[openssl-users] Why no peer certificate available.
Patrick Proniewski
patpro at patpro.net
Tue May 26 04:55:14 UTC 2015
On 26 mai 2015, at 05:17, Jerry OELoo wrote:
> Hi.
> I found there is a website which has https support.
> https://www.ib-channel.net/miegin/web/jsp/B02-01.jsp
> and browser can show its certificate chain.
> but when I use openssl to connect website, it returns fail.
Openssl works great here:
$ openssl s_client -connect www.ib-channel.net:443
CONNECTED(00000003)
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/1.3.6.1.4.1.311.60.2.1.3=JP/businessCategory=Private Organization/serialNumber=0104-01-022916/C=JP/postalCode=108-8001/ST=Tokyo/L=Minato-ku/street=7-1, Shiba 5-chome/O=NEC Corporation/OU=NEC WOSC-IB005/CN=www.ib-channel.net
...
...
but it's kinda old:
$ openssl version
OpenSSL 0.9.8y 5 Feb 2013
A more current release shows the same error you posted:
$ apps/openssl version
OpenSSL 1.0.2a 19 Mar 2015
$ apps/openssl s_client -connect www.ib-channel.net:443
CONNECTED(00000003)
write:errno=54
---
no peer certificate available
---
...
...
More information about the openssl-users
mailing list