Last active
August 29, 2015 14:01
-
-
Save kbarber/f436f7f764272ea0a738 to your computer and use it in GitHub Desktop.
Unable to get local issuer certificate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ken@kb puppetdb]# openssl s_client -connect kb.local:8081 -cert /Users/ken/.puppet/ssl/certs/kb.local.pem -certform PEM -key ~/.puppet/ssl/private_keys/kb.local.pem -CAfile ~/.puppet/ssl/certs/ca.pem -ssl3 | |
CONNECTED(00000003) | |
depth=1 /CN=Puppet CA: kb.local | |
verify return:1 | |
depth=0 /CN=kb.local | |
verify return:1 | |
--- | |
Certificate chain | |
0 s:/CN=kb.local | |
i:/CN=Puppet CA: kb.local | |
--- | |
Server certificate | |
-----BEGIN CERTIFICATE----- | |
MIIFkjCCA3qgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDDBNQdXBw | |
ZXQgQ0E6IGtiLmxvY2FsMB4XDTE0MDUxMTE4MzgwMFoXDTE5MDUxMTE4MzgwMFow | |
EzERMA8GA1UEAwwIa2IubG9jYWwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK | |
AoICAQDEnnJKqetl4//YrG2GNYS6m9IB3g43oRwTmRx2Xo6gPV/JrcpgJP6IKLLB | |
eYmZson61CxaGWv75FDJoZmBCxDLylHMy+fLvLjeXX70OZs6IOz34T3Ut8YJOR/C | |
7MilovL1Jyd3+Lj5hlG8fYWWNzgwUK95ArJQimQZPTX64gATw/9xJFKuW6MUKCPK | |
PAbyQk69AGVZtRClK9+A8L2W3aHe0ABQahpOkM2EZdPEYES4Jh6YLCGQoDwt7b6e | |
uU5nL4oS4n0Lp8izdWCduPqmaMp47Bv9fviMww9t8/V2J7iq83fY16d6TsnAUhCn | |
oksQd97MPCmA8yFE8RDfWHyBr44uJfY9oInN1RXH4/MFJeidYOiD5wA7odRAXh1L | |
ZP0ZnWovp+ROxWqMER+ankAFsRI/qNtKCksOAbUr2McEZsoe357W9Iuv+DE4Puuw | |
SdgodU92VONCYFvY9zNlr1bT3a9u9cfy9wyCsqFhB1nnwHDCoQ5lC5ofJPTkzWXG | |
5Hb36ILDGVfTX2/2V72QyYEf2KCTHN5nA8/npmb8YpAul7XKqKxaXa3BJiMp2LMd | |
Nb8p3eSUJ2FznltmeLH1rvXvY4VKCgb5yVR8cQTdF8y9uAghdmmo/nMsRTdumTnp | |
SqH8t2IbruzdmXn+/TEN2ZVDP1A3X/tSeGh8wBWSzUiCZVYB1QIDAQABo4HlMIHi | |
MDUGCWCGSAGG+EIBDQQoUHVwcGV0IFJ1YnkvT3BlblNTTCBJbnRlcm5hbCBDZXJ0 | |
aWZpY2F0ZTApBgNVHREEIjAggghrYi5sb2NhbIIGcHVwcGV0ggxwdXBwZXQubG9j | |
YWwwDgYDVR0PAQH/BAQDAgWgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMBBggrBgEF | |
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSrMmcp8BkBfh7xG2Hv77ain9gq | |
RjAfBgNVHSMEGDAWgBQetTWXrY4VZSc043j3nPDqQS9CjjANBgkqhkiG9w0BAQsF | |
AAOCAgEAnF6P3CXBg7ouavwHgxyWKqi5lehGghupfyVt5A4ItFCCCK0AqLb7OFVz | |
IZFfPjNwMQ7SVh4ykegk74POYNN00PcPT9NceG+G4RQ+zkRxJ8+EgPBQ5qR7iLzY | |
qwQSerooBmK0IRx2oo83X5HVwbX449PFUpnzGmx8989H+LtJaKr7NES1rBy2ICl0 | |
WopKfQUMLqkE4WGd/4Vex4OYds64P95N/D3UgBAOhBFFAs8KBV6PcoeYgtTe+jAL | |
ex1D48LExI/AOOdOOFezmES8T9aiP/Tx4O52G/IwQpe6Cs+KTeFqZcXmTQWxrAO3 | |
5vpe55aa6Xo3tK18S8uam393R/TKc7ElS+O4/Vf1sCsfHtEx2SJXlgbzhr8hO/kZ | |
CmJt9Zu8PnDvA5SynHScOrvLDdbPrZkM5YaedO0TU7SfV4GErErSkSOzBtdrSrDw | |
S1wB3oNiO30ulUktqOVxwV5bwVZznQdxqAo0o7gD1reLs9DJ6/fuckh1K9L4DL7f | |
h7t32MgWhatUBgF12CUvgP6+BUdN7B1i1R/+fTUuJMzMernlei7O5+jC+vSO89LV | |
EB7+wOIMZO+Qw9tXbnP61oR0Pn2TlVAxqgCQBTOc2LZTFlD5XK+Tt5q1pE6fweIq | |
7ih48F9xF7n5YVxbjRJZiWCWDN5hy4/8gRmApbJpF5+2p86fvZs= | |
-----END CERTIFICATE----- | |
subject=/CN=kb.local | |
issuer=/CN=Puppet CA: kb.local | |
--- | |
Acceptable client certificate CA names | |
/CN=Puppet CA: kb.local | |
--- | |
SSL handshake has read 1649 bytes and written 4045 bytes | |
--- | |
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA | |
Server public key is 4096 bit | |
Secure Renegotiation IS supported | |
Compression: NONE | |
Expansion: NONE | |
SSL-Session: | |
Protocol : SSLv3 | |
Cipher : DES-CBC3-SHA | |
Session-ID: 53878E1EBF9B74D4FA51080C7024A0DA2A5C32214C2529E1D75E39E0B22A78FF | |
Session-ID-ctx: | |
Master-Key: CCB02BF04CF4BCC88FC94D03E9AFAE4DC8845E363BFBCD8742327446EE11B0C61E8BEBA79434A4F21393D0676634D129 | |
Key-Arg : None | |
Start Time: 1401392670 | |
Timeout : 7200 (sec) | |
Verify return code: 0 (ok) | |
--- | |
^C | |
ruby-1.9.3-p547@puppetdb (git)-[ticket/master/pdb-660-nodes-streaming] | |
[ken@kb puppetdb]# openssl s_client -connect kb.local:8081 -cert /Users/ken/.puppet/ssl/certs/kb.local.pem -certform PEM -key ~/.puppet/ssl/private_keys/kb.local.pem -CAfile ~/.puppet/ssl/certs/kb.local.pem -ssl3 -no_tls1 | |
CONNECTED(00000003) | |
depth=0 /CN=kb.local | |
verify error:num=20:unable to get local issuer certificate | |
verify return:1 | |
depth=0 /CN=kb.local | |
verify error:num=27:certificate not trusted | |
verify return:1 | |
depth=0 /CN=kb.local | |
verify error:num=21:unable to verify the first certificate | |
verify return:1 | |
--- | |
Certificate chain | |
0 s:/CN=kb.local | |
i:/CN=Puppet CA: kb.local | |
--- | |
Server certificate | |
-----BEGIN CERTIFICATE----- | |
MIIFkjCCA3qgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDDBNQdXBw | |
ZXQgQ0E6IGtiLmxvY2FsMB4XDTE0MDUxMTE4MzgwMFoXDTE5MDUxMTE4MzgwMFow | |
EzERMA8GA1UEAwwIa2IubG9jYWwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK | |
AoICAQDEnnJKqetl4//YrG2GNYS6m9IB3g43oRwTmRx2Xo6gPV/JrcpgJP6IKLLB | |
eYmZson61CxaGWv75FDJoZmBCxDLylHMy+fLvLjeXX70OZs6IOz34T3Ut8YJOR/C | |
7MilovL1Jyd3+Lj5hlG8fYWWNzgwUK95ArJQimQZPTX64gATw/9xJFKuW6MUKCPK | |
PAbyQk69AGVZtRClK9+A8L2W3aHe0ABQahpOkM2EZdPEYES4Jh6YLCGQoDwt7b6e | |
uU5nL4oS4n0Lp8izdWCduPqmaMp47Bv9fviMww9t8/V2J7iq83fY16d6TsnAUhCn | |
oksQd97MPCmA8yFE8RDfWHyBr44uJfY9oInN1RXH4/MFJeidYOiD5wA7odRAXh1L | |
ZP0ZnWovp+ROxWqMER+ankAFsRI/qNtKCksOAbUr2McEZsoe357W9Iuv+DE4Puuw | |
SdgodU92VONCYFvY9zNlr1bT3a9u9cfy9wyCsqFhB1nnwHDCoQ5lC5ofJPTkzWXG | |
5Hb36ILDGVfTX2/2V72QyYEf2KCTHN5nA8/npmb8YpAul7XKqKxaXa3BJiMp2LMd | |
Nb8p3eSUJ2FznltmeLH1rvXvY4VKCgb5yVR8cQTdF8y9uAghdmmo/nMsRTdumTnp | |
SqH8t2IbruzdmXn+/TEN2ZVDP1A3X/tSeGh8wBWSzUiCZVYB1QIDAQABo4HlMIHi | |
MDUGCWCGSAGG+EIBDQQoUHVwcGV0IFJ1YnkvT3BlblNTTCBJbnRlcm5hbCBDZXJ0 | |
aWZpY2F0ZTApBgNVHREEIjAggghrYi5sb2NhbIIGcHVwcGV0ggxwdXBwZXQubG9j | |
YWwwDgYDVR0PAQH/BAQDAgWgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMBBggrBgEF | |
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSrMmcp8BkBfh7xG2Hv77ain9gq | |
RjAfBgNVHSMEGDAWgBQetTWXrY4VZSc043j3nPDqQS9CjjANBgkqhkiG9w0BAQsF | |
AAOCAgEAnF6P3CXBg7ouavwHgxyWKqi5lehGghupfyVt5A4ItFCCCK0AqLb7OFVz | |
IZFfPjNwMQ7SVh4ykegk74POYNN00PcPT9NceG+G4RQ+zkRxJ8+EgPBQ5qR7iLzY | |
qwQSerooBmK0IRx2oo83X5HVwbX449PFUpnzGmx8989H+LtJaKr7NES1rBy2ICl0 | |
WopKfQUMLqkE4WGd/4Vex4OYds64P95N/D3UgBAOhBFFAs8KBV6PcoeYgtTe+jAL | |
ex1D48LExI/AOOdOOFezmES8T9aiP/Tx4O52G/IwQpe6Cs+KTeFqZcXmTQWxrAO3 | |
5vpe55aa6Xo3tK18S8uam393R/TKc7ElS+O4/Vf1sCsfHtEx2SJXlgbzhr8hO/kZ | |
CmJt9Zu8PnDvA5SynHScOrvLDdbPrZkM5YaedO0TU7SfV4GErErSkSOzBtdrSrDw | |
S1wB3oNiO30ulUktqOVxwV5bwVZznQdxqAo0o7gD1reLs9DJ6/fuckh1K9L4DL7f | |
h7t32MgWhatUBgF12CUvgP6+BUdN7B1i1R/+fTUuJMzMernlei7O5+jC+vSO89LV | |
EB7+wOIMZO+Qw9tXbnP61oR0Pn2TlVAxqgCQBTOc2LZTFlD5XK+Tt5q1pE6fweIq | |
7ih48F9xF7n5YVxbjRJZiWCWDN5hy4/8gRmApbJpF5+2p86fvZs= | |
-----END CERTIFICATE----- | |
subject=/CN=kb.local | |
issuer=/CN=Puppet CA: kb.local | |
--- | |
Acceptable client certificate CA names | |
/CN=Puppet CA: kb.local | |
--- | |
SSL handshake has read 1649 bytes and written 2658 bytes | |
--- | |
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA | |
Server public key is 4096 bit | |
Secure Renegotiation IS supported | |
Compression: NONE | |
Expansion: NONE | |
SSL-Session: | |
Protocol : SSLv3 | |
Cipher : DES-CBC3-SHA | |
Session-ID: 5387929224934E26BF04491AA4B453203B9AD1D17663F97436D0A6CBB9CC3512 | |
Session-ID-ctx: | |
Master-Key: B5138737B5972651AAEA12A6B2563044E6B31B0DF848750EAD3E72C1CD9EFFB51878C3D8EDDE5CF1C118CDC2A11D8D4A | |
Key-Arg : None | |
Start Time: 1401393810 | |
Timeout : 7200 (sec) | |
Verify return code: 21 (unable to verify the first certificate) | |
--- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment