https://wiki.freebsd.org/ certificate error

Jerry jerry at seibercom.net
Fri Mar 1 15:23:29 UTC 2013 

On Fri, 1 Mar 2013 08:37:40 -0600
Mark Felder articulated:

> On Fri, 01 Mar 2013 08:08:17 -0600, <fbsd8 at a1poweruser.com> wrote:
> 
> > When my browser access wiki.freebsd.org
> > I get certificate error message.
> >  Who should I notify about this problem?]
> 
> What do you get for results when you run
> 
> # openssl s_client -showcerts -connect wiki.freebsd.org:443

I am not sure what he gets, but I receive this:


openssl s_client -showcerts -connect wiki.freebsd.org:443
CONNECTED(00000003)
depth=1 C = FR, O = GANDI SAS, CN = Gandi Standard SSL CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
 0 s:/OU=Domain Control Validated/OU=Gandi Standard SSL/CN=www.freebsd.org
   i:/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIQStABQicagmyUdAdcZdHhbzANBgkqhkiG9w0BAQUFADBB
MQswCQYDVQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5k
aSBTdGFuZGFyZCBTU0wgQ0EwHhcNMTMwMTA5MDAwMDAwWhcNMTQwMTA5MjM1OTU5
WjBaMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAsT
EkdhbmRpIFN0YW5kYXJkIFNTTDEYMBYGA1UEAxMPd3d3LmZyZWVic2Qub3JnMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte4et1M/Tzm1DnYdOkcg/TGP
mspy7s6Rl1+G8ttVpMNYCYU4DZl4xMKsG6h0lc3n9eb86utvK5RWzpnb7+x+Pgtc
yrJAgZAcI4qHmVZHllb+H4iUjNezhw4u4wxyJVx31UO0Z300R8VRBHbEhoyAKOMW
qeqjE/H0rPrFzuxjf0yYHkAvb9AyrZ1D+TNSd5T+k9CEFFYiRE8Xe8t+i5agf2Mc
CPcwp3RsHDnQ3JbvBF6HuuALFHt1wKSXFUs9nFKrqzG9LMqGqxAf/olbZ1gNnSyl
rtRhCe9pLAk61VqKM8sf1B7b9cWvwRk32VEpmt5xXmT1ns198HMd1YXHuTLM/wID
AQABo4IBtjCCAbIwHwYDVR0jBBgwFoAUtqj/oqgv0KbNS7Fo8+dQEDGneSEwHQYD
VR0OBBYEFCdXnnMlBPMrCVsPEMbqP43RhF7oMA4GA1UdDwEB/wQEAwIFoDAMBgNV
HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBgBgNVHSAE
WTBXMEsGCysGAQQBsjEBAgIaMDwwOgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cuZ2Fu
ZGkubmV0L2NvbnRyYWN0cy9mci9zc2wvY3BzL3BkZi8wCAYGZ4EMAQIBMDwGA1Ud
HwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuZ2FuZGkubmV0L0dhbmRpU3RhbmRhcmRT
U0xDQS5jcmwwagYIKwYBBQUHAQEEXjBcMDcGCCsGAQUFBzAChitodHRwOi8vY3J0
LmdhbmRpLm5ldC9HYW5kaVN0YW5kYXJkU1NMQ0EuY3J0MCEGCCsGAQUFBzABhhVo
dHRwOi8vb2NzcC5nYW5kaS5uZXQwJwYDVR0RBCAwHoIPd3d3LmZyZWVic2Qub3Jn
ggtmcmVlYnNkLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAnTfCort6uF+Zqif1ZjWd
OBxZdJCc6JX531Z7nMBQSdNnYmjmU5lGFV+3hA3lHfQ/wmwEKJa40UbSDyzfEXNB
+AxCrCFSNA1IdrVTFgPfxA1kAPeji+ufR5Btgi4KV3+Nfi7wE8pjcExAuRRVdw6G
3ziscirNeywmQxiTN/eybmvCrCjtck5aBQpPS7lunYtVjaqAyI6blJpWt8zoBggh
8B6jweGtxq/YaFq4iwiUwIbR2DF0oDeJy0/JqyS5EZE2cjB4b4adBigKjK21FFJO
YzcKX/xBrL+LB6WSUbl3xVywtdtBVexJlJquIjYwv+fvuuMsxTKiYuVJillqIRaN
uQ==
-----END CERTIFICATE-----
 1 s:/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA
   i:/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
-----BEGIN CERTIFICATE-----                                                                                                                                                 
MIIEozCCA4ugAwIBAgIQWrYdrB5NogYUx1U9Pamy3DANBgkqhkiG9w0BAQUFADCB                                                                                                            
lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug                                                                                                            
Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho                                                                                                            
dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt                                                                                                            
SGFyZHdhcmUwHhcNMDgxMDIzMDAwMDAwWhcNMjAwNTMwMTA0ODM4WjBBMQswCQYD                                                                                                            
VQQGEwJGUjESMBAGA1UEChMJR0FOREkgU0FTMR4wHAYDVQQDExVHYW5kaSBTdGFu                                                                                                            
ZGFyZCBTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2VD2l                                                                                                            
2w0ieFBqWiOJP5eh1AcaqVgIm6AVwzK2t/HouaVvrTf2bnEbtHUtSF6fxhWqge/l
xIiVijpsd8y1zWXkZ+VzyVBSlMEnST6ga0EWQbaUmUGuPsviBkYJ6U2+yUxVqRh+
pt9u/UqyzGxO2chQFZOz8unjwmqtOtX7w3lQnyV5KbJHZHwgPuIITZMpFLY0bs9x
Rn52EPT9bKoB0sIG3pKDzFiQLpLeHmW3Yy89sutwjEzgvhWd3sFNVvgLxo4HuV3f
lfB7QB8aLNecK0t29Fn1Q8EsZhCenmaWYJ0cdBtOGFwIsG5symkaAum7ynjvZi7j
Mv1BXJV0gU302v5LAgMBAAGjggE+MIIBOjAfBgNVHSMEGDAWgBShcl8mGyiYQ5Vd
BzfVhZadS9LDRTAdBgNVHQ4EFgQUtqj/oqgv0KbNS7Fo8+dQEDGneSEwDgYDVR0P
AQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwGAYDVR0gBBEwDzANBgsrBgEE
AbIxAQICGjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLnVzZXJ0cnVzdC5j
b20vVVROLVVTRVJGaXJzdC1IYXJkd2FyZS5jcmwwdAYIKwYBBQUHAQEEaDBmMD0G
CCsGAQUFBzAChjFodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVROQWRkVHJ1c3RT
ZXJ2ZXJfQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
Y29tMA0GCSqGSIb3DQEBBQUAA4IBAQAZU78DPZvia1r9ukkfT+zhxoI5PNIDBA+r
ez6CqYUQH/TeMq9YP/9w8zAdly1MmuLsDD4ULS+YSJ2uFmqsLUKqtWSkcLvrc5R7
RkznehR2W0wdhKEgdB8uS1xwiNy99xk97VkN4j8m4pyspDyVHPi+jAOu8OWcTbzH
m1gAv6+t+jducW0YNA7B6mr4Dd9pVFYV8iiz/qRj7MUEZGC7/irw9IehsK69quQv
4wMLL2ZfhaQye0btJQzn8bfnGf1gul+Hd96YB5bkXupjfajeVdphXDyQg0MEBzzd
8/ifBlIK3se2e4/hEfcEejX/arxbx1BJCHBvlEPNnsdw8dvQbdqP
-----END CERTIFICATE-----
---
Server certificate
subject=/OU=Domain Control Validated/OU=Gandi Standard SSL/CN=www.freebsd.org
issuer=/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA
---
No client certificate CA names sent
---
SSL handshake has read 3289 bytes and written 520 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: F4731E0FE7795DB2ADD9B41909DCC42AAE3C18E3D0267652203A54F1BFB14283
    Session-ID-ctx: 
    Master-Key: 7D85DD55FCE7502A92BFF7B18A25857DDC1CD6731B36DF5E2172773F618E043228076142258387E6F3CCA41952F288E2
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket:
    0000 - 90 02 ad a1 a6 ca 65 5e-c2 d5 f5 c7 70 f4 8c da   ......e^....p...
    0010 - f1 1d 2b 81 6d ac 9e f3-90 0b 12 63 f0 0f 2b 5f   ..+.m......c..+_
    0020 - c3 b0 aa 1a e5 c0 8d 1c-96 14 70 14 04 35 89 c2   ..........p..5..
    0030 - c5 99 04 46 dd ae 71 40-5d be d7 31 51 2f 00 0d   ...F..q@]..1Q/..
    0040 - 8a 40 15 3b 3d 59 d2 98-fb 00 8c 94 5d de 74 9a   . at .;=Y......].t.
    0050 - ad 7f ed ec 6a 56 e6 f2-ac 0a 19 25 db fe bd 24   ....jV.....%...$
    0060 - 90 c9 ab 73 da de 5d f6-8f 3c b8 de 37 9e 4d 9d   ...s..]..<..7.M.
    0070 - 7e 1b f5 76 99 4b 88 80-8d ff d6 60 3b d7 6c fc   ~..v.K.....`;.l.
    0080 - d7 d7 02 3d ec 06 46 9d-f6 22 c4 e9 fa 07 ac 9b   ...=..F.."......
    0090 - 90 c9 48 21 ad c2 c7 44-14 2d 45 a2 ac a2 c8 8b   ..H!...D.-E.....

    Start Time: 1362151251
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________

More information about the freebsd-questions mailing list