Difference between revisions of "Openssl"
From Teknologisk videncenter
(Created page with " =Debug= Example when debugging a tls connection to mosquitto MQTT broker. <source lang=bash> root@beaglebone:/home/debian# openssl s_client -connect 127.0.0.1:8883...") |
m (→Debug) |
||
| Line 11: | Line 11: | ||
verify error:num=18:self signed certificate | verify error:num=18:self signed certificate | ||
..... | ..... | ||
| + | </source> | ||
| + | On Mosquitto brokerside: | ||
| + | <source lang=bash> | ||
| + | root@beaglebone:/home/debian# /usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf -v | ||
| + | 1621664904: mosquitto version 2.0.7 starting | ||
| + | 1621664904: Config loaded from /etc/mosquitto/mosquitto.conf. | ||
| + | 1621664904: Opening ipv4 listen socket on port 1883. | ||
| + | 1621664904: Opening ipv6 listen socket on port 1883. | ||
| + | 1621664904: Opening ipv4 listen socket on port 8883. | ||
| + | 1621664904: Opening ipv6 listen socket on port 8883. | ||
| + | 1621664904: mosquitto version 2.0.7 running | ||
| + | 1621664907: New connection from 127.0.0.1:45026 on port 1883. | ||
| + | 1621664907: Sending CONNACK to 127.0.0.1 (0, 5) | ||
| + | 1621664907: Client <unknown> disconnected, not authorised. | ||
| + | 1621665067: New connection from 127.0.0.1:54532 on port 8883. | ||
| + | 1621665067: OpenSSL Error[0]: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca | ||
| + | </source> | ||
| + | Error 14094418 - alert unknown ca | ||
| + | |||
| + | openssl errornumber to errorstring: (Just nice to know) | ||
| + | <source lang=bash> | ||
| + | root@beaglebone:/home/debian/certs/ca# openssl errstr 14094418 | ||
| + | error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca | ||
</source> | </source> | ||
[[Category:Security]] | [[Category:Security]] | ||
Revision as of 08:39, 22 May 2021
Debug
Example when debugging a tls connection to mosquitto MQTT broker.
root@beaglebone:/home/debian# openssl s_client -connect 127.0.0.1:8883
CONNECTED(00000003)
Can't use SSL_get_servername
depth=0 C = DK, ST = Denmark, L = Viborg, O = Mercantec, CN = beaglebone.localdomain, emailAddress = heth@mercantec.dk
verify error:num=18:self signed certificate
.....
On Mosquitto brokerside:
root@beaglebone:/home/debian# /usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf -v
1621664904: mosquitto version 2.0.7 starting
1621664904: Config loaded from /etc/mosquitto/mosquitto.conf.
1621664904: Opening ipv4 listen socket on port 1883.
1621664904: Opening ipv6 listen socket on port 1883.
1621664904: Opening ipv4 listen socket on port 8883.
1621664904: Opening ipv6 listen socket on port 8883.
1621664904: mosquitto version 2.0.7 running
1621664907: New connection from 127.0.0.1:45026 on port 1883.
1621664907: Sending CONNACK to 127.0.0.1 (0, 5)
1621664907: Client <unknown> disconnected, not authorised.
1621665067: New connection from 127.0.0.1:54532 on port 8883.
1621665067: OpenSSL Error[0]: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca
Error 14094418 - alert unknown ca
openssl errornumber to errorstring: (Just nice to know)
root@beaglebone:/home/debian/certs/ca# openssl errstr 14094418
error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca