ssl_client2 fatal alert message 40

05 Dec 2018

Hi All,

I'm trying to test client certificates and found a public website that allows you to test against it.

In a browser, if a client cert isn't supplied (the default action) it gives an error.

However, when I try the same thing from the mbedTLS ssl_client2 sample project, I get a fatal alert message type 40. Is anyone able to determine what the problem might be?

Thanks.

commandline

ssl_client2.exe server_name=prod.idrix.eu server_addr=prod.idrix.eu server_port=443 request_page=/secure/ auth_mode=optional debug_level=3

debug

  . Seeding the random number generator... ok
  . Loading the CA root certificate ... ok (0 skipped)
  . Loading the client cert. and key... ok
  . Connecting to tcp/prod.idrix.eu/443... ok
  . Setting up the SSL/TLS structure...ssl_tls.c:0081: |3| set_timer to 0 ms
 ok
  . Performing the SSL/TLS handshake...ssl_tls.c:8081: |2| => handshake
ssl_cli.c:3500: |2| client state: 0
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:3500: |2| client state: 1
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:0774: |2| => write client hello
ssl_cli.c:0812: |3| client hello, max version: [3:3]
ssl_cli.c:0703: |3| client hello, current time: 1543817141
ssl_cli.c:0821: |3| dumping 'client hello, random bytes' (32 bytes)
ssl_cli.c:0821: |3| 0000:  5c 04 c7 b5 84 9c 13 b6 b9 08 a2 a4 e5 68 7c 10  \............h|.
ssl_cli.c:0821: |3| 0010:  90 62 00 7e 6c 43 96 84 6b 58 a0 58 76 2c 19 19  .b.~lC..kX.Xv,..
ssl_cli.c:0874: |3| client hello, session id len.: 0
ssl_cli.c:0875: |3| dumping 'client hello, session id' (0 bytes)
ssl_cli.c:0922: |3| client hello, add ciphersuite: cca8
ssl_cli.c:0922: |3| client hello, add ciphersuite: cca9
ssl_cli.c:0922: |3| client hello, add ciphersuite: ccaa
ssl_cli.c:0922: |3| client hello, add ciphersuite: c02c
ssl_cli.c:0922: |3| client hello, add ciphersuite: c030
ssl_cli.c:0922: |3| client hello, add ciphersuite: 009f
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0ad
ssl_cli.c:0922: |3| client hello, add ciphersuite: c09f
ssl_cli.c:0922: |3| client hello, add ciphersuite: c024
ssl_cli.c:0922: |3| client hello, add ciphersuite: c028
ssl_cli.c:0922: |3| client hello, add ciphersuite: 006b
ssl_cli.c:0922: |3| client hello, add ciphersuite: c00a
ssl_cli.c:0922: |3| client hello, add ciphersuite: c014
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0039
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0af
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a3
ssl_cli.c:0922: |3| client hello, add ciphersuite: c087
ssl_cli.c:0922: |3| client hello, add ciphersuite: c08b
ssl_cli.c:0922: |3| client hello, add ciphersuite: c07d
ssl_cli.c:0922: |3| client hello, add ciphersuite: c073
ssl_cli.c:0922: |3| client hello, add ciphersuite: c077
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00c4
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0088
ssl_cli.c:0922: |3| client hello, add ciphersuite: c02b
ssl_cli.c:0922: |3| client hello, add ciphersuite: c02f
ssl_cli.c:0922: |3| client hello, add ciphersuite: 009e
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0ac
ssl_cli.c:0922: |3| client hello, add ciphersuite: c09e
ssl_cli.c:0922: |3| client hello, add ciphersuite: c023
ssl_cli.c:0922: |3| client hello, add ciphersuite: c027
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0067
ssl_cli.c:0922: |3| client hello, add ciphersuite: c009
ssl_cli.c:0922: |3| client hello, add ciphersuite: c013
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0033
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0ae
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a2
ssl_cli.c:0922: |3| client hello, add ciphersuite: c086
ssl_cli.c:0922: |3| client hello, add ciphersuite: c08a
ssl_cli.c:0922: |3| client hello, add ciphersuite: c07c
ssl_cli.c:0922: |3| client hello, add ciphersuite: c072
ssl_cli.c:0922: |3| client hello, add ciphersuite: c076
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00be
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0045
ssl_cli.c:0922: |3| client hello, add ciphersuite: c008
ssl_cli.c:0922: |3| client hello, add ciphersuite: c012
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0016
ssl_cli.c:0922: |3| client hello, add ciphersuite: ccac
ssl_cli.c:0922: |3| client hello, add ciphersuite: ccad
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ab
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a7
ssl_cli.c:0922: |3| client hello, add ciphersuite: c038
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00b3
ssl_cli.c:0922: |3| client hello, add ciphersuite: c036
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0091
ssl_cli.c:0922: |3| client hello, add ciphersuite: c091
ssl_cli.c:0922: |3| client hello, add ciphersuite: c09b
ssl_cli.c:0922: |3| client hello, add ciphersuite: c097
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0ab
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00aa
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a6
ssl_cli.c:0922: |3| client hello, add ciphersuite: c037
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00b2
ssl_cli.c:0922: |3| client hello, add ciphersuite: c035
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0090
ssl_cli.c:0922: |3| client hello, add ciphersuite: c090
ssl_cli.c:0922: |3| client hello, add ciphersuite: c096
ssl_cli.c:0922: |3| client hello, add ciphersuite: c09a
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0aa
ssl_cli.c:0922: |3| client hello, add ciphersuite: c034
ssl_cli.c:0922: |3| client hello, add ciphersuite: 008f
ssl_cli.c:0922: |3| client hello, add ciphersuite: 009d
ssl_cli.c:0922: |3| client hello, add ciphersuite: c09d
ssl_cli.c:0922: |3| client hello, add ciphersuite: 003d
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0035
ssl_cli.c:0922: |3| client hello, add ciphersuite: c032
ssl_cli.c:0922: |3| client hello, add ciphersuite: c02a
ssl_cli.c:0922: |3| client hello, add ciphersuite: c00f
ssl_cli.c:0922: |3| client hello, add ciphersuite: c02e
ssl_cli.c:0922: |3| client hello, add ciphersuite: c026
ssl_cli.c:0922: |3| client hello, add ciphersuite: c005
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a1
ssl_cli.c:0922: |3| client hello, add ciphersuite: c07b
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00c0
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0084
ssl_cli.c:0922: |3| client hello, add ciphersuite: c08d
ssl_cli.c:0922: |3| client hello, add ciphersuite: c079
ssl_cli.c:0922: |3| client hello, add ciphersuite: c089
ssl_cli.c:0922: |3| client hello, add ciphersuite: c075
ssl_cli.c:0922: |3| client hello, add ciphersuite: 009c
ssl_cli.c:0922: |3| client hello, add ciphersuite: c09c
ssl_cli.c:0922: |3| client hello, add ciphersuite: 003c
ssl_cli.c:0922: |3| client hello, add ciphersuite: 002f
ssl_cli.c:0922: |3| client hello, add ciphersuite: c031
ssl_cli.c:0922: |3| client hello, add ciphersuite: c029
ssl_cli.c:0922: |3| client hello, add ciphersuite: c00e
ssl_cli.c:0922: |3| client hello, add ciphersuite: c02d
ssl_cli.c:0922: |3| client hello, add ciphersuite: c025
ssl_cli.c:0922: |3| client hello, add ciphersuite: c004
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a0
ssl_cli.c:0922: |3| client hello, add ciphersuite: c07a
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ba
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0041
ssl_cli.c:0922: |3| client hello, add ciphersuite: c08c
ssl_cli.c:0922: |3| client hello, add ciphersuite: c078
ssl_cli.c:0922: |3| client hello, add ciphersuite: c088
ssl_cli.c:0922: |3| client hello, add ciphersuite: c074
ssl_cli.c:0922: |3| client hello, add ciphersuite: 000a
ssl_cli.c:0922: |3| client hello, add ciphersuite: c00d
ssl_cli.c:0922: |3| client hello, add ciphersuite: c003
ssl_cli.c:0922: |3| client hello, add ciphersuite: ccae
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ad
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00b7
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0095
ssl_cli.c:0922: |3| client hello, add ciphersuite: c093
ssl_cli.c:0922: |3| client hello, add ciphersuite: c099
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ac
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00b6
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0094
ssl_cli.c:0922: |3| client hello, add ciphersuite: c092
ssl_cli.c:0922: |3| client hello, add ciphersuite: c098
ssl_cli.c:0922: |3| client hello, add ciphersuite: 0093
ssl_cli.c:0922: |3| client hello, add ciphersuite: ccab
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00a9
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a5
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00af
ssl_cli.c:0922: |3| client hello, add ciphersuite: 008d
ssl_cli.c:0922: |3| client hello, add ciphersuite: c08f
ssl_cli.c:0922: |3| client hello, add ciphersuite: c095
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a9
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00a8
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a4
ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ae
ssl_cli.c:0922: |3| client hello, add ciphersuite: 008c
ssl_cli.c:0922: |3| client hello, add ciphersuite: c08e
ssl_cli.c:0922: |3| client hello, add ciphersuite: c094
ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a8
ssl_cli.c:0922: |3| client hello, add ciphersuite: 008b
ssl_cli.c:0934: |3| client hello, got 137 ciphersuites (excluding SCSVs)
ssl_cli.c:0943: |3| adding EMPTY_RENEGOTIATION_INFO_SCSV
ssl_cli.c:0992: |3| client hello, compress len.: 1
ssl_cli.c:0994: |3| client hello, compress alg.: 0
ssl_cli.c:0069: |3| client hello, adding server name extension: prod.idrix.eu
ssl_cli.c:0186: |3| client hello, adding signature_algorithms extension
ssl_cli.c:0271: |3| client hello, adding supported_elliptic_curves extension
ssl_cli.c:0336: |3| client hello, adding supported_point_formats extension
ssl_cli.c:0518: |3| client hello, adding encrypt_then_mac extension
ssl_cli.c:0552: |3| client hello, adding extended_master_secret extension
ssl_cli.c:0585: |3| client hello, adding session ticket extension
ssl_cli.c:1071: |3| client hello, total extension length: 94
ssl_tls.c:3183: |2| => write handshake message
ssl_tls.c:3340: |2| => write record
ssl_tls.c:3420: |3| output record: msgtype = 22, version = [3:1], msglen = 415
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2773: |2| message length: 420, out_left: 420
ssl_tls.c:2778: |2| ssl->f_send() returned 420 (-0xfffffe5c)
ssl_tls.c:2806: |2| <= flush output
ssl_tls.c:3473: |2| <= write record
ssl_tls.c:3317: |2| <= write handshake message
ssl_cli.c:1106: |2| <= write client hello
ssl_cli.c:3500: |2| client state: 2
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:1499: |2| => parse server hello
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 22, version = [3:3], msglen = 65
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 70
ssl_tls.c:2720: |2| in_left: 5, nb_want: 70
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 65 (-0xffffffbf)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:3623: |3| handshake message: msglen = 65, type = 2, hslen = 65
ssl_tls.c:4382: |2| <= read record
ssl_cli.c:1579: |3| dumping 'server hello, version' (2 bytes)
ssl_cli.c:1579: |3| 0000:  03 03                                            ..
ssl_cli.c:1604: |3| server hello, current time: 662125670
ssl_cli.c:1610: |3| dumping 'server hello, random bytes' (32 bytes)
ssl_cli.c:1610: |3| 0000:  27 77 3c 66 93 98 4e 5e e3 ff 35 07 00 fc ef 72  'w<f..N^..5....r
ssl_cli.c:1610: |3| 0010:  00 22 18 31 2c 1a 48 13 ca d4 52 de 3e 64 2f e2  .".1,.H...R.>d/.
ssl_cli.c:1690: |3| server hello, session id len.: 0
ssl_cli.c:1691: |3| dumping 'server hello, session id' (0 bytes)
ssl_cli.c:1729: |3| no session has been resumed
ssl_cli.c:1731: |3| server hello, chosen ciphersuite: c030
ssl_cli.c:1732: |3| server hello, compress alg.: 0
ssl_cli.c:1764: |3| server hello, chosen ciphersuite: TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
ssl_cli.c:1789: |2| server hello, total extension length: 21
ssl_cli.c:1925: |3| unknown extension found: 0 (ignoring)
ssl_cli.c:1809: |3| found renegotiation extension
ssl_cli.c:1888: |3| found supported_point_formats extension
ssl_cli.c:1874: |3| found session_ticket extension
ssl_cli.c:1978: |2| <= parse server hello
ssl_cli.c:3500: |2| client state: 3
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_tls.c:5652: |2| => parse certificate
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 22, version = [3:3], msglen = 4962
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 4967
ssl_tls.c:2720: |2| in_left: 5, nb_want: 4967
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 4962 (-0xffffec9e)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:3623: |3| handshake message: msglen = 4962, type = 11, hslen = 4962
ssl_tls.c:4382: |2| <= read record
ssl_tls.c:5603: |3| peer certificate #1:
ssl_tls.c:5603: |3| cert. version     : 3
ssl_tls.c:5603: |3| serial number     : C9:BF:52:02:20:64:1B:E2:F1:B7:BA:23:B8:7F:1D:00
ssl_tls.c:5603: |3| issuer name       : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
ssl_tls.c:5603: |3| subject name      : OU=Domain Control Validated, OU=PositiveSSL, CN=prod.idrix.eu
ssl_tls.c:5603: |3| issued  on        : 2018-08-15 00:00:00
ssl_tls.c:5603: |3| expires on        : 2020-08-14 23:59:59
ssl_tls.c:5603: |3| signed using      : RSA with SHA-256
ssl_tls.c:5603: |3| RSA key size      : 4096 bits
ssl_tls.c:5603: |3| basic constraints : CA=false
ssl_tls.c:5603: |3| subject alt name  : prod.idrix.eu, www.prod.idrix.eu
ssl_tls.c:5603: |3| key usage         : Digital Signature, Key Encipherment
ssl_tls.c:5603: |3| ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication
ssl_tls.c:5603: |3| value of 'crt->rsa.N' (4096 bits) is:
ssl_tls.c:5603: |3|  d0 b2 53 3d 6a 6a 97 d5 17 84 1f 89 0a 13 d5 97
ssl_tls.c:5603: |3|  2f d5 72 d9 98 d1 ea 55 00 34 94 42 21 b8 45 61
ssl_tls.c:5603: |3|  46 80 6d 41 98 00 5f c6 d1 9a 8b 2e 3f 39 a1 66
ssl_tls.c:5603: |3|  d6 50 e7 c7 9a 74 ab 4b e2 a2 e0 9f 23 52 76 df
ssl_tls.c:5603: |3|  a0 d0 2f 7c 09 d3 51 d4 3e 06 9e fc ae 5d aa 1f
ssl_tls.c:5603: |3|  b2 02 36 72 d8 b1 14 73 86 b6 40 87 28 d8 0c 50
ssl_tls.c:5603: |3|  75 5e 0a 88 61 12 83 a6 41 3b ed 85 23 65 08 96
ssl_tls.c:5603: |3|  f0 f2 08 5e bb cb f8 d7 85 59 67 08 ac 48 7f 23
ssl_tls.c:5603: |3|  94 f4 19 fe 72 93 89 1a 6a e8 92 80 7b 11 3e fd
ssl_tls.c:5603: |3|  b5 f5 c6 47 34 86 f5 7d 1e 06 7b 30 0c a5 ef 6c
ssl_tls.c:5603: |3|  71 1b b3 fa a6 8e 1d 34 d5 60 ca a8 2a 7e 5e 73
ssl_tls.c:5603: |3|  c8 f0 e2 fe 8f d0 87 77 53 a5 06 0f 8d 18 9e 82
ssl_tls.c:5603: |3|  2b bd df 87 13 74 ac b7 df 19 92 4d 0b 6b d3 eb
ssl_tls.c:5603: |3|  c5 28 82 d4 2e 85 47 8e 57 71 d4 17 64 59 d7 61
ssl_tls.c:5603: |3|  7e f7 24 cd fa 16 c3 33 06 c6 b3 84 85 1f 93 3e
ssl_tls.c:5603: |3|  4c d4 0d e0 d5 78 6a 20 97 dd c7 12 53 10 1d 25
ssl_tls.c:5603: |3|  4e 81 69 fa 0f 82 35 ff af 94 99 39 bb 41 32 8b
ssl_tls.c:5603: |3|  0d e0 d6 f4 31 de b8 43 63 3f ff b4 c5 bf 88 50
ssl_tls.c:5603: |3|  2b c4 6c a9 02 ac 9c 2c 8c b3 0f e1 cf 4d 8e 6e
ssl_tls.c:5603: |3|  96 6a c4 1c 1e 8f f1 35 6f 41 21 e5 4c 70 c4 fd
ssl_tls.c:5603: |3|  57 b1 a6 fb d8 14 ee 2d 66 c9 eb 38 cb 57 61 1e
ssl_tls.c:5603: |3|  31 06 3b d4 0e 7f f1 59 f9 87 fc 90 4a f2 1a 75
ssl_tls.c:5603: |3|  53 10 df 71 32 5f cf 15 85 42 52 30 29 f0 af ea
ssl_tls.c:5603: |3|  12 8a ca 53 67 8b 0e af 16 5e ed e5 f8 af 7f 15
ssl_tls.c:5603: |3|  ff 6c 7d c8 6e 94 87 4c e5 d3 43 69 c6 25 a8 7a
ssl_tls.c:5603: |3|  2d e8 29 85 a6 5e 77 f1 62 8f 92 bd ac 2a b1 44
ssl_tls.c:5603: |3|  18 2a 24 07 8d 6b 74 1c 49 2e a3 f4 a7 90 b3 9c
ssl_tls.c:5603: |3|  cd 63 b2 dc d7 f0 cb 1d e5 39 8f 26 26 4b b1 30
ssl_tls.c:5603: |3|  85 26 64 c8 83 fe 51 0b 03 9a d2 e4 91 48 0b 87
ssl_tls.c:5603: |3|  7b 33 f6 6a 63 36 8c bb c1 32 84 d4 49 54 8c c9
ssl_tls.c:5603: |3|  ef 05 13 dc f8 f7 49 1a 97 93 dd f5 61 73 dc 56
ssl_tls.c:5603: |3|  38 2f d9 72 6e d9 bf b2 75 41 39 56 3c a2 bf bd
ssl_tls.c:5603: |3| value of 'crt->rsa.E' (17 bits) is:
ssl_tls.c:5603: |3|  01 00 01
ssl_tls.c:5603: |3| peer certificate #2:
ssl_tls.c:5603: |3| cert. version     : 3
ssl_tls.c:5603: |3| serial number     : 2B:2E:6E:EA:D9:75:36:6C:14:8A:6E:DB:A3:7C:8C:07
ssl_tls.c:5603: |3| issuer name       : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
ssl_tls.c:5603: |3| subject name      : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
ssl_tls.c:5603: |3| issued  on        : 2014-02-12 00:00:00
ssl_tls.c:5603: |3| expires on        : 2029-02-11 23:59:59
ssl_tls.c:5603: |3| signed using      : RSA with SHA-384
ssl_tls.c:5603: |3| RSA key size      : 2048 bits
ssl_tls.c:5603: |3| basic constraints : CA=true, max_pathlen=0
ssl_tls.c:5603: |3| key usage         : Digital Signature, Key Cert Sign, CRL Sign
ssl_tls.c:5603: |3| ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication
ssl_tls.c:5603: |3| value of 'crt->rsa.N' (2048 bits) is:
ssl_tls.c:5603: |3|  8e c2 02 19 e1 a0 59 a4 eb 38 35 8d 2c fd 01 d0
ssl_tls.c:5603: |3|  d3 49 c0 64 c7 0b 62 05 45 16 3a a8 a0 c0 0c 02
ssl_tls.c:5603: |3|  7f 1d cc db c4 a1 6d 77 03 a3 0f 86 f9 e3 06 9c
ssl_tls.c:5603: |3|  3e 0b 81 8a 9b 49 1b ad 03 be fa 4b db 8c 20 ed
ssl_tls.c:5603: |3|  d5 ce 5e 65 8e 3e 0d af 4c c2 b0 b7 45 5e 52 2f
ssl_tls.c:5603: |3|  34 de 48 24 64 b4 41 ae 00 97 f7 be 67 de 9e d0
ssl_tls.c:5603: |3|  7a a7 53 80 3b 7c ad f5 96 55 6f 97 47 0a 7c 85
ssl_tls.c:5603: |3|  8b 22 97 8d b3 84 e0 96 57 d0 70 18 60 96 8f ee
ssl_tls.c:5603: |3|  2d 07 93 9d a1 ba ca d1 cd 7b e9 c4 2a 9a 28 21
ssl_tls.c:5603: |3|  91 4d 6f 92 4f 25 a5 f2 7a 35 dd 26 dc 46 a5 d0
ssl_tls.c:5603: |3|  ac 59 35 8c ff 4e 91 43 50 3f 59 93 1e 6c 51 21
ssl_tls.c:5603: |3|  ee 58 14 ab fe 75 50 78 3e 4c b0 1c 86 13 fa 6b
ssl_tls.c:5603: |3|  98 bc e0 3b 94 1e 85 52 dc 03 93 24 18 6e cb 27
ssl_tls.c:5603: |3|  51 45 e6 70 de 25 43 a4 0d e1 4a a5 ed b6 7e c8
ssl_tls.c:5603: |3|  cd 6d ee 2e 1d 27 73 5d dc 45 30 80 aa e3 b2 41
ssl_tls.c:5603: |3|  0b af bd 44 87 da b9 e5 1b 9d 7f ae e5 85 82 a5
ssl_tls.c:5603: |3| value of 'crt->rsa.E' (17 bits) is:
ssl_tls.c:5603: |3|  01 00 01
ssl_tls.c:5603: |3| peer certificate #3:
ssl_tls.c:5603: |3| cert. version     : 3
ssl_tls.c:5603: |3| serial number     : 27:66:EE:56:EB:49:F3:8E:AB:D7:70:A2:FC:84:DE:22
ssl_tls.c:5603: |3| issuer name       : C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
ssl_tls.c:5603: |3| subject name      : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
ssl_tls.c:5603: |3| issued  on        : 2000-05-30 10:48:38
ssl_tls.c:5603: |3| expires on        : 2020-05-30 10:48:38
ssl_tls.c:5603: |3| signed using      : RSA with SHA-384
ssl_tls.c:5603: |3| RSA key size      : 4096 bits
ssl_tls.c:5603: |3| basic constraints : CA=true
ssl_tls.c:5603: |3| key usage         : Digital Signature, Key Cert Sign, CRL Sign
ssl_tls.c:5603: |3| value of 'crt->rsa.N' (4096 bits) is:
ssl_tls.c:5603: |3|  91 e8 54 92 d2 0a 56 b1 ac 0d 24 dd c5 cf 44 67
ssl_tls.c:5603: |3|  74 99 2b 37 a3 7d 23 70 00 71 bc 53 df c4 fa 2a
ssl_tls.c:5603: |3|  12 8f 4b 7f 10 56 bd 9f 70 72 b7 61 7f c9 4b 0f
ssl_tls.c:5603: |3|  17 a7 3d e3 b0 04 61 ee ff 11 97 c7 f4 86 3e 0a
ssl_tls.c:5603: |3|  fa 3e 5c f9 93 e6 34 7a d9 14 6b e7 9c b3 85 a0
ssl_tls.c:5603: |3|  82 7a 76 af 71 90 d7 ec fd 0d fa 9c 6c fa df b0
ssl_tls.c:5603: |3|  82 f4 14 7e f9 be c4 a6 2f 4f 7f 99 7f b5 fc 67
ssl_tls.c:5603: |3|  43 72 bd 0c 00 d6 89 eb 6b 2c d3 ed 8f 98 1c 14
ssl_tls.c:5603: |3|  ab 7e e5 e3 6e fc d8 a8 e4 92 24 da 43 6b 62 b8
ssl_tls.c:5603: |3|  55 fd ea c1 bc 6c b6 8b f3 0e 8d 9a e4 9b 6c 69
ssl_tls.c:5603: |3|  99 f8 78 48 30 45 d5 ad e1 0d 3c 45 60 fc 32 96
ssl_tls.c:5603: |3|  51 27 bc 67 c3 ca 2e b6 6b ea 46 c7 c7 20 a0 b1
ssl_tls.c:5603: |3|  1f 65 de 48 08 ba a4 4e a9 f2 83 46 37 84 eb e8
ssl_tls.c:5603: |3|  cc 81 48 43 67 4e 72 2a 9b 5c bd 4c 1b 28 8a 5c
ssl_tls.c:5603: |3|  22 7b b4 ab 98 d9 ee e0 51 83 c3 09 46 4e 6d 3e
ssl_tls.c:5603: |3|  99 fa 95 17 da 7c 33 57 41 3c 8d 51 ed 0b b6 5c
ssl_tls.c:5603: |3|  af 2c 63 1a df 57 c8 3f bc e9 5d c4 9b af 45 99
ssl_tls.c:5603: |3|  e2 a3 5a 24 b4 ba a9 56 3d cf 6f aa ff 49 58 be
ssl_tls.c:5603: |3|  f0 a8 ff f4 b8 ad e9 37 fb ba b8 f4 0b 3a f9 e8
ssl_tls.c:5603: |3|  43 42 1e 89 d8 84 cb 13 f1 d9 bb e1 89 60 b8 8c
ssl_tls.c:5603: |3|  28 56 ac 14 1d 9c 0a e7 71 eb cf 0e dd 3d a9 96
ssl_tls.c:5603: |3|  a1 48 bd 3c f7 af b5 0d 22 4c c0 11 81 ec 56 3b
ssl_tls.c:5603: |3|  f6 d3 a2 e2 5b b7 b2 04 22 52 95 80 93 69 e8 8e
ssl_tls.c:5603: |3|  4c 65 f1 91 03 2d 70 74 02 ea 8b 67 15 29 69 52
ssl_tls.c:5603: |3|  02 bb d7 df 50 6a 55 46 bf a0 a3 28 61 7f 70 d0
ssl_tls.c:5603: |3|  c3 a2 aa 2c 21 aa 47 ce 28 9c 06 45 76 bf 82 18
ssl_tls.c:5603: |3|  27 b4 d5 ae b4 cb 50 e6 6b f4 4c 86 71 30 e9 a6
ssl_tls.c:5603: |3|  df 16 86 e0 d8 ff 40 dd fb d0 42 88 7f a3 33 3a
ssl_tls.c:5603: |3|  2e 5c 1e 41 11 81 63 ce 18 71 6b 2b ec a6 8a b7
ssl_tls.c:5603: |3|  31 5c 3a 6a 47 e0 c3 79 59 d6 20 1a af f2 6a 98
ssl_tls.c:5603: |3|  aa 72 bc 57 4a d2 4b 9d bb 10 fc b0 4c 41 e5 ed
ssl_tls.c:5603: |3|  1d 3d 5e 28 9d 9c cc bf b3 51 da a7 47 e5 84 53
ssl_tls.c:5603: |3| value of 'crt->rsa.E' (17 bits) is:
ssl_tls.c:5603: |3|  01 00 01

Verify requested for (Depth 2):
cert. version     : 3
serial number     : 27:66:EE:56:EB:49:F3:8E:AB:D7:70:A2:FC:84:DE:22
issuer name       : C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
subject name      : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
issued  on        : 2000-05-30 10:48:38
expires on        : 2020-05-30 10:48:38
signed using      : RSA with SHA-384
RSA key size      : 4096 bits
basic constraints : CA=true
key usage         : Digital Signature, Key Cert Sign, CRL Sign
  ! The certificate is not correctly signed by the trusted CA


Verify requested for (Depth 1):
cert. version     : 3
serial number     : 2B:2E:6E:EA:D9:75:36:6C:14:8A:6E:DB:A3:7C:8C:07
issuer name       : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
subject name      : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
issued  on        : 2014-02-12 00:00:00
expires on        : 2029-02-11 23:59:59
signed using      : RSA with SHA-384
RSA key size      : 2048 bits
basic constraints : CA=true, max_pathlen=0
key usage         : Digital Signature, Key Cert Sign, CRL Sign
ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication
  This certificate has no flags

Verify requested for (Depth 0):
cert. version     : 3
serial number     : C9:BF:52:02:20:64:1B:E2:F1:B7:BA:23:B8:7F:1D:00
issuer name       : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
subject name      : OU=Domain Control Validated, OU=PositiveSSL, CN=prod.idrix.eu
issued  on        : 2018-08-15 00:00:00
expires on        : 2020-08-14 23:59:59
signed using      : RSA with SHA-256
RSA key size      : 4096 bits
basic constraints : CA=false
subject alt name  : prod.idrix.eu, www.prod.idrix.eu
key usage         : Digital Signature, Key Encipherment
ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication
  This certificate has no flags
ssl_tls.c:5754: |1| x509_verify_cert() returned -9984 (-0x2700)
ssl_tls.c:5849: |3| ! Certificate verification flags 8
ssl_tls.c:5860: |2| <= parse certificate
ssl_cli.c:3500: |2| client state: 4
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:2329: |2| => parse server key exchange
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 22, version = [3:3], msglen = 589
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 594
ssl_tls.c:2720: |2| in_left: 5, nb_want: 594
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 589 (-0xfffffdb3)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:3623: |3| handshake message: msglen = 589, type = 12, hslen = 589
ssl_tls.c:4382: |2| <= read record
ssl_cli.c:2417: |3| dumping 'server key exchange' (585 bytes)
ssl_cli.c:2417: |3| 0000:  03 00 17 41 04 30 3a 31 56 e1 f1 6a b0 04 b6 b3  ...A.0:1V..j....
ssl_cli.c:2417: |3| 0010:  24 1b 82 0f 34 59 ec ef 8b ed 02 9f dd 95 02 4a  $...4Y.........J
ssl_cli.c:2417: |3| 0020:  6f c9 8e 7b dd f1 c5 a1 7a e5 20 38 9d 6c 83 f8  o..{....z. 8.l..
ssl_cli.c:2417: |3| 0030:  10 cc d0 f9 00 b3 a6 73 80 ed 90 dd 9a 05 81 67  .......s.......g
ssl_cli.c:2417: |3| 0040:  4b 9f 8f 03 41 06 01 02 00 8a 3c e6 76 49 e1 42  K...A.....<.vI.B
ssl_cli.c:2417: |3| 0050:  e1 83 24 10 ea 3e 04 5a 81 d4 6f 6a 9d a9 3f 57  ..$..>.Z..oj..?W
ssl_cli.c:2417: |3| 0060:  a1 01 ca 8b cd 39 5d bf d0 48 be 03 e0 54 64 1a  .....9]..H...Td.
ssl_cli.c:2417: |3| 0070:  4c f5 c1 f2 b6 bb 60 c8 92 96 bc 6d 78 b8 71 30  L.....`....mx.q0
ssl_cli.c:2417: |3| 0080:  b0 d9 c3 6c 69 bd 82 b1 df 4f ba 6d cb f7 31 37  ...li....O.m..17
ssl_cli.c:2417: |3| 0090:  b9 88 d7 69 df 2e ba cd 17 46 d3 15 12 f6 87 fb  ...i.....F......
ssl_cli.c:2417: |3| 00a0:  0e fd 3d 08 29 77 95 4d 70 de 6c da ee a7 2c 2e  ..=.)w.Mp.l...,.
ssl_cli.c:2417: |3| 00b0:  77 bf 0f 99 21 27 86 1c 46 c6 7b f7 ce 22 2f 8d  w...!'..F.{.."/.
ssl_cli.c:2417: |3| 00c0:  b8 53 cc c1 ee 55 ce 0e 9f 0b 6c 25 e8 0d ad fb  .S...U....l%....
ssl_cli.c:2417: |3| 00d0:  d4 f9 bd b5 cf 4a c2 60 e2 6c ba 91 fa 39 15 23  .....J.`.l...9.#
ssl_cli.c:2417: |3| 00e0:  b5 3a 96 a7 d2 75 3c c9 f0 fb 85 c3 6c 2e 10 c5  .:...u<.....l...
ssl_cli.c:2417: |3| 00f0:  e6 a8 cc c3 bd d3 3a 99 2a 2e 4e 75 db c6 01 c4  ......:.*.Nu....
ssl_cli.c:2417: |3| 0100:  91 ef ed 2f 08 6a 1a a0 71 7c 85 34 09 d3 58 59  .../.j..q|.4..XY
ssl_cli.c:2417: |3| 0110:  00 9e b8 20 0b 4f 97 2e d7 32 98 6e 63 21 74 99  ... .O...2.nc!t.
ssl_cli.c:2417: |3| 0120:  c7 98 04 ae b9 7a bf ee 5d 8c 69 1b 09 e6 20 db  .....z..].i... .
ssl_cli.c:2417: |3| 0130:  3d fa d1 89 c6 f0 02 7c f8 59 b7 2e 1e 41 54 4c  =......|.Y...ATL
ssl_cli.c:2417: |3| 0140:  2b e0 36 89 41 6e cc b8 3f 0a f2 8c 30 fd 9a cb  +.6.An..?...0...
ssl_cli.c:2417: |3| 0150:  07 29 92 c4 ab c8 ca 65 e1 d7 4d b0 11 bf c5 85  .).....e..M.....
ssl_cli.c:2417: |3| 0160:  28 5b d0 55 0a 9d da 69 b3 57 01 5a 55 6b 44 30  ([.U...i.W.ZUkD0
ssl_cli.c:2417: |3| 0170:  63 f4 aa 0d de e1 62 6f 28 9d 90 07 d2 78 05 37  c.....bo(....x.7
ssl_cli.c:2417: |3| 0180:  00 a7 4d 9c d5 f8 3b 56 39 60 89 66 0c bd 0b 3a  ..M...;V9`.f...:
ssl_cli.c:2417: |3| 0190:  19 2c 69 c0 49 f2 bd 35 00 2e a9 30 3f 25 a6 29  .,i.I..5...0?%.)
ssl_cli.c:2417: |3| 01a0:  29 2d 67 8f 0e 0e 8b f4 b7 6b 49 c8 80 28 0d 09  )-g......kI..(..
ssl_cli.c:2417: |3| 01b0:  ba 7f 4d dc 56 c9 a9 42 f0 97 21 0e 16 5d f8 33  ..M.V..B..!..].3
ssl_cli.c:2417: |3| 01c0:  58 07 45 58 a9 9f df 91 b1 86 75 c0 a1 56 3b a7  X.EX......u..V;.
ssl_cli.c:2417: |3| 01d0:  ed cf f8 8b 51 40 fe 37 62 09 96 65 4e c7 f5 de  ....Q@.7b..eN...
ssl_cli.c:2417: |3| 01e0:  16 5f de 94 32 68 8e a8 1d 0a f2 fe d8 ba 64 3f  ._..2h........d?
ssl_cli.c:2417: |3| 01f0:  d3 df ef 94 00 a2 c1 03 b6 53 d9 31 55 b0 7a 93  .........S.1U.z.
ssl_cli.c:2417: |3| 0200:  20 99 9d bf 1f 74 2a 51 e3 d2 71 a9 a2 62 16 83   ....t*Q..q..b..
ssl_cli.c:2417: |3| 0210:  9e 8d 09 dd c9 50 61 2f 14 31 cc ac 1b 31 48 f8  .....Pa/.1...1H.
ssl_cli.c:2417: |3| 0220:  4c df b6 86 8c 1a 2b 65 fb b7 1e ae d6 e6 ee c7  L.....+e........
ssl_cli.c:2417: |3| 0230:  a0 7c da c8 56 a2 9a 72 60 83 dc af e6 55 23 32  .|..V..r`....U#2
ssl_cli.c:2417: |3| 0240:  4a 7a b4 3b e6 ad 4b 97 59                       Jz.;..K.Y
ssl_cli.c:2038: |2| ECDH curve: secp256r1
ssl_cli.c:2048: |3| value of 'ECDH: Qp(X)' (254 bits) is:
ssl_cli.c:2048: |3|  30 3a 31 56 e1 f1 6a b0 04 b6 b3 24 1b 82 0f 34
ssl_cli.c:2048: |3|  59 ec ef 8b ed 02 9f dd 95 02 4a 6f c9 8e 7b dd
ssl_cli.c:2048: |3| value of 'ECDH: Qp(Y)' (256 bits) is:
ssl_cli.c:2048: |3|  f1 c5 a1 7a e5 20 38 9d 6c 83 f8 10 cc d0 f9 00
ssl_cli.c:2048: |3|  b3 a6 73 80 ed 90 dd 9a 05 81 67 4b 9f 8f 03 41
ssl_cli.c:2271: |2| Server used SignatureAlgorithm 1
ssl_cli.c:2272: |2| Server used HashAlgorithm 6
ssl_cli.c:2573: |3| dumping 'signature' (512 bytes)
ssl_cli.c:2573: |3| 0000:  8a 3c e6 76 49 e1 42 e1 83 24 10 ea 3e 04 5a 81  .<.vI.B..$..>.Z.
ssl_cli.c:2573: |3| 0010:  d4 6f 6a 9d a9 3f 57 a1 01 ca 8b cd 39 5d bf d0  .oj..?W.....9]..
ssl_cli.c:2573: |3| 0020:  48 be 03 e0 54 64 1a 4c f5 c1 f2 b6 bb 60 c8 92  H...Td.L.....`..
ssl_cli.c:2573: |3| 0030:  96 bc 6d 78 b8 71 30 b0 d9 c3 6c 69 bd 82 b1 df  ..mx.q0...li....
ssl_cli.c:2573: |3| 0040:  4f ba 6d cb f7 31 37 b9 88 d7 69 df 2e ba cd 17  O.m..17...i.....
ssl_cli.c:2573: |3| 0050:  46 d3 15 12 f6 87 fb 0e fd 3d 08 29 77 95 4d 70  F........=.)w.Mp
ssl_cli.c:2573: |3| 0060:  de 6c da ee a7 2c 2e 77 bf 0f 99 21 27 86 1c 46  .l...,.w...!'..F
ssl_cli.c:2573: |3| 0070:  c6 7b f7 ce 22 2f 8d b8 53 cc c1 ee 55 ce 0e 9f  .{.."/..S...U...
ssl_cli.c:2573: |3| 0080:  0b 6c 25 e8 0d ad fb d4 f9 bd b5 cf 4a c2 60 e2  .l%.........J.`.
ssl_cli.c:2573: |3| 0090:  6c ba 91 fa 39 15 23 b5 3a 96 a7 d2 75 3c c9 f0  l...9.#.:...u<..
ssl_cli.c:2573: |3| 00a0:  fb 85 c3 6c 2e 10 c5 e6 a8 cc c3 bd d3 3a 99 2a  ...l.........:.*
ssl_cli.c:2573: |3| 00b0:  2e 4e 75 db c6 01 c4 91 ef ed 2f 08 6a 1a a0 71  .Nu......./.j..q
ssl_cli.c:2573: |3| 00c0:  7c 85 34 09 d3 58 59 00 9e b8 20 0b 4f 97 2e d7  |.4..XY... .O...
ssl_cli.c:2573: |3| 00d0:  32 98 6e 63 21 74 99 c7 98 04 ae b9 7a bf ee 5d  2.nc!t......z..]
ssl_cli.c:2573: |3| 00e0:  8c 69 1b 09 e6 20 db 3d fa d1 89 c6 f0 02 7c f8  .i... .=......|.
ssl_cli.c:2573: |3| 00f0:  59 b7 2e 1e 41 54 4c 2b e0 36 89 41 6e cc b8 3f  Y...ATL+.6.An..?
ssl_cli.c:2573: |3| 0100:  0a f2 8c 30 fd 9a cb 07 29 92 c4 ab c8 ca 65 e1  ...0....).....e.
ssl_cli.c:2573: |3| 0110:  d7 4d b0 11 bf c5 85 28 5b d0 55 0a 9d da 69 b3  .M.....([.U...i.
ssl_cli.c:2573: |3| 0120:  57 01 5a 55 6b 44 30 63 f4 aa 0d de e1 62 6f 28  W.ZUkD0c.....bo(
ssl_cli.c:2573: |3| 0130:  9d 90 07 d2 78 05 37 00 a7 4d 9c d5 f8 3b 56 39  ....x.7..M...;V9
ssl_cli.c:2573: |3| 0140:  60 89 66 0c bd 0b 3a 19 2c 69 c0 49 f2 bd 35 00  `.f...:.,i.I..5.
ssl_cli.c:2573: |3| 0150:  2e a9 30 3f 25 a6 29 29 2d 67 8f 0e 0e 8b f4 b7  ..0?%.))-g......
ssl_cli.c:2573: |3| 0160:  6b 49 c8 80 28 0d 09 ba 7f 4d dc 56 c9 a9 42 f0  kI..(....M.V..B.
ssl_cli.c:2573: |3| 0170:  97 21 0e 16 5d f8 33 58 07 45 58 a9 9f df 91 b1  .!..].3X.EX.....
ssl_cli.c:2573: |3| 0180:  86 75 c0 a1 56 3b a7 ed cf f8 8b 51 40 fe 37 62  .u..V;.....Q@.7b
ssl_cli.c:2573: |3| 0190:  09 96 65 4e c7 f5 de 16 5f de 94 32 68 8e a8 1d  ..eN...._..2h...
ssl_cli.c:2573: |3| 01a0:  0a f2 fe d8 ba 64 3f d3 df ef 94 00 a2 c1 03 b6  .....d?.........
ssl_cli.c:2573: |3| 01b0:  53 d9 31 55 b0 7a 93 20 99 9d bf 1f 74 2a 51 e3  S.1U.z. ....t*Q.
ssl_cli.c:2573: |3| 01c0:  d2 71 a9 a2 62 16 83 9e 8d 09 dd c9 50 61 2f 14  .q..b.......Pa/.
ssl_cli.c:2573: |3| 01d0:  31 cc ac 1b 31 48 f8 4c df b6 86 8c 1a 2b 65 fb  1...1H.L.....+e.
ssl_cli.c:2573: |3| 01e0:  b7 1e ae d6 e6 ee c7 a0 7c da c8 56 a2 9a 72 60  ........|..V..r`
ssl_cli.c:2573: |3| 01f0:  83 dc af e6 55 23 32 4a 7a b4 3b e6 ad 4b 97 59  ....U#2Jz.;..K.Y
ssl_cli.c:2609: |3| dumping 'parameters hash' (64 bytes)
ssl_cli.c:2609: |3| 0000:  8b 0f 6a e7 d0 94 49 b4 1f 39 13 65 54 b0 da a0  ..j...I..9.eT...
ssl_cli.c:2609: |3| 0010:  96 93 e5 bf 64 dd b5 b2 6e c3 95 d2 0d b9 22 39  ....d...n....."9
ssl_cli.c:2609: |3| 0020:  71 ac e4 ab ad 42 52 f6 ff 4c d6 3e c9 62 de 90  q....BR..L.>.b..
ssl_cli.c:2609: |3| 0030:  83 40 13 02 ba 5d 5c 36 60 f1 54 a3 fc db ea 3c  .@...]\6`.T....<
ssl_cli.c:2657: |2| <= parse server key exchange
ssl_cli.c:3500: |2| client state: 5
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:2690: |2| => parse certificate request
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 22, version = [3:3], msglen = 4
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 9
ssl_tls.c:2720: |2| in_left: 5, nb_want: 9
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 4 (-0xfffffffc)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:3623: |3| handshake message: msglen = 4, type = 14, hslen = 4
ssl_tls.c:4382: |2| <= read record
ssl_cli.c:2717: |3| got no certificate request
ssl_cli.c:2839: |2| <= parse certificate request
ssl_cli.c:3500: |2| client state: 6
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:2849: |2| => parse server hello done
ssl_tls.c:4308: |2| => read record
ssl_tls.c:4378: |2| reuse previously read message
ssl_tls.c:4382: |2| <= read record
ssl_cli.c:2879: |2| <= parse server hello done
ssl_cli.c:3500: |2| client state: 7
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_tls.c:5326: |2| => write certificate
ssl_tls.c:5343: |2| <= skip write certificate
ssl_cli.c:3500: |2| client state: 8
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:2891: |2| => write client key exchange
ssl_cli.c:2970: |3| value of 'ECDH: Q(X)' (256 bits) is:
ssl_cli.c:2970: |3|  a8 32 a7 0d c5 5a 9b 24 96 94 70 3f 33 7c 3d be
ssl_cli.c:2970: |3|  cc c5 ab 54 cc c2 22 98 d8 48 5a a4 bc 80 f5 2b
ssl_cli.c:2970: |3| value of 'ECDH: Q(Y)' (255 bits) is:
ssl_cli.c:2970: |3|  75 0d 3d 3c 10 e6 88 f8 73 ed e3 10 5a 45 71 43
ssl_cli.c:2970: |3|  c5 21 c0 2f 55 8f 4b e4 6e b2 67 32 c8 f3 2c 6d
ssl_cli.c:2997: |3| value of 'ECDH: z' (256 bits) is:
ssl_cli.c:2997: |3|  f0 cf dc e8 0c 10 bc c4 31 2f 81 ce 5d 4a c2 57
ssl_cli.c:2997: |3|  4e 13 92 ff d0 00 a2 2d 0a ac 4f 33 ba 52 a3 dd
ssl_tls.c:3183: |2| => write handshake message
ssl_tls.c:3340: |2| => write record
ssl_tls.c:3420: |3| output record: msgtype = 22, version = [3:3], msglen = 70
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2773: |2| message length: 75, out_left: 75
ssl_tls.c:2778: |2| ssl->f_send() returned 75 (-0xffffffb5)
ssl_tls.c:2806: |2| <= flush output
ssl_tls.c:3473: |2| <= write record
ssl_tls.c:3317: |2| <= write handshake message
ssl_cli.c:3162: |2| <= write client key exchange
ssl_cli.c:3500: |2| client state: 9
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:3214: |2| => write certificate verify
ssl_tls.c:0628: |2| => derive keys
ssl_tls.c:0706: |3| dumping 'premaster secret' (32 bytes)
ssl_tls.c:0706: |3| 0000:  f0 cf dc e8 0c 10 bc c4 31 2f 81 ce 5d 4a c2 57  ........1/..]J.W
ssl_tls.c:0706: |3| 0010:  4e 13 92 ff d0 00 a2 2d 0a ac 4f 33 ba 52 a3 dd  N......-..O3.R..
ssl_tls.c:0795: |3| ciphersuite = TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
ssl_tls.c:0796: |3| dumping 'master secret' (48 bytes)
ssl_tls.c:0796: |3| 0000:  ab 2f e3 c3 82 6a 61 a5 99 0e bb 7a 93 08 32 b6  ./...ja....z..2.
ssl_tls.c:0796: |3| 0010:  51 a0 43 ba 93 f2 16 3f a6 23 0e 6d 59 2f b2 cd  Q.C....?.#.mY/..
ssl_tls.c:0796: |3| 0020:  1e 49 af 02 49 cc a5 f4 90 e8 aa e3 c7 c7 33 8b  .I..I.........3.
ssl_tls.c:0921: |3| keylen: 32, minlen: 24, ivlen: 12, maclen: 0
ssl_tls.c:1116: |2| <= derive keys
ssl_cli.c:3243: |2| <= skip write certificate verify
ssl_cli.c:3500: |2| client state: 10
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_tls.c:5876: |2| => write change cipher spec
ssl_tls.c:3183: |2| => write handshake message
ssl_tls.c:3340: |2| => write record
ssl_tls.c:3420: |3| output record: msgtype = 20, version = [3:3], msglen = 1
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2773: |2| message length: 6, out_left: 6
ssl_tls.c:2778: |2| ssl->f_send() returned 6 (-0xfffffffa)
ssl_tls.c:2806: |2| <= flush output
ssl_tls.c:3473: |2| <= write record
ssl_tls.c:3317: |2| <= write handshake message
ssl_tls.c:5890: |2| <= write change cipher spec
ssl_cli.c:3500: |2| client state: 11
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_tls.c:6395: |2| => write finished
ssl_tls.c:6269: |2| => calc  finished tls sha384
ssl_tls.c:6293: |3| dumping 'calc finished result' (12 bytes)
ssl_tls.c:6293: |3| 0000:  35 96 d6 0e 39 1e 03 d9 5b 11 ed 4e              5...9...[..N
ssl_tls.c:6299: |2| <= calc  finished
ssl_tls.c:6440: |3| switching to new transform spec for outbound data
ssl_tls.c:3183: |2| => write handshake message
ssl_tls.c:3340: |2| => write record
ssl_tls.c:1444: |2| => encrypt buf
ssl_tls.c:1617: |3| before encrypt: msglen = 24, including 0 bytes of padding
ssl_tls.c:1780: |2| <= encrypt buf
ssl_tls.c:3420: |3| output record: msgtype = 22, version = [3:3], msglen = 40
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2773: |2| message length: 45, out_left: 45
ssl_tls.c:2778: |2| ssl->f_send() returned 45 (-0xffffffd3)
ssl_tls.c:2806: |2| <= flush output
ssl_tls.c:3473: |2| <= write record
ssl_tls.c:3317: |2| <= write handshake message
ssl_tls.c:6504: |2| <= write finished
ssl_cli.c:3500: |2| client state: 12
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:3393: |2| => parse new session ticket
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 22, version = [3:3], msglen = 218
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 223
ssl_tls.c:2720: |2| in_left: 5, nb_want: 223
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 218 (-0xffffff26)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:3623: |3| handshake message: msglen = 218, type = 4, hslen = 218
ssl_tls.c:4382: |2| <= read record
ssl_cli.c:3443: |3| ticket length: 208
ssl_cli.c:3481: |3| ticket in use, discarding session id
ssl_cli.c:3484: |2| <= parse new session ticket
ssl_cli.c:3500: |2| client state: 12
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_tls.c:5899: |2| => parse change cipher spec
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 20, version = [3:3], msglen = 1
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 6
ssl_tls.c:2720: |2| in_left: 5, nb_want: 6
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 1 (-0xffffffff)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4382: |2| <= read record
ssl_tls.c:5922: |3| switching to new transform spec for inbound data
ssl_tls.c:5963: |2| <= parse change cipher spec
ssl_cli.c:3500: |2| client state: 13
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_tls.c:6521: |2| => parse finished
ssl_tls.c:6269: |2| => calc  finished tls sha384
ssl_tls.c:6293: |3| dumping 'calc finished result' (12 bytes)
ssl_tls.c:6293: |3| 0000:  21 ff 30 00 3c e8 95 13 8a 28 e1 b4              !.0.<....(..
ssl_tls.c:6299: |2| <= calc  finished
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 22, version = [3:3], msglen = 40
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 45
ssl_tls.c:2720: |2| in_left: 5, nb_want: 45
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 40 (-0xffffffd8)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:1793: |2| => decrypt buf
ssl_tls.c:2375: |2| <= decrypt buf
ssl_tls.c:3623: |3| handshake message: msglen = 16, type = 20, hslen = 16
ssl_tls.c:4382: |2| <= read record
ssl_tls.c:6589: |2| <= parse finished
ssl_cli.c:3500: |2| client state: 14
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_cli.c:3611: |2| handshake: done
ssl_cli.c:3500: |2| client state: 15
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2766: |2| <= flush output
ssl_tls.c:6333: |3| => handshake wrapup
ssl_tls.c:6306: |3| => handshake wrapup: final free
ssl_tls.c:6326: |3| <= handshake wrapup: final free
ssl_tls.c:6388: |3| <= handshake wrapup
ssl_tls.c:8091: |2| <= handshake
 ok
    [ Protocol is TLSv1.2 ]
    [ Ciphersuite is TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 ]
    [ Record expansion is 29 ]
    [ Maximum fragment length is 16384 ]
  . Verifying peer X.509 certificate... failed
  ! The certificate is not correctly signed by the trusted CA

  . Peer certificate information    ...
      cert. version     : 3
      serial number     : C9:BF:52:02:20:64:1B:E2:F1:B7:BA:23:B8:7F:1D:00
      issuer name       : C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
      subject name      : OU=Domain Control Validated, OU=PositiveSSL, CN=prod.idrix.eu
      issued  on        : 2018-08-15 00:00:00
      expires on        : 2020-08-14 23:59:59
      signed using      : RSA with SHA-256
      RSA key size      : 4096 bits
      basic constraints : CA=false
      subject alt name  : prod.idrix.eu, www.prod.idrix.eu
      key usage         : Digital Signature, Key Encipherment
      ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication

  > Write to server:ssl_tls.c:8679: |2| => write
ssl_tls.c:3340: |2| => write record
ssl_tls.c:1444: |2| => encrypt buf
ssl_tls.c:1617: |3| before encrypt: msglen = 133, including 0 bytes of padding
ssl_tls.c:1780: |2| <= encrypt buf
ssl_tls.c:3420: |3| output record: msgtype = 23, version = [3:3], msglen = 149
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2773: |2| message length: 154, out_left: 154
ssl_tls.c:2778: |2| ssl->f_send() returned 154 (-0xffffff66)
ssl_tls.c:2806: |2| <= flush output
ssl_tls.c:3473: |2| <= write record
ssl_tls.c:8707: |2| <= write
 125 bytes written in 1 fragments

