not identical but thats not the situation now. I have also tried the opensll s_client -debug -connect (the output is enclosed) seems that throgh the openssl it works fine, where am i wrong? Can you see if you have any clue great thanks Yoram On 3/28/07, Richard Megginson <rmeggins@redhat.com> wrote:> > Yoram Kahana wrote: > > Hi > > > > Does anyone has an idea on which format should i save the ca > > certificate in the clients (for SSL communication) ? > > Is it PEM, DER, BER > It depends - what client are you trying to configure? Did you see this > - http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients > > > > > > Thanks in advance > > > > Yoram > > ------------------------------------------------------------------------ > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > >
Richard Megginson
2007-Apr-02 15:47 UTC
Re: [Fedora-directory-users] CA certificate format
Yoram Kahana wrote:> Hi Richard, > > Indeed it solved one of the problems, I didnt hash the ca certificte > in the client side. > now i am getting new message > > TLS: *hostname does not match CN in peer certificate* > > ** if i understand the meaning the CN and the hostname are not > identical but thats not the situation now. >The CN in the server cert is CN=r1-ows-07.rocaf.org - the server is running on r1-ows-07.rocaf.org? The error message means there is a mismatch somewhere.> > > I have also tried the opensll s_client -debug -connect (the output is > enclosed) > seems that throgh the openssl it works fine, where am i wrong? > > Can you see if you have any clue > great thanks > Yoram > > > > On 3/28/07, *Richard Megginson* <rmeggins@redhat.com > <mailto:rmeggins@redhat.com>> wrote: > > Yoram Kahana wrote: > > Hi > > > > Does anyone has an idea on which format should i save the ca > > certificate in the clients (for SSL communication) ? > > Is it PEM, DER, BER > It depends - what client are you trying to configure? Did you see > this > - > http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients > > > > > > Thanks in advance > > > > Yoram > > > ------------------------------------------------------------------------ > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > ------------------------------------------------------------------------ > > > openssl s_client -debug -connect r1-ows-07:636 > CONNECTED(00000003) > write to 00675450 [00675F50] (142 bytes => 142 (0x8E)) > 0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ......c... ..9.. > 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............ > 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.....f. > 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .............c.. > 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...........@ > 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`....... > 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 24 9c ..............$. > 0070 - 49 e8 7b b6 bf 6a 36 4a-4a f8 04 25 d9 b8 a7 8e I.{..j6JJ..%.... > 0080 - 57 d7 67 c2 3a 6d 72 d0-d9 37 3f f5 ac 07 W.g.:mr..7?... > read from 00675450 [0067B4B0] (7 bytes => 7 (0x7)) > 0000 - 16 03 01 08 23 02 ....#. > 0007 - <SPACES/NULS> > read from 00675450 [0067B4B7] (2081 bytes => 1441 (0x5A1)) > 0000 - 00 46 03 01 00 28 82 f7-c8 e3 77 83 de 5f 86 53 .F...(....w.._.S > 0010 - 5d 5a 76 33 04 fe bd a6-b8 02 ee 88 c4 bd e8 6c ]Zv3...........l > 0020 - 18 b9 ee f6 20 22 92 d7-0e b4 ae aa df c2 83 b7 .... ".......... > 0030 - 07 22 94 af 91 d8 2a 92-da 0c d6 3e d5 7a ee 8f ."....*....>.z.. > 0040 - 7f 26 28 3a 56 00 35 00-0b 00 06 dd 00 06 da 00 .&(:V.5......... > 0050 - 03 6e 30 82 03 6a 30 82-02 d3 a0 03 02 01 02 02 .n0..j0......... > 0060 - 01 01 30 0d 06 09 2a 86-48 86 f7 0d 01 01 04 05 ..0...*.H....... > 0070 - 00 30 81 83 31 0b 30 09-06 03 55 04 06 13 02 49 .0..1.0...U....I > 0080 - 4c 31 0f 30 0d 06 03 55-04 08 13 06 49 73 72 61 L1.0...U....Isra > 0090 - 65 6c 31 10 30 0e 06 03-55 04 07 13 07 54 65 6c el1.0...U....Tel > 00a0 - 41 76 69 76 31 11 30 0f-06 03 55 04 0a 13 08 4e Aviv1.0...U....N > 00b0 - 65 73 73 20 4c 74 64 31-0e 30 0c 06 03 55 04 0b ess Ltd1.0...U.. > 00c0 - 13 05 4c 4d 41 44 53 31-0e 30 0c 06 03 55 04 03 ..LMADS1.0...U.. > 00d0 - 13 05 59 6f 72 61 6d 31-1e 30 1c 06 09 2a 86 48 ..Yoram1.0...*.H > 00e0 - 86 f7 0d 01 09 01 16 0f-79 6f 72 61 6d 40 62 61 ........yoram@ba > 00f0 - 6d 61 6d 2e 63 6f 6d 30-1e 17 0d 30 37 30 33 32 mam.com0...07032 > 0100 - 39 31 33 35 31 35 35 5a-17 0d 30 38 30 33 32 38 9135155Z..080328 > 0110 - 31 33 35 31 35 35 5a 30-5f 31 0b 30 09 06 03 55 135155Z0_1.0...U > 0120 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 ....IL1.0...U... > 0130 - 06 49 73 72 61 65 6c 31-11 30 0f 06 03 55 04 0a .Israel1.0...U.. > 0140 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness Ltd1.0... > 0150 - 55 04 0b 13 05 4c 4d 41-44 53 31 1c 30 1a 06 03 U....LMADS1.0... > 0160 - 55 04 03 13 13 72 31 2d-6f 77 73 2d 30 37 2e 72 U....r1-ows-07.r > 0170 - 6f 63 61 66 2e 6f 72 67-30 81 9f 30 0d 06 09 2a ocaf.org0..0...* > 0180 - 86 48 86 f7 0d 01 01 01-05 00 03 81 8d 00 30 81 .H............0. > 0190 - 89 02 81 81 00 c5 12 31-28 e2 de c6 4a 3d 59 7e .......1(...J=Y~ > 01a0 - d8 f2 c4 5e ca 00 6a 08-52 c1 58 ce 3a 38 dc 58 ...^..j.R.X.:8.X > 01b0 - 7d 0b c9 83 5d 9e 77 bc-09 9f c4 6e 5a 54 19 ff }...].w....nZT.. > 01c0 - 7b 3f 14 6b 40 51 ed 42-ba 34 d8 89 49 07 21 2b {?.k@Q.B.4..I.!+ > 01d0 - 89 4f bf 9c 5c 15 1b 61-03 1f 2f 95 b3 23 1b 6f .O..\..a../..#.o > 01e0 - c2 a9 a2 21 17 ab 62 10-ef 27 27 ae d8 46 84 4b ...!..b..''''..F.K > 01f0 - 86 b6 f2 8d b1 3e 45 0d-16 1a 8e 99 90 6d a4 5e .....>E......m.^ > 0200 - 6e 9a f6 f2 b5 d0 fb cb-c2 ec f0 a3 7a 5b 20 59 n...........z[ Y > 0210 - 02 00 13 80 0f 02 03 01-00 01 a3 82 01 0f 30 82 ..............0. > 0220 - 01 0b 30 09 06 03 55 1d-13 04 02 30 00 30 2c 06 ..0...U....0.0,. > 0230 - 09 60 86 48 01 86 f8 42-01 0d 04 1f 16 1d 4f 70 .`.H...B......Op > 0240 - 65 6e 53 53 4c 20 47 65-6e 65 72 61 74 65 64 20 enSSL Generated > 0250 - 43 65 72 74 69 66 69 63-61 74 65 30 1d 06 03 55 Certificate0...U > 0260 - 1d 0e 04 16 04 14 f8 72-da cb af d2 d8 e1 18 17 .......r........ > 0270 - ec 9e 80 10 89 d1 13 07-a6 e3 30 81 b0 06 03 55 ..........0....U > 0280 - 1d 23 04 81 a8 30 81 a5-80 14 26 9a 3c 03 60 32 .#...0....&.<.`2 > 0290 - a4 25 36 ce 56 ae 33 a1-30 45 e2 85 27 a2 a1 81 .%6.V.3.0E..''... > 02a0 - 89 a4 81 86 30 81 83 31-0b 30 09 06 03 55 04 06 ....0..1.0...U.. > 02b0 - 13 02 49 4c 31 0f 30 0d-06 03 55 04 08 13 06 49 ..IL1.0...U....I > 02c0 - 73 72 61 65 6c 31 10 30-0e 06 03 55 04 07 13 07 srael1.0...U.... > 02d0 - 54 65 6c 41 76 69 76 31-11 30 0f 06 03 55 04 0a TelAviv1.0...U.. > 02e0 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness Ltd1.0... > 02f0 - 55 04 0b 13 05 4c 4d 41-44 53 31 0e 30 0c 06 03 U....LMADS1.0... > 0300 - 55 04 03 13 05 59 6f 72-61 6d 31 1e 30 1c 06 09 U....Yoram1.0... > 0310 - 2a 86 48 86 f7 0d 01 09-01 16 0f 79 6f 72 61 6d *.H........yoram > 0320 - 40 62 61 6d 61 6d 2e 63-6f 6d 82 01 00 30 0d 06 @bamam.com...0.. > 0330 - 09 2a 86 48 86 f7 0d 01-01 04 05 00 03 81 81 00 .*.H............ > 0340 - 88 38 ad c8 e4 df c9 85-68 2f e6 8b d0 1f 37 fd .8......h/....7. > 0350 - c4 7d 0c ca 01 5f 58 fb-3d 00 d4 f0 d0 f3 fe bb .}..._X.=....... > 0360 - e5 7f e2 44 6f 8c 43 7a-9f cc d6 6b 85 40 9c 04 ...Do.Cz...k.@.. > 0370 - 22 20 28 32 bf f9 d9 a5-85 e3 62 7a fb e7 2c 54 " (2......bz..,T > 0380 - 7a 45 bc b8 a9 4e ce 9e-9d 87 37 d0 06 4b 06 c7 zE...N....7..K.. > 0390 - 51 d4 27 c9 77 f7 e7 c2-2d ac 3d bb 4e 43 df 69 Q.''.w...-.=.NC.i > 03a0 - b8 54 8c 80 4e 86 d7 a0-86 3a c2 a3 7d 15 ab 31 .T..N....:..}..1 > 03b0 - 3f 19 6a d7 09 bb 89 5b-ce 30 83 33 4c 7a bc 5c ?.j....[.0.3Lz.\ > 03c0 - 00 03 66 30 82 03 62 30-82 02 cb a0 03 02 01 02 ..f0..b0........ > 03d0 - 02 01 00 30 0d 06 09 2a-86 48 86 f7 0d 01 01 04 ...0...*.H...... > 03e0 - 05 00 30 81 83 31 0b 30-09 06 03 55 04 06 13 02 ..0..1.0...U.... > 03f0 - 49 4c 31 0f 30 0d 06 03-55 04 08 13 06 49 73 72 IL1.0...U....Isr > 0400 - 61 65 6c 31 10 30 0e 06-03 55 04 07 13 07 54 65 ael1.0...U....Te > 0410 - 6c 41 76 69 76 31 11 30-0f 06 03 55 04 0a 13 08 lAviv1.0...U.... > 0420 - 4e 65 73 73 20 4c 74 64-31 0e 30 0c 06 03 55 04 Ness Ltd1.0...U. > 0430 - 0b 13 05 4c 4d 41 44 53-31 0e 30 0c 06 03 55 04 ...LMADS1.0...U. > 0440 - 03 13 05 59 6f 72 61 6d-31 1e 30 1c 06 09 2a 86 ...Yoram1.0...*. > 0450 - 48 86 f7 0d 01 09 01 16-0f 79 6f 72 61 6d 40 62 H........yoram@b > 0460 - 61 6d 61 6d 2e 63 6f 6d-30 1e 17 0d 30 37 30 33 amam.com0...0703 > 0470 - 32 39 31 33 35 31 33 34-5a 17 0d 30 38 30 33 32 29135134Z..08032 > 0480 - 38 31 33 35 31 33 34 5a-30 81 83 31 0b 30 09 06 8135134Z0..1.0.. > 0490 - 03 55 04 06 13 02 49 4c-31 0f 30 0d 06 03 55 04 .U....IL1.0...U. > 04a0 - 08 13 06 49 73 72 61 65-6c 31 10 30 0e 06 03 55 ...Israel1.0...U > 04b0 - 04 07 13 07 54 65 6c 41-76 69 76 31 11 30 0f 06 ....TelAviv1.0.. > 04c0 - 03 55 04 0a 13 08 4e 65-73 73 20 4c 74 64 31 0e .U....Ness Ltd1. > 04d0 - 30 0c 06 03 55 04 0b 13-05 4c 4d 41 44 53 31 0e 0...U....LMADS1. > 04e0 - 30 0c 06 03 55 04 03 13-05 59 6f 72 61 6d 31 1e 0...U....Yoram1. > 04f0 - 30 1c 06 09 2a 86 48 86-f7 0d 01 09 01 16 0f 79 0...*.H........y > 0500 - 6f 72 61 6d 40 62 61 6d-61 6d 2e 63 6f 6d 30 81 oram@bamam.com0. > 0510 - 9f 30 0d 06 09 2a 86 48-86 f7 0d 01 01 01 05 00 .0...*.H........ > 0520 - 03 81 8d 00 30 81 89 02-81 81 00 a1 9c f4 b7 8b ....0........... > 0530 - 80 35 c5 b7 60 73 da bb-01 7d 33 36 74 1f 67 5d .5..`s...}36t.g] > 0540 - eb ff b5 ca 79 1a 1b 3a-9d ce da 62 4c c8 19 0b ....y..:...bL... > 0550 - 80 e0 7c 4a 4f bb 8f 59-05 b7 a8 c2 ae 5b fe 7c ..|JO..Y.....[.| > 0560 - 74 91 e5 cf d3 54 3b 4e-88 24 50 84 24 b2 16 d8 t....T;N.$P.$... > 0570 - 9c 1d bd 8c 31 8b d7 28-df 06 24 a8 e1 76 b7 72 ....1..(..$..v.r > 0580 - ee 37 75 e2 89 84 b7 ed-51 76 2c b3 1a eb 6c 5c .7u.....Qv,...l\ > 0590 - 64 87 7d 3a 12 39 4b c0-23 fa a8 63 0e a0 77 c8 d.}:.9K.#..c..w. > 05a0 - 4d M > read from 00675450 [0067BA58] (640 bytes => 640 (0x280)) > 0000 - 9c b7 59 cc 06 a3 ad 79-6c 53 02 03 01 00 01 a3 ..Y....ylS...... > 0010 - 81 e3 30 81 e0 30 1d 06-03 55 1d 0e 04 16 04 14 ..0..0...U...... > 0020 - 26 9a 3c 03 60 32 a4 25-36 ce 56 ae 33 a1 30 45 &.<.`2.%6.V.3.0E > 0030 - e2 85 27 a2 30 81 b0 06-03 55 1d 23 04 81 a8 30 ..''.0....U.#...0 > 0040 - 81 a5 80 14 26 9a 3c 03-60 32 a4 25 36 ce 56 ae ....&.<.`2.%6.V. > 0050 - 33 a1 30 45 e2 85 27 a2-a1 81 89 a4 81 86 30 81 3.0E..''.......0. > 0060 - 83 31 0b 30 09 06 03 55-04 06 13 02 49 4c 31 0f .1.0...U....IL1. > 0070 - 30 0d 06 03 55 04 08 13-06 49 73 72 61 65 6c 31 0...U....Israel1 > 0080 - 10 30 0e 06 03 55 04 07-13 07 54 65 6c 41 76 69 .0...U....TelAvi > 0090 - 76 31 11 30 0f 06 03 55-04 0a 13 08 4e 65 73 73 v1.0...U....Ness > 00a0 - 20 4c 74 64 31 0e 30 0c-06 03 55 04 0b 13 05 4c Ltd1.0...U....L > 00b0 - 4d 41 44 53 31 0e 30 0c-06 03 55 04 03 13 05 59 MADS1.0...U....Y > 00c0 - 6f 72 61 6d 31 1e 30 1c-06 09 2a 86 48 86 f7 0d oram1.0...*.H... > 00d0 - 01 09 01 16 0f 79 6f 72-61 6d 40 62 61 6d 61 6d .....yoram@bamam > 00e0 - 2e 63 6f 6d 82 01 00 30-0c 06 03 55 1d 13 04 05 .com...0...U.... > 00f0 - 30 03 01 01 ff 30 0d 06-09 2a 86 48 86 f7 0d 01 0....0...*.H.... > 0100 - 01 04 05 00 03 81 81 00-39 46 ea ff b6 f0 6f 69 ........9F....oi > 0110 - e4 69 d5 bd a6 d5 86 be-a5 91 a2 53 46 75 db c6 .i.........SFu.. > 0120 - 5f 60 a1 f8 dc b2 54 27-d5 e6 d5 e1 ad d6 08 cd _`....T''........ > 0130 - 42 5a 07 e7 e3 4f 0b 45-23 47 36 98 3e b1 be 09 BZ...O.E#G6.>... > 0140 - 12 fe bc 50 e4 1a 93 6d-4a aa d5 56 f4 40 94 26 ...P...mJ..V.@.& > 0150 - 69 b9 a1 21 3c 04 46 17-84 4b 96 88 1c 20 9b 9a i..!<.F..K... .. > 0160 - 5b 6d 33 d6 4d ce 64 1d-15 85 78 3c 2a 1f 33 38 [m3.M.d...x<*.38 > 0170 - 96 39 58 39 88 ba 36 cc-af ce 8c 40 fc 45 5a b1 .9X9..6....@.EZ. > 0180 - 65 ba 8c 15 24 d1 52 b6-0d 00 00 f0 02 01 02 00 e...$.R......... > 0190 - eb 00 61 30 5f 31 0b 30-09 06 03 55 04 06 13 02 ..a0_1.0...U.... > 01a0 - 55 53 31 20 30 1e 06 03-55 04 0a 13 17 52 53 41 US1 0...U....RSA > 01b0 - 20 44 61 74 61 20 53 65-63 75 72 69 74 79 2c 20 Data Security, > 01c0 - 49 6e 63 2e 31 2e 30 2c-06 03 55 04 0b 13 25 53 Inc.1.0,..U...%S > 01d0 - 65 63 75 72 65 20 53 65-72 76 65 72 20 43 65 72 ecure Server Cer > 01e0 - 74 69 66 69 63 61 74 69-6f 6e 20 41 75 74 68 6f tification Autho > 01f0 - 72 69 74 79 00 86 30 81-83 31 0b 30 09 06 03 55 rity..0..1.0...U > 0200 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 ....IL1.0...U... > 0210 - 06 49 73 72 61 65 6c 31-10 30 0e 06 03 55 04 07 .Israel1.0...U.. > 0220 - 13 07 54 65 6c 41 76 69-76 31 11 30 0f 06 03 55 ..TelAviv1.0...U > 0230 - 04 0a 13 08 4e 65 73 73-20 4c 74 64 31 0e 30 0c ....Ness Ltd1.0. > 0240 - 06 03 55 04 0b 13 05 4c-4d 41 44 53 31 0e 30 0c ..U....LMADS1.0. > 0250 - 06 03 55 04 03 13 05 59-6f 72 61 6d 31 1e 30 1c ..U....Yoram1.0. > 0260 - 06 09 2a 86 48 86 f7 0d-01 09 01 16 0f 79 6f 72 ..*.H........yor > 0270 - 61 6d 40 62 61 6d 61 6d-2e 63 6f 6d 0e am@bamam.com. > 0280 - <SPACES/NULS> > depth=1 /C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > verify error:num=19:self signed certificate in certificate chain > verify return:0 > write to 00675450 [00687150] (12 bytes => 12 (0xC)) > 0000 - 16 03 01 00 07 0b 00 00-03 ......... > 000c - <SPACES/NULS> > write to 00675450 [00687150] (139 bytes => 139 (0x8B)) > 0000 - 16 03 01 00 86 10 00 00-82 00 80 37 d0 c6 7a 6b ...........7..zk > 0010 - 54 18 16 df d0 6f 90 8f-b1 8a 45 45 7f 15 47 04 T....o....EE..G. > 0020 - 10 ba 23 1a f9 f7 54 50-05 ee 4c e9 79 fe 31 1a ..#...TP..L.y.1. > 0030 - e2 c1 4a e9 f5 e2 b9 e1-d5 17 e6 e8 28 a9 ee 76 ..J.........(..v > 0040 - b9 ce 5f 59 68 62 a3 8c-07 ee e0 0e 91 b4 df 0d .._Yhb.......... > 0050 - 71 9b ce 38 d2 4b 3d d9-c4 1f e9 74 0e 96 c5 cb q..8.K=....t.... > 0060 - d3 12 57 6c 9a 0c 3b fd-83 3a e4 fd a6 2a ee 8c ..Wl..;..:...*.. > 0070 - e1 67 eb d2 11 3b 6a 03-9c a0 73 38 10 76 89 f0 .g...;j...s8.v.. > 0080 - 81 03 dd 91 4d 43 7d 99-f4 a4 b6 ....MC}.... > write to 00675450 [00687150] (6 bytes => 6 (0x6)) > 0000 - 14 03 01 00 01 01 ...... > write to 00675450 [00687150] (53 bytes => 53 (0x35)) > 0000 - 16 03 01 00 30 09 40 51-48 34 87 0b 53 20 ff 0d ....0.@QH4..S .. > 0010 - 2f 7c 96 04 a6 cc 0d bf-4a 76 b1 4e 4d bb fa 39 /|......Jv.NM..9 > 0020 - 4b 60 6e 47 3e 87 41 77-9c a2 e3 7b 1b 36 0e 9e K`nG>.Aw...{.6.. > 0030 - c6 4c 74 eb 7a .Lt.z > read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > 0000 - 14 03 01 00 01 ..... > read from 00675450 [0067B4B5] (1 bytes => 1 (0x1)) > 0000 - 01 . > read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > 0000 - 16 03 01 00 30 ....0 > read from 00675450 [0067B4B5] (48 bytes => 48 (0x30)) > 0000 - 75 da a7 8d 28 fb 5d c1-b5 04 0a 9e c1 00 d1 19 u...(.]......... > 0010 - 9f 74 ff 44 38 4b f3 57-73 e7 f4 0f d1 8b 9c a5 .t.D8K.Ws....... > 0020 - 92 39 22 4d 7e 78 c9 66-ff d4 48 81 8a 15 2b e1 .9"M~x.f..H...+. > --- > Certificate chain > 0 s:/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > i:/C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > 1 s:/C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > i:/C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > --- > Server certificate > -----BEGIN CERTIFICATE----- > MIIDajCCAtOgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBgzELMAkGA1UEBhMCSUwx > DzANBgNVBAgTBklzcmFlbDEQMA4GA1UEBxMHVGVsQXZpdjERMA8GA1UEChMITmVz > cyBMdGQxDjAMBgNVBAsTBUxNQURTMQ4wDAYDVQQDEwVZb3JhbTEeMBwGCSqGSIb3 > DQEJARYPeW9yYW1AYmFtYW0uY29tMB4XDTA3MDMyOTEzNTE1NVoXDTA4MDMyODEz > NTE1NVowXzELMAkGA1UEBhMCSUwxDzANBgNVBAgTBklzcmFlbDERMA8GA1UEChMI > TmVzcyBMdGQxDjAMBgNVBAsTBUxNQURTMRwwGgYDVQQDExNyMS1vd3MtMDcucm9j > YWYub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFEjEo4t7GSj1Zftjy > xF7KAGoIUsFYzjo43Fh9C8mDXZ53vAmfxG5aVBn/ez8Ua0BR7UK6NNiJSQchK4lP > v5xcFRthAx8vlbMjG2/CqaIhF6tiEO8nJ67YRoRLhrbyjbE+RQ0WGo6ZkG2kXm6a > 9vK10PvLwuzwo3pbIFkCABOADwIDAQABo4IBDzCCAQswCQYDVR0TBAIwADAsBglg > hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O > BBYEFPhy2suv0tjhGBfsnoAQidETB6bjMIGwBgNVHSMEgagwgaWAFCaaPANgMqQl > Ns5WrjOhMEXihSeioYGJpIGGMIGDMQswCQYDVQQGEwJJTDEPMA0GA1UECBMGSXNy > YWVsMRAwDgYDVQQHEwdUZWxBdml2MREwDwYDVQQKEwhOZXNzIEx0ZDEOMAwGA1UE > CxMFTE1BRFMxDjAMBgNVBAMTBVlvcmFtMR4wHAYJKoZIhvcNAQkBFg95b3JhbUBi > YW1hbS5jb22CAQAwDQYJKoZIhvcNAQEEBQADgYEAiDityOTfyYVoL+aL0B83/cR9 > DMoBX1j7PQDU8NDz/rvlf+JEb4xDep/M1muFQJwEIiAoMr/52aWF42J6++csVHpF > vLipTs6enYc30AZLBsdR1CfJd/fnwi2sPbtOQ99puFSMgE6G16CGOsKjfRWrMT8Z > atcJu4lbzjCDM0x6vFw> -----END CERTIFICATE----- > subject=/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > issuer=/C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > --- > Acceptable client certificate CA names > /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority > /C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > --- > SSL handshake has read 2147 bytes and written 352 bytes > --- > New, TLSv1/SSLv3, Cipher is AES256-SHA > Server public key is 1024 bit > SSL-Session: > Protocol : TLSv1 > Cipher : AES256-SHA > Session-ID: 2292D70EB4AEAADFC283B7072294AF91D82A92DA0CD63ED57AEE8F7F26283A56 > Session-ID-ctx: > Master-Key: 5D9CC7C076BF70BBAECB1BC1588E666C75EB12956F231AF9B3E2F3F4E164AF7BFEEAC912F7482E286F9C819F199FB3E1 > Key-Arg : None > Krb5 Principal: None > Start Time: 1175181192 > Timeout : 300 (sec) > Verify return code: 19 (self signed certificate in certificate chain) > --- > > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
