[squid-users] ssl cert wiki

Yuri Voinov yvoinov at gmail.com
Mon Jan 12 11:05:39 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Yep, openssl is ok and works.

12.01.2015 17:02, HackXBack пишет:
> openssl s_client -connect facebook.com:443 -CApath /var/squid/ssl_db/certs
> CONNECTED(00000003)
> depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
High
> Assurance EV Root CA
> verify return:1
> depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert
High
> Assurance CA-3
> verify return:1
> depth=0 C = US, ST = CA, L = Menlo Park, O = "Facebook, Inc.", CN =
> *.facebook.com
> verify return:1
> ---
> Certificate chain
>  0 s:/C=US/ST=CA/L=Menlo Park/O=Facebook, Inc./CN=*.facebook.com
>    i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance
> CA-3
>  1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance
> CA-3
>    i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High
Assurance EV
> Root CA
> ---
> Server certificate
> -----BEGIN CERTIFICATE-----
> MIIFOzCCBCOgAwIBAgIQAXFSvMdg7cYV3Y5PV8hsDzANBgkqhkiG9w0BAQUFADBm
> MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
> d3cuZGlnaWNlcnQuY29tMSUwIwYDVQQDExxEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
> ZSBDQS0zMB4XDTE0MDgyODAwMDAwMFoXDTE1MTAyODEyMDAwMFowYTELMAkGA1UE
> BhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpNZW5sbyBQYXJrMRcwFQYDVQQK
> Ew5GYWNlYm9vaywgSW5jLjEXMBUGA1UEAwwOKi5mYWNlYm9vay5jb20wWTATBgcq
> hkjOPQIBBggqhkjOPQMBBwNCAATY0d01veJZtvubH1QVjNu/Tli9R764EPwi6dKe
> mPhJKiX7lEbkQpmEUBxfAf0UJTFcTtlk/cUMs0bSobxwtIeOo4ICszCCAq8wHwYD
> VR0jBBgwFoAUUOpzidsp+xCPnuUBINTeeZlIg/cwHQYDVR0OBBYEFEMJk0D6EUsw
> M+zyh26NcRjPiryOMIIBCgYDVR0RBIIBATCB/oIOKi5mYWNlYm9vay5jb22CDGZh
> Y2Vib29rLmNvbYILKi5mYnNieC5jb22CCyouZmJjZG4ubmV0gg4qLnh4LmZiY2Ru
> Lm5ldIIOKi54eS5mYmNkbi5uZXSCBmZiLmNvbYIIKi5mYi5jb22CGCouZmFjZWJv
> b2tjb3Jld3d3aS5vbmlvboIWZmFjZWJvb2tjb3Jld3d3aS5vbmlvboIWZmJjZG4y
> M2Rzc3IzanFucS5vbmlvboIWZmJzYngycTRtdmNsNjNwdy5vbmlvboIQKi5tLmZh
> Y2Vib29rLmNvbYIPKi5tZXNzZW5nZXIuY29tgg1tZXNzZW5nZXIuY29tMA4GA1Ud
> DwEB/wQEAwIDiDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwYQYDVR0f
> BFowWDAqoCigJoYkaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL2NhMy1nMjkuY3Js
> MCqgKKAmhiRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vY2EzLWcyOS5jcmwwQgYD
> VR0gBDswOTA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cu
> ZGlnaWNlcnQuY29tL0NQUzB7BggrBgEFBQcBAQRvMG0wJAYIKwYBBQUHMAGGGGh0
> dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBFBggrBgEFBQcwAoY5aHR0cDovL2NhY2Vy
> dHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUNBLTMuY3J0MAwG
> A1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEFBQADggEBAJLCX8dGEOeYrtzO+3yobUf+
> 2sRpf5JnDPYs/D583ZDvIR2CC1j6BEZu7s0t8F3UwmZyFtYX+oF0eXTk5CK3LPOl
> WBEkO0qefB5vuHir2Iwdi3ojSg9FUHNNTKb2nOCv9tIvtSz0ME2J2mGnIQhYjV6i
> TnyRl2XAxGHej1uxpFhlHVwom7Bh/jliZGxqsB8s5NDMPByuYFO9lzT9THFvkhab
> fCYW/jVGQ7GYVR0xbAXERppKvYAHtuCpoBx26tx/ecO9cG36dGzqSjUefAHqmJML
> eSM0nWdjg8K5LolKyUKrrtBRYUIq9DGkROr9LAftTCKs8RZ40Ge3iV/0POlr6FI=
> -----END CERTIFICATE-----
> subject=/C=US/ST=CA/L=Menlo Park/O=Facebook, Inc./CN=*.facebook.com
> issuer=/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance
> CA-3
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 3458 bytes and written 434 bytes
> ---
> New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-GCM-SHA256
> Server public key is 256 bit
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> SSL-Session:
>     Protocol  : TLSv1.2
>     Cipher    : ECDHE-ECDSA-AES128-GCM-SHA256
>     Session-ID:
> 7889C9EF07503180C1460C0FED8AD06672776F9E89CE7246B932EF762B64116A
>     Session-ID-ctx:
>     Master-Key:
>
1B524B777BFC4D636D9C0A2BE1A89E58EB50B7C3B405CA4E0BF575B9119AD6CD858C0DD2B1ADC6AB617361CA29CC0938
>     Key-Arg   : None
>     PSK identity: None
>     PSK identity hint: None
>     SRP username: None
>     TLS session ticket lifetime hint: 86000 (seconds)
>     TLS session ticket:
>     0000 - 70 3b 0a 20 10 0d 49 b8-dc d4 e7 d6 60 9e 86 49   p;.
> ..I.....`..I
>     0010 - f3 28 e5 e5 e5 5a fd d6-43 54 88 7f b5 52 24 30 
> .(...Z..CT...R$0
>     0020 - 93 ea 69 3c 67 56 1d 74-ac b6 f2 b9 af 9e 44 ea 
> ..i<gV.t......D.
>     0030 - 1e a1 83 73 bb 77 1b 0d-9f 25 f4 bc 28 cf e8 0b 
> ...s.w...%..(...
>     0040 - bb b1 bc 24 0a c2 eb b2-27 e2 e1 e2 63 c3 ee d5 
> ...$....'...c...
>     0050 - 84 84 d0 a1 1c 65 e4 ae-11 11 56 66 24 81 30 7c 
> .....e....Vf$.0|
>     0060 - 5e 4f 02 f4 88 b1 e8 be-c9 ef 29 77 c7 ea 65 16 
> ^O........)w..e.
>     0070 - dd 6b 58 2a 2c 12 f3 2e-39 1e 85 e9 41 43 54 9b 
> .kX*,...9...ACT.
>     0080 - 5c e1 f1 81 0d 85 6d e5-a1 4d dc 19 91 d1 51 c3 
> \.....m..M....Q.
>     0090 - 1b 8c e9 de 16 39 cb 10-ec 23 75 8c 41 d1 33 55 
> .....9...#u.A.3U
>     00a0 - 19 ff 10 4b bf 26 f1 4d-ff 3d 57 94 1a b8 07 3c 
> ...K.&.M.=W....<
>
>     Start Time: 1421085813
>     Timeout   : 300 (sec)
>     Verify return code: 0 (ok)
> ---
>
>
>
>
> --
> View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/ssl-cert-wiki-tp4669016p4669029.html
> Sent from the Squid - Users mailing list archive at Nabble.com.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBAgAGBQJUs6qDAAoJENNXIZxhPexGclQH/2gg5FGwO1hiFB8r+gCrk2vr
Vyz6tDX3wecDsQM/IZQnvmp04q6t+3cghIb8kTUo8sUnx2yMOoj+Xe9G333lrAgI
P9SE85uqGCtAWDMezSwSCqtaB7q1NUefmQGB73DdGOKzzm7tW+frCop6qbdK0rF9
SSWrc3C2ezIACOa7X3I185LLsUBkDEIylBcxEDf1g+bDo6LCK58NxOejOjeL9do6
Y7Kz4sANs4d2m29NCW4dc5fpqoR/lBIQJe+7fqJPyl1/PFJATnSpUkKiBy/MG6/H
a7IKtWam+w6sAtj4qBIdm1SUG8oKBoONjWFsxE47NuL3xFc22mmzUoE3DZFVcYA=
=W3Y2
-----END PGP SIGNATURE-----



More information about the squid-users mailing list