In doing a test regarding the SSLv3 Poodle issue, I ran the following test:
and get this:
This certificate shows while accessing the webserver SSLv3 test somehow.
But, it expired 4 years ago, and isn't anywhere to be found in the Certificate Manager.
Where would this certificate be hiding?
And why would it be used when the certificate manager has created certificates for the webserver?
Thanks in advance for your help.
openssl s_client -connect 127.0.0.1:443 -ssl3
and get this:
openssl s_client -connect 127.0.0.1:443 -ssl3
CONNECTED(00000003)
depth=0 /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=localhost.localdomain/emailAddress=root@localhost.localdomain
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=localhost.localdomain/emailAddress=root@localhost.localdomain
verify error:num=10:certificate has expired
notAfter=Oct 2 18:46:52 2010 GMT
verify return:1
depth=0 /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=localhost.localdomain/emailAddress=root@localhost.localdomain
notAfter=Oct 2 18:46:52 2010 GMT
verify return:1
---
Certificate chain
0 s:/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=localhost.localdomain/emailAddress=root@localhost.localdomain
i:/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=localhost.localdomain/emailAddress=root@localhost.localdomain
This certificate shows while accessing the webserver SSLv3 test somehow.
But, it expired 4 years ago, and isn't anywhere to be found in the Certificate Manager.
Where would this certificate be hiding?
And why would it be used when the certificate manager has created certificates for the webserver?
Thanks in advance for your help.
Share this post:
Responses (1)
-
Accepted Answer
I think I figured this out. In this case the docs are far too superficial. Googling helps but there is a lot of customization. There are posts that the server does some sort of update to all the places where the Certs are hiding but it looks like that is broken. Or didn't I wait long enough?
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »