msf > use auxiliary/pro/web_ssl_scan
msf auxiliary(web_ssl_scan) > show options Module options (auxiliary/pro/web_ssl_scan): Name Current Setting Required Description ---- --------------- -------- ----------- REPORT_WEAK true yes Report Web Vulns if weak SSL implementation in use RHOST yes The target address RPORT 443 yes The target port SSL_REQUIRED true yes Report Web Vulns if not using SSL msf auxiliary(web_ssl_scan) > run [*] www.yahoo.com:443 - SSL Scan Initiated [*] SSL Ciphers =========== Status Weak SSL Version Key Length Cipher ------ ---- ----------- ---------- ------ Accepted SSLv3 128 AES128-SHA Accepted SSLv3 128 ECDHE-RSA-AES128-SHA Accepted SSLv3 128 RC4-SHA Accepted SSLv3 128 ECDHE-RSA-RC4-SHA Accepted SSLv3 128 RC4-MD5 Accepted SSLv3 168 DES-CBC3-SHA Accepted SSLv3 256 ECDHE-RSA-AES256-SHA Accepted SSLv3 256 AES256-SHA Accepted TLSv1 128 ECDHE-RSA-RC4-SHA Accepted TLSv1 128 RC4-MD5 Accepted TLSv1 128 AES128-SHA Accepted TLSv1 128 ECDHE-RSA-AES128-SHA Accepted TLSv1 128 RC4-SHA Accepted TLSv1 168 DES-CBC3-SHA Accepted TLSv1 256 ECDHE-RSA-AES256-SHA Accepted TLSv1 256 AES256-SHA Rejected * SSLv3 40 EXP-EDH-RSA-DES-CBC-SHA Rejected * SSLv3 40 EXP-RC4-MD5 Rejected * SSLv3 40 EXP-EDH-DSS-DES-CBC-SHA Rejected * SSLv3 40 EXP-RC2-CBC-MD5 Rejected * SSLv3 40 EXP-DES-CBC-SHA Rejected * SSLv3 56 EDH-RSA-DES-CBC-SHA Rejected * SSLv3 56 EDH-DSS-DES-CBC-SHA Rejected * SSLv3 56 DES-CBC-SHA Rejected SSLv3 128 ECDH-ECDSA-AES128-GCM-SHA256 Rejected SSLv3 128 ECDHE-ECDSA-RC4-SHA Rejected SSLv3 128 CAMELLIA128-SHA Rejected SSLv3 128 SEED-SHA Rejected SSLv3 128 DHE-RSA-CAMELLIA128-SHA Rejected SSLv3 128 AES128-SHA256 Rejected SSLv3 128 AES128-GCM-SHA256 Rejected SSLv3 128 ECDH-ECDSA-AES128-SHA Rejected SSLv3 128 ECDH-RSA-AES128-SHA Rejected SSLv3 128 ECDH-ECDSA-AES128-SHA256 Rejected SSLv3 128 ECDH-RSA-AES128-SHA256 Rejected SSLv3 128 PSK-AES128-CBC-SHA Rejected SSLv3 128 ECDH-RSA-AES128-GCM-SHA256 Rejected SSLv3 128 ECDH-ECDSA-RC4-SHA Rejected SSLv3 128 DHE-DSS-CAMELLIA128-SHA Rejected SSLv3 128 ECDHE-RSA-AES128-GCM-SHA256 Rejected SSLv3 128 ECDHE-ECDSA-AES128-GCM-SHA256 Rejected SSLv3 128 ECDHE-RSA-AES128-SHA256 Rejected SSLv3 128 ECDHE-ECDSA-AES128-SHA256 Rejected SSLv3 128 PSK-RC4-SHA Rejected SSLv3 128 ECDHE-ECDSA-AES128-SHA Rejected SSLv3 128 SRP-DSS-AES-128-CBC-SHA Rejected SSLv3 128 SRP-RSA-AES-128-CBC-SHA Rejected SSLv3 128 SRP-AES-128-CBC-SHA Rejected SSLv3 128 DHE-DSS-AES128-GCM-SHA256 Rejected SSLv3 128 DHE-RSA-AES128-GCM-SHA256 Rejected SSLv3 128 DHE-RSA-AES128-SHA256 Rejected SSLv3 128 DHE-DSS-AES128-SHA256 Rejected SSLv3 128 DHE-RSA-AES128-SHA Rejected SSLv3 128 DHE-DSS-AES128-SHA Rejected SSLv3 128 DHE-RSA-SEED-SHA Rejected SSLv3 128 DHE-DSS-SEED-SHA Rejected SSLv3 128 ECDH-RSA-RC4-SHA Rejected SSLv3 168 PSK-3DES-EDE-CBC-SHA Rejected SSLv3 168 ECDH-ECDSA-DES-CBC3-SHA Rejected SSLv3 168 ECDH-RSA-DES-CBC3-SHA Rejected SSLv3 168 EDH-DSS-DES-CBC3-SHA Rejected SSLv3 168 EDH-RSA-DES-CBC3-SHA Rejected SSLv3 168 SRP-3DES-EDE-CBC-SHA Rejected SSLv3 168 SRP-RSA-3DES-EDE-CBC-SHA Rejected SSLv3 168 SRP-DSS-3DES-EDE-CBC-SHA Rejected SSLv3 168 ECDHE-ECDSA-DES-CBC3-SHA Rejected SSLv3 168 ECDHE-RSA-DES-CBC3-SHA Rejected SSLv3 256 DHE-DSS-CAMELLIA256-SHA Rejected SSLv3 256 CAMELLIA256-SHA Rejected SSLv3 256 AES256-SHA256 Rejected SSLv3 256 AES256-GCM-SHA384 Rejected SSLv3 256 ECDH-ECDSA-AES256-SHA Rejected SSLv3 256 ECDH-RSA-AES256-SHA Rejected SSLv3 256 ECDH-ECDSA-AES256-SHA384 Rejected SSLv3 256 ECDH-RSA-AES256-SHA384 Rejected SSLv3 256 ECDH-ECDSA-AES256-GCM-SHA384 Rejected SSLv3 256 ECDH-RSA-AES256-GCM-SHA384 Rejected SSLv3 256 PSK-AES256-CBC-SHA Rejected SSLv3 256 DHE-RSA-CAMELLIA256-SHA Rejected SSLv3 256 DHE-DSS-AES256-SHA Rejected SSLv3 256 DHE-RSA-AES256-SHA Rejected SSLv3 256 DHE-DSS-AES256-SHA256 Rejected SSLv3 256 ECDHE-ECDSA-AES256-SHA Rejected SSLv3 256 DHE-RSA-AES256-GCM-SHA384 Rejected SSLv3 256 DHE-DSS-AES256-GCM-SHA384 Rejected SSLv3 256 ECDHE-RSA-AES256-GCM-SHA384 Rejected SSLv3 256 ECDHE-ECDSA-AES256-GCM-SHA384 Rejected SSLv3 256 ECDHE-RSA-AES256-SHA384 Rejected SSLv3 256 ECDHE-ECDSA-AES256-SHA384 Rejected SSLv3 256 SRP-AES-256-CBC-SHA Rejected SSLv3 256 SRP-RSA-AES-256-CBC-SHA Rejected SSLv3 256 SRP-DSS-AES-256-CBC-SHA Rejected SSLv3 256 DHE-RSA-AES256-SHA256 Rejected * TLSv1 40 EXP-EDH-RSA-DES-CBC-SHA Rejected * TLSv1 40 EXP-EDH-DSS-DES-CBC-SHA Rejected * TLSv1 40 EXP-DES-CBC-SHA Rejected * TLSv1 40 EXP-RC2-CBC-MD5 Rejected * TLSv1 40 EXP-RC4-MD5 Rejected * TLSv1 56 DES-CBC-SHA Rejected * TLSv1 56 EDH-RSA-DES-CBC-SHA Rejected * TLSv1 56 EDH-DSS-DES-CBC-SHA Rejected TLSv1 128 ECDH-ECDSA-AES128-GCM-SHA256 Rejected TLSv1 128 PSK-RC4-SHA Rejected TLSv1 128 ECDH-ECDSA-RC4-SHA Rejected TLSv1 128 ECDH-RSA-RC4-SHA Rejected TLSv1 128 ECDHE-ECDSA-RC4-SHA Rejected TLSv1 128 PSK-AES128-CBC-SHA Rejected TLSv1 128 CAMELLIA128-SHA Rejected TLSv1 128 DHE-DSS-AES128-GCM-SHA256 Rejected TLSv1 128 AES128-SHA256 Rejected TLSv1 128 AES128-GCM-SHA256 Rejected TLSv1 128 ECDH-ECDSA-AES128-SHA Rejected TLSv1 128 ECDH-RSA-AES128-SHA Rejected TLSv1 128 ECDH-ECDSA-AES128-SHA256 Rejected TLSv1 128 ECDH-RSA-AES128-SHA256 Rejected TLSv1 128 ECDHE-ECDSA-AES128-SHA256 Rejected TLSv1 128 ECDH-RSA-AES128-GCM-SHA256 Rejected TLSv1 128 DHE-DSS-CAMELLIA128-SHA Rejected TLSv1 128 DHE-RSA-CAMELLIA128-SHA Rejected TLSv1 128 DHE-DSS-SEED-SHA Rejected TLSv1 128 DHE-RSA-SEED-SHA Rejected TLSv1 128 DHE-DSS-AES128-SHA Rejected TLSv1 128 DHE-RSA-AES128-SHA Rejected TLSv1 128 DHE-DSS-AES128-SHA256 Rejected TLSv1 128 ECDHE-RSA-AES128-GCM-SHA256 Rejected TLSv1 128 ECDHE-ECDSA-AES128-GCM-SHA256 Rejected TLSv1 128 ECDHE-RSA-AES128-SHA256 Rejected TLSv1 128 DHE-RSA-AES128-SHA256 Rejected TLSv1 128 DHE-RSA-AES128-GCM-SHA256 Rejected TLSv1 128 ECDHE-ECDSA-AES128-SHA Rejected TLSv1 128 SRP-DSS-AES-128-CBC-SHA Rejected TLSv1 128 SRP-RSA-AES-128-CBC-SHA Rejected TLSv1 128 SRP-AES-128-CBC-SHA Rejected TLSv1 128 SEED-SHA Rejected TLSv1 168 PSK-3DES-EDE-CBC-SHA Rejected TLSv1 168 ECDHE-RSA-DES-CBC3-SHA Rejected TLSv1 168 ECDHE-ECDSA-DES-CBC3-SHA Rejected TLSv1 168 SRP-DSS-3DES-EDE-CBC-SHA Rejected TLSv1 168 ECDH-ECDSA-DES-CBC3-SHA Rejected TLSv1 168 ECDH-RSA-DES-CBC3-SHA Rejected TLSv1 168 EDH-DSS-DES-CBC3-SHA Rejected TLSv1 168 EDH-RSA-DES-CBC3-SHA Rejected TLSv1 168 SRP-3DES-EDE-CBC-SHA Rejected TLSv1 168 SRP-RSA-3DES-EDE-CBC-SHA Rejected TLSv1 256 AES256-GCM-SHA384 Rejected TLSv1 256 DHE-DSS-AES256-GCM-SHA384 Rejected TLSv1 256 DHE-RSA-AES256-GCM-SHA384 Rejected TLSv1 256 PSK-AES256-CBC-SHA Rejected TLSv1 256 CAMELLIA256-SHA Rejected TLSv1 256 DHE-DSS-AES256-SHA256 Rejected TLSv1 256 AES256-SHA256 Rejected TLSv1 256 SRP-AES-256-CBC-SHA Rejected TLSv1 256 DHE-RSA-AES256-SHA256 Rejected TLSv1 256 ECDH-ECDSA-AES256-SHA Rejected TLSv1 256 ECDH-RSA-AES256-SHA Rejected TLSv1 256 SRP-RSA-AES-256-CBC-SHA Rejected TLSv1 256 ECDH-ECDSA-AES256-SHA384 Rejected TLSv1 256 ECDH-RSA-AES256-SHA384 Rejected TLSv1 256 ECDH-ECDSA-AES256-GCM-SHA384 Rejected TLSv1 256 SRP-DSS-AES-256-CBC-SHA Rejected TLSv1 256 ECDHE-ECDSA-AES256-SHA Rejected TLSv1 256 ECDH-RSA-AES256-GCM-SHA384 Rejected TLSv1 256 DHE-DSS-CAMELLIA256-SHA Rejected TLSv1 256 DHE-RSA-CAMELLIA256-SHA Rejected TLSv1 256 DHE-DSS-AES256-SHA Rejected TLSv1 256 ECDHE-ECDSA-AES256-SHA384 Rejected TLSv1 256 ECDHE-RSA-AES256-SHA384 Rejected TLSv1 256 ECDHE-ECDSA-AES256-GCM-SHA384 Rejected TLSv1 256 ECDHE-RSA-AES256-GCM-SHA384 Rejected TLSv1 256 DHE-RSA-AES256-SHA Certificate: Data: Version: 3 (0x2) Serial Number: 1d:c0:12:4a:02:4a:2c:d6:ce:88:c9:4c:0f:24:f1:cf Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Secure Server CA - G3 Validity Not Before: Apr 9 00:00:00 2014 GMT Not After : Apr 9 23:59:59 2015 GMT Subject: C=US, ST=California, L=Sunnyvale, O=Yahoo Inc., OU=Information Technology, CN=www.yahoo.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:be:ac:b9:4f:c4:b7:ea:0a:a1:6d:56:ab:ee:6a: 27:06:21:8c:82:4f:60:fc:be:ab:92:80:a1:11:6e: 36:01:a6:1a:3b:db:f0:b9:da:55:ed:91:a6:1d:1a: 5a:30:b7:5c:c9:1b:db:03:8f:7c:eb:74:3a:58:af: 0f:6d:08:f5:70:d3:42:ed:1c:d1:ce:ac:ea:d7:b8: 40:10:b5:20:f3:04:0a:7d:8c:34:ac:05:ba:ec:84: 31:30:07:00:4d:b9:c5:64:b9:61:91:ae:37:e7:4e: 91:64:bc:51:60:d2:61:bb:5a:58:4a:05:10:ae:c8: 84:80:30:aa:d1:37:21:4d:46:63:aa:5b:aa:31:2e: 82:3e:58:76:b3:aa:b9:b7:91:e2:2a:bf:8e:3c:8b: e5:40:16:ba:cf:6f:be:90:40:2a:e2:e7:6d:6e:0d: 2c:b0:39:fa:46:83:4c:88:ea:db:10:b5:25:80:3a: 29:60:40:55:25:1a:fa:c4:7f:5d:e9:2e:18:ac:4e: 69:3a:cb:3b:30:e9:b2:e0:ba:91:71:6d:b4:cb:1b: 0c:13:00:51:19:1f:36:66:fb:f0:22:11:ef:de:d9: 24:bf:53:dd:a0:6c:94:0c:13:51:a1:07:26:cf:b7: 9e:f4:26:e3:88:9f:9f:4e:99:f4:e7:8f:90:4c:ca: 7f:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Alternative Name: DNS:www.yahoo.com, DNS:yahoo.com, DNS:hsrd.yahoo.com, DNS:us.yahoo.com, DNS:fr.yahoo.com, DNS:uk.yahoo.com, DNS:za.yahoo.com, DNS:ie.yahoo.com, DNS:it.yahoo.com, DNS:es.yahoo.com, DNS:de.yahoo.com, DNS:ca.yahoo.com, X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 2.16.840.1.113733.1.7.54 CPS: https://www.verisign.com/cps X509v3 Authority Key Identifier: keyid:0D:44:5C:16:53:44:C1:82:7E:1D:20:AB:25:F4:01:63:D8:BE:79:A5 X509v3 CRL Distribution Points: Full Name: URI:http://SVRSecure-G3-crl.verisign.com/SVRSecureG3.crl Authority Information Access: OCSP - URI:http://ocsp.verisign.com CA Issuers - URI:http://SVRSecure-G3-aia.verisign.com/SVRSecureG3.cer Signature Algorithm: sha1WithRSAEncryption 1f:3c:b5:6f:4d:d3:15:6a:7b:02:63:7a:e0:10:ba:45:f4:a6: 47:ca:8c:47:c0:1d:13:88:ed:e7:be:11:34:72:89:91:d2:53: 54:aa:d2:c5:3c:00:b7:70:cd:e5:30:b8:a1:79:47:ae:bc:eb: 5c:48:37:57:be:e6:1b:9e:55:30:21:7f:17:00:ad:d6:1b:5c: b9:3b:94:d2:e9:fe:b5:04:a9:0d:43:6c:20:3b:2d:d2:a7:e5: 37:b4:68:9f:f9:86:d1:73:53:4b:15:6a:21:84:d3:f1:36:82: cc:e3:07:ab:61:58:55:12:40:23:00:f2:ef:b6:ab:a8:2c:c0: 5e:23:0c:5c:23:42:c4:ee:e3:2e:e5:f8:f7:8b:0e:ec:e3:f5: 