Scribd
Upload
37 views

Estlog

The document contains log messages from an EST client as it establishes a TLS connection, validates server certificates, sends an enrollment request, and receives a new client certificate in response. It adds several CA certificates to its trust store, does not use a client certificate for authentication, validates the server certificate matches the expected hostname, sends an enrollment request of 1360 bytes, receives a response of 1982 bytes including a new client certificate of 1829 bytes. It encounters errors unable to retrieve CRLs but continues allowing the connections.

Uploaded by

antounralph00
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
37 views

Estlog

The document contains log messages from an EST client as it establishes a TLS connection, validates server certificates, sends an enrollment request, and receives a new client certificate in response. It adds several CA certificates to its trust store, does not use a client certificate for authentication, validates the server certificate matches the expected hostname, sends an enrollment request of 1360 bytes, receives a response of 1982 bytes including a new client certificate of 1829 bytes. It encounters errors unable to retrieve CRLs but continues allowing the connections.

Uploaded by

antounralph00
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

***EST [INFO][ossl_init_cert_store_from_raw:182]-->

Adding cert to store (/CN=Certificate Services Endpoint Sub CA - ise1)

***EST [INFO][ossl_init_cert_store_from_raw:182]-->
Adding cert to store (/CN=Certificate Services Node CA - ise1)

***EST [INFO][ossl_init_cert_store_from_raw:182]-->
Adding cert to store (/CN=Certificate Services Root CA - ise1)

***EST [INFO][est_log_version:156]-->
libest 1.1.0 (API level 3)

***EST [INFO][est_log_version:160]-->
Compiled against CiscoSSL 1.0.2s.6.2.352-fips

***EST [INFO][est_log_version:161]-->
Linking to CiscoSSL 1.0.2s.6.2.352-fips

***EST [WARNING][est_client_set_auth:3440]-->
Not using client certificate for TLS session, HTTP basic or digest auth will be
used.

***EST [INFO][cert_verify_cb:671]-->
entering: Cert passed up from OpenSSL. error = 3 (unable to get certificate CRL)

***EST [INFO][cert_verify_cb:724]-->
NO EST client application server cert verify function registered

***EST [WARNING][cert_verify_cb:736]-->
No CRL loaded, TLS peer will be allowed.

***EST [INFO][cert_verify_cb:671]-->
entering: Cert passed up from OpenSSL. error = 3 (unable to get certificate CRL)

***EST [INFO][cert_verify_cb:724]-->
NO EST client application server cert verify function registered

***EST [WARNING][cert_verify_cb:736]-->
No CRL loaded, TLS peer will be allowed.

***EST [INFO][cert_verify_cb:671]-->
entering: Cert passed up from OpenSSL. error = 3 (unable to get certificate CRL)

***EST [INFO][cert_verify_cb:724]-->
NO EST client application server cert verify function registered

***EST [WARNING][cert_verify_cb:736]-->
No CRL loaded, TLS peer will be allowed.

***EST [INFO][cert_verify_cb:671]-->
entering: Cert passed up from OpenSSL. error = 3 (unable to get certificate CRL)
***EST [INFO][cert_verify_cb:724]-->
NO EST client application server cert verify function registered

***EST [WARNING][cert_verify_cb:736]-->
No CRL loaded, TLS peer will be allowed.

***EST [INFO][cert_verify_cb:671]-->
entering: Cert passed up from OpenSSL. error = 3 (unable to get certificate CRL)

***EST [INFO][cert_verify_cb:671]-->
entering: Cert passed up from OpenSSL. error = 3 (unable to get certificate CRL)

***EST [INFO][cert_verify_cb:671]-->
entering: Cert passed up from OpenSSL. error = 3 (unable to get certificate CRL)

***EST [INFO][cert_verify_cb:671]-->
entering: Cert passed up from OpenSSL. error = 3 (unable to get certificate CRL)

***EST [INFO][est_client_verifyhost:1961]-->
Found 1 SubjectAlternateNames

***EST [INFO][est_client_verifyhost:1974]-->
Checking FQDN against SAN ise1.bau.edu.lb

***EST [INFO][est_client_verifyhost:2013]-->
subjectAltName: ise1.bau.edu.lb matched

***EST [INFO][est_client_send_enroll_request:1346]-->
TLS wrote 1360 bytes, attempted 1360 bytes

***EST [INFO][est_ssl_read:1100]-->
est_ssl_read: entering poll...

***EST [INFO][est_ssl_read:1102]-->
est_ssl_read: poll returned 1

***EST [INFO][est_ssl_read:1114]-->
est_ssl_read: entering read, buf_max=1000000

***EST [INFO][est_ssl_read:1116]-->
est_ssl_read: read returned=153

***EST [INFO][est_ssl_read:1100]-->
est_ssl_read: entering poll...

***EST [INFO][est_ssl_read:1102]-->
est_ssl_read: poll returned 1

***EST [INFO][est_ssl_read:1114]-->
est_ssl_read: entering read, buf_max=999847
***EST [INFO][est_ssl_read:1116]-->
est_ssl_read: read returned=1829

***EST [INFO][est_ssl_read:1100]-->
est_ssl_read: entering poll...

***EST [INFO][est_ssl_read:1102]-->
est_ssl_read: poll returned 1

***EST [INFO][est_ssl_read:1114]-->
est_ssl_read: entering read, buf_max=998018

***EST [INFO][est_ssl_read:1116]-->
est_ssl_read: read returned=0

***EST [INFO][est_io_get_response:1212]-->
Read 1982 bytes of HTTP data

***EST [INFO][parse_http_headers:806]-->
Found HTTP header -> Status:200 OK

***EST [INFO][parse_http_headers:806]-->
Found HTTP header -> Content-Type:application/pkcs7-mime; smime-type=certs-only

***EST [INFO][parse_http_headers:806]-->
Found HTTP header -> Content-Transfer-Encoding:base64

***EST [INFO][parse_http_headers:806]-->
Found HTTP header -> Content-Length:1829

***EST [INFO][parse_http_headers:816]-->
Found 4 HTTP headers

***EST [INFO][est_io_get_response:1221]-->
HTTP status 200 received

***EST [INFO][est_io_get_response:1288]-->
HTTP Content len=1829

***EST [INFO][est_client_enroll_req:1558]-->
Newly Enrolled Client certificate:
MIIFQgYJKoZIhvcNAQcCoIIFMzCCBS8CAQExADALBgkqhkiG9w0BBwGgggUXMIIF
EzCCAvugAwIBAgIQejBcTqWjT5iCyH3WJvWS9zANBgkqhkiG9w0BAQsFADA2MTQw
MgYDVQQDDCtDZXJ0aWZpY2F0ZSBTZXJ2aWNlcyBFbmRwb2ludCBTdWIgQ0EgLSBp
c2UxMB4XDTIzMDkyMDA2MjgwNloXDTI3MDgzMTA2MjgwNlowTzESMBAGA1UEAwwJ
MjAyMjAzNjg4MQ0wCwYDVQQLDARCWU9EMQwwCgYDVQQKDANCQVUxDzANBgNVBAcM
BkJlaXJ1dDELMAkGA1UEBhMCTEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLZJZPJBFiaPtajv1wTKqr2piaPx9zM7qzzOkrwIKrGjabPjbykhE9VcT7
2MHFIHIehnUrdHOs8DDcYJctAofTBWDxKV0n1f8sj/1tPLz5w87JS9x5U6OgyI8+
HKcRmY7FlNcOuvZ5bRJIuD3vcHfmCZm1YwOmft7eohpp2hoV8TVwvIIFwZncLq+z
NtAxo+MuuYtJ0MtcYhHPreCRC0ZJAbarzcG3JCzNdDOMjqiW2TsvipsRdqpaGeqo
9zZhPmrFNZqHmk3QQrRBmZ0EZcd35Low89TJ79/9RHQt1CFD5n2PneQ6a11fvhMX
86046PdM30A7dWQ9fWfO02w9kAj1AgMBAAGjggECMIH/MB8GA1UdEQEB/wQVMBOB
ETA0LTEwLTZCLUIwLUVELTMwMCAGCSsGAQQBCRUCBQQTBBFCWU9EX0VBUF9BVVRI
XzczMDBlBgNVHSMEXjBcgBSdzKTwdxl+f7WxnBgz/mFyQeYgp6EypDAwLjEsMCoG
A1UEAwwjQ2VydGlmaWNhdGUgU2VydmljZXMgTm9kZSBDQSAtIGlzZTGCECq6kEEm
bUyNhTQCOHtfo
***EST [INFO][est_client_enroll_req:1559]-->
length: 1829

You might also like