[OpenSIPS-Users] TLS client simple testing. What is a good result when handshake works?

Rodrigo Pimenta Carvalho pimenta at inatel.br
Tue Jul 28 21:12:58 CEST 2015


I have followed the tutorial about setting up the TLS. ( http://www.opensips.org/Documentation/Tutorials-TLS-2-1 ). Then, I have run the command: "

openssl s_client -showcerts -debug -connect <your-ip-address>:<port> -no_ssl2 -bugs", to test the handshake.

But, what is an example of result for this command, telling me that everything is ok?

I got:

verify error:num=19:self signed certificate in certificate chain
verify return:0
No client certificate CA names sent
SSL handshake has read 1567 bytes and written 285 bytes
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
    Protocol  : TLSv1
    Cipher    : AES256-SHA
    Master-Key: 90D6174E13EFDF2317B8F24D0AEBC5A56C3633D7DFC1BF8ADF186672CD9F26B5D812BE595775DFE6416C31DDE736D217
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1438110339
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)

So, did the handshake work? If not, what might be wrong?
Any hint will be very helpful!

Best Regards.

Inatel Competence Center
Ph: +55 35 3471 9200 RAMAL 979
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150728/ee36ea69/attachment.htm>

More information about the Users mailing list