[openssl-users] Why no peer certificate available.

Patrick Proniewski patpro at patpro.net
Tue May 26 04:55:14 UTC 2015

On 26 mai 2015, at 05:17, Jerry OELoo wrote:

> Hi.
> I found there is a website which has https support.
> https://www.ib-channel.net/miegin/web/jsp/B02-01.jsp
> and browser can show its certificate chain.
> but when I use openssl to connect website, it returns fail.

Openssl works great here: 

$ openssl s_client -connect www.ib-channel.net:443
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:0
Certificate chain
 0 s:/ Organization/serialNumber=0104-01-022916/C=JP/postalCode=108-8001/ST=Tokyo/L=Minato-ku/street=7-1, Shiba 5-chome/O=NEC Corporation/OU=NEC WOSC-IB005/CN=www.ib-channel.net

but it's kinda old: 

$ openssl version
OpenSSL 0.9.8y 5 Feb 2013

A more current release shows the same error you posted: 

$ apps/openssl version
OpenSSL 1.0.2a 19 Mar 2015

$ apps/openssl s_client -connect www.ib-channel.net:443
no peer certificate available

More information about the openssl-users mailing list