Hi Richard, Thanks for your answer, This is my problem, i cant see any mismatch. Do you know of any other possibilities or ways of debug it? Thanks in advance Yoram On 4/2/07, Richard Megginson <rmeggins@redhat.com> wrote:> > Yoram Kahana wrote: > > Hi Richard, > > > > Indeed it solved one of the problems, I didnt hash the ca certificte > > in the client side. > > now i am getting new message > > > > TLS: *hostname does not match CN in peer certificate* > > > > ** if i understand the meaning the CN and the hostname are not > > identical but thats not the situation now. > > > The CN in the server cert is CN=r1-ows-07.rocaf.org - the server is > running on r1-ows-07.rocaf.org? > > The error message means there is a mismatch somewhere. > > > > > > I have also tried the opensll s_client -debug -connect (the output is > > enclosed) > > seems that throgh the openssl it works fine, where am i wrong? > > > > Can you see if you have any clue > > great thanks > > Yoram > > > > > > > > On 3/28/07, *Richard Megginson* <rmeggins@redhat.com > > <mailto:rmeggins@redhat.com>> wrote: > > > > Yoram Kahana wrote: > > > Hi > > > > > > Does anyone has an idea on which format should i save the ca > > > certificate in the clients (for SSL communication) ? > > > Is it PEM, DER, BER > > It depends - what client are you trying to configure? Did you see > > this > > - > > > http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients > > > > > > > > > Thanks in advance > > > > > > Yoram > > > > > > ------------------------------------------------------------------------ > > > > > > > > -- > > > Fedora-directory-users mailing list > > > Fedora-directory-users@redhat.com > > <mailto:Fedora-directory-users@redhat.com> > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > > <mailto:Fedora-directory-users@redhat.com> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > > ------------------------------------------------------------------------ > > > > > > openssl s_client -debug -connect r1-ows-07:636 > > CONNECTED(00000003) > > write to 00675450 [00675F50] (142 bytes => 142 (0x8E)) > > 0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ......c... > ..9.. > > 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 > 8..5............ > > 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 > ..3..2../.....f. > > 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 > .............c.. > > 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 > b..a...........@ > > 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 > ..e..d..`....... > > 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 24 9c > ..............$. > > 0070 - 49 e8 7b b6 bf 6a 36 4a-4a f8 04 25 d9 b8 a7 8e > I.{..j6JJ..%.... > > 0080 - 57 d7 67 c2 3a 6d 72 d0-d9 37 3f f5 ac 07 W.g.:mr..7?... > > read from 00675450 [0067B4B0] (7 bytes => 7 (0x7)) > > 0000 - 16 03 01 08 23 02 ....#. > > 0007 - <SPACES/NULS> > > read from 00675450 [0067B4B7] (2081 bytes => 1441 (0x5A1)) > > 0000 - 00 46 03 01 00 28 82 f7-c8 e3 77 83 de 5f 86 53 > .F...(....w.._.S > > 0010 - 5d 5a 76 33 04 fe bd a6-b8 02 ee 88 c4 bd e8 6c > ]Zv3...........l > > 0020 - 18 b9 ee f6 20 22 92 d7-0e b4 ae aa df c2 83 b7 .... > ".......... > > 0030 - 07 22 94 af 91 d8 2a 92-da 0c d6 3e d5 7a ee 8f > ."....*....>.z.. > > 0040 - 7f 26 28 3a 56 00 35 00-0b 00 06 dd 00 06 da 00 .&(:V.5........ > . > > 0050 - 03 6e 30 82 03 6a 30 82-02 d3 a0 03 02 01 02 02 > .n0..j0......... > > 0060 - 01 01 30 0d 06 09 2a 86-48 86 f7 0d 01 01 04 05 > ..0...*.H....... > > 0070 - 00 30 81 83 31 0b 30 09-06 03 55 04 06 13 02 49 > .0..1.0...U....I > > 0080 - 4c 31 0f 30 0d 06 03 55-04 08 13 06 49 73 72 61 > L1.0...U....Isra > > 0090 - 65 6c 31 10 30 0e 06 03-55 04 07 13 07 54 65 6c > el1.0...U....Tel > > 00a0 - 41 76 69 76 31 11 30 0f-06 03 55 04 0a 13 08 4e > Aviv1.0...U....N > > 00b0 - 65 73 73 20 4c 74 64 31-0e 30 0c 06 03 55 04 0b ess Ltd1.0...U. > . > > 00c0 - 13 05 4c 4d 41 44 53 31-0e 30 0c 06 03 55 04 03 > ..LMADS1.0...U.. > > 00d0 - 13 05 59 6f 72 61 6d 31-1e 30 1c 06 09 2a 86 48 > ..Yoram1.0...*.H > > 00e0 - 86 f7 0d 01 09 01 16 0f-79 6f 72 61 6d 40 62 61 > ........yoram@ba > > 00f0 - 6d 61 6d 2e 63 6f 6d 30-1e 17 0d 30 37 30 33 32 > mam.com0...07032 > > 0100 - 39 31 33 35 31 35 35 5a-17 0d 30 38 30 33 32 38 > 9135155Z..080328 > > 0110 - 31 33 35 31 35 35 5a 30-5f 31 0b 30 09 06 03 55 > 135155Z0_1.0...U > > 0120 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 > ....IL1.0...U... > > 0130 - 06 49 73 72 61 65 6c 31-11 30 0f 06 03 55 04 0a > .Israel1.0...U.. > > 0140 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness Ltd1.0.. > . > > 0150 - 55 04 0b 13 05 4c 4d 41-44 53 31 1c 30 1a 06 03 > U....LMADS1.0... > > 0160 - 55 04 03 13 13 72 31 2d-6f 77 73 2d 30 37 2e 72 U....r1- > ows-07.r > > 0170 - 6f 63 61 66 2e 6f 72 67-30 81 9f 30 0d 06 09 2a > ocaf.org0..0...* > > 0180 - 86 48 86 f7 0d 01 01 01-05 00 03 81 8d 00 30 81 > .H............0. > > 0190 - 89 02 81 81 00 c5 12 31-28 e2 de c6 4a 3d 59 7e > .......1(...J=Y~ > > 01a0 - d8 f2 c4 5e ca 00 6a 08-52 c1 58 ce 3a 38 dc 58 ...^..j.R.X.: > 8.X > > 01b0 - 7d 0b c9 83 5d 9e 77 bc-09 9f c4 6e 5a 54 19 ff > }...].w....nZT.. > > 01c0 - 7b 3f 14 6b 40 51 ed 42-ba 34 d8 89 49 07 21 2b {?.k@ > Q.B.4..I.!+ > > 01d0 - 89 4f bf 9c 5c 15 1b 61-03 1f 2f 95 b3 23 1b 6f > .O..\..a../..#.o > > 01e0 - c2 a9 a2 21 17 ab 62 10-ef 27 27 ae d8 46 84 4b > ...!..b..''''..F.K > > 01f0 - 86 b6 f2 8d b1 3e 45 0d-16 1a 8e 99 90 6d a4 5e > .....>E......m.^ > > 0200 - 6e 9a f6 f2 b5 d0 fb cb-c2 ec f0 a3 7a 5b 20 59 n...........z[ > Y > > 0210 - 02 00 13 80 0f 02 03 01-00 01 a3 82 01 0f 30 82 > ..............0. > > 0220 - 01 0b 30 09 06 03 55 1d-13 04 02 30 00 30 2c 06 > ..0...U....0.0,. > > 0230 - 09 60 86 48 01 86 f8 42-01 0d 04 1f 16 1d 4f 70 > .`.H...B......Op > > 0240 - 65 6e 53 53 4c 20 47 65-6e 65 72 61 74 65 64 20 enSSL Generated > > 0250 - 43 65 72 74 69 66 69 63-61 74 65 30 1d 06 03 55 > Certificate0...U > > 0260 - 1d 0e 04 16 04 14 f8 72-da cb af d2 d8 e1 18 17 > .......r........ > > 0270 - ec 9e 80 10 89 d1 13 07-a6 e3 30 81 b0 06 03 55 > ..........0....U > > 0280 - 1d 23 04 81 a8 30 81 a5-80 14 26 9a 3c 03 60 32 > .#...0....&.<.`2 > > 0290 - a4 25 36 ce 56 ae 33 a1-30 45 e2 85 27 a2 a1 81 > .%6.V.3.0E..''... > > 02a0 - 89 a4 81 86 30 81 83 31-0b 30 09 06 03 55 04 06 > ....0..1.0...U.. > > 02b0 - 13 02 49 4c 31 0f 30 0d-06 03 55 04 08 13 06 49 > ..IL1.0...U....I > > 02c0 - 73 72 61 65 6c 31 10 30-0e 06 03 55 04 07 13 07 srael1.0...U... > . > > 02d0 - 54 65 6c 41 76 69 76 31-11 30 0f 06 03 55 04 0a TelAviv1.0...U. > . > > 02e0 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness Ltd1.0.. > . > > 02f0 - 55 04 0b 13 05 4c 4d 41-44 53 31 0e 30 0c 06 03 > U....LMADS1.0... > > 0300 - 55 04 03 13 05 59 6f 72-61 6d 31 1e 30 1c 06 09 > U....Yoram1.0... > > 0310 - 2a 86 48 86 f7 0d 01 09-01 16 0f 79 6f 72 61 6d > *.H........yoram > > 0320 - 40 62 61 6d 61 6d 2e 63-6f 6d 82 01 00 30 0d 06 @bamam.com...0. > . > > 0330 - 09 2a 86 48 86 f7 0d 01-01 04 05 00 03 81 81 00 > .*.H............ > > 0340 - 88 38 ad c8 e4 df c9 85-68 2f e6 8b d0 1f 37 fd > .8......h/....7. > > 0350 - c4 7d 0c ca 01 5f 58 fb-3d 00 d4 f0 d0 f3 fe bb > .}..._X.=....... > > 0360 - e5 7f e2 44 6f 8c 43 7a-9f cc d6 6b 85 40 9c 04 > ...Do.Cz...k.@.. > > 0370 - 22 20 28 32 bf f9 d9 a5-85 e3 62 7a fb e7 2c 54 " > (2......bz..,T > > 0380 - 7a 45 bc b8 a9 4e ce 9e-9d 87 37 d0 06 4b 06 c7 > zE...N....7..K.. > > 0390 - 51 d4 27 c9 77 f7 e7 c2-2d ac 3d bb 4e 43 df 69 > Q.''.w...-.=.NC.i > > 03a0 - b8 54 8c 80 4e 86 d7 a0-86 3a c2 a3 7d 15 ab 31 > .T..N....:..}..1 > > 03b0 - 3f 19 6a d7 09 bb 89 5b-ce 30 83 33 4c 7a bc 5c > ?.j....[.0.3Lz.\ > > 03c0 - 00 03 66 30 82 03 62 30-82 02 cb a0 03 02 01 02 > ..f0..b0........ > > 03d0 - 02 01 00 30 0d 06 09 2a-86 48 86 f7 0d 01 01 04 > ...0...*.H...... > > 03e0 - 05 00 30 81 83 31 0b 30-09 06 03 55 04 06 13 02 > ..0..1.0...U.... > > 03f0 - 49 4c 31 0f 30 0d 06 03-55 04 08 13 06 49 73 72 > IL1.0...U....Isr > > 0400 - 61 65 6c 31 10 30 0e 06-03 55 04 07 13 07 54 65 > ael1.0...U....Te > > 0410 - 6c 41 76 69 76 31 11 30-0f 06 03 55 04 0a 13 08 lAviv1.0...U... > . > > 0420 - 4e 65 73 73 20 4c 74 64-31 0e 30 0c 06 03 55 04 Ness Ltd1.0...U > . > > 0430 - 0b 13 05 4c 4d 41 44 53-31 0e 30 0c 06 03 55 04 > ...LMADS1.0...U. > > 0440 - 03 13 05 59 6f 72 61 6d-31 1e 30 1c 06 09 2a 86 > ...Yoram1.0...*. > > 0450 - 48 86 f7 0d 01 09 01 16-0f 79 6f 72 61 6d 40 62 > H........yoram@b > > 0460 - 61 6d 61 6d 2e 63 6f 6d-30 1e 17 0d 30 37 30 33 > amam.com0...0703 > > 0470 - 32 39 31 33 35 31 33 34-5a 17 0d 30 38 30 33 32 > 29135134Z..08032 > > 0480 - 38 31 33 35 31 33 34 5a-30 81 83 31 0b 30 09 06 > 8135134Z0..1.0.. > > 0490 - 03 55 04 06 13 02 49 4c-31 0f 30 0d 06 03 55 04 > .U....IL1.0...U. > > 04a0 - 08 13 06 49 73 72 61 65-6c 31 10 30 0e 06 03 55 > ...Israel1.0...U > > 04b0 - 04 07 13 07 54 65 6c 41-76 69 76 31 11 30 0f 06 > ....TelAviv1.0.. > > 04c0 - 03 55 04 0a 13 08 4e 65-73 73 20 4c 74 64 31 0e .U....Ness > Ltd1. > > 04d0 - 30 0c 06 03 55 04 0b 13-05 4c 4d 41 44 53 31 0e > 0...U....LMADS1. > > 04e0 - 30 0c 06 03 55 04 03 13-05 59 6f 72 61 6d 31 1e > 0...U....Yoram1. > > 04f0 - 30 1c 06 09 2a 86 48 86-f7 0d 01 09 01 16 0f 79 > 0...*.H........y > > 0500 - 6f 72 61 6d 40 62 61 6d-61 6d 2e 63 6f 6d 30 81 oram@bamam.com0 > . > > 0510 - 9f 30 0d 06 09 2a 86 48-86 f7 0d 01 01 01 05 00 > .0...*.H........ > > 0520 - 03 81 8d 00 30 81 89 02-81 81 00 a1 9c f4 b7 8b > ....0........... > > 0530 - 80 35 c5 b7 60 73 da bb-01 7d 33 36 74 1f 67 5d > .5..`s...}36t.g] > > 0540 - eb ff b5 ca 79 1a 1b 3a-9d ce da 62 4c c8 19 0b > ....y..:...bL... > > 0550 - 80 e0 7c 4a 4f bb 8f 59-05 b7 a8 c2 ae 5b fe 7c > ..|JO..Y.....[.| > > 0560 - 74 91 e5 cf d3 54 3b 4e-88 24 50 84 24 b2 16 d8 > t....T;N.$P.$... > > 0570 - 9c 1d bd 8c 31 8b d7 28-df 06 24 a8 e1 76 b7 72 > ....1..(..$..v.r > > 0580 - ee 37 75 e2 89 84 b7 ed-51 76 2c b3 1a eb 6c 5c > .7u.....Qv,...l\ > > 0590 - 64 87 7d 3a 12 39 4b c0-23 fa a8 63 0e a0 77 c8 > d.}:.9K.#..c..w. > > 05a0 - 4d M > > read from 00675450 [0067BA58] (640 bytes => 640 (0x280)) > > 0000 - 9c b7 59 cc 06 a3 ad 79-6c 53 02 03 01 00 01 a3 > ..Y....ylS...... > > 0010 - 81 e3 30 81 e0 30 1d 06-03 55 1d 0e 04 16 04 14 > ..0..0...U...... > > 0020 - 26 9a 3c 03 60 32 a4 25-36 ce 56 ae 33 a1 30 45 > &.<.`2.%6.V.3.0E > > 0030 - e2 85 27 a2 30 81 b0 06-03 55 1d 23 04 81 a8 30 > ..''.0....U.#...0 > > 0040 - 81 a5 80 14 26 9a 3c 03-60 32 a4 25 36 ce 56 ae > ....&.<.`2.%6.V. > > 0050 - 33 a1 30 45 e2 85 27 a2-a1 81 89 a4 81 86 30 81 3.0E..''