SSL is one of the most widely-used technologies for securing communications over the internet. It does have a few design flaws, but it’s still widely used to secure e-mail (IMAP-SSL and POP3-SSL), HTTP traffic (via HTTPS), and other communications.
By far, the most common implementation of SSL is the OpenSSL suite which is developed by a community of voluenteers. OpenSSL is the library powering the majority of SSL communications on the internet. Today, we’re going to look at how to use a part of the OpenSSL suite to make sure that services are working correctly.
and here is the man page for what we’ll be using today (s_client).
If we just run s_client with basic options, the transaction looks like this:
helios:~$ openssl s_client -connect www.nexcess.net:443
CONNECTED(00000003)
depth=0 /serialNumber=RoynH3Jlh/6V62RNtqKI5TvUcWl5GDrQ/C=US/O=*.nexcess.net/OU=GT62060740/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.nexcess.net
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /serialNumber=RoynH3Jlh/6V62RNtqKI5TvUcWl5GDrQ/C=US/O=*.nexcess.net/OU=GT62060740/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.nexcess.net
verify error:num=27:certificate not trusted
verify return:1
depth=0 /serialNumber=RoynH3Jlh/6V62RNtqKI5TvUcWl5GDrQ/C=US/O=*.nexcess.net/OU=GT62060740/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.nexcess.net
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:/serialNumber=RoynH3Jlh/6V62RNtqKI5TvUcWl5GDrQ/C=US/O=*.nexcess.net/OU=GT62060740/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.nexcess.net
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDfjCCAuegAwIBAgIDE2szMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTAwNjE1MTQxNDI4WhcNMTEwNzE4MTQ0NzQy
WjCB4TEpMCcGA1UEBRMgUm95bkgzSmxoLzZWNjJSTnRxS0k1VHZVY1dsNUdEclEx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKDA0qLm5leGNlc3MubmV0MRMwEQYDVQQLEwpH
VDYyMDYwNzQwMTEwLwYDVQQLEyhTZWUgd3d3LnJhcGlkc3NsLmNvbS9yZXNvdXJj
ZXMvY3BzIChjKTEwMS8wLQYDVQQLEyZEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQg
LSBSYXBpZFNTTChSKTEWMBQGA1UEAwwNKi5uZXhjZXNzLm5ldDCBnzANBgkqhkiG
9w0BAQEFAAOBjQAwgYkCgYEAssPkKI8aM9wz4q4fJJOT8ozYrOJjTef8ym7DXN8s
uFNddDlngnJa49vrEkxF7in++H+xecACh9yqdSeyRTIIGSh+bmHFIvZprvBXVWzd
15fkqEDe/xTFPIDoIGLhu3codd0egHLdco22wPtVTiOD7gxEElMK6PGGHifn0Xw6
jHcCAwEAAaOB1TCB0jAfBgNVHSMEGDAWgBRI5mj5K9KylddH2CMgEE8zmJCf1DAO
BgNVHQ8BAf8EBAMCBPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCUG
A1UdEQQeMByCDSoubmV4Y2Vzcy5uZXSCC25leGNlc3MubmV0MDoGA1UdHwQzMDEw
L6AtoCuGKWh0dHA6Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybHMvc2VjdXJlY2EuY3Js
MB0GA1UdDgQWBBQZCmOHWJ/9U+RiJhytPcMIXWHmmzANBgkqhkiG9w0BAQUFAAOB
gQCvRnAboCuVr9XHPmScDDuhDSjA7Ln74U4n+vmaRh2rHHhzqyYBeoMaKy6scsaS
+R3ZUglVZK9G5K6Yb2UfG1Js/5+QgymL8lq80PCYyHxNmGnw2HHEGW83cJPTlJkt
qmzBvJn6eekhX4YiCNAbXO5nbUg6SjIwRrfxt7zPL8AizA==
-----END CERTIFICATE-----
subject=/serialNumber=RoynH3Jlh/6V62RNtqKI5TvUcWl5GDrQ/C=US/O=*.nexcess.net/OU=GT62060740/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.nexcess.net
issuer=/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
No client certificate CA names sent
---
SSL handshake has read 1469 bytes and written 293 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 34CF6330F1886C710889496977BCE15D48596F7815737AE86D3147D6FF0EC01D
Session-ID-ctx:
Master-Key: C64AF2B8E3522EA2E5B767F4D0B024685090362E197CDEA17EB31745593E848144052095FC3640B299F0E84FA0DDAD48
Key-Arg : None
Compression: 1 (zlib compression)
Start Time: 1305412433
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
GET /
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.nexcess.net/">here</a>.</p>
</body></html>
closed
You can see above how openssl connects to the server and tries to verify the certificate. This fails because we didn’t tell it to use any local certificate store. If you have a self-signed cert, you’ll need to follow the instructions here to install that. Otherwise, on most Linux distros, you can just specify /etc/ssl/certs/ as the CApath. Let’s try:
depth=1 /C=US/O=Equifax/OU=Equifax Secure Certificate Authority verify return:1 depth=0 /serialNumber=RoynH3Jlh/6V62RNtqKI5TvUcWl5GDrQ/C=US/O=*.nexcess.net/OU=GT62060740/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.nexcess.net verify return:1 --- Certificate chain 0 s:/serialNumber=RoynH3Jlh/6V62RNtqKI5TvUcWl5GDrQ/C=US/O=*.nexcess.net/OU=GT62060740/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.nexcess.net i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
We can see that the certificate for CN=*.nexcess.net is provided by rapidSSL, which is in turn trusted by Equifax, which is a certificate that is installed in pretty much every major web browser, and so it validates OK.
What if we wanted to test mail service on a server to ensure that it’s properly handling the SSL connection, or to see what ciphers it supports to verify PCI-DSS compliance? Easy:
helios:~$ openssl s_client -CApath /etc/ssl/certs/ -connect imap.gmail.com:993
CONNECTED(00000003)
depth=2 /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
verify return:1
depth=1 /C=US/O=Google Inc/CN=Google Internet Authority
verify return:1
depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
i:/C=US/O=Google Inc/CN=Google Internet Authority
1 s:/C=US/O=Google Inc/CN=Google Internet Authority
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDWzCCAsSgAwIBAgIKaNPuGwADAAAisjANBgkqhkiG9w0BAQUFADBGMQswCQYD
VQQGEwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzEiMCAGA1UEAxMZR29vZ2xlIElu
dGVybmV0IEF1dGhvcml0eTAeFw0xMTAyMTYwNDQzMDRaFw0xMjAyMTYwNDUzMDRa
MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1N
b3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMRcwFQYDVQQDEw5pbWFw
LmdtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqfPyPSEHpfzv
Xx+9zGUxoxcOXFrGKCbZ8bfUd8JonC7rfId32t0gyAoLCgM6eU4lN05VenNZUoCh
L/nrX+ApdMQv9UFV58aYSBMU/pMmK5GXansbXlpHao09Mc8eur2xV+4cnEtxUvzp
co/OaG15HDXcr46c6hN6P4EEFRcb0ccCAwEAAaOCASwwggEoMB0GA1UdDgQWBBQj
27IIOfeIMyk1hDRzfALz4WpRtzAfBgNVHSMEGDAWgBS/wDDr9UMRPme6npH7/Gra
42sSJDBbBgNVHR8EVDBSMFCgTqBMhkpodHRwOi8vd3d3LmdzdGF0aWMuY29tL0dv
b2dsZUludGVybmV0QXV0aG9yaXR5L0dvb2dsZUludGVybmV0QXV0aG9yaXR5LmNy
bDBmBggrBgEFBQcBAQRaMFgwVgYIKwYBBQUHMAKGSmh0dHA6Ly93d3cuZ3N0YXRp
Yy5jb20vR29vZ2xlSW50ZXJuZXRBdXRob3JpdHkvR29vZ2xlSW50ZXJuZXRBdXRo
b3JpdHkuY3J0MCEGCSsGAQQBgjcUAgQUHhIAVwBlAGIAUwBlAHIAdgBlAHIwDQYJ
KoZIhvcNAQEFBQADgYEAxHVhW4aII3BPrKQGUdhOLMmdUyyr3TVmhJM9tPKhcKQ/
IcBYUev6gLsB7FH/n2bIJkkIilwZWIsj9jVJaQyJWP84Hjs3kus4fTpAOHKkLqrb
IZDYjwVueLmbOqr1U1bNe4E/LTyEf37+Y5hcveWBQduIZnHn1sDE2gA7LnUxvAU=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority
---
No client certificate CA names sent
---
SSL handshake has read 1866 bytes and written 281 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-SHA
Session-ID: 447356938BD3F2CABB91A9049D245611C51F777BEA34AD16D27FA0D5A9A61FE1
Session-ID-ctx:
Master-Key: D75E188B0D7BB7CDE8C39FEA10498B3693E333B66FA6BB152069EC71946866BBB33600B41488509AE428884FB11814D6
Key-Arg : None
TLS session ticket lifetime hint: 100800 (seconds)
TLS session ticket:
0000 - b3 1f ec 8d cd bd 28 2e-4a 7d 78 92 d5 71 ff ef ......(.J}x..q..
0010 - 60 cc dc fe 79 0e 63 2d-8b c5 2f 7d fc 94 49 9c `...y.c-../}..I.
0020 - 16 ff 4e 13 89 ec 2a c2-b1 a2 8e 43 5a 00 b3 4d ..N...*....CZ..M
0030 - a1 11 b8 6a 1c d8 c4 a1-04 ab cf f5 94 15 c0 a2 ...j............
0040 - 08 5b 12 b3 9b 80 16 6b-50 f4 50 35 ab 5f e2 0e .[.....kP.P5._..
0050 - d3 2b c1 9b 49 bd 06 ea-29 2e b2 18 28 51 53 83 .+..I...)...(QS.
0060 - fb 06 2d 92 9a c7 70 4b-c5 46 cb c4 ee d8 52 0f ..-...pK.F....R.
0070 - c9 52 ec 6b 53 d6 72 69-e0 5f f7 21 00 86 31 33 .R.kS.ri._.!..13
0080 - 1b f2 a6 ef 08 5e c1 5f-ff 27 d6 e3 25 01 f1 ea .....^._.'..%...
0090 - fc 0b 80 d4 ee fa db 02-7c 28 df 5a 72 ed 9e 5e ........|(.Zr..^
00a0 - d6 22 01 83 ."..
Start Time: 1305413015
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
* OK Gimap ready for requests from 208.69.120.120 51if4445225yhl.133
We can see that Google is trusted by Equifax and that they’re supporting the TLSv1 and SSLv3 protocols along with the RC4-SHA cipher. We get some details about the session and the entire certificate. The Vierfy return code was 0 (no error) and we now have a session open with one of the GMail IMAP servers (a list of IMAP commands can be found if you’d like to play with them). The same can easily be done with FTPS, POP3-SSL, or any other service that is being wrapped in SSL.
