状況 
11:50 現在
XigmaNAS の公式ページ
を開いてみたところ、サーバー証明書エラーで表示出来ない。
無視して表示してみると、
Web サーバーは動いているけど、明らかに設定がおかしい。
しばらくしたら状況が変わった。 にリダイレクトされるようになった。
しかし転送先も証明書エラーに加えて 500
復旧中なのか???
とりあえず証明書までは復旧した模様。
24:00 過ぎたけど、復旧しない。
とりあえず、
2021-04-23 17:08 追記
タイミングは不明だが、無事復旧した模様
XigmaNAS の公式ページ
を開いてみたところ、サーバー証明書エラーで表示出来ない。
無視して表示してみると、
Apache is functioning normallyという表示。https ではなく http で表示しても同じ状況。
Web サーバーは動いているけど、明らかに設定がおかしい。
$ wget -S https://www.xigmanas.org/ -O - --content-on-error --no-check-certificate -nv 警告: www.xigmanas.org の証明書(発行者: `CN=Sectigo RSA Domain Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB')の検証に失敗しました: 発行された証明書は失効しています。 警告: 証明書に記載されている別名とホスト名 `www.xigmanas.org' が一致しません HTTP/1.1 200 OK date: Wed, 21 Apr 2021 02:56:47 GMT server: Apache/2 upgrade: h2,h2c connection: Upgrade last-modified: Mon, 15 Mar 2021 18:50:55 GMT etag: "2c-5bd97bacc07c8" accept-ranges: bytes content-length: 44 vary: User-Agent content-type: text/html <html>Apache is functioning normally</html> 2021-04-21 11:56:47 URL:https://www.xigmanas.org/ [44/44] -> "-" [1]
$ openssl s_client -connect www.xigmanas.org:443
CONNECTED(00000003)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL Wildcard, CN = *.zxcs.nl
verify error:num=10:certificate has expired
notAfter=Apr 11 23:59:59 2021 GMT
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL Wildcard, CN = *.zxcs.nl
notAfter=Apr 11 23:59:59 2021 GMT
verify return:1
---
Certificate chain
0 s:OU = Domain Control Validated, OU = PositiveSSL Wildcard, CN = *.zxcs.nl
i:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
1 s:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
2 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
3 s:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
4 s:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgIRAOd9BPLNMC9H/WWyy4mskY0wDQYJKoZIhvcNAQELBQAw
gY8xCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UE
AxMuU2VjdGlnbyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0xOTAyMTkwMDAwMDBaFw0yMTA0MTEyMzU5NTlaMFYxITAfBgNVBAsTGERv
bWFpbiBDb250cm9sIFZhbGlkYXRlZDEdMBsGA1UECxMUUG9zaXRpdmVTU0wgV2ls
ZGNhcmQxEjAQBgNVBAMMCSouenhjcy5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMR9dEGDad8O1Ia9WYcYAy/GlE6vPK5e8j/Zbt1kawcAqHscJA4w
kNKGrMDoR+MeTM1d4A/U8LZuFi1sHZ8tbJpaSfmVGcPlyl7T+z8RU3UgWNY+ZfkF
d5PtKjAAp4KXDHkrPPmzWWl7PV3NBWQBGP8tv8yftrVzm6uVwA6WVVJEhaeIk9J0
HYi5kfONfecqU1FGr0p8wJZzEXpZJeEtOz52+uFdvrOO7RydSU09s1sRVkM4qlEg
BbyNq4qMx9gOMMt7rc0UZnjAtNPjYebAlHkE3Qzj9XyqtzhtifRDRB+o1hAfhmqr
3mQDzcxuN8xfY6mAMqYtrWfXs6jY+URAtrMCAwEAAaOCAvQwggLwMB8GA1UdIwQY
MBaAFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMB0GA1UdDgQWBBSpTZLXHKdax/+AgaAE
odlY7Qn56jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAl
MCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEw
gYQGCCsGAQUFBwEBBHgwdjBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdv
LmNvbS9TZWN0aWdvUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNy
dDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wHQYDVR0RBBYw
FIIJKi56eGNzLm5sggd6eGNzLm5sMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgA
dgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWkGUDQEAAAEAwBH
MEUCIGKfygidaA3nIEDPEUcdWWek6oYA4a758DkuWCLo01tIAiEAsd6jYSJAq3a6
UsUqJ7OBnO8tS8h915lxKiReqvZhqOIAdgBElGUusO7Or8RAB9io/ijA2uaCvtjL
MbU/0zOWtbaBqAAAAWkGUDRMAAAEAwBHMEUCIDQRqbTEELXqCbABBu0vM6nBz+Sl
5ERif0l825KzTzJLAiEAzHgPcYHWZzaNr8utVPHzKQa9ePX1u0dUntwbIOJkdTEA
dgBc3EOS/uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAWkGUDRPAAAEAwBH
MEUCIQDrNiQkdtWVn7nQe1m9hjXzKOwFm5LIn0HWy20VVNODCgIgHCzKeSRFaS2e
EoIn8ySti2TgliHb4cMCnetw7kVFqqcwDQYJKoZIhvcNAQELBQADggEBAMUSarMn
/oaDr6FeKz0+juPWqXNIZ+yuPdYcwOPXfzcQ+1XD2abeHlQy7mMV7a6qXAmz77ZL
fQhuUXGchlXWd0tlJbGVsfVz1b6fff663JxLmCuFQx67jwNYpwqzsXf2NzM0A4qI
/pJCXANkeeS2Dv5AqgFvZO9LY4hbJcfX+2RhIWisC8qa5I3/GtxcEgFf4Ow9pFU1
fpD4Uy+JvN/xeLYew/iczJow4lv8lzeswDXaCUZv5qMWCls9bpe+hjrFdB1lJGGS
+NAq/lmtU87s4kySHQMgxqDwl1dV3S4BQZoign3VpWroqEt896X0WtHg7JDLrgrn
7IbqFhDUnLmxf8Q=
-----END CERTIFICATE-----
subject=OU = Domain Control Validated, OU = PositiveSSL Wildcard, CN = *.zxcs.nl
issuer=C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 8337 bytes and written 372 bytes
Verification error: certificate has expired
---
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 10 (certificate has expired)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_128_GCM_SHA256
Session-ID: 03BAE2BAD49C84CBDB5DB5C35CDF3163D4CF4A1959488C3535F7D2D3BEEB73C2
Session-ID-ctx:
Resumption PSK: F37EB45281A415B368EECE92A1D964D38816BD103773B1A87E8644C0F54BA7C2
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 2b df d8 ac 95 54 21 21-7f 3f ab c8 ad 90 8e 2c +....T!!.?.....,
0010 - f9 f2 f3 f9 fc b2 bd e3-f0 24 94 21 9a 75 2f eb .........$.!.u/.
Start Time: 1618973673
Timeout : 7200 (sec)
Verify return code: 10 (certificate has expired)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_128_GCM_SHA256
Session-ID: 1E5FFE900CAA4690F0D2A52462C5438965CA447F6A6C53BAFC3C5BAC5E25F72D
Session-ID-ctx:
Resumption PSK: 1174EB80E2B29ABEFE6E0F620565FE980560C61C659906056D68ADDB5C4C4B13
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 8c 0d 9c 1d f8 1d 42 4d-29 ed 5b 5a 72 ef 75 72 ......BM).[Zr.ur
0010 - 82 8f 3c 0b f9 8c bc b4-a3 71 9f 38 54 fb 5e ec ..<......q.8T.^.
Start Time: 1618973673
Timeout : 7200 (sec)
Verify return code: 10 (certificate has expired)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
DONE
$ openssl s_client -connect www.xigmanas.org:443 | openssl x509 -in - -noout -text
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL Wildcard, CN = *.zxcs.nl
verify error:num=10:certificate has expired
notAfter=Apr 11 23:59:59 2021 GMT
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL Wildcard, CN = *.zxcs.nl
notAfter=Apr 11 23:59:59 2021 GMT
verify return:1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
e7:7d:04:f2:cd:30:2f:47:fd:65:b2:cb:89:ac:91:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Feb 19 00:00:00 2019 GMT
Not After : Apr 11 23:59:59 2021 GMT
Subject: OU = Domain Control Validated, OU = PositiveSSL Wildcard, CN = *.zxcs.nl
