- android - RelativeLayout 背景可绘制重叠内容
- android - 如何链接 cpufeatures lib 以获取 native android 库?
- java - OnItemClickListener 不起作用,但 OnLongItemClickListener 在自定义 ListView 中起作用
- java - Android 文件转字符串
<分区>
我按照以下说明在 Win7 Pro 32 位上安装了 openSSL openssl-1.0.2e-i386-win32:Installing OpenSSL in Windows 8.1 .
我用这个测试了它:
C:\Programs\OpenSSL-Win32\bin>openssl version
OpenSSL 1.0.2e 3 Dec 2015
我收到一条错误消息,提示 Verify return code: 20 (unable to get local issuer certificate)
。
C:\Programs\OpenSSL-Win32\bin>openssl s_client -connect www.openssl.org:443
CONNECTED(00000180)
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Domain Validation CA - SHA256 - G2
verify error:num=20:unable to get local issuer certificate
---
Certificate chain
0 s:/OU=Domain Control Validated/CN=*.openssl.org
i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2
1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2
i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgISESHQqr5sLPE1xTXWmA7ABqljMA0GCSqGSIb3DQEBCwUA
MGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTYwNAYD
VQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
RzIwHhcNMTQxMDA5MjAyOTAwWhcNMTcxMTEyMTcxNDA1WjA7MSEwHwYDVQQLExhE
b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFjAUBgNVBAMMDSoub3BlbnNzbC5vcmcw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkfg71ZYW6VtWDbDEmAfDw
CAKVJ260FAP6gANjS8eO+0drZe6MexIA5htR/sYhG8PIsJnKBuxiQ9KwMbRwLxBU
HcuBACT3MNif1DsFWuNCMFsTDPrfJzLOgoPo+4lQ0QYARwMJhxelA0P9rcTwBACY
6QRZgfAJ5iezz69GJkmrDGZIUoAR+PFF7xR/rzFaBMH7gbok0UJRKFPxO5fyiSfc
ZvSmMV/AZcUGVmxE9HLBQ6QCTbAdGAdVlHHxFPVb9Of9Ze/KJg8VIwFl5Hw+RQCj
+OjtBPkSwNQ9r0Bwc2c7uRnRpojERHxlo7Tn8uJ+LYcCkWcaVc8+JbjF78F8E417
AgMBAAGjggHMMIIByDAOBgNVHQ8BAf8EBAMCBaAwSQYDVR0gBEIwQDA+BgZngQwB
AgEwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVw
b3NpdG9yeS8wJQYDVR0RBB4wHIINKi5vcGVuc3NsLm9yZ4ILb3BlbnNzbC5vcmcw
CQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0f
BDwwOjA4oDagNIYyaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc2RvbWFp
bnZhbHNoYTJnMi5jcmwwgZQGCCsGAQUFBwEBBIGHMIGEMEcGCCsGAQUFBzAChjto
dHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2RvbWFpbnZhbHNo
YTJnMnIxLmNydDA5BggrBgEFBQcwAYYtaHR0cDovL29jc3AyLmdsb2JhbHNpZ24u
Y29tL2dzZG9tYWludmFsc2hhMmcyMB0GA1UdDgQWBBQPVUooul4mMU0KrqGTBtQ6
ZtRofjAfBgNVHSMEGDAWgBTqTnzUgC3lFYGGJoyCbcCYpM+XDzANBgkqhkiG9w0B
AQsFAAOCAQEAiJDoinZmR2M9Zlap1DM9WOHgwIMot154eNPZyf27rYxv9kekdTAp
9fesfBScMzq9NCyzy8rtWxMCPyhpCXh9iibkC3Yon+sj/gZSrNNh2nfeKhuroBxi
alaGRjg1WHNKx4Wc5dGm+chJCZFWOk1NzB8JZQQcSNt3IFyDWSScEGXwiVe1VbUa
tYIohSiWzvFMEfj7YoXt6tihYqEJG42jBg7MhaUtI4rUSDC5LB20Zhv0OG5CRORj
Wg8Iz2SUXkH8F1RJo+kMbCC/DFeII/ZTrF+B7qRVvLkctlLcukylqvsE1vibozQb
0A8/RZkfkqobqnkLnYeLUSCWNx/AHm8L5w==
-----END CERTIFICATE-----
subject=/OU=Domain Control Validated/CN=*.openssl.org
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3094 bytes and written 443 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 2FD38B8D2C8B19A1147EF4EAE05ADCD4EEA173A4AC5DB099EC2068B8C410C447
Session-ID-ctx:
Master-Key: DC29698D8DF1353C367B59E1A5C2ECFF701F008CB0AF065E2645F549DF3C6C2181C75EEB23528B552BD7974F6607EAC4
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 34 17 31 4f 0b 41 66 b3-72 19 aa 32 4c ab dd 2b 4.1O.Af.r..2L..+
0010 - 75 d5 2a 39 5a 83 49 09-8b fb 9a 19 a6 8e d5 cc u.*9Z.I.........
