Monday, December 11, 2023

Notes on Letsencrypt SSL

 (base) LionsEye:~ loalhost$ curl --verbose --header 'https://x.x.x.x' (base) LionsEye:~ localhost$ curl --verbose --header 'https://x.x.x.x' https://x.x.x.x.:443

*   Trying x.x.x.x:443...

* TCP_NODELAY set

* Connected to x.x.x. (ip.address.) port 443 (#0)

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /opt/anaconda3/ssl/cacert.pem

  CApath: none

* TLSv1.3 (OUT), TLS handshake, Client hello (1):

* TLSv1.3 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server key exchange (12):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384

* ALPN, server did not agree to a protocol

* Server certificate:

*  subject: CN=x.x.x.x

*  start date: Aug 14 03:31:07 2020 GMT

*  expire date: Nov 12 03:31:07 2020 GMT

*  subjectAltName: host "x.x.x.x" matched cert's "x.x.x.x"

*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3

*  SSL certificate verify ok.

> GET / HTTP/1.1

> Host: x.x.x.x

> User-Agent: curl/7.68.0

> Accept: */*

> https://x.x.x.x

* Mark bundle as not supporting multiuse

< HTTP/1.1 301 Moved Permanently

< Date: Fri, 14 Aug 2020 04:33:26 GMT

< Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.5

< Strict-Transport-Security: max-age=63072000; includeSubdomains

< X-Frame-Options: DENY

< X-Content-Type-Options: nosniff

< Location: https://x.x.x.x

< Content-Length: 238

< Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>301 Moved Permanently</title>

</head><body>

<h1>Moved Permanently</h1>

<p>The document has moved <a href="https://x.x.x.x/">here</a>.</p>

</body></html>

* Connection #0 to host x.x.x.x left intact


###HTTP/1.1 301 Moved Permanently

Date: Fri, 14 Aug 2020 04:38:17 GMT

Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.5

Strict-Transport-Security: max-age=63072000; includeSubdomains

X-Frame-Options: DENY

X-Content-Type-Options: nosniff

Location: https://x.x.x.x/

Content-Type: text/html; charset=iso-8859-1


(base) LionsEye:~ localhost$  curl -Iki https://x.x.x.x:443

HTTP/1.1 301 Moved Permanently

Date: Fri, 14 Aug 2020 04:38:20 GMT

Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.5

Strict-Transport-Security: max-age=63072000; includeSubdomains

X-Frame-Options: DENY

X-Content-Type-Options: nosniff

Location: https://x.x.x.x/

Content-Type: text/html; charset=iso-8859-1

No comments: