Scribd Logo
Upload

Welcome to Scribd!

  • HTTPS Ltem

    Uploaded by

    Alex Barancira
    9 views20 pages
    The document details curl commands used to connect to a server and retrieve a file using TLS. It shows the client authenticating with the server certificate and experiencing issues with an untrusted certificate authority that is resolved by explicitly setting the CA certificate. The output provides debugging information on the TLS handshake and authentication process.

    Original Description:

    Original Title

    HTTPS_LTEM

    Copyright

    © © All Rights Reserved

    Available Formats

    XLSX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document details curl commands used to connect to a server and retrieve a file using TLS. It shows the client authenticating with the server certificate and experiencing issues with an untrusted certificate authority that is resolved by explicitly setting the CA certificate. The output provides debugging information on the TLS handshake and authentication process.

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as xlsx, pdf, or txt
    9 views20 pages

    HTTPS Ltem

    Uploaded by

    Alex Barancira
    The document details curl commands used to connect to a server and retrieve a file using TLS. It shows the client authenticating with the server certificate and experiencing issues with an untrusted certificate authority that is resolved by explicitly setting the CA certificate. The output provides debugging information on the TLS handshake and authentication process.

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as xlsx, pdf, or txt
    of 20

    https://10.139.48.

    4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c
    Debit
    Latence
    Coverage

    100 6830k 100 6830k 0 0 33528 0 0:03:28 0:03:28 --:--:-- 36118


    262,692307692308Kbits
    root@EPW8DS6:/home/ab5b76cn/Desktop# curl --cacert /home/ab5b76cn/Desktop/Alexandre/ --cert /home/ab5b76cn/
    AC_enedis/ Certificats_Ibis/
    root@EPW8DS6:/home/ab5b76cn/Desktop# curl --cacert /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONLYMA
    Enter PEM pass phrase:
    curl: (60) SSL certificate problem: unable to get local issuer certificate
    More details here: https://curl.haxx.se/docs/sslcerts.html

