>openssl s_client -connect <yourservername>:636
I tried this and I got a bunch of text with a certificate also. But as you
mentioned in [1] that "To pull the CA certificates, you'll want to save all
certificates returned greater than 0 (as certificate 0 is the server's
certificate)". Unfortunately I just get certificate 0. I do not see
certificate 1 or anything greater.
Also towards the end of the output I get this:
SSL handshake has read 10236 bytes and written 312 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-MD5
Session-ID:
9D140000B65ED52DB95746CE88AC59A56FFC8CB4D1B875951CE688A7521C8EAC
Session-ID-ctx:
Master-Key:
6CD5263BC398AE44253B8C9D8B49DB31879F39281A1B19DCF4A35D119DAE1F2DD4DC207DD4551ACDFA41DA9734E4A85A
Key-Arg : None
Start Time: 1284062580
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
Does it mean TLS is supported by our AD server?
Would it help if I post the entire long output of the above command if there
is no sensitive information in the output from above comamnd?
[1]
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication/Requirements#Certificate_trusts
Thanks
_______________________________________________
MediaWiki-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
