ubuntu:ssl:connect_to_an_ssl-enabled_service
This is an old revision of the document!
Ubuntu - SSL - Connect to an SSL-enabled service
openssl s_client -connect mail.sharewiz.net:995
returns:
CONNECTED(00000003) [ ..... ] user ME +OK Name is a valid mailbox pass SOMETHING_OR_ANOTHER +OK Mailbox locked and ready list +OK scan listing follows 1 1225 2 1863 3 1668 4 963 5 1969 6 1437 7 2357 8 3316 9 3517 10 8952 11 9616 quit +OK
NOTE: The SSL and TLS connection setup process consists of four stages:
- The client and server negotiate security capabilities, such as the public-key algorithm, the symmetric key algorithm, and compression algorithms.
- The server transmits digital certificates and key information to the client, allowing the client to validate the identity of the server.
- The client exchanges key information with the server, and optionally authenticate itself with a digital certificate.
- The client and server use the negotiated parameters.
Print each high-level stage of a SSL-enabled service:
openssl s_client -connect mail.sharewiz.net:443 -state -nbio 2>&1 | grep "^SSL"
returns:
SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL_connect:error in SSLv2/v3 read server hello A SSL_connect:SSLv3 read server hello A SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server key exchange A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:error in SSLv3 read finished A SSL_connect:error in SSLv3 read finished A SSL_connect:SSLv3 read finished A SSL handshake has read 1584 bytes and written 346 bytes SSL-Session:
ubuntu/ssl/connect_to_an_ssl-enabled_service.1612267241.txt.gz · Last modified: 2021/02/02 12:00 by peter