add some debug info
This commit is contained in:
parent
0871e47909
commit
bf2f276c0c
1 changed files with 20 additions and 0 deletions
20
README.md
20
README.md
|
@ -23,3 +23,23 @@ Features
|
|||
* bulk algorithm supported: any stream or block ciphers.
|
||||
* supported extensions: secure renegociation, next protocol negotiation (draft 2)
|
||||
|
||||
Common Issues
|
||||
-------------
|
||||
|
||||
The tools mentioned below are all available from the tls-debug package.
|
||||
|
||||
* Certificate issues
|
||||
|
||||
It's useful to run the following command, which will connect to the destination and
|
||||
retrieve the certificate chained used.
|
||||
|
||||
tls-retrievecertificate -d <destination> -p <port> -v -c
|
||||
|
||||
As an output it will print every certificates in the chain and will gives the issuer and subjects of each.
|
||||
It creates a chain where issuer of certificate is the subject of the next certificate part of the chain:
|
||||
|
||||
(subject #1, issuer #2) -> (subject #2, issuer #3) -> (subject #3, issuer #3)
|
||||
|
||||
A "CA is unknown" error indicates that your system doesn't have a certificate in
|
||||
the trusted store belonging to any of the node of the chain.
|
||||
|
||||
|
|
Loading…
Reference in a new issue