.......0 > . > > 0060 - 83 31 0b 30 09 06 03 55-04 06 13 02 49 4c 31 0f > .1.0...U....IL1. > > 0070 - 30 0d 06 03 55 04 08 13-06 49 73 72 61 65 6c 31 > 0...U....Israel1 > > 0080 - 10 30 0e 06 03 55 04 07-13 07 54 65 6c 41 76 69 > .0...U....TelAvi > > 0090 - 76 31 11 30 0f 06 03 55-04 0a 13 08 4e 65 73 73 > v1.0...U....Ness > > 00a0 - 20 4c 74 64 31 0e 30 0c-06 03 55 04 0b 13 05 4c > Ltd1.0...U....L > > 00b0 - 4d 41 44 53 31 0e 30 0c-06 03 55 04 03 13 05 59 > MADS1.0...U....Y > > 00c0 - 6f 72 61 6d 31 1e 30 1c-06 09 2a 86 48 86 f7 0d oram1.0...*.H.. > . > > 00d0 - 01 09 01 16 0f 79 6f 72-61 6d 40 62 61 6d 61 6d > .....yoram@bamam > > 00e0 - 2e 63 6f 6d 82 01 00 30-0c 06 03 55 1d 13 04 05 > .com...0...U.... > > 00f0 - 30 03 01 01 ff 30 0d 06-09 2a 86 48 86 f7 0d 01 > 0....0...*.H.... > > 0100 - 01 04 05 00 03 81 81 00-39 46 ea ff b6 f0 6f 69 > ........9F....oi > > 0110 - e4 69 d5 bd a6 d5 86 be-a5 91 a2 53 46 75 db c6 > .i.........SFu.. > > 0120 - 5f 60 a1 f8 dc b2 54 27-d5 e6 d5 e1 ad d6 08 cd > _`....T''........ > > 0130 - 42 5a 07 e7 e3 4f 0b 45-23 47 36 98 3e b1 be 09 > BZ...O.E#G6.>... > > 0140 - 12 fe bc 50 e4 1a 93 6d-4a aa d5 56 f4 40 94 26 > ...P...mJ..V.@.& > > 0150 - 69 b9 a1 21 3c 04 46 17-84 4b 96 88 1c 20 9b 9a i..!<.F..K... > .. > > 0160 - 5b 6d 33 d6 4d ce 64 1d-15 85 78 3c 2a 1f 33 38 [m3.M.d...x > <*.38 > > 0170 - 96 39 58 39 88 ba 36 cc-af ce 8c 40 fc 45 5a b1 > .9X9..6....@.EZ. > > 0180 - 65 ba 8c 15 24 d1 52 b6-0d 00 00 f0 02 01 02 00 > e...$.R......... > > 0190 - eb 00 61 30 5f 31 0b 30-09 06 03 55 04 06 13 02 > ..a0_1.0...U.... > > 01a0 - 55 53 31 20 30 1e 06 03-55 04 0a 13 17 52 53 41 US1 > 0...U....RSA > > 01b0 - 20 44 61 74 61 20 53 65-63 75 72 69 74 79 2c 20 Data Security, > > 01c0 - 49 6e 63 2e 31 2e 30 2c-06 03 55 04 0b 13 25 53 Inc.1.0 > ,..U...%S > > 01d0 - 65 63 75 72 65 20 53 65-72 76 65 72 20 43 65 72 ecure Server > Cer > > 01e0 - 74 69 66 69 63 61 74 69-6f 6e 20 41 75 74 68 6f tification > Autho > > 01f0 - 72 69 74 79 00 86 30 81-83 31 0b 30 09 06 03 55 > rity..0..1.0...U > > 0200 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 > ....IL1.0...U... > > 0210 - 06 49 73 72 61 65 6c 31-10 30 0e 06 03 55 04 07 > .Israel1.0...U.. > > 0220 - 13 07 54 65 6c 41 76 69-76 31 11 30 0f 06 03 55 > ..TelAviv1.0...U > > 0230 - 04 0a 13 08 4e 65 73 73-20 4c 74 64 31 0e 30 0c ....Ness Ltd1.0 > . > > 0240 - 06 03 55 04 0b 13 05 4c-4d 41 44 53 31 0e 30 0c > ..U....LMADS1.0. > > 0250 - 06 03 55 04 03 13 05 59-6f 72 61 6d 31 1e 30 1c > ..U....Yoram1.0. > > 0260 - 06 09 2a 86 48 86 f7 0d-01 09 01 16 0f 79 6f 72 > ..*.H........yor > > 0270 - 61 6d 40 62 61 6d 61 6d-2e 63 6f 6d 0e am@bamam.com. > > 0280 - <SPACES/NULS> > > depth=1 /C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > > verify error:num=19:self signed certificate in certificate chain > > verify return:0 > > write to 00675450 [00687150] (12 bytes => 12 (0xC)) > > 0000 - 16 03 01 00 07 0b 00 00-03 ......... > > 000c - <SPACES/NULS> > > write to 00675450 [00687150] (139 bytes => 139 (0x8B)) > > 0000 - 16 03 01 00 86 10 00 00-82 00 80 37 d0 c6 7a 6b > ...........7..zk > > 0010 - 54 18 16 df d0 6f 90 8f-b1 8a 45 45 7f 15 47 04 > T....o....EE..G. > > 0020 - 10 ba 23 1a f9 f7 54 50-05 ee 4c e9 79 fe 31 1a > ..#...TP..L.y.1. > > 0030 - e2 c1 4a e9 f5 e2 b9 e1-d5 17 e6 e8 28 a9 ee 76 > ..J.........(..v > > 0040 - b9 ce 5f 59 68 62 a3 8c-07 ee e0 0e 91 b4 df 0d > .._Yhb.......... > > 0050 - 71 9b ce 38 d2 4b 3d d9-c4 1f e9 74 0e 96 c5 cb > q..8.K=....t.... > > 0060 - d3 12 57 6c 9a 0c 3b fd-83 3a e4 fd a6 2a ee 8c > ..Wl..;..:...*.. > > 0070 - e1 67 eb d2 11 3b 6a 03-9c a0 73 38 10 76 89 f0 > .g...;j...s8.v.. > > 0080 - 81 03 dd 91 4d 43 7d 99-f4 a4 b6 ....MC}.... > > write to 00675450 [00687150] (6 bytes => 6 (0x6)) > > 0000 - 14 03 01 00 01 01 ...... > > write to 00675450 [00687150] (53 bytes => 53 (0x35)) > > 0000 - 16 03 01 00 30 09 40 51-48 34 87 0b 53 20 ff 0d ....0.@QH4..S > .. > > 0010 - 2f 7c 96 04 a6 cc 0d bf-4a 76 b1 4e 4d bb fa 39 > /|......Jv.NM..9 > > 0020 - 4b 60 6e 47 3e 87 41 77-9c a2 e3 7b 1b 36 0e 9e > K`nG>.Aw...{.6.. > > 0030 - c6 4c 74 eb 7a .Lt.z > > read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > > 0000 - 14 03 01 00 01 ..... > > read from 00675450 [0067B4B5] (1 bytes => 1 (0x1)) > > 0000 - 01 . > > read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > > 0000 - 16 03 01 00 30 ....0 > > read from 00675450 [0067B4B5] (48 bytes => 48 (0x30)) > > 0000 - 75 da a7 8d 28 fb 5d c1-b5 04 0a 9e c1 00 d1 19 > u...(.]......... > > 0010 - 9f 74 ff 44 38 4b f3 57-73 e7 f4 0f d1 8b 9c a5 > .t.D8K.Ws....... > > 0020 - 92 39 22 4d 7e 78 c9 66-ff d4 48 81 8a 15 2b e1 > .9"M~x.f..H...+. > > --- > > Certificate chain > > 0 s:/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > > i:/C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > > 1 s:/C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > > i:/C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > > --- > > Server certificate > > -----BEGIN CERTIFICATE----- > > MIIDajCCAtOgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBgzELMAkGA1UEBhMCSUwx > > DzANBgNVBAgTBklzcmFlbDEQMA4GA1UEBxMHVGVsQXZpdjERMA8GA1UEChMITmVz > > cyBMdGQxDjAMBgNVBAsTBUxNQURTMQ4wDAYDVQQDEwVZb3JhbTEeMBwGCSqGSIb3 > > DQEJARYPeW9yYW1AYmFtYW0uY29tMB4XDTA3MDMyOTEzNTE1NVoXDTA4MDMyODEz > > NTE1NVowXzELMAkGA1UEBhMCSUwxDzANBgNVBAgTBklzcmFlbDERMA8GA1UEChMI > > TmVzcyBMdGQxDjAMBgNVBAsTBUxNQURTMRwwGgYDVQQDExNyMS1vd3MtMDcucm9j > > YWYub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFEjEo4t7GSj1Zftjy > > xF7KAGoIUsFYzjo43Fh9C8mDXZ53vAmfxG5aVBn/ez8Ua0BR7UK6NNiJSQchK4lP > > v5xcFRthAx8vlbMjG2/CqaIhF6tiEO8nJ67YRoRLhrbyjbE+RQ0WGo6ZkG2kXm6a > > 9vK10PvLwuzwo3pbIFkCABOADwIDAQABo4IBDzCCAQswCQYDVR0TBAIwADAsBglg > > hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O > > BBYEFPhy2suv0tjhGBfsnoAQidETB6bjMIGwBgNVHSMEgagwgaWAFCaaPANgMqQl > > Ns5WrjOhMEXihSeioYGJpIGGMIGDMQswCQYDVQQGEwJJTDEPMA0GA1UECBMGSXNy > > YWVsMRAwDgYDVQQHEwdUZWxBdml2MREwDwYDVQQKEwhOZXNzIEx0ZDEOMAwGA1UE > > CxMFTE1BRFMxDjAMBgNVBAMTBVlvcmFtMR4wHAYJKoZIhvcNAQkBFg95b3JhbUBi > > YW1hbS5jb22CAQAwDQYJKoZIhvcNAQEEBQADgYEAiDityOTfyYVoL+aL0B83/cR9 > > DMoBX1j7PQDU8NDz/rvlf+JEb4xDep/M1muFQJwEIiAoMr/52aWF42J6++csVHpF > > vLipTs6enYc30AZLBsdR1CfJd/fnwi2sPbtOQ99puFSMgE6G16CGOsKjfRWrMT8Z > > atcJu4lbzjCDM0x6vFw> > -----END CERTIFICATE----- > > subject=/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > > issuer=/C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > > --- > > Acceptable client certificate CA names > > /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority > > /C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress> yoram@bamam.com > > --- > > SSL handshake has read 2147 bytes and written 352 bytes > > --- > > New, TLSv1/SSLv3, Cipher is AES256-SHA > > Server public key is 1024 bit > > SSL-Session: > > Protocol : TLSv1 > > Cipher : AES256-SHA > > Session-ID: > 2292D70EB4AEAADFC283B7072294AF91D82A92DA0CD63ED57AEE8F7F26283A56 > > Session-ID-ctx: > > Master-Key: > 5D9CC7C076BF70BBAECB1BC1588E666C75EB12956F231AF9B3E2F3F4E164AF7BFEEAC912F7482E286F9C819F199FB3E1 > > Key-Arg : None > > Krb5 Principal: None > > Start Time: 1175181192 > > Timeout : 300 (sec) > > Verify return code: 19 (self signed certificate in certificate > chain) > > --- > > > > > > > > ------------------------------------------------------------------------ > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > >
Richard Megginson
2007-Apr-03 20:55 UTC
Re: [Fedora-directory-users] CA certificate format
Yoram Kahana wrote:> Hi Richard, > > Thanks for your answer, This is my problem, i cant see any mismatch. > Do you know of any other possibilities or ways of debug it?No, sorry.> > Thanks in advance > Yoram > > On 4/2/07, *Richard Megginson* <rmeggins@redhat.com > <mailto:rmeggins@redhat.com>> wrote: > > Yoram Kahana wrote: > > Hi Richard, > > > > Indeed it solved one of the problems, I didnt hash the ca certificte > > in the client side. > > now i am getting new message > > > > TLS: *hostname does not match CN in peer certificate* > > > > ** if i understand the meaning the CN and the hostname are not > > identical but thats not the situation now. > > > The CN in the server cert is CN=r1-ows-07.rocaf.org > <http://r1-ows-07.rocaf.org> - the server is > running on r1-ows-07.rocaf.org <http://r1-ows-07.rocaf.org>? > > The error message means there is a mismatch somewhere. > > > > > > I have also tried the opensll s_client -debug -connect (the > output is > > enclosed) > > seems that throgh the openssl it works fine, where am i wrong? > > > > Can you see if you have any clue > > great thanks > > Yoram > > > > > > > > On 3/28/07, *Richard Megginson* < rmeggins@redhat.com > <mailto:rmeggins@redhat.com> > > <mailto:rmeggins@redhat.com <mailto:rmeggins@redhat.com>>> wrote: > > > > Yoram Kahana wrote: > > > Hi > > > > > > Does anyone has an idea on which format should i save the ca > > > certificate in the clients (for SSL communication) ? > > > Is it PEM, DER, BER > > It depends - what client are you trying to configure? Did > you see > > this > > - > > > http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients > > > > > > > > > Thanks in advance > > > > > > Yoram > > > > > > ------------------------------------------------------------------------ > > > > > > > > -- > > > Fedora-directory-users mailing list > > > Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com> > > <mailto: Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com>> > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com> > > <mailto: Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com>> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > > > > > ------------------------------------------------------------------------ > > > > > > openssl s_client -debug -connect r1-ows-07:636 > > CONNECTED(00000003) > > write to 00675450 [00675F50] (142 bytes => 142 (0x8E)) > > 0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 > ......c... ..9.. > > 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 > 8..5............ > > 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 > ..3..2../.....f. > > 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 > .............c.. > > 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 > b..a...........@ > > 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 > ..e..d..`....... > > 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 24 9c > ..............$. > > 0070 - 49 e8 7b b6 bf 6a 36 4a-4a f8 04 25 d9 b8 a7 8e > I.{..j6JJ..%.... > > 0080 - 57 d7 67 c2 3a 6d 72 d0-d9 37 3f f5 ac 07 > W.g.:mr..7?... > > read from 00675450 [0067B4B0] (7 bytes => 7 (0x7)) > > 0000 - 16 03 01 08 23 02 ....#. > > 0007 - <SPACES/NULS> > > read from 00675450 [0067B4B7] (2081 bytes => 1441 (0x5A1)) > > 0000 - 00 46 03 01 00 28 82 f7-c8 e3 77 83 de 5f 86 53 > .F...(....w.._.S > > 0010 - 5d 5a 76 33 04 fe bd a6-b8 02 ee 88 c4 bd e8 6c > ]Zv3...........l > > 0020 - 18 b9 ee f6 20 22 92 d7-0e b4 ae aa df c2 83 b7 .... > ".......... > > 0030 - 07 22 94 af 91 d8 2a 92-da 0c d6 3e d5 7a ee 8f > ."....*....>.z.. > > 0040 - 7f 26 28 3a 56 00 35 00-0b 00 06 dd 00 06 da 00 > .&(:V.5......... > > 0050 - 03 6e 30 82 03 6a 30 82-02 d3 a0 03 02 01 02 02 > .n0..j0......... > > 0060 - 01 01 30 0d 06 09 2a 86-48 86 f7 0d 01 01 04 05 > ..0...*.H....... > > 0070 - 00 30 81 83 31 0b 30 09-06 03 55 04 06 13 02 49 > .0..1.0...U....I > > 0080 - 4c 31 0f 30 0d 06 03 55-04 08 13 06 49 73 72 61 > L1.0...U....Isra > > 0090 - 65 6c 31 10 30 0e 06 03-55 04 07 13 07 54 65 6c > el1.0...U....Tel > > 00a0 - 41 76 69 76 31 11 30 0f-06 03 55 04 0a 13 08 4e > Aviv1.0...U....N > > 00b0 - 65 73 73 20 4c 74 64 31-0e 30 0c 06 03 55 04 0b ess > Ltd1.0...U.. > > 00c0 - 13 05 4c 4d 41 44 53 31-0e 30 0c 06 03 55 04 03 > ..LMADS1.0...U.. > > 00d0 - 13 05 59 6f 72 61 6d 31-1e 30 1c 06 09 2a 86 48 > ..Yoram1.0...*.H > > 00e0 - 86 f7 0d 01 09 01 16 0f-79 6f 72 61 6d 40 62 61 > ........yoram@ba > > 00f0 - 6d 61 6d 2e 63 6f 6d 30-1e 17 0d 30 37 30 33 32 > mam.com0...07032 > > 0100 - 39 31 33 35 31 35 35 5a-17 0d 30 38 30 33 32 38 > 9135155Z..080328 > > 0110 - 31 33 35 31 35 35 5a 30-5f 31 0b 30 09 06 03 55 > 135155Z0_1.0...U > > 0120 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 > ....IL1.0...U... > > 0130 - 06 49 73 72 61 65 6c 31-11 30 0f 06 03 55 04 0a > .Israel1.0...U.. > > 0140 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness > Ltd1.0... > > 0150 - 55 04 0b 13 05 4c 4d 41-44 53 31 1c 30 1a 06 03 > U....LMADS1.0... > > 0160 - 55 04 03 13 13 72 31 2d-6f 77 73 2d 30 37 2e 72 > U....r1-ows-07.r > > 0170 - 6f 63 61 66 2e 6f 72 67-30 81 9f 30 0d 06 09 2a > ocaf.org0..0...* > > 0180 - 86 48 86 f7 0d 01 01 01-05 00 03 81 8d 00 30 81 > .H............0. > > 0190 - 89 02 81 81 00 c5 12 31-28 e2 de c6 4a 3d 59 7e > .......1(...J=Y~ > > 01a0 - d8 f2 c4 5e ca 00 6a 08-52 c1 58 ce 3a 38 dc 58 > ...^..j.R.X.: 8.X > > 01b0 - 7d 0b c9 83 5d 9e 77 bc-09 9f c4 6e 5a 54 19 ff > }...].w....nZT.. > > 01c0 - 7b 3f 14 6b 40 51 ed 42-ba 34 d8 89 49 07 21 2b > {?.k@Q.B.4..I.!+ > > 01d0 - 89 4f bf 9c 5c 15 1b 61-03 1f 2f 95 b3 23 1b 6f > .O..\..a../..#.o > > 01e0 - c2 a9 a2 21 17 ab 62 10-ef 27 27 ae d8 46 84 4b > ...!..b..''''..F.K > > 01f0 - 86 b6 f2 8d b1 3e 45 0d-16 1a 8e 99 90 6d a4 5e > .....>E......m.^ > > 0200 - 6e 9a f6 f2 b5 d0 fb cb-c2 ec f0 a3 7a 5b 20 59 > n...........z[ Y > > 0210 - 02 00 13 80 0f 02 03 01-00 01 a3 82 01 0f 30 82 > ..............0. > > 0220 - 01 0b 30 09 06 03 55 1d-13 04 02 30 00 30 2c 06 > ..0...U....0.0,. > > 0230 - 09 60 86 48 01 86 f8 42-01 0d 04 1f 16 1d 4f 70 > .`.H...B......Op > > 0240 - 65 6e 53 53 4c 20 47 65-6e 65 72 61 74 65 64 20 enSSL > Generated > > 0250 - 43 65 72 74 69 66 69 63-61 74 65 30 1d 06 03 55 > Certificate0...U > > 0260 - 1d 0e 04 16 04 14 f8 72-da cb af d2 d8 e1 18 17 > .......r........ > > 0270 - ec 9e 80 10 89 d1 13 07-a6 e3 30 81 b0 06 03 55 > ..........0....U > > 0280 - 1d 23 04 81 a8 30 81 a5-80 14 26 9a 3c 03 60 32 > .#...0....&.<.`2 > > 0290 - a4 25 36 ce 56 ae 33 a1-30 45 e2 85 27 a2 a1 81 > .%6.V.3.0E..''... > > 02a0 - 89 a4 81 86 30 81 83 31-0b 30 09 06 03 55 04 06 > ....0..1.0...U.. > > 02b0 - 13 02 49 4c 31 0f 30 0d-06 03 55 04 08 13 06 49 > ..IL1.0...U....I > > 02c0 - 73 72 61 65 6c 31 10 30-0e 06 03 55 04 07 13 07 > srael1.0...U.... > > 02d0 - 54 65 6c 41 76 69 76 31-11 30 0f 06 03 55 04 0a > TelAviv1.0...U.. > > 02e0 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness > Ltd1.0... > > 02f0 - 55 04 0b 13 05 4c 4d 41-44 53 31 0e 30 0c 06 03 > U....LMADS1.0... > > 0300 - 55 04 03 13 05 59 6f 72-61 6d 31 1e 30 1c 06 09 > U....Yoram1.0... > > 0310 - 2a 86 48 86 f7 0d 01 09-01 16 0f 79 6f 72 61 6d > *.H........yoram > > 0320 - 40 62 61 6d 61 6d 2e 63-6f 6d 82 01 00 30 0d 06 @ > bamam.com...0.. > > 0330 - 09 2a 86 48 86 f7 0d 01-01 04 05 00 03 81 81 00 > .*.H............ > > 0340 - 88 38 ad c8 e4 df c9 85-68 2f e6 8b d0 1f 37 fd > .8......h/....7. > > 0350 - c4 7d 0c ca 01 5f 58 fb-3d 00 d4 f0 d0 f3 fe bb > .}..._X.=....... > > 0360 - e5 7f e2 44 6f 8c 43 7a-9f cc d6 6b 85 40 9c 04 > ...Do.Cz...k.@.. > > 0370 - 22 20 28 32 bf f9 d9 a5-85 e3 62 7a fb e7 2c 54 " > (2......bz..,T > > 0380 - 7a 45 bc b8 a9 4e ce 9e-9d 87 37 d0 06 4b 06 c7 > zE...N....7..K.. > > 0390 - 51 d4 27 c9 77 f7 e7 c2-2d ac 3d bb 4e 43 df 69 > Q.''.w...-.=.NC.i > > 03a0 - b8 54 8c 80 4e 86 d7 a0-86 3a c2 a3 7d 15 ab 31 > .T..N....:..}..1 > > 03b0 - 3f 19 6a d7 09 bb 89 5b-ce 30 83 33 4c 7a bc 5c > ?.j....[.0.3Lz.\ > > 03c0 - 00 03 66 30 82 03 62 30-82 02 cb a0 03 02 01 02 > ..f0..b0........ > > 03d0 - 02 01 00 30 0d 06 09 2a-86 48 86 f7 0d 01 01 04 > ...0...*.H...... > > 03e0 - 05 00 30 81 83 31 0b 30-09 06 03 55 04 06 13 02 > ..0..1.0...U.... > > 03f0 - 49 4c 31 0f 30 0d 06 03-55 04 08 13 06 49 73 72 > IL1.0...U....Isr > > 0400 - 61 65 6c 31 10 30 0e 06-03 55 04 07 13 07 54 65 > ael1.0...U....Te > > 0410 - 6c 41 76 69 76 31 11 30-0f 06 03 55 04 0a 13 08 > lAviv1.0...U.... > > 0420 - 4e 65 73 73 20 4c 74 64-31 0e 30 0c 06 03 55 04 Ness > Ltd1.0...U. > > 0430 - 0b 13 05 4c 4d 41 44 53-31 0e 30 0c 06 03 55 04 > ...LMADS1.0...U. > > 0440 - 03 13 05 59 6f 72 61 6d-31 1e 30 1c 06 09 2a 86 > ...Yoram1.0...*. > > 0450 - 48 86 f7 0d 01 09 01 16-0f 79 6f 72 61 6d 40 62 > H........yoram@b > > 0460 - 61 6d 61 6d 2e 63 6f 6d-30 1e 17 0d 30 37 30 33 > amam.com0...0703 > > 0470 - 32 39 31 33 35 31 33 34-5a 17 0d 30 38 30 33 32 > 29135134Z..08032 > > 0480 - 38 31 33 35 31 33 34 5a-30 81 83 31 0b 30 09 06 > 8135134Z0..1.0.. > > 0490 - 03 55 04 06 13 02 49 4c-31 0f 30 0d 06 03 55 04 > .U....IL1.0...U. > > 04a0 - 08 13 06 49 73 72 61 65-6c 31 10 30 0e 06 03 55 > ...Israel1.0...U > > 04b0 - 04 07 13 07 54 65 6c 41-76 69 76 31 11 30 0f 06 > ....TelAviv1.0.. > > 04c0 - 03 55 04 0a 13 08 4e 65-73 73 20 4c 74 64 31 0e > .U....Ness Ltd1. > > 04d0 - 30 0c 06 03 55 04 0b 13-05 4c 4d 41 44 53 31 0e > 0...U....LMADS1. > > 04e0 - 30 0c 06 03 55 04 03 13-05 59 6f 72 61 6d 31 1e > 0...U....Yoram1. > > 04f0 - 30 1c 06 09 2a 86 48 86-f7 0d 01 09 01 16 0f 79 > 0...*.H........y > > 0500 - 6f 72 61 6d 40 62 61 6d-61 6d 2e 63 6f 6d 30 81 > oram@bamam.com0 <mailto:oram@bamam.com0>. > > 0510 - 9f 30 0d 06 09 2a 86 48-86 f7 0d 01 01 01 05 00 > .0...*.H........ > > 0520 - 03 81 8d 00 30 81 89 02-81 81 00 a1 9c f4 b7 8b > ....0........... > > 0530 - 80 35 c5 b7 60 73 da bb-01 7d 33 36 74 1f 67 5d > .5..`s...}36t.g] > > 0540 - eb ff b5 ca 79 1a 1b 3a-9d ce da 62 4c c8 19 0b > ....y..:...bL... > > 0550 - 80 e0 7c 4a 4f bb 8f 59-05 b7 a8 c2 ae 5b fe 7c > ..|JO..Y.....[.| > > 0560 - 74 91 e5 cf d3 54 3b 4e-88 24 50 84 24 b2 16 d8 > t....T;N.$P.$... > > 0570 - 9c 1d bd 8c 31 8b d7 28-df 06 24 a8 e1 76 b7 72 > ....1..(..$..v.r > > 0580 - ee 37 75 e2 89 84 b7 ed-51 76 2c b3 1a eb 6c 5c > .7u.....Qv,...l\ > > 0590 - 64 87 7d 3a 12 39 4b c0-23 fa a8 63 0e a0 77 c8 > d.}:.9K.#..c..w. > > 05a0 - 4d M > > read from 00675450 [0067BA58] (640 bytes => 640 (0x280)) > > 0000 - 9c b7 59 cc 06 a3 ad 79-6c 53 02 03 01 00 01 a3 > ..Y....ylS...... > > 0010 - 81 e3 30 81 e0 30 1d 06-03 55 1d 0e 04 16 04 14 > ..0..0...U...... > > 0020 - 26 9a 3c 03 60 32 a4 25-36 ce 56 ae 33 a1 30 45 > &.<.`2.%6.V.3.0E > > 0030 - e2 85 27 a2 30 81 b0 06-03 55 1d 23 04 81 a8 30 > ..''.0....U.#...0 > > 0040 - 81 a5 80 14 26 9a 3c 03-60 32 a4 25 36 ce 56 ae > ....&.<.`2.%6.V. > > 0050 - 33 a1 30 45 e2 85 27 a2-a1 81 89 a4 81 86 30 81 > 3.0E..''.......0. > > 0060 - 83 31 0b 30 09 06 03 55-04 06 13 02 49 4c 31 0f > .1.0...U....IL1. > > 0070 - 30 0d 06 03 55 04 08 13-06 49 73 72 61 65 6c 31 > 0...U....Israel1 > > 0080 - 10 30 0e 06 03 55 04 07-13 07 54 65 6c 41 76 69 > .0...U....TelAvi > > 0090 - 76 31 11 30 0f 06 03 55-04 0a 13 08 4e 65 73 73 > v1.0...U....Ness > > 00a0 - 20 4c 74 64 31 0e 30 0c-06 03 55 04 0b 13 05 > 4c Ltd1.0...U....L > > 00b0 - 4d 41 44 53 31 0e 30 0c-06 03 55 04 03 13 05 59 > MADS1.0...U....Y > > 00c0 - 6f 72 61 6d 31 1e 30 1c-06 09 2a 86 48 86 f7 0d > oram1.0...