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7d:74:41:83:69:df:0e:d4:86:bd:59:87:18:
03:2f:c6:94:4e:af:3c:ae:5e:f2:3f:d9:6e:dd:64:
6b:07:00:a8:7b:1c:24:0e:30:90:d2:86:ac:c0:e8:
47:e3:1e:4c:cd:5d:e0:0f:d4:f0:b6:6e:16:2d:6c:
1d:9f:2d:6c:9a:5a:49:f9:95:19:c3:e5:ca:5e:d3:
fb:3f:11:53:75:20:58:d6:3e:65:f9:05:77:93:ed:
2a:30:00:a7:82:97:0c:79:2b:3c:f9:b3:59:69:7b:
3d:5d:cd:05:64:01:18:ff:2d:bf:cc:9f:b6:b5:73:
9b:ab:95:c0:0e:96:55:52:44:85:a7:88:93:d2:74:
1d:88:b9:91:f3:8d:7d:e7:2a:53:51:46:af:4a:7c:
c0:96:73:11:7a:59:25:e1:2d:3b:3e:76:fa:e1:5d:
be:b3:8e:ed:1c:9d:49:4d:3d:b3:5b:11:56:43:38:
aa:51:20:05:bc:8d:ab:8a:8c:c7:d8:0e:30:cb:7b:
ad:cd:14:66:78:c0:b4:d3:e3:61:e6:c0:94:79:04:
dd:0c:e3:f5:7c:aa:b7:38:6d:89:f4:43:44:1f:a8:
d6:10:1f:86:6a:ab:de:64:03:cd:cc:6e:37:cc:5f:
63:a9:80:32:a6:2d:ad:67:d7:b3:a8:d8:f9:44:40:
b6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
X509v3 Subject Key Identifier:
A9:4D:92:D7:1C:A7:5A:C7:FF:80:81:A0:04:A1:D9:58:ED:09:F9:EA
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:*.zxcs.nl, DNS:zxcs.nl
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
Timestamp : Feb 19 15:11:53.348 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:62:9F:CA:08:9D:68:0D:E7:20:40:CF:11:
47:1D:59:67:A4:EA:86:00:E1:AE:F9:F0:39:2E:58:22:
E8:D3:5B:48:02:21:00:B1:DE:A3:61:22:40:AB:76:BA:
52:C5:2A:27:B3:81:9C:EF:2D:4B:C8:7D:D7:99:71:2A:
24:5E:AA:F6:61:A8:E2
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
Timestamp : Feb 19 15:11:53.420 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:34:11:A9:B4:C4:10:B5:EA:09:B0:01:06:
ED:2F:33:A9:C1:CF:E4:A5:E4:44:62:7F:49:7C:DB:92:
B3:4F:32:4B:02:21:00:CC:78:0F:71:81:D6:67:36:8D:
AF:CB:AD:54:F1:F3:29:06:BD:78:F5:F5:BB:47:54:9E:
DC:1B:20:E2:64:75:31
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
Timestamp : Feb 19 15:11:53.423 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:EB:36:24:24:76:D5:95:9F:B9:D0:7B:
59:BD:86:35:F3:28:EC:05:9B:92:C8:9F:41:D6:CB:6D:
15:54:D3:83:0A:02:20:1C:2C:CA:79:24:45:69:2D:9E:
12:82:27:F3:24:AD:8B:64:E0:96:21:DB:E1:C3:02:9D:
EB:70:EE:45:45:AA:A7
Signature Algorithm: sha256WithRSAEncryption
c5:12:6a:b3:27:fe:86:83:af:a1:5e:2b:3d:3e:8e:e3:d6:a9:
73:48:67:ec:ae:3d:d6:1c:c0:e3:d7:7f:37:10:fb:55:c3:d9:
a6:de:1e:54:32:ee:63:15:ed:ae:aa:5c:09:b3:ef:b6:4b:7d:
08:6e:51:71:9c:86:55:d6:77:4b:65:25:b1:95:b1:f5:73:d5:
be:9f:7d:fe:ba:dc:9c:4b:98:2b:85:43:1e:bb:8f:03:58:a7:
0a:b3:b1:77:f6:37:33:34:03:8a:88:fe:92:42:5c:03:64:79:
e4:b6:0e:fe:40:aa:01:6f:64:ef:4b:63:88:5b:25:c7:d7:fb:
64:61:21:68:ac:0b:ca:9a:e4:8d:ff:1a:dc:5c:12:01:5f:e0:
ec:3d:a4:55:35:7e:90:f8:53:2f:89:bc:df:f1:78:b6:1e:c3:
f8:9c:cc:9a:30:e2:5b:fc:97:37:ac:c0:35:da:09:46:6f:e6:
a3:16:0a:5b:3d:6e:97:be:86:3a:c5:74:1d:65:24:61:92:f8:
d0:2a:fe:59:ad:53:ce:ec:e2:4c:92:1d:03:20:c6:a0:f0:97:
57:55:dd:2e:01:41:9a:22:82:7d:d5:a5:6a:e8:a8:4b:7c:f7:
a5:f4:5a:d1:e0:ec:90:cb:ae:0a:e7:ec:86:ea:16:10:d4:9c:
b9:b1:7f:c4
DONE
しばらくしたら状況が変わった。 にリダイレクトされるようになった。
しかし転送先も証明書エラーに加えて 500
復旧中なのか???
