[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#902716: Acknowledgement (reportbug.debian.org has invalid certificate)


$  openssl s_client  --starttls smtp -connect reportbug.debian.org:587
CONNECTED(00000003)
depth=0 C = NA, ST = NA, L = Ankh Morpork, O = Debian SMTP, OU = Debian SMTP CA, CN = buxtehude.debian.org, emailAddress = hostmaster@buxtehude.debian.org
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = NA, ST = NA, L = Ankh Morpork, O = Debian SMTP, OU = Debian SMTP CA, CN = buxtehude.debian.org, emailAddress = hostmaster@buxtehude.debian.org
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/C=NA/ST=NA/L=Ankh Morpork/O=Debian SMTP/OU=Debian SMTP CA/CN=buxtehude.debian.org/emailAddress=hostmaster@buxtehude.debian.org
   i:/C=NA/ST=NA/L=Ankh Morpork/O=Debian SMTP/OU=Debian SMTP CA/CN=Debian SMTP CA/emailAddress=hostmaster@puppet.debian.org
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgICDvwwDQYJKoZIhvcNAQEFBQAwgaYxCzAJBgNVBAYTAk5B
MQswCQYDVQQIEwJOQTEVMBMGA1UEBxMMQW5raCBNb3Jwb3JrMRQwEgYDVQQKEwtE
ZWJpYW4gU01UUDEXMBUGA1UECxMORGViaWFuIFNNVFAgQ0ExFzAVBgNVBAMTDkRl
YmlhbiBTTVRQIENBMSswKQYJKoZIhvcNAQkBFhxob3N0bWFzdGVyQHB1cHBldC5k
ZWJpYW4ub3JnMB4XDTE3MTIxMjAwMDAxMVoXDTE4MTIxMjAwMDAxMVowga8xCzAJ
BgNVBAYTAk5BMQswCQYDVQQIEwJOQTEVMBMGA1UEBxMMQW5raCBNb3Jwb3JrMRQw
EgYDVQQKEwtEZWJpYW4gU01UUDEXMBUGA1UECxMORGViaWFuIFNNVFAgQ0ExHTAb
BgNVBAMTFGJ1eHRlaHVkZS5kZWJpYW4ub3JnMS4wLAYJKoZIhvcNAQkBFh9ob3N0
bWFzdGVyQGJ1eHRlaHVkZS5kZWJpYW4ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAovy58Ske6mkx4bSCaS34lJ4FCorDU6H6oNEWlgNVTzH1xYA5
3wvMScSqvbRYPK8B0VSPD5/G+4dfj9XBGbHdHsS7nWHutrwyNUL6cTl2CBvUwAzP
EQj5d3JLL0aa8VLZshH3BTKBuWx8TR983zDTb6+yKivvr1HcqSyeqeAZ3H3w4sb1
4SIXUDn65hoyoODgEWZWt8Xs8PTk1T37evp5QnabdX91bmN6UIkRPzJWuVNTPKtY
xMVhIlHmhS+btvI7s8DI2XwOTMt5kLUq58XWr1OmIqpOBjASLn6ExChh1eXnPtcf
vhzoFLKd8L+MVAb21qf1tkMn3ZeYls2345TcaQIDAQABo4IBZTCCAWEwCQYDVR0T
BAIwADARBglghkgBhvhCAQEEBAMCBkAwIgYJYIZIAYb4QgENBBUWE0RlYmlhbiBT
TVRQIENBIGNlcnQwHQYDVR0OBBYEFOCPtMQWehUMfn1FDZ4RoyDKg838MIHbBgNV
HSMEgdMwgdCAFF9qbFIB0eabRXjptXlBG7eAytjGoYGspIGpMIGmMQswCQYDVQQG
EwJOQTELMAkGA1UECBMCTkExFTATBgNVBAcTDEFua2ggTW9ycG9yazEUMBIGA1UE
ChMLRGViaWFuIFNNVFAxFzAVBgNVBAsTDkRlYmlhbiBTTVRQIENBMRcwFQYDVQQD
Ew5EZWJpYW4gU01UUCBDQTErMCkGCSqGSIb3DQEJARYcaG9zdG1hc3RlckBwdXBw
ZXQuZGViaWFuLm9yZ4IJAPYIE0pJ99rTMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsG
A1UdDwQEAwIFoDANBgkqhkiG9w0BAQUFAAOCAQEAolkEmpsPbJ7uu6noZ0uEZMI2
LnJTEJtFdXxcNFGLmC5XswksXD819v3ZvETVET52tRDD151avY2FqBrqamwEtyVp
1AnGfbmjhPFmjDlJfEtTb5/5s8Rmk75ySYdF/bMnufGb2IedbFdx5/rlNXl7ZQK/
/Nm7sI8MtsNpcdOBg6Sr9efrmk0BUUUrxMPxGhTsegEwYddgdKVqBiQiw6oot1bk
vH5/mVkxtUJmUrdSNoPlVnOWitUJqCXARqA8VA3zOvoOZJ7HMq2M/zPDn72NBJrx
WFX4EkUqvwzloM7JDJ7aH1/xG2+Bgr0JMQ9X4VOE8fdY43gWC/GdrRY1iFhb5g==
-----END CERTIFICATE-----
subject=/C=NA/ST=NA/L=Ankh Morpork/O=Debian SMTP/OU=Debian SMTP CA/CN=buxtehude.debian.org/emailAddress=hostmaster@buxtehude.debian.org
issuer=/C=NA/ST=NA/L=Ankh Morpork/O=Debian SMTP/OU=Debian SMTP CA/CN=Debian SMTP CA/emailAddress=hostmaster@puppet.debian.org
---
Acceptable client certificate CA names
/C=NA/ST=NA/L=Ankh Morpork/O=Debian SMTP/OU=Debian SMTP CA/CN=Debian SMTP CA/emailAddress=hostmaster@puppet.debian.org
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA256:ECDSA+SHA256:RSA+SHA384:ECDSA+SHA384:RSA+SHA512:ECDSA+SHA512:RSA+SHA224:ECDSA+SHA224:RSA+SHA1:ECDSA+SHA1
Shared Requested Signature Algorithms: RSA+SHA256:ECDSA+SHA256:RSA+SHA384:ECDSA+SHA384:RSA+SHA512:ECDSA+SHA512:RSA+SHA224:ECDSA+SHA224:RSA+SHA1:ECDSA+SHA1
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 2282 bytes and written 347 bytes
Verification error: unable to verify the first certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 7E3BBFDAE6C0616D76239C40803DB81092DCA2E86842377C3A122A649F47D189
    Session-ID-ctx: 
    Master-Key: 2E1E1A68F43A38EDE8A4B67E82BA3C63D1551E6CF5F78F3F81F8F705418F7B7FF4A223088DF687D219CE12B283FEE0F9
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1530560544
    Timeout   : 7200 (sec)
    Verify return code: 21 (unable to verify the first certificate)
    Extended master secret: yes
---
250 HELP
quit
221 buxtehude.debian.org closing connection
closed
Reply to: