Scribd
Upload
33 views

HTTPS Ltem

The document details curl commands used to connect to a server and retrieve a file using TLS. It shows the client authenticating with the server certificate and experiencing issues with an untrusted certificate authority that is resolved by explicitly setting the CA certificate. The output provides debugging information on the TLS handshake and authentication process.

Uploaded by

Alex Barancira
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
33 views

HTTPS Ltem

The document details curl commands used to connect to a server and retrieve a file using TLS. It shows the client authenticating with the server certificate and experiencing issues with an untrusted certificate authority that is resolved by explicitly setting the CA certificate. The output provides debugging information on the TLS handshake and authentication process.

Uploaded by

Alex Barancira
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 20

https://10.139.48.

4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c
Debit
Latence
Coverage

100 6830k 100 6830k 0 0 33528 0 0:03:28 0:03:28 --:--:-- 36118


262,692307692308Kbits
root@EPW8DS6:/home/ab5b76cn/Desktop# curl --cacert /home/ab5b76cn/Desktop/Alexandre/ --cert /home/ab5b76cn/
AC_enedis/ Certificats_Ibis/
root@EPW8DS6:/home/ab5b76cn/Desktop# curl --cacert /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONLYMA
Enter PEM pass phrase:
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
root@EPW8DS6:/home/ab5b76cn/Desktop# curl -v -k --cacert /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONL
* Trying 10.139.48.4...
* TCP_NODELAY set
* Connected to 10.139.48.4 (10.139.48.4) port 14443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
Enter PEM pass phrase:
* successfully set certificate verify locations:
* CAfile: /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONLYMASTERACRACINECOMPTAGEV1.pem
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS handshake, CERT verify (15):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=zhl01162
* start date: Jan 16 15:53:30 2018 GMT
* expire date: Jan 16 15:53:30 2022 GMT
* issuer: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=TEST ONLY MASTER AC CHA
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET /archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c HTTP/1.1
> Host: 10.139.48.4:14443
> User-Agent: curl/7.61.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Fri, 05 Jul 2019 09:04:41 GMT
< Server: Apache/2.2.15 (Red Hat)
< Last-Modified: Mon, 28 Jan 2019 14:41:24 GMT
< ETag: "20043-6abb66-58085abbfe2d8"
< Accept-Ranges: bytes
< Content-Length: 6994790
< Connection: close
< Content-Type: text/plain; charset=UTF-8
<
Warning: Binary output can mess up your terminal. Use "--output -" to tell
Warning: curl to output it to your terminal anyway, or consider "--output
Warning: <FILE>" to save to a file.
* Failed writing body (0 != 16384)
* stopped the pause stream!
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, Client hello (1):
root@EPW8DS6:/home/ab5b76cn/Desktop# curl -v -k --cacert /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONL
* Trying 10.139.48.4...
* TCP_NODELAY set
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to 10.139.48.4 (10.139.48.4) port 14443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
Enter PEM pass phrase:
* successfully set certificate verify locations:
* CAfile: /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONLYMASTERACRACINECOMPTAGEV1.pem
CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
0 0 0 0 0 0 0 0 --:--:-- 0:00:05 --:--:-- 0* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [89 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [967 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [148 bytes data]
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
{ [319 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
} [930 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS handshake, CERT verify (15):
} [80 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=zhl01163
* start date: Jan 16 15:53:30 2018 GMT
* expire date: Jan 16 15:53:30 2022 GMT
* issuer: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=TEST ONLY MASTER AC CHA
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
} [5 bytes data]
> GET /archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c HTTP/1.1
> Host: 10.139.48.4:14443
> User-Agent: curl/7.61.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200 OK
< Date: Fri, 05 Jul 2019 09:05:05 GMT
< Server: Apache/2.2.15 (Red Hat)
< Last-Modified: Mon, 28 Jan 2019 14:41:23 GMT
< ETag: "20043-6abb66-58085abb9cf01"
< Accept-Ranges: bytes
< Content-Length: 6994790
< Connection: close
< Content-Type: text/plain; charset=UTF-8
<
{ [5 bytes data]
100 6830k 100 6830k 0 0 32642 0 0:03:34 0:03:34 --:--:-- 32156
* Closing connection 0
} [5 bytes data]
* TLSv1.2 (OUT), TLS alert, Client hello (1):
} [2 bytes data]
root@EPW8DS6:/home/ab5b76cn/Desktop# curl -v -k --cacert /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONL
* Trying 10.139.48.4...
* TCP_NODELAY set
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to 10.139.48.4 (10.139.48.4) port 14443 (#0)
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* ALPN, offering h2
* ALPN, offering http/1.1
Enter PEM pass phrase:
* successfully set certificate verify locations:
* CAfile: /home/ab5b76cn/Desktop/Alexandre/AC_enedis/TESTONLYMASTERACRACINECOMPTAGEV1.pem
CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [89 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [968 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [148 bytes data]
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
{ [319 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
} [930 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS handshake, CERT verify (15):
} [78 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=zhl01162
* start date: Jan 16 15:53:30 2018 GMT
* expire date: Jan 16 15:53:30 2022 GMT
* issuer: C=FR; O=TEST ONLY MASTER ENEDIS; OU=TEST ONLY MASTER 0002 444608442; CN=TEST ONLY MASTER AC CHA
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
} [5 bytes data]
> GET /archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c HTTP/1.1
> Host: 10.139.48.4:14443
> User-Agent: curl/7.61.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200 OK
< Date: Fri, 05 Jul 2019 09:09:03 GMT
< Server: Apache/2.2.15 (Red Hat)
< Last-Modified: Mon, 28 Jan 2019 14:41:24 GMT
< ETag: "20043-6abb66-58085abbfe2d8"
< Accept-Ranges: bytes
< Content-Length: 6994790
< Connection: close
< Content-Type: text/plain; charset=UTF-8
<
{ [5 bytes data]
100 6830k 100 6830k 0 0 33528 0 0:03:28 0:03:28 --:--:-- 36118
* Closing connection 0
} [5 bytes data]
* TLSv1.2 (OUT), TLS alert, Client hello (1):

--- 10.139.48.4 ping statistics ---


437 packets transmitted, 437 received, 0% packet loss, time 1120ms
rtt min/avg/max/mdev = 44.571/109.994/551.966/66.078 ms
Serveur PEM
password

Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn

ACINECOMPTAGEV1.pem --cert /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS

RACRACINECOMPTAGEV1.pem --cert /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/EN


RACRACINECOMPTAGEV1.pem --cert /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/EN
RACRACINECOMPTAGEV1.pem --cert /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/EN
5.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261

522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENEDIS0

4016522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENE


4016522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENE
4016522261C066902D15/ENEDIS0582114016522261C066902D15.crt --key /home/ab5b76cn/Desktop/Alexandre/Certificats_Ibis/ENE
ENEDIS0582114016522261C066902D15.key https://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb8398

dre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.key https://10.139.48.4:14443/ar

exandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.key https://10.139.48.4:144
exandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.key https://10.139.48.4:144
exandre/Certificats_Ibis/ENEDIS0582114016522261C066902D15/ENEDIS0582114016522261C066902D15.key https://10.139.48.4:144
c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c

ttps://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c

key https://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c
key https://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c --outpu
key https://10.139.48.4:14443/archives/v1//02_3e3bd162fed80c00359b72ac7183a2bb839842e8c6495dc14f6960f69181077c --outpu
960f69181077c

14f6960f69181077c
14f6960f69181077c --output /tmp/X
14f6960f69181077c --output /tmp/X

You might also like