$ wget -S https://www.xigmanas.org/ -O - --content-on-error --no-check-certificate -nv 警告: www.xigmanas.org の証明書(発行者: `CN=Sectigo RSA Domain Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB')の検証に失敗しました: 発行された証明書は失効しています。 警告: 証明書に記載されている別名とホスト名 `www.xigmanas.org' が一致しません HTTP/1.1 301 Moved Permanently date: Wed, 21 Apr 2021 03:00:09 GMT server: Apache/2 location: https://www.xigmanas.com/ content-length: 233 content-type: text/html; charset=iso-8859-1 警告: www.xigmanas.com の証明書(発行者: `CN=Sectigo RSA Domain Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB')の検証に失敗しました: 発行された証明書は失効しています。 警告: 証明書に記載されている別名とホスト名 `www.xigmanas.com' が一致しません HTTP/1.1 500 Internal Server Error date: Wed, 21 Apr 2021 03:00:11 GMT server: Apache/2 x-powered-by: PHP/7.3.27 upgrade: h2,h2c connection: Upgrade vary: User-Agent content-length: 0 content-type: text/html; charset=UTF-8 https://www.xigmanas.com/: 2021-04-21 12:00:11 エラー 500: Internal Server Error。
とりあえず証明書までは復旧した模様。
$ wget -S https://www.xigmanas.org/ -O - --content-on-error -nv HTTP/1.1 301 Moved Permanently date: Wed, 21 Apr 2021 03:11:25 GMT server: Apache/2 location: https://www.xigmanas.com/ content-length: 233 content-type: text/html; charset=iso-8859-1 HTTP/1.1 500 Internal Server Error date: Wed, 21 Apr 2021 03:11:26 GMT server: Apache/2 x-powered-by: PHP/7.3.27 upgrade: h2,h2c connection: Upgrade vary: User-Agent content-length: 0 content-type: text/html; charset=UTF-8 https://www.xigmanas.com/: 2021-04-21 12:11:26 エラー 500: Internal Server Error。
$ openssl s_client -connect www.xigmanas.org:443
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = ftp.xigmanas.org
verify return:1
---
Certificate chain
0 s:CN = ftp.xigmanas.org
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGfjCCBWagAwIBAgISA/3Y47E+gqJPLpR/qizX52NCMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA0MTQyMTM5NTJaFw0yMTA3MTMyMTM5NTJaMBsxGTAXBgNVBAMT
EGZ0cC54aWdtYW5hcy5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
AQCeHKBP0Yk4fWxzc8wBsxQCAdPlEfeZFRMJaSTLz5iaxWEfH0xyz1QYTHV34vVQ
6TA1RReeY9lLB2hrRZt0H9gfCWJGakT1QpLaw+wrzwvrq8dBC2yaruhEJZn/hNPr
zmc+KPL2O3jntk8EVQ2Xzw8G/6BP3O9/0vlCMFEq3E2qK49g17gYmZAqWzdcR7R/
c+5Ycha7pvEHR3lwS8sbe7HuD/ZZF1pClWs/Gxm/0/70qYAD1UCLDgVddCJBGKLy
cGXhKc94EU8cw8T6XKuKEPnrq6Dwh6fOcILeB2NgyUmRASi7XM6QG453macS43Pj
mWC3XiSoesG9gJ3jzjsJUeLOuO7zmIqTMm0L04Q56yjeY2G2HYHyWvaEvqWSimJw
wRxwPrAnvJVCvWuJQjF8OCNK08kINjKGqI7dfy+08izqKcqohKOkj3gitqRrEiGf
0Nz744K2mAtSzJtQSJWqfi8jDl238Xoko/TV52XHjiSz+kvk/bspnsjkv+bL6MGO
FZ/EJ3vbsirR6u7IAMCO9GW5mxoJ24FykbvECf1/el6gQLj6nIEbvyMLMzq3AVt8
Pzyj3ebiRfVp835UcxDEZsDKtiAGyOerRNFlttEi+ylag83onk0cLtYN2Dj0lo3p
JI1vkXpkg1iWH4ZB8At6Wln/ukCneSdOWtOf8LS978orIQIDAQABo4ICozCCAp8w
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR85TS3NyVC8URfMfKSnemAsZHHFjAfBgNV
HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI
KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0
cDovL3IzLmkubGVuY3Iub3JnLzBzBgNVHREEbDBqghBmdHAueGlnbWFuYXMub3Jn
ghFtYWlsLnhpZ21hbmFzLm9yZ4IQcG9wLnhpZ21hbmFzLm9yZ4IRc210cC54aWdt
YW5hcy5vcmeCEHd3dy54aWdtYW5hcy5vcmeCDHhpZ21hbmFzLm9yZzBMBgNVHSAE
RTBDMAgGBmeBDAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRw
Oi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB3
AFzcQ5L+5qtFRLFemtRW5hA3+9X6R9yhc5SyXub2xw7KAAABeNKKdBoAAAQDAEgw
RgIhAOkYjNZTjeoRLiOhfzMWMmsV0Ckz+eldYpwwNDmhMqV2AiEAlwsdVpHYIWJM
QBC/KljOnD+Zo/Hn6kjcG/mDErw4fvAAdQB9PvL4j/+IVWgkwsDKnlKJeSvFDngJ
fy5ql2iZfiLw1wAAAXjSinRbAAAEAwBGMEQCIAYK0M8b+mI2SP1Wb5HqMlwCsPuv
c8Si2ddtftPE8k8KAiAsNjWp8o+QCLSgytzN1FMKpJ41WqVXtlYQgBMCY0mPwzAN
BgkqhkiG9w0BAQsFAAOCAQEAF/6k4fwlywkhQckp+6lWL2xKyLxqiiBWfnNvmOoG
J1+KzrXnMMMp4XV4PyVLG0G5bmz5ymSjvjBjWtFBuusyd6/n7EdovQ+zPUGtIQIn
DoD01YWR/EBCjY8ybTqCqEFuo7lr/QkTVKGLIdeUVzM367BE/EG+qVen9ef+heii
Pns10mzUlLCF14+Uh6WuOkc09RuVH6G2YhwvWGZC4iK5MRvZOcnt+rP1mQ6WLObX
skc5xyWngDVccWB4MJNlg3hjzneL6esYEvdcuc0ymeXtJb15Era5QQkDaBTasFOE
v9BV5xviQfXclaSihdQkO7x6XbvXO9uqHyzYAGRk9JOQxA==
-----END CERTIFICATE-----
subject=CN = ftp.xigmanas.org
issuer=C = US, O = Let's Encrypt, CN = R3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3600 bytes and written 372 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Server public key is 4096 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_128_GCM_SHA256
Session-ID: 80C8446B226A4CA6CAC5E81A4ACB66F669BB7DB1CAEED27A9F9183A50F59E27F
Session-ID-ctx:
Resumption PSK: 0F5169297DA1897015EE6CDFBCF3D0DACF6E008EC5258C97316C10D69A853520
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 46 64 3e ce 7a 16 70 b8-23 37 00 d9 9b 22 94 fd Fd>.z.p.#7..."..
