# This is a copy of the apache logs when doing a openssl s_client connection, see below the logs for the s_client output # [Wed Jan 30 16:36:19 2013] [info] [client 127.0.0.1] Connection to child 2 established (server server1.ca1.example:443) [Wed Jan 30 16:36:19 2013] [info] Seeding PRNG with 656 bytes of entropy [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1916): OpenSSL: Handshake: start [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: before/accept initialization [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1909): OpenSSL: read 11/11 bytes from BIO#7f9623894460 [mem: 7f9623895500] (BIO dump follows) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1842): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0000: 80 77 01 03 01 00 4e .w....N | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1885): | 0011 - [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1887): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1909): OpenSSL: read 110/110 bytes from BIO#7f9623894460 [mem: 7f962389550b] (BIO dump follows) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1842): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0000: 00 00 39 00 00 38 00 00-35 00 00 16 00 00 13 00 ..9..8..5....... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0010: 00 0a 07 00 c0 00 00 33-00 00 32 00 00 2f 03 00 .......3..2../.. | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0020: 80 00 00 05 00 00 04 01-00 80 00 00 15 00 00 12 ................ | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0030: 00 00 09 06 00 40 00 00-14 00 00 11 00 00 08 00 .....@.......... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0040: 00 06 04 00 80 00 00 03-02 00 80 00 00 ff f7 e6 ................ | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0050: e4 ee 53 f2 49 8b ad f7-32 02 e9 33 eb a0 f1 e0 ..S.I...2..3.... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0060: fa 69 14 ce ed 2a 0b 39-b8 5a e6 26 14 86 .i...*.9.Z.&.. | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1887): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 read client hello A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 write server hello A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 write certificate A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1324): [client 127.0.0.1] handing out temporary 1024 bit DH key [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 write key exchange A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 write server done A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 flush data [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1909): OpenSSL: read 5/5 bytes from BIO#7f9623894460 [mem: 7f9623895500] (BIO dump follows) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1842): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0000: 16 03 01 00 86 ..... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1887): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1909): OpenSSL: read 134/134 bytes from BIO#7f9623894460 [mem: 7f9623895505] (BIO dump follows) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1842): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0000: 10 00 00 82 00 80 6f 22-ac 52 78 b4 95 1c 79 ff ......o".Rx...y. | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0010: 50 60 90 1e 56 ae 91 bd-34 a6 d7 24 52 27 b5 ce P`..V...4..$R'.. | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0020: f4 aa 85 8a f0 81 18 11-eb 21 8f 48 07 b7 8a b1 .........!.H.... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0030: bc 8e b7 b2 ff ae 08 fc-e0 d1 8b 19 98 a5 88 b9 ................ | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0040: 77 c7 44 bf 53 4c 12 2d-ff 7f b6 61 42 88 a8 88 w.D.SL.-...aB... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0050: 47 d0 e2 e2 ac 9a 51 0d-3c 2e f6 25 08 d4 6a ad G.....Q.<..%..j. | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0060: 78 e4 dd 62 93 72 7e 01-2e 3c 40 0b f9 7e 5b 79 x..b.r~..<@..~[y | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0070: 14 8e 4f a5 a2 7c fe 8f-79 08 66 8a c0 ac 86 0f ..O..|..y.f..... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0080: 14 b2 d2 80 87 8a ...... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1887): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 read client key exchange A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1909): OpenSSL: read 5/5 bytes from BIO#7f9623894460 [mem: 7f9623895500] (BIO dump follows) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1842): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0000: 14 03 01 00 01 ..... | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1887): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1909): OpenSSL: read 1/1 bytes from BIO#7f9623894460 [mem: 7f9623895505] (BIO dump follows) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1842): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0000: 01 . | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1887): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1909): OpenSSL: read 5/5 bytes from BIO#7f9623894460 [mem: 7f9623895500] (BIO dump follows) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1842): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0000: 16 03 01 00 30 ....0 | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1887): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1909): OpenSSL: read 48/48 bytes from BIO#7f9623894460 [mem: 7f9623895505] (BIO dump follows) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1842): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0000: cf 71 74 f8 d5 dc 64 19-71 32 22 58 43 6f 68 bf .qt...d.q2"XCoh. | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0010: d1 b2 a5 1a 8c 10 97 23-65 db 99 31 44 78 7c 9a .......#e..1Dx|. | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1881): | 0020: 7d 22 ff 09 cb c5 87 14-8c 7f d7 84 ce 7c eb d9 }"...........|.. | [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_io.c(1887): +-------------------------------------------------------------------------+ [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 read finished A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 write change cipher spec A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 write finished A [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1924): OpenSSL: Loop: SSLv3 flush data [Wed Jan 30 16:36:19 2013] [debug] ssl_scache_shmcb.c(353): ssl_scache_shmcb_store (0x9c -> subcache 28) [Wed Jan 30 16:36:19 2013] [debug] ssl_scache_shmcb.c(645): insert happened at idx=0, data=0 [Wed Jan 30 16:36:19 2013] [debug] ssl_scache_shmcb.c(647): finished insert, subcache: idx_pos/idx_used=0/1, data_pos/data_used=0/148 [Wed Jan 30 16:36:19 2013] [debug] ssl_scache_shmcb.c(378): leaving ssl_scache_shmcb_store successfully [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1782): Inter-Process Session Cache: request=SET status=OK id=9C8E7827CCADFC73ECB7CC2400CAC608C79535E10A01411ACD85BCA707A33917 timeout=300s (session caching) [Wed Jan 30 16:36:19 2013] [debug] ssl_engine_kernel.c(1920): OpenSSL: Handshake: done [Wed Jan 30 16:36:19 2013] [info] Connection: Client IP: 127.0.0.1, Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 bits) [Wed Jan 30 16:36:21 2013] [debug] ssl_engine_io.c(1920): OpenSSL: I/O error, 5 bytes expected to read on BIO#7f9623894460 [mem: 7f9623895500] [Wed Jan 30 16:36:21 2013] [info] [client 127.0.0.1] (70014)End of file found: SSL input filter read failed. [Wed Jan 30 16:36:21 2013] [debug] ssl_engine_kernel.c(1934): OpenSSL: Write: SSL negotiation finished successfully [Wed Jan 30 16:36:21 2013] [info] [client 127.0.0.1] Connection closed to child 2 with standard shutdown (server server1.ca1.example:443) @server1:~$ openssl s_client -connect server1.ca1.example:443 -CAfile CA1/ca-cert.pem -verify 3 verify depth is 3 CONNECTED(00000003) depth=1 /C=US/O=TestCA1/OU=CA1/L=USA/ST=Someplace/CN=testca1.ca1.example verify return:1 depth=0 /C=US/O=TestCA1/OU=CA1/L=Someplace/ST=Somewhere/CN=server1.ca1.example verify return:1 --- Certificate chain 0 s:/C=US/O=TestCA1/OU=CA1/L=Someplace/ST=Somewhere/CN=server1.ca1.example i:/C=US/O=TestCA1/OU=CA1/L=USA/ST=Someplace/CN=testca1.ca1.example 1 s:/C=US/O=TestCA1/OU=CA1/L=USA/ST=Someplace/CN=testca1.ca1.example i:/C=US/O=TestCA1/OU=CA1/L=USA/ST=Someplace/CN=testca1.ca1.example --- Server certificate -----BEGIN CERTIFICATE----- MIICwjCCAm6gAwIBAgIEUQjDOTALBgkqhkiG9w0BAQUwbTELMAkGA1UEBhMCVVMx EDAOBgNVBAoTB1Rlc3RDQTExDDAKBgNVBAsTA0NBMTEMMAoGA1UEBxMDVVNBMRIw EAYDVQQIEwlTb21lcGxhY2UxHDAaBgNVBAMTE3Rlc3RjYTEuY2ExLmV4YW1wbGUw HhcNMTMwMTMwMDY1MjQ0WhcNMTQwMTMwMDY1MjQ3WjBzMQswCQYDVQQGEwJVUzEQ MA4GA1UEChMHVGVzdENBMTEMMAoGA1UECxMDQ0ExMRIwEAYDVQQHEwlTb21lcGxh Y2UxEjAQBgNVBAgTCVNvbWV3aGVyZTEcMBoGA1UEAxMTc2VydmVyMS5jYTEuZXhh bXBsZTBZMAsGCSqGSIb3DQEBAQNKADBHAkDFh9iDHfxntnbMPddgpCTw0LwmGYlA vppfmT+r+A3K5lBdZ/cvDJmKJvfm5Sqv53tN0RVwJnciu3lzS66eFIbHAgMBAAGj gfQwgfEwMwYDVR0RBCwwKoITc2VydmVyMS5jYTEuZXhhbXBsZYITc2VydmVyMS5j YTEuZXhhbXBsZTAMBgNVHRMBAf8EAjAAMA8GA1UdDwEB/wQFAwMHoAAwMQYDVR0l BCowKAYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYD VR0OBBYEFLTg+PkAU4Y/lJHTD9azpDoo6OC+MB8GA1UdIwQYMBaAFFoU0+n4fTOx kNEul2ISP2onY3LFMCgGA1UdHwQhMB8wHaAboBmGF3Rlc3RjYTEuY2ExLmV4YW1w bGUvY3JsMAsGCSqGSIb3DQEBBQNBAG3Dw/JjQ82R1k0mKxahtBFsQwdSIqo0+fzl HHFHSvgp7PIfqCW094aE7HAqIzIWDVe3d08Du3PDcrwOJTm8R2A= -----END CERTIFICATE----- subject=/C=US/O=TestCA1/OU=CA1/L=Someplace/ST=Somewhere/CN=server1.ca1.example issuer=/C=US/O=TestCA1/OU=CA1/L=USA/ST=Someplace/CN=testca1.ca1.example --- No client certificate CA names sent --- SSL handshake has read 1811 bytes and written 319 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 512 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 9C8E7827CCADFC73ECB7CC2400CAC608C79535E10A01411ACD85BCA707A33917 Session-ID-ctx: Master-Key: B411EA21CCEF2B2FD6FC71BDF2332822ACBFE7AC3EB3E28B5924BC42DDA5D7DFEB4EC1779DD5927FBB76FE409D426102 Key-Arg : None Start Time: 1359592579 Timeout : 300 (sec) Verify return code: 0 (ok) --- ^C