[Net-ssleay-devel] Re: Net::SSLeay question
sampo at symlabs.com
sampo at symlabs.com
Thu Sep 14 19:56:22 UTC 2006
I take it that you are not reporting any bug. I do not any more
have resources to provide end user support - in fact I have
passed the project maintainership on.
You can try
http://alioth.debian.org/projects/net-ssleay/
net-ssleay-devel at lists.alioth.debian.org
which is the new home of the project (and, yes, it is very much alive).
Cheers,
--Sampo
Mark Terry writes:
> Sorry for troubling you, I have a question regarding Net::SSLeay:
>
> with "openssl s_client -connect 123.123.123.123.:443 < /dev/null" you
> receive the following response:
>
> depth=1 /CN=NTA Monitor
> verify error:num=19:self signed certificate in certificate chain
> verify return:0
> DONE
> CONNECTED(00000003)
> ---
> Certificate chain
> 0 s:/CN=neon.nta-monitor.com
> i:/CN=NTA Monitor
> 1 s:/CN=NTA Monitor
> i:/CN=NTA Monitor
> ---
> Server certificate
> -----BEGIN CERTIFICATE-----
> MIIDVDCCAjygAwIBAgIBATANBgkqhkiG9w0BAQQFADAWMRQwEgYDVQQDEwtOVEEg
> TW9uaXRvcjAeFw0wNjA1MDcyMDUxMTFaFw0xNjA1MDQyMDUxMTFaMB8xHTAbBgNV
> BAMTFG5lb24ubnRhLW1vbml0b3IuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
> MIIBCgKCAQEAw518G6xfaA+0lu6szLWGVqk+KF6iwnFug3qah1nhIR2xi7bkTBbC
> I9F4pKblY8+rsNfV60iRpOR4RcR3zLKUhJ9DHK6qRcUgc0dM7gHVcpOzXWQ6mZKM
> 6GCmPxdPOiaVflPPQfL1WN+vY0Avadkj4iYTULHJYF38sc0mEDMrkN5i+w1HLGeK
> rtfvC9+LakycGJT4mththOURGjbHa3bG0u6GXDZuENO4Ewy2xbxgPe/IbfYmqzEj
> 4xaWSWO1oOia1CzqhRcNQBitBHJcJME9VrQzrmJAa6z4D6Dq/wLZY1TBf757+ox9
> UsrJvsVcXMdggO2XLoBiDFwF/ZEjC0VEpwIDAQABo4GjMIGgMAkGA1UdEwQCMAAw
> LAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0G
> A1UdDgQWBBQ97mk/izv4CRo05zYG5Grn9tyRYTBGBgNVHSMEPzA9gBTEACpJFXeB
> SdNdPnmVxQQ4oQnflKEapBgwFjEUMBIGA1UEAxMLTlRBIE1vbml0b3KCCQCQhsVS
> 4XpAhjANBgkqhkiG9w0BAQQFAAOCAQEAoKT7cgVFx7VNbMhDAEloVFJpNymvwdwE
> hYRSSbZDNl5WJAdhW0Hgx2WCQGiPr/wRaUPgNU/63NJ+aPpJ6d9SantPXOFazZys
> Lg77zOMoqPeSy6xGDhExyw5NQIRIAHvb3PkJcbnZrg7HB+7GyEZh6PNd8RB8ff1H
> 8rq0u1RSdZxGoFhPoAbjlVun92cM0et9vu0OqTFpA4qdFNjphWy5jBYj1Yu0mYKm
> LFFwX8xdeS6DhF5HVcVddkgPZPesfEM852Gj7yGkIecQJm/jtetlaarl+v3/UyoB
> rdVcJ4KAIs1F4wHxXIeYts9cxeRQcjVn6gbttIwDBC17Icu6iHvdwQ==
> -----END CERTIFICATE-----
> subject=/CN=neon.nta-monitor.com
> issuer=/CN=NTA Monitor
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 2361 bytes and written 340 bytes
> ---
> New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
> Server public key is 2048 bit
> SSL-Session:
> Protocol : TLSv1
> Cipher : DHE-RSA-AES256-SHA
> Session-ID:
> B81B40B607A06B832BE2F0D3521C00DAD33B7DFAB9B3935C78A7E6EAEA6358F1
> Session-ID-ctx:
> Master-Key:
> 8ABDCAC29FBCA7FD4270F44D4814DD4B2B9B977C0C492F454ECC21DC9D2F4F13104F414E1F
> EDBED819B5B01EECB393A7
> Key-Arg : None
> Start Time: 1158153666
> Timeout : 300 (sec)
> Verify return code: 19 (self signed certificate in certificate chain)
> ---
>
> How do I go about getting the "Protocol : TLSv1" value with Net::SSLeay?
>
> I was thinking that it would be the following openssl fucntion:
>
> char *SSL_CIPHER_get_version(SSL_CIPHER *cipher);
>
> Returns a string like ``TLSv1/SSLv3'' or ``SSLv2'' which indicates
> the SSL/TLS protocol version to which cipher belongs (i.e. where it was
> defined in the specification the first time).
>
> Any help would be great, thanks.
>
> --
> Mark Terry
>
> Research and Development
> NTA Monitor Ltd
> 14 Ashford House,
> Beaufort Court,
> Medway City Estate,
> Rochester,
> Kent ME2 4FA, UK
>
> Email: mark.terry at nta-monitor.com
> WWW: http://www.nta-monitor.com
__________________________________________________________________
Sym | Sampo Kellomaki ______| Identity Architect, Federated SSO
____ | +351-918.731.007 ______| Liberty ID-WSF DirectoryScript
labs | skype: sampo.kellomaki | LDAP SOAP PlainDoc Crypto C Perl
More information about the Net-ssleay-devel
mailing list