Code:
- $
- openssl s_client -connect suppliers.redacted.com:443
- CONNECTED(00000003)
- depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 High Assurance Server CA
- verify error:num=20:unable to get local issuer certificate
- ---
- Certificate chain
- 0 s:/C=US/ST=Michigan/L=Grand Rapids/O=redacted Inc./CN=*.redacted.com
- i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
- 1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
- i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
- ---
- Server certificate
- -----BEGIN CERTIFICATE-----
- redacted
- -----END CERTIFICATE-----
- subject=/C=US/ST=Michigan/L=Grand Rapids/O=redacted Inc./CN=*.redacted.com
- issuer=/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
- ---
- Acceptable client certificate CA names
- /C=US/O=redacted Inc./CN=redacted Global Root CA v3
- /C=US/O=redacted Inc./CN=redacted Global Root CA v4
- /C=US/ST=CA/L=Santa Clara/O=www.zscaler.com/OU=Zscaler Inc./CN=Zscaler
- /CN=redacted Global Root CA v5
- /C=US/ST=California/L=Sunnyvale/O=Zscaler Inc./OU=zscaler.net/CN=Zscaler Inc. Root CA/emailAddress=support@zscaler.com
- /C=US/ST=Mi/L=Grand Rapids/O=redacted Inc./OU=scs/CN=grrapxfa01_root
- /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
- /C=US/O=GeoTrust Inc./OU=(c) 2008 GeoTrust Inc. - For authorized use only/CN=GeoTrust Primary Certification Authority - G3
- /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA
- /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
- /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2008 VeriSign, Inc. - For authorized use only/CN=VeriSign Universal Root Cer
- tification Authority
- /C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
- /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Pri
- mary Certification Authority - G5
- /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
- /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
- /OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
- /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root
- /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
- /C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
- /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
- /C=US/O=Entrust, Inc./OU=www.entrust.net/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Au
- thority
- /C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
- /O=Digital Signature Trust Co./CN=DST Root CA X3
- /C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
- /C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2008 thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
- - G3
- /C=US/O=redacted Inc./OU=D16/CN=sapd16db.redacted.net
- /C=DE/O=SAP Trust Community/OU=SAP Web AS/OU=I0020264903/CN=sapd0221.redacted.net
- /CN=grrapiap538.na.redacted.net
- /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Root Certificate Authority 2010
- /O=Symantec Corporation/CN=Symantec Root CA
- /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Root Certificate Authority 2011
- /OU=Copyright (c) 1997 Microsoft Corp./OU=Microsoft Corporation/CN=Microsoft Root Authority
- /C=US/O=Symantec Corporation/CN=Symantec Root 2005 CA
- /DC=com/DC=microsoft/CN=Microsoft Root Certificate Authority
- /C=US/ST=NY/L=New York/O=DesignTex/OU=IS/CN=secapiap03
- /C=DE/O=SAP Trust Community/OU=SAP Web AS/OU=I0020264903/CN=sapd02.redacted.com
- /C=DE/O=SAP Trust Community/OU=SAP Web AS/OU=I0020882513/CN=sapd1721.redacted.net
- /O=app-server/OU=ssl-enabled-server/CN=localhost
- /CN=NT AUTHORITY
- Client Certificate Types: RSA sign, DSA sign, ECDSA sign
- Requested Signature Algorithms: RSA+SHA512:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1
- Shared Requested Signature Algorithms: RSA+SHA512:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:D
- SA+SHA1
- Peer signing digest: SHA1
- Server Temp Key: ECDH, P-521, 521 bits
- ---
- SSL handshake has read 7488 bytes and written 568 bytes
- ---
- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384
- Server public key is 2048 bit
- Secure Renegotiation IS supported
- Compression: NONE
- Expansion: NONE
- No ALPN negotiated
- SSL-Session:
- Protocol : TLSv1.2
- Cipher : ECDHE-RSA-AES256-SHA384
- Session-ID: 6F030000677FBA526FE31449C56B48956CC07C3F96818E5AF7805C98A58D6C10
- Session-ID-ctx:
- Master-Key: 6184B0A67907BF4BDA621827AEE2D1EBC1A8F1609B95B1D5ACB0D8CF0A28E9C607F7C32E0198CFE51EBB3CCAD14958DD
- Key-Arg : None
- PSK identity: None
- PSK identity hint: None
- SRP username: None
- Start Time: 1568674481
- Timeout : 300 (sec)
- Verify return code: 20 (unable to get local issuer certificate)
- ---
-
|
|