    curl failed to verify the legitimacy of the server and therefore could not
    establish a secure connection to it. To learn more about this situation and
    how to fix it, please visit the web page mentioned above.
    root@EPW8DS6:/home/ab5b76cn/Desktop# curl -v -k --cacert /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONL
    * Trying 10.139.48.4...
    * TCP_NODELAY set
    * Connected to 10.139.48.4 (10.139.48.4) port 14443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    Enter PEM pass phrase:
    * successfully set certificate verify locations:
    * CAfile: /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONLYMASTERACRACINECOMPTAGEV1.pem
    CApath: /etc/ssl/certs
    * TLSv1.3 (OUT), TLS handshake, Client hello (1):
    * TLSv1.3 (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Request CERT (13):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Certificate (11):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS handshake, CERT verify (15):
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    * SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
    * ALPN, server did not agree to a protocol
    * Server certificate:
    * subject: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=zhl01162
    * start date: Jan 16 15:53:30 2018 GMT
    * expire date: Jan 16 15:53:30 2022 GMT
    * issuer: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=TEST ONLY MASTER AC CHA
    * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
    > GET /archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c HTTP/1.1
    > Host: 10.139.48.4:14443
    > User-Agent: curl/7.61.0
    > Accept: */*
    >
    < HTTP/1.1 200 OK
    < Date: Fri, 05 Jul 2019 09:04:41 GMT
    < Server: Apache/2.2.15 (Red Hat)
    < Last-Modified: Mon, 28 Jan 2019 14:41:24 GMT
    < ETag: "20043-6abb66-58085abbfe2d8"
    < Accept-Ranges: bytes
    < Content-Length: 6994790
    < Connection: close
    < Content-Type: text/plain; charset=UTF-8
    <
    Warning: Binary output can mess up your terminal. Use "--output -" to tell
    Warning: curl to output it to your terminal anyway, or consider "--output
    Warning: <FILE>" to save to a file.
    * Failed writing body (0 != 16384)
    * stopped the pause stream!
    * Closing connection 0
    * TLSv1.2 (OUT), TLS alert, Client hello (1):
    root@EPW8DS6:/home/ab5b76cn/Desktop# curl -v -k --cacert /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONL
    * Trying 10.139.48.4...
    * TCP_NODELAY set
    % Total % Received % Xferd Average Speed Time Time Time Current
    Dload Upload Total Spent Left Speed
    0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to 10.139.48.4 (10.139.48.4) port 14443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    Enter PEM pass phrase:
    * successfully set certificate verify locations:
    * CAfile: /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONLYMASTERACRACINECOMPTAGEV1.pem
    CApath: /etc/ssl/certs
    } [5 bytes data]
    * TLSv1.3 (OUT), TLS handshake, Client hello (1):
    } [512 bytes data]
    0 0 0 0 0 0 0 0 --:--:-- 0:00:05 --:--:-- 0* TLSv1.3 (IN), TLS handshake, Server hello (2):
    { [89 bytes data]
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    { [967 bytes data]
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    { [148 bytes data]
    * TLSv1.2 (IN), TLS handshake, Request CERT (13):
    { [319 bytes data]
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    { [4 bytes data]
    * TLSv1.2 (OUT), TLS handshake, Certificate (11):
    } [930 bytes data]
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    } [70 bytes data]
    * TLSv1.2 (OUT), TLS handshake, CERT verify (15):
    } [80 bytes data]
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    } [1 bytes data]
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    } [16 bytes data]
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    { [16 bytes data]
    * SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
    * ALPN, server did not agree to a protocol
    * Server certificate:
    * subject: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=zhl01163
    * start date: Jan 16 15:53:30 2018 GMT
    * expire date: Jan 16 15:53:30 2022 GMT
    * issuer: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=TEST ONLY MASTER AC CHA
    * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
    } [5 bytes data]
    > GET /archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c HTTP/1.1
    > Host: 10.139.48.4:14443
    > User-Agent: curl/7.61.0
    > Accept: */*
    >
    { [5 bytes data]
    < HTTP/1.1 200 OK
    < Date: Fri, 05 Jul 2019 09:05:05 GMT
    < Server: Apache/2.2.15 (Red Hat)
    < Last-Modified: Mon, 28 Jan 2019 14:41:23 GMT
    < ETag: "20043-6abb66-58085abb9cf01"
    < Accept-Ranges: bytes
    < Content-Length: 6994790
    < Connection: close
    < Content-Type: text/plain; charset=UTF-8
    <
    { [5 bytes data]
    100 6830k 100 6830k 0 0 32642 0 0:03:34 0:03:34 --:--:-- 32156
    * Closing connection 0
    } [5 bytes data]
    * TLSv1.2 (OUT), TLS alert, Client hello (1):
    } [2 bytes data]
    root@EPW8DS6:/home/ab5b76cn/Desktop# curl -v -k --cacert /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONL
    * Trying 10.139.48.4...
    * TCP_NODELAY set
    % Total % Received % Xferd Average Speed Time Time Time Current
    Dload Upload Total Spent Left Speed
    0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to 10.139.48.4 (10.139.48.4) port 14443 (#0)
    0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* ALPN, offering h2
    * ALPN, offering http/1.1
    Enter PEM pass phrase:
    * successfully set certificate verify locations:
    * CAfile: /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONLYMASTERACRACINECOMPTAGEV1.pem
    CApath: /etc/ssl/certs
    } [5 bytes data]
    * TLSv1.3 (OUT), TLS handshake, Client hello (1):
    } [512 bytes data]
    0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0* TLSv1.3 (IN), TLS handshake, Server hello (2):
    { [89 bytes data]
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    { [968 bytes data]
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    { [148 bytes data]
    * TLSv1.2 (IN), TLS handshake, Request CERT (13):
    { [319 bytes data]
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    { [4 bytes data]
    * TLSv1.2 (OUT), TLS handshake, Certificate (11):
    } [930 bytes data]
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    } [70 bytes data]
    * TLSv1.2 (OUT), TLS handshake, CERT verify (15):
    } [78 bytes data]
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    } [1 bytes data]
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    } [16 bytes data]
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    { [16 bytes data]
    * SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
    * ALPN, server did not agree to a protocol
    * Server certificate:
    * subject: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=zhl01162
    * start date: Jan 16 15:53:30 2018 GMT
    * expire date: Jan 16 15:53:30 2022 GMT
    * issuer: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=TEST ONLY MASTER AC CHA
    * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
    } [5 bytes data]
    > GET /archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c HTTP/1.1
    > Host: 10.139.48.4:14443
    > User-Agent: curl/7.61.0
    > Accept: */*
    >
    { [5 bytes data]
    < HTTP/1.1 200 OK
    < Date: Fri, 05 Jul 2019 09:09:03 GMT
    < Server: Apache/2.2.15 (Red Hat)
    < Last-Modified: Mon, 28 Jan 2019 14:41:24 GMT
    < ETag: "20043-6abb66-58085abbfe2d8"
    < Accept-Ranges: bytes
    < Content-Length: 6994790
    < Connection: close
    < Content-Type: text/plain; charset=UTF-8
    <
    { [5 bytes data]
    100 6830k 100 6830k 0 0 33528 0 0:03:28 0:03:28 --:--:-- 36118
    * Closing connection 0
    } [5 bytes data]
    * TLSv1.2 (OUT), TLS alert, Client hello (1):

    --- 10.139.48.4 ping statistics ---


    437 packets transmitted, 437 received, 0% packet loss, time 1120ms
    rtt min/avg/max/mdev = 44.571/109.994/551.966/66.078 ms
    Serveur PEM
    password

    Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn

    ACINECOMPTAGEV1.pem --cert /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS

    RACRACINECOMPTAGEV1.pem --cert /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/EN


    RACRACINECOMPTAGEV1.pem --cert /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/EN
    RACRACINECOMPTAGEV1.pem --cert /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/EN
    5.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261

    522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0

    4016522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENE


    4016522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENE
    4016522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENE
    ENEDIS0582114016522261C066902D15.key https://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb8398

    dre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.key https://10.139.48.4:14443/ar

    exandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.key https://10.139.48.4:144
    exandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.key https://10.139.48.4:144
    exandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.key https://10.139.48.4:144
    c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c

    ttps://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c

    key https://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c
    key https://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c --outpu
    key https://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c --outpu
    960f69181077c

    14f6960f69181077c
    14f6960f69181077c --output /tmp/X
    14f6960f69181077c --output /tmp/X

    You might also like