ssl - Get complete certificate chain including the root certificate -

-

how complete certificate chain server? though claim one should able that openssl s_client -showcerts, turns not case.

echo | openssl s_client -capath /etc/ssl/certs -connect www.ssllabs.com:443 \                         -showcerts | grep -b2 begin depth=3 c = se, o = addtrust ab, ou = addtrust external ttp network, cn = addtrust external ca root verify return:1 depth=2 c = gb, st = greater manchester, l = salford, o = comodo ca limited, cn = comodo rsa certification authority verify return:1 depth=1 c = gb, st = greater manchester, l = salford, o = comodo ca limited, cn = comodo rsa domain validation secure server ca verify return:1 depth=0 ou = domain control validated, ou = positivessl, cn = www.ssllabs.com verify return:1  0 s:/ou=domain control validated/ou=positivessl/cn=www.ssllabs.com    i:/c=gb/st=greater manchester/l=salford/o=comodo ca limited/cn=comodo rsa domain validation secure server ca -----begin certificate----- --  1 s:/c=gb/st=greater manchester/l=salford/o=comodo ca limited/cn=comodo rsa domain validation secure server ca    i:/c=gb/st=greater manchester/l=salford/o=comodo ca limited/cn=comodo rsa certification authority -----begin certificate----- --  2 s:/c=gb/st=greater manchester/l=salford/o=comodo ca limited/cn=comodo rsa certification authority    i:/c=se/o=addtrust ab/ou=addtrust external ttp network/cn=addtrust external ca root -----begin certificate----- done

here have 3 certificates our of four. except of addtrust external ca root certificate. (possibly because not included certificate bundle. , not required. , yes, can find missing 1 @ /etc/ssl/certs)

how certificates server in automatic fashion?

you chain including builtin trusted root certificate inside verify_callback (see ssl_ctx_set_verify. small perl program can dump chain this:

#!/usr/bin/perl use strict; use warnings; use io::socket::ssl;  io::socket::ssl->new(     peerhost => 'www.google.com:443',     ssl_verify_callback => sub {         $cert = $_[4];         $subject = net::ssleay::x509_name_oneline(net::ssleay::x509_get_subject_name($cert));         $issuer  = net::ssleay::x509_name_oneline(net::ssleay::x509_get_issuer_name($cert));         print "# $subject (issuer=$issuer)\n";         print net::ssleay::pem_get_string_x509($cert),"\n";         return 1;     } ) or die $ssl_error||$!;

Comments

Post a Comment

Popular posts from this blog

ruby on rails - RuntimeError: Circular dependency detected while autoloading constant - ActiveAdmin.register Role -

-
i using activeadmin , have file doing this: activeadmin.register role something--- end however, server gives me error: runtimeerror: circular dependency detected while autoloading constant role /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:461:in `load_missing_constant' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:184:in `const_missing' ~/desktop/boxfox/app/admin/role.rb:1:in `<top (required)>' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:424:in `load' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:424:in `block in load_file' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:616:in `new_constants_in' /library/ruby/gems/2.0.0/gems/activesupport-4.0.10/lib/active_support/dependencies.rb:423:in `load_file' /library/ruby/gems/2.0.0/gems/activesuppor
Read more

c++ - OpenMP unpredictable overhead -

-
i have simple openmp code runs 4 empty threads , reports time: #include "omp.h" #include <sys/time.h> #include <cstdio> double start_time; void process_thread() { } int main(){ struct timeval tv; gettimeofday(&tv, null); start_time = 1000*((double)tv.tv_sec + 1e-6*(double)tv.tv_usec); printf("beginning time: %.3fms ",start_time-start_time); #pragma omp parallel schedule(static,1) for(int i=0;i<4;i++) process_thread(); gettimeofday(&tv, null); double cur_time = 1000*((double)tv.tv_sec + 1e-6*(double)tv.tv_usec); printf("finishing time: %.3fms\n\n",cur_time-start_time); } without openmp running time small , consistent: beginning time: 0.000ms finishing time: 0.050ms beginning time: 0.000ms finishing time: 0.050ms beginning time: 0.000ms finishing time: 0.049ms beginning time: 0.000ms finishing time: 0.049ms beginning time: 0.000ms finishing time: 0.050ms beginnin
Read more

javascript - Wordpress slider, not displayed 100% width -

-
so im making first wordpress theme scratch going fine got problem. want slider on homepage 1 thing wrong. im setting width of image 100% !important doesnt go 100% width. makes image wider not 100%. example here: http://bit.ly/11ouebg see image doesnt contain whole width. can see background-color. really weird, im using meteor slides. i hope can me out :d
Read more