8f:0b:72:de:30:15:21:7f:85:47:7a:4f:ab:3a:3a:99:38:27: 11:24:94:90:96:56:ab:c6:07:4d:d3:5f:ec:2d:3c:60:03:b3: 64:78:26:a8:22:f7:8f:3c:4c:43:31:7b:46:6a:38:21:b4:c6: 69:ca:14:13:88:9c:02:eb:7f:3c:91:18:e6:27:6a:36:ba:6b: 0a:d5:4f:bc:6a:2b:d3:30:f9:30:7d:f0:a1:63:2e:68:40:d8: 3d:c3:25:52:d8:da:bb:df:14:be:bd:25:4f:24:9b:26:98:2c: 04:1c:51:2b *** WARNING: Your OS hates freedom! Your OpenSSL libs are compiled without SSLv2 support! [*] Auxiliary module execution completed Get something more from SSL information |
[email protected]:~# openssl s_client -host www.yahoo.com -port 443
CONNECTED(00000003) depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5 verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain 0 s:/C=US/ST=California/L=Sunnyvale/O=Yahoo Inc./OU=Information Technology/CN=www.yahoo.com i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority --- Server certificate -----BEGIN CERTIFICATE----- MIIHuTCCBqGgAwIBAgIQHcASSgJKLNbOiMlMDyTxzzANBgkqhkiG9w0BAQUFADCB tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwNDA5 MDAwMDAwWhcNMTUwNDA5MjM1OTU5WjCBhDELMAkGA1UEBhMCVVMxEzARBgNVBAgT CkNhbGlmb3JuaWExEjAQBgNVBAcUCVN1bm55dmFsZTETMBEGA1UEChQKWWFob28g SW5jLjEfMB0GA1UECxQWSW5mb3JtYXRpb24gVGVjaG5vbG9neTEWMBQGA1UEAxQN d3d3LnlhaG9vLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6s uU/Et+oKoW1Wq+5qJwYhjIJPYPy+q5KAoRFuNgGmGjvb8LnaVe2Rph0aWjC3XMkb 2wOPfOt0OlivD20I9XDTQu0c0c6s6te4QBC1IPMECn2MNKwFuuyEMTAHAE25xWS5 YZGuN+dOkWS8UWDSYbtaWEoFEK7IhIAwqtE3IU1GY6pbqjEugj5YdrOqubeR4iq/ jjyL5UAWus9vvpBAKuLnbW4NLLA5+kaDTIjq2xC1JYA6KWBAVSUa+sR/XekuGKxO aTrLOzDpsuC6kXFttMsbDBMAURkfNmb78CIR797ZJL9T3aBslAwTUaEHJs+3nvQm 44ifn06Z9OePkEzKfzkCAwEAAaOCA/IwggPuMIICiwYDVR0RBIICgjCCAn6CDXd3 dy55YWhvby5jb22CCXlhaG9vLmNvbYIOaHNyZC55YWhvby5jb22CDHVzLnlhaG9v LmNvbYIMZnIueWFob28uY29tggx1ay55YWhvby5jb22CDHphLnlhaG9vLmNvbYIM aWUueWFob28uY29tggxpdC55YWhvby5jb22CDGVzLnlhaG9vLmNvbYIMZGUueWFo b28uY29tggxjYS55YWhvby5jb22CDHFjLnlhaG9vLmNvbYIMYnIueWFob28uY29t ggxyby55YWhvby5jb22CDHNlLnlhaG9vLmNvbYIMYmUueWFob28uY29tgg9mci1i ZS55YWhvby5jb22CDGFyLnlhaG9vLmNvbYIMbXgueWFob28uY29tggxjbC55YWhv by5jb22CDGNvLnlhaG9vLmNvbYIMdmUueWFob28uY29tghFlc3Bhbm9sLnlhaG9v LmNvbYIMcGUueWFob28uY29tggxpbi55YWhvby5jb22CDHNnLnlhaG9vLmNvbYIM aWQueWFob28uY29tghJtYWxheXNpYS55YWhvby5jb22CDHBoLnlhaG9vLmNvbYIM dm4ueWFob28uY29tghFtYWt0b29iLnlhaG9vLmNvbYIUZW4tbWFrdG9vYi55YWhv by5jb22CD2NhLm15LnlhaG9vLmNvbYIMZ3IueWFob28uY29tgg1hdHQueWFob28u