java-pinning icon indicating copy to clipboard operation
java-pinning copied to clipboard
verified publisher icon Flowdalic

Issue extracting pin

Open JensRantil opened this issue 10 years ago • 2 comments 

$ ./tools/pin.py httpbin.org 443                                                                                 [13:06:21]
Traceback (most recent call last):
  File "./tools/pin.py", line 38, in <module>
    main(sys.argv[1:])
  File "./tools/pin.py", line 17, in main
    peerCert = ssl.get_server_certificate((argv[0], int(argv[1])))
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 448, in get_server_certificate
    s.connect(addr)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 333, in connect
    self._real_connect(addr, False)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 323, in _real_connect
    self.do_handshake()
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/ssl.py", line 305, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [Errno 1] _ssl.c:504: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

Any input?

JensRantil avatar Oct 28 '15 12:10 JensRantil

Workaround:

$ openssl s_client -connect httpbin.org:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -sha256 -noout -in /dev/stdin
SHA256 Fingerprint=BC:42:47:37:32:C2:75:2B:C2:3B:F9:11:EB:63:B9:A0:54:7D:30:C1:47:F2:4F:44:A1:24:F7:1F:F7:E4:C5:F4

JensRantil avatar Oct 28 '15 12:10 JensRantil

Even nicer workaround:

$ openssl s_client -connect httpbin.org:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -sha256 -noout -in /dev/stdin | sed 's/://g'
SHA256 Fingerprint=BC42473732C2752BC23BF911EB63B9A0547D30C147F24F44A124F71FF7E4C5F4

JensRantil avatar Nov 19 '15 09:11 JensRantil