0010 - a8 f6 21 6a 9c 45 ed e2-c7 cd 82 3f ff ba 70 5a ..!j.E.....?..pZ
Start Time: 1618974775
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_128_GCM_SHA256
Session-ID: 6EA455A46282131DB5B58F87A93DD182EBC525CDDEBE0B3DC60B4FF224242FD0
Session-ID-ctx:
Resumption PSK: C6CC631245D5437457FFE1D8CD7B4630F39ED42505DAE8DF6E06486357C97DE6
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 80 aa ec 6d 85 67 d8 57-15 dc be 5a db 22 5f 09 ...m.g.W...Z."_.
0010 - e2 c1 d8 69 25 f3 32 8c-71 3b 7d a2 5b 97 82 ed ...i%.2.q;}.[...
Start Time: 1618974775
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
DONE
$ openssl s_client -connect www.xigmanas.org:443 | openssl x509 -in - -noout -text
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = ftp.xigmanas.org
verify return:1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:fd:d8:e3:b1:3e:82:a2:4f:2e:94:7f:aa:2c:d7:e7:63:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = Let's Encrypt, CN = R3
Validity
Not Before: Apr 14 21:39:52 2021 GMT
Not After : Jul 13 21:39:52 2021 GMT
Subject: CN = ftp.xigmanas.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (4096 bit)
Modulus:
00:9e:1c:a0:4f:d1:89:38:7d:6c:73:73:cc:01:b3:
14:02:01:d3:e5:11:f7:99:15:13:09:69:24:cb:cf:
98:9a:c5:61:1f:1f:4c:72:cf:54:18:4c:75:77:e2:
f5:50:e9:30:35:45:17:9e:63:d9:4b:07:68:6b:45:
9b:74:1f:d8:1f:09:62:46:6a:44:f5:42:92:da:c3:
ec:2b:cf:0b:eb:ab:c7:41:0b:6c:9a:ae:e8:44:25:
99:ff:84:d3:eb:ce:67:3e:28:f2:f6:3b:78:e7:b6:
4f:04:55:0d:97:cf:0f:06:ff:a0:4f:dc:ef:7f:d2:
f9:42:30:51:2a:dc:4d:aa:2b:8f:60:d7:b8:18:99:
90:2a:5b:37:5c:47:b4:7f:73:ee:58:72:16:bb:a6:
f1:07:47:79:70:4b:cb:1b:7b:b1:ee:0f:f6:59:17:
5a:42:95:6b:3f:1b:19:bf:d3:fe:f4:a9:80:03:d5:
40:8b:0e:05:5d:74:22:41:18:a2:f2:70:65:e1:29:
cf:78:11:4f:1c:c3:c4:fa:5c:ab:8a:10:f9:eb:ab:
a0:f0:87:a7:ce:70:82:de:07:63:60:c9:49:91:01:
28:bb:5c:ce:90:1b:8e:77:99:a7:12:e3:73:e3:99:
60:b7:5e:24:a8:7a:c1:bd:80:9d:e3:ce:3b:09:51:
e2:ce:b8:ee:f3:98:8a:93:32:6d:0b:d3:84:39:eb:
28:de:63:61:b6:1d:81:f2:5a:f6:84:be:a5:92:8a:
62:70:c1:1c:70:3e:b0:27:bc:95:42:bd:6b:89:42:
31:7c:38:23:4a:d3:c9:08:36:32:86:a8:8e:dd:7f:
2f:b4:f2:2c:ea:29:ca:a8:84:a3:a4:8f:78:22:b6:
a4:6b:12:21:9f:d0:dc:fb:e3:82:b6:98:0b:52:cc:
9b:50:48:95:aa:7e:2f:23:0e:5d:b7:f1:7a:24:a3:
f4:d5:e7:65:c7:8e:24:b3:fa:4b:e4:fd:bb:29:9e:
c8:e4:bf:e6:cb:e8:c1:8e:15:9f:c4:27:7b:db:b2:
2a:d1:ea:ee:c8:00:c0:8e:f4:65:b9:9b:1a:09:db:
81:72:91:bb:c4:09:fd:7f:7a:5e:a0:40:b8:fa:9c:
81:1b:bf:23:0b:33:3a:b7:01:5b:7c:3f:3c:a3:dd:
e6:e2:45:f5:69:f3:7e:54:73:10:c4:66:c0:ca:b6:
20:06:c8:e7:ab:44:d1:65:b6:d1:22:fb:29:5a:83:
cd:e8:9e:4d:1c:2e:d6:0d:d8:38:f4:96:8d:e9:24:
8d:6f:91:7a:64:83:58:96:1f:86:41:f0:0b:7a:5a:
59:ff:ba:40:a7:79:27:4e:5a:d3:9f:f0:b4:bd:ef:
ca:2b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
7C:E5:34:B7:37:25:42:F1:44:5F:31:F2:92:9D:E9:80:B1:91:C7:16
X509v3 Authority Key Identifier:
keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
Authority Information Access:
OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:ftp.xigmanas.org, DNS:mail.xigmanas.org, DNS:pop.xigmanas.org, DNS:smtp.xigmanas.org, DNS:www.xigmanas.org, DNS:xigmanas.org
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
Timestamp : Apr 14 22:39:52.346 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:E9:18:8C:D6:53:8D:EA:11:2E:23:A1:
7F:33:16:32:6B:15:D0:29:33:F9:E9:5D:62:9C:30:34:
39:A1:32:A5:76:02:21:00:97:0B:1D:56:91:D8:21:62:
4C:40:10:BF:2A:58:CE:9C:3F:99:A3:F1:E7:EA:48:DC:
1B:F9:83:12:BC:38:7E:F0
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 7D:3E:F2:F8:8F:FF:88:55:68:24:C2:C0:CA:9E:52:89:
79:2B:C5:0E:78:09:7F:2E:6A:97:68:99:7E:22:F0:D7
Timestamp : Apr 14 22:39:52.411 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:06:0A:D0:CF:1B:FA:62:36:48:FD:56:6F:
91:EA:32:5C:02:B0:FB:AF:73:C4:A2:D9:D7:6D:7E:D3:
C4:F2:4F:0A:02:20:2C:36:35:A9:F2:8F:90:08:B4:A0:
CA:DC:CD:D4:53:0A:A4:9E:35:5A:A5:57:B6:56:10:80:
13:02:63:49:8F:C3
Signature Algorithm: sha256WithRSAEncryption
17:fe:a4:e1:fc:25:cb:09:21:41:c9:29:fb:a9:56:2f:6c:4a:
c8:bc:6a:8a:20:56:7e:73:6f:98:ea:06:27:5f:8a:ce:b5:e7:
30:c3:29:e1:75:78:3f:25:4b:1b:41:b9:6e:6c:f9:ca:64:a3:
be:30:63:5a:d1:41:ba:eb:32:77:af:e7:ec:47:68:bd:0f:b3:
3d:41:ad:21:02:27:0e:80:f4:d5:85:91:fc:40:42:8d:8f:32:
6d:3a:82:a8:41:6e:a3:b9:6b:fd:09:13:54:a1:8b:21:d7:94:
57:33:37:eb:b0:44:fc:41:be:a9:57:a7:f5:e7:fe:85:e8:a2:
3e:7b:35:d2:6c:d4:94:b0:85:d7:8f:94:87:a5:ae:3a:47:34:
f5:1b:95:1f:a1:b6:62:1c:2f:58:66:42:e2:22:b9:31:1b:d9:
39:c9:ed:fa:b3:f5:99:0e:96:2c:e6:d7:b2:47:39:c7:25:a7:
80:35:5c:71:60:78:30:93:65:83:78:63:ce:77:8b:e9:eb:18:
12:f7:5c:b9:cd:32:99:e5:ed:25:bd:79:12:b6:b9:41:09:03:
68:14:da:b0:53:84:bf:d0:55:e7:1b:e2:41:f5:dc:95:a4:a2:
85:d4:24:3b:bc:7a:5d:bb:d7:3b:db:aa:1f:2c:d8:00:64:64:
f4:93:90:c4
DONE
$ openssl s_client -connect www.xigmanas.com:443
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = ftp.nas4free.org
verify return:1
---
Certificate chain
0 s:CN = ftp.nas4free.org
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGojCCBYqgAwIBAgISAzk2Y/SqRL0ez9lYx5gS7ynqMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTA0MTQyMTM4MTRaFw0yMTA3MTMyMTM4MTRaMBsxGTAXBgNVBAMT
EGZ0cC5uYXM0ZnJlZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
AQC/SQI87/L8lSR0fU5d8ge/1IU8+5ptYI0eLld6KjUdcu6hJs489euqj9ET+zz+
NMszMUAZZR6APK97u4fkAVA0e1thTWRupc7RcNGZZjknyOkvSjqGA+3uMWRivaUv
DEMsguh+S1vHH05Or3RDxEfMxSnpKTW6YPaQbfkCaVX7/tAVgT2PcISTlkEx35Ka
kdfncqbkyMkg2fe0jqH7sZ3qISm8XNpvnTpTI/qrX0KGKu1wUht/ObXAD/saby2+
mJN61aDALHQ8UsxHnnJIJt2UxbtG3C7gPFRzhvDnIDyOs9Py29fx3ybrQ63c6mb1
lVD1jHU9LmktG0ab5T2DzUaytlOuqtshlPx0UARg0OF3EE5xoNv/g9tV6UYn6r/q
RNZrXfZrggqyXKnljveJtLtJWphNG8x7rLBudKsxFB5TCHk6stQZ3NUWjarmxkFS
6ZBX8MmtMhSRKryJIId7vezgS/Thd2CBbglrykWx9JDDt5CyZN8mOSYpFzCthzxG
MshTQjEVMXvcfPO+MOyxpCm8WWQvFtRebYHG1DPj9cBdycp35XLYPPTo2bqdAiKL
i0WO3wtEw17fcqDYubA4jQC51JZz/XxY9IieKcw6z3oy8GzzLhEh+FGImVHXNobX
BIhx89TXfSD1a4osgOLvcG78uf8f3hNF9p98R+3EtwxLOwIDAQABo4ICxzCCAsMw
DgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAM
BgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQyQ9IDOVN9N8HqPNzj17/Oim2k8DAfBgNV
HSMEGDAWgBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYI
KwYBBQUHMAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0
cDovL3IzLmkubGVuY3Iub3JnLzCBlQYDVR0RBIGNMIGKghBmdHAubmFzNGZyZWUu
b3JnghFtYWlsLm5hczRmcmVlLm9yZ4IMbmFzNGZyZWUub3JnghBwb3AubmFzNGZy
ZWUub3JnghFzbXRwLm5hczRmcmVlLm9yZ4IQd3d3Lm5hczRmcmVlLm9yZ4IQd3d3
LnhpZ21hbmFzLmNvbYIMeGlnbWFuYXMuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIB
MDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2Vu
Y3J5cHQub3JnMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcAXNxDkv7mq0VEsV6a
1FbmEDf71fpH3KFzlLJe5vbHDsoAAAF40oj29gAABAMASDBGAiEAr7EcZqYgZL9b
vM0b4cY05+dmsn5rkWOAKq/v9rZHX8sCIQDhcYiIlUD7Cz0wXhmnOzmETyiJ5fK+
qVOL544d7Ofu8AB2APZclC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAAB
eNKI9x4AAAQDAEcwRQIgB/XcJ9dphF8V3p3mnVvi5lSL03WJo5PB/v7cXFV7BXsC
IQCZOHBtlOkcMmSP1mpm7/UNyEMjcmgveJjpjxRIhp1c6TANBgkqhkiG9w0BAQsF
AAOCAQEAQBqmAW6hYqEU2tOyTYusb2D4sNsiHkLytbafOBV3gCaJ/z24Y18Ae8LT
bhrSWFKyzTSQkjBJzB8qHRaWN6dHa8SLsvXTIopgBDcPnxA41DQgjcO/6E89gQSJ
p3Y0GNnBatGcP1jTGJJyKJyX05wqChVpUsGVN90VLgjnh0OSfJF2DJaM5wNZS1/j
QD2uCQp7h93l2i3iD0rIGsI+ja9L1fdOFa/uxyXvoJECDEs0wa/3aPCDQur4SR5b
dkCD4kadRUuvYtvjuWOdBofCeIDuHJCJb/ApsNHksiP3hel8XXK2BEWHmsDHs/g+
KaCTCke2ByhGRu7b785qALaZ4jiDIg==
-----END CERTIFICATE-----
subject=CN = ftp.nas4free.org
issuer=C = US, O = Let's Encrypt, CN = R3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3636 bytes and written 372 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256
Server public key is 4096 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_128_GCM_SHA256
Session-ID: 068279F977AC1DE0532E403BD190CFAECE26309CABDED16AC2530978D3D58FB8
Session-ID-ctx:
Resumption PSK: 461B8AB58F139E33E448F8398764077207F17EB229CD80DD67449FC6C96CD24B
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - aa fd dc 63 25 d7 36 9b-a9 bf 9a fc da 2c 8f ab ...c%.6......,..
0010 - 73 54 29 93 bc 75 17 a7-83 41 5d 67 2d 89 2b cf sT)..u...A]g-.+.
Start Time: 1618974851
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_128_GCM_SHA256
Session-ID: 57E638C67DDEEA2C9C9C16EFF951BFB85B7123249403D118D744351BE271D98F
Session-ID-ctx:
Resumption PSK: FE66638F331AFFB5C6138174F753AC4D1BD4E24B6A490DEDF7F46AAE86012B8F
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 04 46 46 e9 f4 eb 87 1a-44 28 9b 76 03 39 61 38 .FF.....D(.v.9a8
0010 - b1 6e be 0d e5 17 4b 02-a5 22 49 8d 74 e3 62 c0 .n....K.."I.t.b.