GET /secure/ HTTP/1.1
Host: prod.idrix.eu
Connection: Keep-Alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)


  < Read from server:ssl_tls.c:8267: |2| => read
ssl_tls.c:0081: |3| set_timer to 0 ms
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 22, version = [3:3], msglen = 28
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 33
ssl_tls.c:2720: |2| in_left: 5, nb_want: 33
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 28 (-0xffffffe4)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:1793: |2| => decrypt buf
ssl_tls.c:2375: |2| <= decrypt buf
ssl_tls.c:3623: |3| handshake message: msglen = 4, type = 0, hslen = 4
ssl_tls.c:4382: |2| <= read record
ssl_tls.c:8354: |1| received handshake message
ssl_tls.c:8431: |3| refusing renegotiation, sending alert
ssl_tls.c:5247: |2| => send alert message
ssl_tls.c:5248: |3| send alert level=1 message=100
ssl_tls.c:3340: |2| => write record
ssl_tls.c:1444: |2| => encrypt buf
ssl_tls.c:1617: |3| before encrypt: msglen = 10, including 0 bytes of padding
ssl_tls.c:1780: |2| <= encrypt buf
ssl_tls.c:3420: |3| output record: msgtype = 21, version = [3:3], msglen = 26
ssl_tls.c:2754: |2| => flush output
ssl_tls.c:2773: |2| message length: 31, out_left: 31
ssl_tls.c:2778: |2| ssl->f_send() returned 31 (-0xffffffe1)
ssl_tls.c:2806: |2| <= flush output
ssl_tls.c:3473: |2| <= write record
ssl_tls.c:5260: |2| <= send alert message
ssl_tls.c:0081: |3| set_timer to 0 ms
ssl_tls.c:4308: |2| => read record
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 0, nb_want: 5
ssl_tls.c:2720: |2| in_left: 0, nb_want: 5
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:4053: |3| input record: msgtype = 21, version = [3:3], msglen = 26
ssl_tls.c:2535: |2| => fetch input
ssl_tls.c:2696: |2| in_left: 5, nb_want: 31
ssl_tls.c:2720: |2| in_left: 5, nb_want: 31
ssl_tls.c:2721: |2| ssl->f_recv(_timeout)() returned 26 (-0xffffffe6)
ssl_tls.c:2741: |2| <= fetch input
ssl_tls.c:1793: |2| => decrypt buf
ssl_tls.c:2375: |2| <= decrypt buf
ssl_tls.c:5167: |2| got an alert message, type: [2:40]
ssl_tls.c:5175: |1| is a fatal alert message (msg 40)
ssl_tls.c:4366: |1| mbedtls_ssl_handle_message_type() returned -30592 (-0x7780)
ssl_tls.c:8332: |1| mbedtls_ssl_read_record() returned -30592 (-0x7780)
 mbedtls_ssl_read returned -0x7780
Last error was: -0x7780 - SSL - A fatal alert message was received from our peer

ssl_tls.c:8931: |2| => free
ssl_tls.c:8996: |2| <= free
  + Press Enter to exit this program.
18 Jan 2019

Hi Matt, Please note that the Mbed TLS forum is located [here](https://forums.mbed.com/c/mbed-tls), I apologize for not responding earlier.

Note that due to security reasons, it is not recomended to use optional authentication mode, unless for debugging only. You should set a trusted root certificate, that should be used in the certificate verification, which has the subject CN equal to the issuer CN of the server certificate you are trying to connect. In your case it should b one of the two certificates in depth 1 or 2, assuming you trust the source of the certificates.

Looking at the log, I see the following from the client:

ssl_tls.c:4382: |2| <= read record
ssl_tls.c:8354: |1| received handshake message
ssl_tls.c:8431: |3| refusing renegotiation, sending alert
ssl_tls.c:5247: |2| => send alert message
ssl_tls.c:5248: |3| send alert level=1 message=100

This makes me believe that the server asked to renegotiate, and it is not configured by default. You need to add to your client application the parameter:"renegotiation=1", assuming you have MBEDTLS_SSL_RENEGOTIATION defined in your configuration file.

The client sent a warning alert, but hte server probably didn't accept this, and sent the fatal alert, terminating the handshake.

Regards,

Mbed TLS Team member

Ron

Please log in to post a reply.