0020 - 92 b6 99 2e e3 4e 7a 48-80 bc a9 ef 76 42 ac 80 .....NzH....vB..
0030 - df 8c e2 4c 26 7a 1c 01-0f e1 6e 58 84 77 55 0c ...L&z....nX.wU.
0040 - b3 ce 21 ed 87 04 03 79-04 99 4d 4a 72 ac db 99 ..!....y..MJr...
0050 - f6 d0 e2 06 f5 6c 27 f2-5b f2 5d 2a b7 be b8 cf .....l'.[.]*....
0060 - ec 05 18 e8 a2 ed a8 5a-8a 53 50 0f 60 dc ce 35 .......Z.SP.`..5
0070 - c8 f6 ec 49 eb 42 46 0a-b8 82 33 28 10 63 d0 9f ...I.BF...3(.c..
0080 - e3 a7 00 db 23 ed c2 1a-46 06 63 58 91 88 b6 e1 ....#...F.cX....
0090 - a2 30 93 22 31 1c b6 43-a9 a7 5e 06 bf ad 0a 99 .0."1..C..^.....
00a0 - 84 ef 63 3f f5 eb 18 bc-88 f4 04 2f d2 4a bf 2c ..c?......./.J.,
00b0 - 62 ad 3e 4f 44 84 7b 87-b0 96 9e d0 19 ed 26 5d b.>OD.{.......&]
Start Time: 1451515804
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
read:errno=0
听起来我的机器上没有证书,所以我去下载了证书: https://support.globalsign.com/customer/portal/articles/1464460-domainssl-intermediate-certificates
我选择了 SHA-256 Orders(默认)我收到一条消息说:“此证书已作为证书颁发机构安装”
所以我用这个进行了测试:
C:\Programs\OpenSSL-Win32\bin>openssl s_client -CAfile GlobalSign Domain Validation CA - SHA256 - G2
unknown option Domain
usage: s_client args
-host host - use -connect instead
-port port - use -connect instead
-connect host:port - who to connect to (default is localhost:4433)
-verify_host host - check peer certificate matches "host"
-verify_email email - check peer certificate matches "email"
-verify_ip ipaddr - check peer certificate matches "ipaddr"
-verify arg - turn on peer certificate verification
-verify_return_error - return verification errors
-cert arg - certificate file to use, PEM format assumed
-certform arg - certificate format (PEM or DER) PEM default
-key arg - Private key file to use, in cert file if
not specified but cert file is.
-keyform arg - key format (PEM or DER) PEM default
-pass arg - private key file pass phrase source
-CApath arg - PEM format directory of CA's
-CAfile arg - PEM format file of CA's
-no_alt_chains - only ever use the first certificate chain found
-reconnect - Drop and re-make the connection with the same Session-ID
-pause - sleep(1) after each read(2) and write(2) system call
-prexit - print session information even on connection failure
-showcerts - show all certificates in the chain
-debug - extra output
-msg - Show protocol messages
-nbio_test - more ssl protocol testing
-state - print the 'ssl' states
-nbio - Run with non-blocking IO
-crlf - convert LF from terminal into CRLF
-quiet - no s_client output
-ign_eof - ignore input eof (default when -quiet)
-no_ign_eof - don't ignore input eof
-psk_identity arg - PSK identity
-psk arg - PSK in hex (without 0x)
-srpuser user - SRP authentification for 'user'
-srppass arg - password for 'user'
-srp_lateuser - SRP username into second ClientHello message
-srp_moregroups - Tolerate other than the known g N values.
-srp_strength int - minimal length in bits for N (default 1024).
-ssl2 - just use SSLv2
-ssl3 - just use SSLv3
-tls1_2 - just use TLSv1.2
-tls1_1 - just use TLSv1.1
-tls1 - just use TLSv1
-dtls1 - just use DTLSv1
-fallback_scsv - send TLS_FALLBACK_SCSV
-mtu - set the link layer MTU
-no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol
-bugs - Switch on all SSL implementation bug workarounds
-serverpref - Use server's cipher preferences (only SSLv2)
-cipher - preferred cipher to use, use the 'openssl ciphers'
command to see what is available
-starttls prot - use the STARTTLS command before starting TLS
for those protocols that support it, where
'prot' defines which one to assume. Currently,
only "smtp", "pop3", "imap", "ftp" and "xmpp"
are supported.
-engine id - Initialise and use the specified engine
-rand file;file;...
-sess_out arg - file to write SSL session to
-sess_in arg - file to read SSL session from
-servername host - Set TLS extension servername in ClientHello
-tlsextdebug - hex dump of all TLS extensions received
-status - request certificate status from server
-no_ticket - disable use of RFC4507bis session tickets
-serverinfo types - send empty ClientHello extensions (comma-separated numbers)
-curves arg - Elliptic curves to advertise (colon-separated list)
-sigalgs arg - Signature algorithms to support (colon-separated list)
-client_sigalgs arg - Signature algorithms to support for client
certificate authentication (colon-separated list)
-nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)
-alpn arg - enable ALPN extension, considering named protocols supported (comma-separated list)
-legacy_renegotiation - enable use of legacy renegotiation (dangerous)
-use_srtp profiles - Offer SRTP key management with a colon-separated profile list
-keymatexport label - Export keying material using label
-keymatexportlen len - Export len bytes of keying material (default 20)
我做错了什么?
谢谢。
在 JSF2 应用程序中遇到验证属性的问题时,有两种主要方法。 使用 Annotation 在 ManagedBean 上定义验证 @ManagedBean public class MyBean {
我想实现一个不常见的功能,我认为 jquery 验证插件将是最好的方法(如果您在没有插件的情况下建议和回答,我们也会欢迎)。我想在用户在输入字段中输入正确的单词后立即隐藏表单。我试过这个: $("
我有几个下拉菜单(类名为month_dropdown),并且下拉菜单的数量不是恒定的。我怎样才能为它们实现 NotEqual 验证。我正在使用 jQuery 验证插件。 这就是我写的 - jQuery
我设法制作了这个网址验证代码并且它起作用了。但我面临着一个问题。我认为 stackoverflow 是获得解决方案的最佳场所。 function url_followers(){ var url=do
我目前正在使用后端服务,该服务允许用户在客户端应用程序上使用 Google Games 库登录。 用户可以通过他们的 gplay ID 向我们发送信息,以便登录或恢复旧帐户。用户向我们发送以下内容,包
我正在尝试验证输入以查看它是否是有效的 IP 地址(可能是部分地址)。 可接受的输入:172、172.112、172.112.113、172.112.113.114 Not Acceptable 输入
我从 Mongoose 验证中得到这条消息: 'Validator failed for path phone with value ``' 这不应该发生,因为不需要电话。 这是我的模型架构: var
我一直在尝试使用Python-LDAP (版本 2.4.19)在 MacOS X 10.9.5 和 Python 2.7.9 下 我想在调用 .start_tls_s() 后验证与给定 LDAP 服务
我正在处理一个仅与 IE6 兼容的旧 javascript 项目(抱歉...),我想仅在 VS 2017 中禁用此项目的 ESLint/CSLint/Javascript 验证/CSS 验证。 我知道
我正在寻找一种方法来验证 Spring 命令 bean 中的 java.lang.Double 字段的最大值和最小值(一个值必须位于给定的值范围之间),例如, public final class W
我正在尝试在 springfuse(JavaEE 6 + Spring Framework (针对 Jetty、Tomcat、JBoss 等)) 和 maven 的帮助下构建我的 webapps 工作
我试图在我们的项目中使用 scalaz 验证,但遇到了以下情况: def rate(username: String, params: Map[String, String]): Validation
我有一个像这样的 Yaml 文件 name: hhh_aaa_bbb arguments: - !argument name: inputsss des
我有一个表单,人们可以单击并向表单添加字段,并且我需要让它在单击时验证这些字段中的值。 假设我单击它两次并获取 2 个独立的字段集,我需要旋转 % 以确保它在保存时等于 100。 我已放入此函数以使其
在我的页面中有一个选项可以创建新的日期字段输入框。用户可以根据需要创建尽可能多的“截止日期”和“起始日期”框。就像, 日期_to1 || date_from1 日期到2 ||日期_from2 date
我有一个像这样的 Yaml 文件 name: hhh_aaa_bbb arguments: - !argument name: inputsss des
有没有办法在动态字段上使用 jquery 验证表单。 我想将其设置为必填字段 我正在使用 Jsp 动态创建表单字段。 喜欢 等等...... 我想使用必需的表单字段验证此表单字段。 最佳答
嗨,任何人都可以通过提供 JavaScript 代码来帮助我验证用户名文本框不应包含数字,它只能包含一个字符。 最佳答案 使用正则表达式: (\d)+ 如果找到匹配项,则字符串中就有一个数字。 关于J
我有两个输入字段holidayDate和Description(id=tags) $(document).ready(function() {
我遇到了这个问题,这些验证从电子邮件验证部分开始就停止工作。 我只是不明白为什么即使经过几天的观察,只是想知道是否有人可以在这里指出我的错误? Javascript部分: function valid
我是一名优秀的程序员,十分优秀!