Y29tggxhdS55YWhvby5jb22CDG56LnlhaG9vLmNvbYIMdHcueWFob28uY29tggxo ay55YWhvby5jb22CDWJyYi55YWhvby5jb22CDG15LnlhaG9vLmNvbYIQYWRkLm15 LnlhaG9vLmNvbTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU BggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0gBDwwOjA4BgpghkgBhvhFAQc2MCow KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMwHwYDVR0j BBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUwRQYDVR0fBD4wPDA6oDigNoY0aHR0 cDovL1NWUlNlY3VyZS1HMy1jcmwudmVyaXNpZ24uY29tL1NWUlNlY3VyZUczLmNy bDB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlz aWduLmNvbTBABggrBgEFBQcwAoY0aHR0cDovL1NWUlNlY3VyZS1HMy1haWEudmVy aXNpZ24uY29tL1NWUlNlY3VyZUczLmNlcjANBgkqhkiG9w0BAQUFAAOCAQEAHzy1 b03TFWp7AmN64BC6RfSmR8qMR8AdE4jt574RNHKJkdJTVKrSxTwAt3DN5TC4oXlH rrzrXEg3V77mG55VMCF/FwCt1htcuTuU0un+tQSpDUNsIDst0qflN7Ron/mG0XNT SxVqIYTT8TaCzOMHq2FYVRJAIwDy77arqCzAXiMMXCNCxO7jLuX494sO7OP1jwty 3jAVIX+FR3pPqzo6mTgnESSUkJZWq8YHTdNf7C08YAOzZHgmqCL3jzxMQzF7Rmo4 IbTGacoUE4icAut/PJEY5idqNrprCtVPvGor0zD5MH3woWMuaEDYPcMlUtjau98U vr0lTySbJpgsBBxRKw== -----END CERTIFICATE----- subject=/C=US/ST=California/L=Sunnyvale/O=Yahoo Inc./OU=Information Technology/CN=www.yahoo.com issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3 --- No client certificate CA names sent --- SSL handshake has read 5402 bytes and written 434 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: ABF1C054749C8559FF63F61B6CC23487DA0083A49652D6746558A83D0EC452A6 Session-ID-ctx: Master-Key: 0C4FBE9B35881B0D78CB22DC08B73691EB24F495B6E512DECFAAF08EA2663C4BD2F11709367552EE253D9FB1533CB3AF Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - 97 6a 6c ac 57 32 81 80-ae c0 f2 27 d5 9a cf 71 .jl.W2.....‘...q 0010 - bc 15 05 54 87 36 c1 66-ff 06 ba 31 51 05 d2 61 ...T.6.f...1Q..a 0020 - 83 c6 68 3b 7a 2c 70 ec-4c 14 a4 83 96 90 df fd ..h;z,p.L....... 0030 - de 70 a1 2b e0 1f cf 26-b8 08 8e 16 fd dc c5 06 .p.+...&........ 0040 - 6b 7d fc 4f b0 87 ed 53-6c 86 26 b2 09 d0 e1 c7 k}.O...Sl.&..... 0050 - f5 d4 be 29 26 de 34 e0-0e f4 b4 a9 81 5b 9d c0 ...)&.4......[.. 0060 - 53 97 63 b0 2d e2 e4 c8-3f f2 08 cf 78 f3 a6 0a S.c.-...?...x... 0070 - 09 ca a5 48 98 7f e9 68-dd ba 04 2f c6 38 49 b5 ...H...h.../.8I. 0080 - c2 f5 a6 00 81 2a d8 74-b3 15 16 e1 6b 56 b4 03 .....*.t....kV.. 0090 - 14 6e dc 89 b1 64 0e 96-80 99 eb b0 6b 46 05 f3 .n...d......kF.. Start Time: 1411961850 Timeout : 300 (sec) Verify return code: 20 (unable to get local issuer certificate) --- read:errno=0 |