*.H... > > 00d0 - 01 09 01 16 0f 79 6f 72-61 6d 40 62 61 6d 61 6d > .....yoram@bamam > > 00e0 - 2e 63 6f 6d 82 01 00 30-0c 06 03 55 1d 13 04 05 > .com...0...U.... > > 00f0 - 30 03 01 01 ff 30 0d 06-09 2a 86 48 86 f7 0d 01 > 0....0...*.H.... > > 0100 - 01 04 05 00 03 81 81 00-39 46 ea ff b6 f0 6f 69 > ........9F....oi > > 0110 - e4 69 d5 bd a6 d5 86 be-a5 91 a2 53 46 75 db c6 > .i.........SFu.. > > 0120 - 5f 60 a1 f8 dc b2 54 27-d5 e6 d5 e1 ad d6 08 cd > _`....T''........ > > 0130 - 42 5a 07 e7 e3 4f 0b 45-23 47 36 98 3e b1 be 09 > BZ...O.E#G6.>... > > 0140 - 12 fe bc 50 e4 1a 93 6d-4a aa d5 56 f4 40 94 26 > ...P...mJ..V.@.& > > 0150 - 69 b9 a1 21 3c 04 46 17-84 4b 96 88 1c 20 9b 9a > i..!<.F..K... .. > > 0160 - 5b 6d 33 d6 4d ce 64 1d-15 85 78 3c 2a 1f 33 38 > [m3.M.d...x<*.38 > > 0170 - 96 39 58 39 88 ba 36 cc-af ce 8c 40 fc 45 5a b1 > .9X9..6....@.EZ. > > 0180 - 65 ba 8c 15 24 d1 52 b6-0d 00 00 f0 02 01 02 00 > e...$.R......... > > 0190 - eb 00 61 30 5f 31 0b 30-09 06 03 55 04 06 13 02 > ..a0_1.0...U.... > > 01a0 - 55 53 31 20 30 1e 06 03-55 04 0a 13 17 52 53 41 US1 > 0...U....RSA > > 01b0 - 20 44 61 74 61 20 53 65-63 75 72 69 74 79 2c 20 Data > Security, > > 01c0 - 49 6e 63 2e 31 2e 30 2c-06 03 55 04 0b 13 25 53 > Inc.1.0,..U...%S > > 01d0 - 65 63 75 72 65 20 53 65-72 76 65 72 20 43 65 72 ecure > Server Cer > > 01e0 - 74 69 66 69 63 61 74 69-6f 6e 20 41 75 74 68 6f > tification Autho > > 01f0 - 72 69 74 79 00 86 30 81-83 31 0b 30 09 06 03 55 > rity..0..1.0...U > > 0200 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 > ....IL1.0...U... > > 0210 - 06 49 73 72 61 65 6c 31-10 30 0e 06 03 55 04 07 > .Israel1.0...U.. > > 0220 - 13 07 54 65 6c 41 76 69-76 31 11 30 0f 06 03 55 > ..TelAviv1.0...U > > 0230 - 04 0a 13 08 4e 65 73 73-20 4c 74 64 31 0e 30 0c > ....Ness Ltd1.0. > > 0240 - 06 03 55 04 0b 13 05 4c-4d 41 44 53 31 0e 30 0c > ..U....LMADS1.0. > > 0250 - 06 03 55 04 03 13 05 59-6f 72 61 6d 31 1e 30 1c > ..U....Yoram1.0. > > 0260 - 06 09 2a 86 48 86 f7 0d-01 09 01 16 0f 79 6f 72 > ..*.H........yor > > 0270 - 61 6d 40 62 61 6d 61 6d-2e 63 6f 6d > 0e am@bamam.com <mailto:am@bamam.com>. > > 0280 - <SPACES/NULS> > > depth=1 /C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress= yoram@bamam.com > <mailto:yoram@bamam.com> > > verify error:num=19:self signed certificate in certificate chain > > verify return:0 > > write to 00675450 [00687150] (12 bytes => 12 (0xC)) > > 0000 - 16 03 01 00 07 0b 00 00-03 ......... > > 000c - <SPACES/NULS> > > write to 00675450 [00687150] (139 bytes => 139 (0x8B)) > > 0000 - 16 03 01 00 86 10 00 00-82 00 80 37 d0 c6 7a 6b > ...........7..zk > > 0010 - 54 18 16 df d0 6f 90 8f-b1 8a 45 45 7f 15 47 04 > T....o....EE..G. > > 0020 - 10 ba 23 1a f9 f7 54 50-05 ee 4c e9 79 fe 31 1a > ..#...TP..L.y.1. > > 0030 - e2 c1 4a e9 f5 e2 b9 e1-d5 17 e6 e8 28 a9 ee 76 > ..J.........(..v > > 0040 - b9 ce 5f 59 68 62 a3 8c-07 ee e0 0e 91 b4 df 0d > .._Yhb.......... > > 0050 - 71 9b ce 38 d2 4b 3d d9-c4 1f e9 74 0e 96 c5 cb > q..8.K=....t.... > > 0060 - d3 12 57 6c 9a 0c 3b fd-83 3a e4 fd a6 2a ee 8c > ..Wl..;..:...*.. > > 0070 - e1 67 eb d2 11 3b 6a 03-9c a0 73 38 10 76 89 f0 > .g...;j...s8.v.. > > 0080 - 81 03 dd 91 4d 43 7d 99-f4 a4 b6 ....MC}.... > > write to 00675450 [00687150] (6 bytes => 6 (0x6)) > > 0000 - 14 03 01 00 01 01 ...... > > write to 00675450 [00687150] (53 bytes => 53 (0x35)) > > 0000 - 16 03 01 00 30 09 40 51-48 34 87 0b 53 20 ff 0d > ....0.@QH4..S .. > > 0010 - 2f 7c 96 04 a6 cc 0d bf-4a 76 b1 4e 4d bb fa 39 > /|......Jv.NM..9 > > 0020 - 4b 60 6e 47 3e 87 41 77-9c a2 e3 7b 1b 36 0e 9e > K`nG>.Aw...{.6.. > > 0030 - c6 4c 74 eb 7a .Lt.z > > read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > > 0000 - 14 03 01 00 01 ..... > > read from 00675450 [0067B4B5] (1 bytes => 1 (0x1)) > > 0000 - 01 . > > read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > > 0000 - 16 03 01 00 30 ....0 > > read from 00675450 [0067B4B5] (48 bytes => 48 (0x30)) > > 0000 - 75 da a7 8d 28 fb 5d c1-b5 04 0a 9e c1 00 d1 19 > u...(.]......... > > 0010 - 9f 74 ff 44 38 4b f3 57-73 e7 f4 0f d1 8b 9c a5 > .t.D8K.Ws....... > > 0020 - 92 39 22 4d 7e 78 c9 66-ff d4 48 81 8a 15 2b e1 > .9"M~x.f..H...+. > > --- > > Certificate chain > > 0 s:/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > <http://r1-ows-07.rocaf.org> > > i:/C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress= yoram@bamam.com > <mailto:yoram@bamam.com> > > 1 s:/C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > <mailto:yoram@bamam.com> > > i:/C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress= yoram@bamam.com > <mailto:yoram@bamam.com> > > --- > > Server certificate > > -----BEGIN CERTIFICATE----- > > MIIDajCCAtOgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBgzELMAkGA1UEBhMCSUwx > > DzANBgNVBAgTBklzcmFlbDEQMA4GA1UEBxMHVGVsQXZpdjERMA8GA1UEChMITmVz > > cyBMdGQxDjAMBgNVBAsTBUxNQURTMQ4wDAYDVQQDEwVZb3JhbTEeMBwGCSqGSIb3 > > DQEJARYPeW9yYW1AYmFtYW0uY29tMB4XDTA3MDMyOTEzNTE1NVoXDTA4MDMyODEz > > NTE1NVowXzELMAkGA1UEBhMCSUwxDzANBgNVBAgTBklzcmFlbDERMA8GA1UEChMI > > TmVzcyBMdGQxDjAMBgNVBAsTBUxNQURTMRwwGgYDVQQDExNyMS1vd3MtMDcucm9j > > YWYub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFEjEo4t7GSj1Zftjy > > xF7KAGoIUsFYzjo43Fh9C8mDXZ53vAmfxG5aVBn/ez8Ua0BR7UK6NNiJSQchK4lP > > v5xcFRthAx8vlbMjG2/CqaIhF6tiEO8nJ67YRoRLhrbyjbE+RQ0WGo6ZkG2kXm6a > > 9vK10PvLwuzwo3pbIFkCABOADwIDAQABo4IBDzCCAQswCQYDVR0TBAIwADAsBglg > > hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O > > BBYEFPhy2suv0tjhGBfsnoAQidETB6bjMIGwBgNVHSMEgagwgaWAFCaaPANgMqQl > > Ns5WrjOhMEXihSeioYGJpIGGMIGDMQswCQYDVQQGEwJJTDEPMA0GA1UECBMGSXNy > > YWVsMRAwDgYDVQQHEwdUZWxBdml2MREwDwYDVQQKEwhOZXNzIEx0ZDEOMAwGA1UE > > CxMFTE1BRFMxDjAMBgNVBAMTBVlvcmFtMR4wHAYJKoZIhvcNAQkBFg95b3JhbUBi > > YW1hbS5jb22CAQAwDQYJKoZIhvcNAQEEBQADgYEAiDityOTfyYVoL+aL0B83/cR9 > > DMoBX1j7PQDU8NDz/rvlf+JEb4xDep/M1muFQJwEIiAoMr/52aWF42J6++csVHpF > > vLipTs6enYc30AZLBsdR1CfJd/fnwi2sPbtOQ99puFSMgE6G16CGOsKjfRWrMT8Z > > atcJu4lbzjCDM0x6vFw> > -----END CERTIFICATE----- > > subject=/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN> r1-ows-07.rocaf.org <http://r1-ows-07.rocaf.org> > > issuer=/C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > <mailto:yoram@bamam.com> > > --- > > Acceptable client certificate CA names > > /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification > Authority > > /C=IL/ST=Israel/L=TelAviv/O=Ness > Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > <mailto:yoram@bamam.com> > > --- > > SSL handshake has read 2147 bytes and written 352 bytes > > --- > > New, TLSv1/SSLv3, Cipher is AES256-SHA > > Server public key is 1024 bit > > SSL-Session: > > Protocol : TLSv1 > > Cipher : AES256-SHA > > Session-ID: > 2292D70EB4AEAADFC283B7072294AF91D82A92DA0CD63ED57AEE8F7F26283A56 > > Session-ID-ctx: > > Master-Key: > 5D9CC7C076BF70BBAECB1BC1588E666C75EB12956F231AF9B3E2F3F4E164AF7BFEEAC912F7482E286F9C819F199FB3E1 > > > Key-Arg : None > > Krb5 Principal: None > > Start Time: 1175181192 > > Timeout : 300 (sec) > > Verify return code: 19 (self signed certificate in > certificate chain) > > --- > > > > > > > > > ------------------------------------------------------------------------ > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > <mailto:Fedora-directory-users@redhat.com> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > <https://www.redhat.com/mailman/listinfo/fedora-directory-users> > > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
On Tue, Apr 03, 2007 at 09:44:43PM +0200, Yoram Kahana wrote:> Hi Richard, > > Thanks for your answer, This is my problem, i cant see any mismatch. Do you > know of any other possibilities or ways of debug it?You can try running the openldap ldapsearch client with the "-d" argument for extra debugging goodness. See the loglevel directive in slapd.conf(5) for acceptable levels. Example truncated output from ldapsearch from package 2.2.26-5ubuntu2.2: # ldapsearch -h ldap.fqdn -ZZ -d 1 -b "" -s base -x ... TLS trace: SSL_connect:before/connect initialization TLS trace: SSL_connect:SSLv2/v3 write client hello A TLS trace: SSL_connect:SSLv3 read server hello A TLS certificate verification: depth: 1, err: 0, subject: [cert subject data removed] TLS certificate verification: depth: 0, err: 0, subject: [cert subject data removed] TLS trace: SSL_connect:SSLv3 read server certificate A TLS trace: SSL_connect:SSLv3 read server certificate request A TLS trace: SSL_connect:SSLv3 read server done A TLS trace: SSL_connect:SSLv3 write client certificate A TLS trace: SSL_connect:SSLv3 write client key exchange A TLS trace: SSL_connect:SSLv3 write change cipher spec A TLS trace: SSL_connect:SSLv3 write finished A TLS trace: SSL_connect:SSLv3 flush data TLS trace: SSL_connect:SSLv3 read finished A ... This will at least tell you what the command is really doing, and what it thinks the subject of the cert is. You should use whatever hostname is contained in the cert (either in the subject or subjectaltname fields) otherwise it''ll quite rightly reject you. If your client isn''t based on the openldap implementation, then you''ll have to debug it using a client based on whatever implementation you are using. Without knowing more about your client and ssl libraries it''s hard to suggest what might be broken in their configuration.> Thanks in advance > Yoram > > On 4/2/07, Richard Megginson <rmeggins@redhat.com> wrote: > > > >Yoram Kahana wrote: > >> Hi Richard, > >> > >> Indeed it solved one of the problems, I didnt hash the ca certificte > >> in the client side. > >> now i am getting new message > >> > >> TLS: *hostname does not match CN in peer certificate* > >> > >> ** if i understand the meaning the CN and the hostname are not > >> identical but thats not the situation now. > >> > >The CN in the server cert is CN=r1-ows-07.rocaf.org - the server is > >running on r1-ows-07.rocaf.org? > > > >The error message means there is a mismatch somewhere. > >> > >> > >> I have also tried the opensll s_client -debug -connect (the output is > >> enclosed) > >> seems that throgh the openssl it works fine, where am i wrong? > >> > >> Can you see if you have any clue > >> great thanks > >> Yoram > >> > >> > >> > >> On 3/28/07, *Richard Megginson* <rmeggins@redhat.com > >> <mailto:rmeggins@redhat.com>> wrote: > >> > >> Yoram Kahana wrote: > >> > Hi > >> > > >> > Does anyone has an idea on which format should i save the ca > >> > certificate in the clients (for SSL communication) ? > >> > Is it PEM, DER, BER > >> It depends - what client are you trying to configure? Did you see > >> this > >> - > >> > >http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients > >> > > >> > > >> > Thanks in advance > >> > > >> > Yoram > >> > > >> > >------------------------------------------------------------------------ > >> > >> > > >> > -- > >> > Fedora-directory-users mailing list > >> > Fedora-directory-users@redhat.com > >> <mailto:Fedora-directory-users@redhat.com> > >> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > >> > > >> > >> -- > >> Fedora-directory-users mailing list > >> Fedora-directory-users@redhat.com > >> <mailto:Fedora-directory-users@redhat.com> > >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > >> > >> > >> > >> ------------------------------------------------------------------------ > >> > >> > >> openssl s_client -debug -connect r1-ows-07:636 > >> CONNECTED(00000003) > >> write to 00675450 [00675F50] (142 bytes => 142 (0x8E)) > >> 0000 - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ......c... > >..9.. > >> 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 > >8..5............ > >> 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 > >..3..2../.....f. > >> 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 > >.............c.. > >> 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 > >b..a...........@ > >> 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 > >..e..d..`....... > >> 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 24 9c > >..............$. > >> 0070 - 49 e8 7b b6 bf 6a 36 4a-4a f8 04 25 d9 b8 a7 8e > >I.{..j6JJ..%.... > >> 0080 - 57 d7 67 c2 3a 6d 72 d0-d9 37 3f f5 ac 07 W.g.:mr..7?... > >> read from 00675450 [0067B4B0] (7 bytes => 7 (0x7)) > >> 0000 - 16 03 01 08 23 02 ....#. > >> 0007 - <SPACES/NULS> > >> read from 00675450 [0067B4B7] (2081 bytes => 1441 (0x5A1)) > >> 0000 - 00 46 03 01 00 28 82 f7-c8 e3 77 83 de 5f 86 53 > >.F...(....w.._.S > >> 0010 - 5d 5a 76 33 04 fe bd a6-b8 02 ee 88 c4 bd e8 6c > >]Zv3...........l > >> 0020 - 18 b9 ee f6 20 22 92 d7-0e b4 ae aa df c2 83 b7 .... > >".......... > >> 0030 - 07 22 94 af 91 d8 2a 92-da 0c d6 3e d5 7a ee 8f > >."....*....>.z.. > >> 0040 - 7f 26 28 3a 56 00 35 00-0b 00 06 dd 00 06 da 00 .&(:V.5........ > >. > >> 0050 - 03 6e 30 82 03 6a 30 82-02 d3 a0 03 02 01 02 02 > >.n0..j0......... > >> 0060 - 01 01 30 0d 06 09 2a 86-48 86 f7 0d 01 01 04 05 > >..0...*.H....... > >> 0070 - 00 30 81 83 31 0b 30 09-06 03 55 04 06 13 02 49 > >.0..1.0...U....I > >> 0080 - 4c 31 0f 30 0d 06 03 55-04 08 13 06 49 73 72 61 > >L1.0...U....Isra > >> 0090 - 65 6c 31 10 30 0e 06 03-55 04 07 13 07 54 65 6c > >el1.0...U....Tel > >> 00a0 - 41 76 69 76 31 11 30 0f-06 03 55 04 0a 13 08 4e > >Aviv1.0...U....N > >> 00b0 - 65 73 73 20 4c 74 64 31-0e 30 0c 06 03 55 04 0b ess Ltd1.0...U. > >. > >> 00c0 - 13 05 4c 4d 41 44 53 31-0e 30 0c 06 03 55 04 03 > >..LMADS1.0...U.. > >> 00d0 - 13 05 59 6f 72 61 6d 31-1e 30 1c 06 09 2a 86 48 > >..Yoram1.0...*.H > >> 00e0 - 86 f7 0d 01 09 01 16 0f-79 6f 72 61 6d 40 62 61 > >........yoram@ba > >> 00f0 - 6d 61 6d 2e 63 6f 6d 30-1e 17 0d 30 37 30 33 32 > >mam.com0...07032 > >> 0100 - 39 31 33 35 31 35 35 5a-17 0d 30 38 30 33 32 38 > >9135155Z..080328 > >> 0110 - 31 33 35 31 35 35 5a 30-5f 31 0b 30 09 06 03 55 > >135155Z0_1.0...U > >> 0120 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 > >....IL1.0...U... > >> 0130 - 06 49 73 72 61 65 6c 31-11 30 0f 06 03 55 04 0a > >.Israel1.0...U.. > >> 0140 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness Ltd1.0.. > >. > >> 0150 - 55 04 0b 13 05 4c 4d 41-44 53 31 1c 30 1a 06 03 > >U....LMADS1.0... > >> 0160 - 55 04 03 13 13 72 31 2d-6f 77 73 2d 30 37 2e 72 U....r1- > >ows-07.r > >> 0170 - 6f 63 61 66 2e 6f 72 67-30 81 9f 30 0d 06 09 2a > >ocaf.org0..0...* > >> 0180 - 86 48 86 f7 0d 01 01 01-05 00 03 81 8d 00 30 81 > >.H............0. > >> 0190 - 89 02 81 81 00 c5 12 31-28 e2 de c6 4a 3d 59 7e > >.......1(...J=Y~ > >> 01a0 - d8 f2 c4 5e ca 00 6a 08-52 c1 58 ce 3a 38 dc 58 ...^..j.R.X.: > >8.X > >> 01b0 - 7d 0b c9 83 5d 9e 77 bc-09 9f c4 6e 5a 54 19 ff > >}...].w....nZT.. > >> 01c0 - 7b 3f 14 6b 40 51 ed 42-ba 34 d8 89 49 07 21 2b {?.k@ > >Q.B.4..I.!+ > >> 01d0 - 89 4f bf 9c 5c 15 1b 61-03 1f 2f 95 b3 23 1b 6f > >.O..\..a../..#.o > >> 01e0 - c2 a9 a2 21 17 ab 62 10-ef 27 27 ae d8 46 84 4b > >...!..b..''''..F.K > >> 01f0 - 86 b6 f2 8d b1 3e 45 0d-16 1a 8e 99 90 6d a4 5e > >.....>E......m.^ > >> 0200 - 6e 9a f6 f2 b5 d0 fb cb-c2 ec f0 a3 7a 5b 20 59 n...........z[ > >Y > >> 0210 - 02 00 13 80 0f 02 03 01-00 01 a3 82 01 0f 30 82 > >..............0. > >> 0220 - 01 0b 30 09 06 03 55 1d-13 04 02 30 00 30 2c 06 > >..0...U....0.0,. > >> 0230 - 09 60 86 48 01 86 f8 42-01 0d 04 1f 16 1d 4f 70 > >.`.H...B......Op > >> 0240 - 65 6e 53 53 4c 20 47 65-6e 65 72 61 74 65 64 20 enSSL Generated > >> 0250 - 43 65 72 74 69 66 69 63-61 74 65 30 1d 06 03 55 > >Certificate0...U > >> 0260 - 1d 0e 04 16 04 14 f8 72-da cb af d2 d8 e1 18 17 > >.......r........ > >> 0270 - ec 9e 80 10 89 d1 13 07-a6 e3 30 81 b0 06 03 55 > >..........0....U > >> 0280 - 1d 23 04 81 a8 30 81 a5-80 14 26 9a 3c 03 60 32 > >.#...0....&.<.`2 > >> 0290 - a4 25 36 ce 56 ae 33 a1-30 45 e2 85 27 a2 a1 81 > >.%6.V.3.0E..''... > >> 02a0 - 89 a4 81 86 30 81 83 31-0b 30 09 06 03 55 04 06 > >....0..1.0...U.. > >> 02b0 - 13 02 49 4c 31 0f 30 0d-06 03 55 04 08 13 06 49 > >..IL1.0...U....I > >> 02c0 - 73 72 61 65 6c 31 10 30-0e 06 03 55 04 07 13 07 srael1.0...U... > >. > >> 02d0 - 54 65 6c 41 76 69 76 31-11 30 0f 06 03 55 04 0a TelAviv1.0...U. > >. > >> 02e0 - 13 08 4e 65 73 73 20 4c-74 64 31 0e 30 0c 06 03 ..Ness Ltd1.0.. > >. > >> 02f0 - 55 04 0b 13 05 4c 4d 41-44 53 31 0e 30 0c 06 03 > >U....LMADS1.0... > >> 0300 - 55 04 03 13 05 59 6f 72-61 6d 31 1e 30 1c 06 09 > >U....Yoram1.0... > >> 0310 - 2a 86 48 86 f7 0d 01 09-01 16 0f 79 6f 72 61 6d > >*.H........yoram > >> 0320 - 40 62 61 6d 61 6d 2e 63-6f 6d 82 01 00 30 0d 06 @bamam.com...0. > >. > >> 0330 - 09 2a 86 48 86 f7 0d 01-01 04 05 00 03 81 81 00 > >.*.H............ > >> 0340 - 88 38 ad c8 e4 df c9 85-68 2f e6 8b d0 1f 37 fd > >.8......h/....7. > >> 0350 - c4 7d 0c ca 01 5f 58 fb-3d 00 d4 f0 d0 f3 fe bb > >.}..._X.=....... > >> 0360 - e5 7f e2 44 6f 8c 43 7a-9f cc d6 6b 85 40 9c 04 > >...Do.Cz...k.@.. > >> 0370 - 22 20 28 32 bf f9 d9 a5-85 e3 62 7a fb e7 2c 54 " > >(2......bz..,T > >> 0380 - 7a 45 bc b8 a9 4e ce 9e-9d 87 37 d0 06 4b 06 c7 > >zE...N....7..K.. > >> 0390 - 51 d4 27 c9 77 f7 e7 c2-2d ac 3d bb 4e 43 df 69 > >Q.''.w...-.=.NC.i > >> 03a0 - b8 54 8c 80 4e 86 d7 a0-86 3a c2 a3 7d 15 ab 31 > >.T..N....:..}..1 > >> 03b0 - 3f 19 6a d7 09 bb 89 5b-ce 30 83 33 4c 7a bc 5c > >?.j....[.0.3Lz.\ > >> 03c0 - 00 03 66 30 82 03 62 30-82 02 cb a0 03 02 01 02 > >..f0..b0........ > >> 03d0 - 02 01 00 30 0d 06 09 2a-86 48 86 f7 0d 01 01 04 > >...0...*.H...... > >> 03e0 - 05 00 30 81 83 31 0b 30-09 06 03 55 04 06 13 02 > >..0..1.0...U.... > >> 03f0 - 49 4c 31 0f 30 0d 06 03-55 04 08 13 06 49 73 72 > >IL1.0...U....Isr > >> 0400 - 61 65 6c 31 10 30 0e 06-03 55 04 07 13 07 54 65 > >ael1.0...U....Te > >> 0410 - 6c 41 76 69 76 31 11 30-0f 06 03 55 04 0a 13 08 lAviv1.0...U... > >. > >> 0420 - 4e 65 73 73 20 4c 74 64-31 0e 30 0c 06 03 55 04 Ness Ltd1.0...U > >. > >> 0430 - 0b 13 05 4c 4d 41 44 53-31 0e 30 0c 06 03 55 04 > >...LMADS1.0...U. > >> 0440 - 03 13 05 59 6f 72 61 6d-31 1e 30 1c 06 09 2a 86 > >...Yoram1.0...*. > >> 0450 - 48 86 f7 0d 01 09 01 16-0f 79 6f 72 61 6d 40 62 > >H........yoram@b > >> 0460 - 61 6d 61 6d 2e 63 6f 6d-30 1e 17 0d 30 37 30 33 > >amam.com0...0703 > >> 0470 - 32 39 31 33 35 31 33 34-5a 17 0d 30 38 30 33 32 > >29135134Z..08032 > >> 0480 - 38 31 33 35 31 33 34 5a-30 81 83 31 0b 30 09 06 > >8135134Z0..1.0.. > >> 0490 - 03 55 04 06 13 02 49 4c-31 0f 30 0d 06 03 55 04 > >.U....IL1.0...U. > >> 04a0 - 08 13 06 49 73 72 61 65-6c 31 10 30 0e 06 03 55 > >...Israel1.0...U > >> 04b0 - 04 07 13 07 54 65 6c 41-76 69 76 31 11 30 0f 06 > >....TelAviv1.0.. > >> 04c0 - 03 55 04 0a 13 08 4e 65-73 73 20 4c 74 64 31 0e .U....Ness > >Ltd1. > >> 04d0 - 30 0c 06 03 55 04 0b 13-05 4c 4d 41 44 53 31 0e > >0...U....LMADS1. > >> 04e0 - 30 0c 06 03 55 04 03 13-05 59 6f 72 61 6d 31 1e > >0...U....Yoram1. > >> 04f0 - 30 1c 06 09 2a 86 48 86-f7 0d 01 09 01 16 0f 79 > >0...*.H........y > >> 0500 - 6f 72 61 6d 40 62 61 6d-61 6d 2e 63 6f 6d 30 81 oram@bamam.com0 > >. > >> 0510 - 9f 30 0d 06 09 2a 86 48-86 f7 0d 01 01 01 05 00 > >.0...*.H........ > >> 0520 - 03 81 8d 00 30 81 89 02-81 81 00 a1 9c f4 b7 8b > >....0........... > >> 0530 - 80 35 c5 b7 60 73 da bb-01 7d 33 36 74 1f 67 5d > >.5..`s...}36t.g] > >> 0540 - eb ff b5 ca 79 1a 1b 3a-9d ce da 62 4c c8 19 0b > >....y..:...bL... > >> 0550 - 80 e0 7c 4a 4f bb 8f 59-05 b7 a8 c2 ae 5b fe 7c > >..|JO..Y.....[.| > >> 0560 - 74 91 e5 cf d3 54 3b 4e-88 24 50 84 24 b2 16 d8 > >t....T;N.$P.$... > >> 0570 - 9c 1d bd 8c 31 8b d7 28-df 06 24 a8 e1 76 b7 72 > >....1..(..$..v.r > >> 0580 - ee 37 75 e2 89 84 b7 ed-51 76 2c b3 1a eb 6c 5c > >.7u.....Qv,...l\ > >> 0590 - 64 87 7d 3a 12 39 4b c0-23 fa a8 63 0e a0 77 c8 > >d.}:.9K.#..c..w. > >> 05a0 - 4d M > >> read from 00675450 [0067BA58] (640 bytes => 640 (0x280)) > >> 0000 - 9c b7 59 cc 06 a3 ad 79-6c 53 02 03 01 00 01 a3 > >..Y....ylS...... > >> 0010 - 81 e3 30 81 e0 30 1d 06-03 55 1d 0e 04 16 04 14 > >..0..0...U...... > >> 0020 - 26 9a 3c 03 60 32 a4 25-36 ce 56 ae 33 a1 30 45 > >&.<.`2.%6.V.3.0E > >> 0030 - e2 85 27 a2 30 81 b0 06-03 55 1d 23 04 81 a8 30 > >..''.0....U.#...0 > >> 0040 - 81 a5 80 14 26 9a 3c 03-60 32 a4 25 36 ce 56 ae > >....&.<.`2.%6.V. > >> 0050 - 33 a1 30 45 e2 85 27 a2-a1 81 89 a4 81 86 30 81 3.0E..''.......0 > >. > >> 0060 - 83 31 0b 30 09 06 03 55-04 06 13 02 49 4c 31 0f > >.1.0...U....IL1. > >> 0070 - 30 0d 06 03 55 04 08 13-06 49 73 72 61 65 6c 31 > >0...U....Israel1 > >> 0080 - 10 30 0e 06 03 55 04 07-13 07 54 65 6c 41 76 69 > >.0...U....TelAvi > >> 0090 - 76 31 11 30 0f 06 03 55-04 0a 13 08 4e 65 73 73 > >v1.0...U....Ness > >> 00a0 - 20 4c 74 64 31 0e 30 0c-06 03 55 04 0b 13 05 4c > >Ltd1.0...U....L > >> 00b0 - 4d 41 44 53 31 0e 30 0c-06 03 55 04 03 13 05 59 > >MADS1.0...U....Y > >> 00c0 - 6f 72 61 6d 31 1e 30 1c-06 09 2a 86 48 86 f7 0d oram1.0...*.H.. > >. > >> 00d0 - 01 09 01 16 0f 79 6f 72-61 6d 40 62 61 6d 61 6d > >.....yoram@bamam > >> 00e0 - 2e 63 6f 6d 82 01 00 30-0c 06 03 55 1d 13 04 05 > >.com...0...U.... > >> 00f0 - 30 03 01 01 ff 30 0d 06-09 2a 86 48 86 f7 0d 01 > >0....0...*.H.... > >> 0100 - 01 04 05 00 03 81 81 00-39 46 ea ff b6 f0 6f 69 > >........9F....oi > >> 0110 - e4 69 d5 bd a6 d5 86 be-a5 91 a2 53 46 75 db c6 > >.i.........SFu.. > >> 0120 - 5f 60 a1 f8 dc b2 54 27-d5 e6 d5 e1 ad d6 08 cd > >_`....T''........ > >> 0130 - 42 5a 07 e7 e3 4f 0b 45-23 47 36 98 3e b1 be 09 > >BZ...O.E#G6.>... > >> 0140 - 12 fe bc 50 e4 1a 93 6d-4a aa d5 56 f4 40 94 26 > >...P...mJ..V.@.& > >> 0150 - 69 b9 a1 21 3c 04 46 17-84 4b 96 88 1c 20 9b 9a i..!<.F..K... > >.. > >> 0160 - 5b 6d 33 d6 4d ce 64 1d-15 85 78 3c 2a 1f 33 38 [m3.M.d...x > ><*.38 > >> 0170 - 96 39 58 39 88 ba 36 cc-af ce 8c 40 fc 45 5a b1 > >.9X9..6....@.EZ. > >> 0180 - 65 ba 8c 15 24 d1 52 b6-0d 00 00 f0 02 01 02 00 > >e...$.R......... > >> 0190 - eb 00 61 30 5f 31 0b 30-09 06 03 55 04 06 13 02 > >..a0_1.0...U.... > >> 01a0 - 55 53 31 20 30 1e 06 03-55 04 0a 13 17 52 53 41 US1 > >0...U....RSA > >> 01b0 - 20 44 61 74 61 20 53 65-63 75 72 69 74 79 2c 20 Data Security, > >> 01c0 - 49 6e 63 2e 31 2e 30 2c-06 03 55 04 0b 13 25 53 Inc.1.0 > >,..U...%S > >> 01d0 - 65 63 75 72 65 20 53 65-72 76 65 72 20 43 65 72 ecure Server > >Cer > >> 01e0 - 74 69 66 69 63 61 74 69-6f 6e 20 41 75 74 68 6f tification > >Autho > >> 01f0 - 72 69 74 79 00 86 30 81-83 31 0b 30 09 06 03 55 > >rity..0..1.0...U > >> 0200 - 04 06 13 02 49 4c 31 0f-30 0d 06 03 55 04 08 13 > >....IL1.0...U... > >> 0210 - 06 49 73 72 61 65 6c 31-10 30 0e 06 03 55 04 07 > >.Israel1.0...U.. > >> 0220 - 13 07 54 65 6c 41 76 69-76 31 11 30 0f 06 03 55 > >..TelAviv1.0...U > >> 0230 - 04 0a 13 08 4e 65 73 73-20 4c 74 64 31 0e 30 0c ....Ness Ltd1.0 > >. > >> 0240 - 06 03 55 04 0b 13 05 4c-4d 41 44 53 31 0e 30 0c > >..U....LMADS1.0. > >> 0250 - 06 03 55 04 03 13 05 59-6f 72 61 6d 31 1e 30 1c > >..U....Yoram1.0. > >> 0260 - 06 09 2a 86 48 86 f7 0d-01 09 01 16 0f 79 6f 72 > >..*.H........yor > >> 0270 - 61 6d 40 62 61 6d 61 6d-2e 63 6f 6d 0e am@bamam.com. > >> 0280 - <SPACES/NULS> > >> depth=1 /C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > >> verify error:num=19:self signed certificate in certificate chain > >> verify return:0 > >> write to 00675450 [00687150] (12 bytes => 12 (0xC)) > >> 0000 - 16 03 01 00 07 0b 00 00-03 ......... > >> 000c - <SPACES/NULS> > >> write to 00675450 [00687150] (139 bytes => 139 (0x8B)) > >> 0000 - 16 03 01 00 86 10 00 00-82 00 80 37 d0 c6 7a 6b > >...........7..zk > >> 0010 - 54 18 16 df d0 6f 90 8f-b1 8a 45 45 7f 15 47 04 > >T....o....EE..G. > >> 0020 - 10 ba 23 1a f9 f7 54 50-05 ee 4c e9 79 fe 31 1a > >..#...TP..L.y.1. > >> 0030 - e2 c1 4a e9 f5 e2 b9 e1-d5 17 e6 e8 28 a9 ee 76 > >..J.........(..v > >> 0040 - b9 ce 5f 59 68 62 a3 8c-07 ee e0 0e 91 b4 df 0d > >.._Yhb.......... > >> 0050 - 71 9b ce 38 d2 4b 3d d9-c4 1f e9 74 0e 96 c5 cb > >q..8.K=....t.... > >> 0060 - d3 12 57 6c 9a 0c 3b fd-83 3a e4 fd a6 2a ee 8c > >..Wl..;..:...*.. > >> 0070 - e1 67 eb d2 11 3b 6a 03-9c a0 73 38 10 76 89 f0 > >.g...;j...s8.v.. > >> 0080 - 81 03 dd 91 4d 43 7d 99-f4 a4 b6 ....MC}.... > >> write to 00675450 [00687150] (6 bytes => 6 (0x6)) > >> 0000 - 14 03 01 00 01 01 ...... > >> write to 00675450 [00687150] (53 bytes => 53 (0x35)) > >> 0000 - 16 03 01 00 30 09 40 51-48 34 87 0b 53 20 ff 0d ....0.@QH4..S > >.. > >> 0010 - 2f 7c 96 04 a6 cc 0d bf-4a 76 b1 4e 4d bb fa 39 > >/|......Jv.NM..9 > >> 0020 - 4b 60 6e 47 3e 87 41 77-9c a2 e3 7b 1b 36 0e 9e > >K`nG>.Aw...{.6.. > >> 0030 - c6 4c 74 eb 7a .Lt.z > >> read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > >> 0000 - 14 03 01 00 01 ..... > >> read from 00675450 [0067B4B5] (1 bytes => 1 (0x1)) > >> 0000 - 01 . > >> read from 00675450 [0067B4B0] (5 bytes => 5 (0x5)) > >> 0000 - 16 03 01 00 30 ....0 > >> read from 00675450 [0067B4B5] (48 bytes => 48 (0x30)) > >> 0000 - 75 da a7 8d 28 fb 5d c1-b5 04 0a 9e c1 00 d1 19 > >u...(.]......... > >> 0010 - 9f 74 ff 44 38 4b f3 57-73 e7 f4 0f d1 8b 9c a5 > >.t.D8K.Ws....... > >> 0020 - 92 39 22 4d 7e 78 c9 66-ff d4 48 81 8a 15 2b e1 > >.9"M~x.f..H...+. > >> --- > >> Certificate chain > >> 0 s:/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > >> i:/C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > >> 1 s:/C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > >> i:/C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > >> --- > >> Server certificate > >> -----BEGIN CERTIFICATE----- > >> MIIDajCCAtOgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBgzELMAkGA1UEBhMCSUwx > >> DzANBgNVBAgTBklzcmFlbDEQMA4GA1UEBxMHVGVsQXZpdjERMA8GA1UEChMITmVz > >> cyBMdGQxDjAMBgNVBAsTBUxNQURTMQ4wDAYDVQQDEwVZb3JhbTEeMBwGCSqGSIb3 > >> DQEJARYPeW9yYW1AYmFtYW0uY29tMB4XDTA3MDMyOTEzNTE1NVoXDTA4MDMyODEz > >> NTE1NVowXzELMAkGA1UEBhMCSUwxDzANBgNVBAgTBklzcmFlbDERMA8GA1UEChMI > >> TmVzcyBMdGQxDjAMBgNVBAsTBUxNQURTMRwwGgYDVQQDExNyMS1vd3MtMDcucm9j > >> YWYub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFEjEo4t7GSj1Zftjy > >> xF7KAGoIUsFYzjo43Fh9C8mDXZ53vAmfxG5aVBn/ez8Ua0BR7UK6NNiJSQchK4lP > >> v5xcFRthAx8vlbMjG2/CqaIhF6tiEO8nJ67YRoRLhrbyjbE+RQ0WGo6ZkG2kXm6a > >> 9vK10PvLwuzwo3pbIFkCABOADwIDAQABo4IBDzCCAQswCQYDVR0TBAIwADAsBglg > >> hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O > >> BBYEFPhy2suv0tjhGBfsnoAQidETB6bjMIGwBgNVHSMEgagwgaWAFCaaPANgMqQl > >> Ns5WrjOhMEXihSeioYGJpIGGMIGDMQswCQYDVQQGEwJJTDEPMA0GA1UECBMGSXNy > >> YWVsMRAwDgYDVQQHEwdUZWxBdml2MREwDwYDVQQKEwhOZXNzIEx0ZDEOMAwGA1UE > >> CxMFTE1BRFMxDjAMBgNVBAMTBVlvcmFtMR4wHAYJKoZIhvcNAQkBFg95b3JhbUBi > >> YW1hbS5jb22CAQAwDQYJKoZIhvcNAQEEBQADgYEAiDityOTfyYVoL+aL0B83/cR9 > >> DMoBX1j7PQDU8NDz/rvlf+JEb4xDep/M1muFQJwEIiAoMr/52aWF42J6++csVHpF > >> vLipTs6enYc30AZLBsdR1CfJd/fnwi2sPbtOQ99puFSMgE6G16CGOsKjfRWrMT8Z > >> atcJu4lbzjCDM0x6vFw> >> -----END CERTIFICATE----- > >> subject=/C=IL/ST=Israel/O=Ness Ltd/OU=LMADS/CN=r1-ows-07.rocaf.org > >> issuer=/C=IL/ST=Israel/L=TelAviv/O=Ness > >Ltd/OU=LMADS/CN=Yoram/emailAddress=yoram@bamam.com > >> --- > >> Acceptable client certificate CA names > >> /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority > >> /C=IL/ST=Israel/L=TelAviv/O=Ness Ltd/OU=LMADS/CN=Yoram/emailAddress> >yoram@bamam.com > >> --- > >> SSL handshake has read 2147 bytes and written 352 bytes > >> --- > >> New, TLSv1/SSLv3, Cipher is AES256-SHA > >> Server public key is 1024 bit > >> SSL-Session: > >> Protocol : TLSv1 > >> Cipher : AES256-SHA > >> Session-ID: > >2292D70EB4AEAADFC283B7072294AF91D82A92DA0CD63ED57AEE8F7F26283A56 > >> Session-ID-ctx: > >> Master-Key: > >5D9CC7C076BF70BBAECB1BC1588E666C75EB12956F231AF9B3E2F3F4E164AF7BFEEAC912F7482E286F9C819F199FB3E1 > >> Key-Arg : None > >> Krb5 Principal: None > >> Start Time: 1175181192 > >> Timeout : 300 (sec) > >> Verify return code: 19 (self signed certificate in certificate > >chain) > >> --- > >> > >> > >> > >> ------------------------------------------------------------------------ > >> > >> -- > >> Fedora-directory-users mailing list > >> Fedora-directory-users@redhat.com > >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > >> > > > >-- > >Fedora-directory-users mailing list > >Fedora-directory-users@redhat.com > >https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > >> -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users-- Jonathan Barber High Performance Computing Analyst Tel. +44 (0) 1382 386389