Start Time: 1618974851
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
DONE
$ openssl s_client -connect www.xigmanas.com:443 | openssl x509 -in - -noout -text
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = ftp.nas4free.org
verify return:1
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:39:36:63:f4:aa:44:bd:1e:cf:d9:58:c7:98:12:ef:29:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = Let's Encrypt, CN = R3
Validity
Not Before: Apr 14 21:38:14 2021 GMT
Not After : Jul 13 21:38:14 2021 GMT
Subject: CN = ftp.nas4free.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (4096 bit)
Modulus:
00:bf:49:02:3c:ef:f2:fc:95:24:74:7d:4e:5d:f2:
07:bf:d4:85:3c:fb:9a:6d:60:8d:1e:2e:57:7a:2a:
35:1d:72:ee:a1:26:ce:3c:f5:eb:aa:8f:d1:13:fb:
3c:fe:34:cb:33:31:40:19:65:1e:80:3c:af:7b:bb:
87:e4:01:50:34:7b:5b:61:4d:64:6e:a5:ce:d1:70:
d1:99:66:39:27:c8:e9:2f:4a:3a:86:03:ed:ee:31:
64:62:bd:a5:2f:0c:43:2c:82:e8:7e:4b:5b:c7:1f:
4e:4e:af:74:43:c4:47:cc:c5:29:e9:29:35:ba:60:
f6:90:6d:f9:02:69:55:fb:fe:d0:15:81:3d:8f:70:
84:93:96:41:31:df:92:9a:91:d7:e7:72:a6:e4:c8:
c9:20:d9:f7:b4:8e:a1:fb:b1:9d:ea:21:29:bc:5c:
da:6f:9d:3a:53:23:fa:ab:5f:42:86:2a:ed:70:52:
1b:7f:39:b5:c0:0f:fb:1a:6f:2d:be:98:93:7a:d5:
a0:c0:2c:74:3c:52:cc:47:9e:72:48:26:dd:94:c5:
bb:46:dc:2e:e0:3c:54:73:86:f0:e7:20:3c:8e:b3:
d3:f2:db:d7:f1:df:26:eb:43:ad:dc:ea:66:f5:95:
50:f5:8c:75:3d:2e:69:2d:1b:46:9b:e5:3d:83:cd:
46:b2:b6:53:ae:aa:db:21:94:fc:74:50:04:60:d0:
e1:77:10:4e:71:a0:db:ff:83:db:55:e9:46:27:ea:
bf:ea:44:d6:6b:5d:f6:6b:82:0a:b2:5c:a9:e5:8e:
f7:89:b4:bb:49:5a:98:4d:1b:cc:7b:ac:b0:6e:74:
ab:31:14:1e:53:08:79:3a:b2:d4:19:dc:d5:16:8d:
aa:e6:c6:41:52:e9:90:57:f0:c9:ad:32:14:91:2a:
bc:89:20:87:7b:bd:ec:e0:4b:f4:e1:77:60:81:6e:
09:6b:ca:45:b1:f4:90:c3:b7:90:b2:64:df:26:39:
26:29:17:30:ad:87:3c:46:32:c8:53:42:31:15:31:
7b:dc:7c:f3:be:30:ec:b1:a4:29:bc:59:64:2f:16:
d4:5e:6d:81:c6:d4:33:e3:f5:c0:5d:c9:ca:77:e5:
72:d8:3c:f4:e8:d9:ba:9d:02:22:8b:8b:45:8e:df:
0b:44:c3:5e:df:72:a0:d8:b9:b0:38:8d:00:b9:d4:
96:73:fd:7c:58:f4:88:9e:29:cc:3a:cf:7a:32:f0:
6c:f3:2e:11:21:f8:51:88:99:51:d7:36:86:d7:04:
88:71:f3:d4:d7:7d:20:f5:6b:8a:2c:80:e2:ef:70:
6e:fc:b9:ff:1f:de:13:45:f6:9f:7c:47:ed:c4:b7:
0c:4b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
32:43:D2:03:39:53:7D:37:C1:EA:3C:DC:E3:D7:BF:CE:8A:6D:A4:F0
X509v3 Authority Key Identifier:
keyid:14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
Authority Information Access:
OCSP - URI:http://r3.o.lencr.org
CA Issuers - URI:http://r3.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:ftp.nas4free.org, DNS:mail.nas4free.org, DNS:nas4free.org, DNS:pop.nas4free.org, DNS:smtp.nas4free.org, DNS:www.nas4free.org, DNS:www.xigmanas.com, DNS:xigmanas.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 5C:DC:43:92:FE:E6:AB:45:44:B1:5E:9A:D4:56:E6:10:
37:FB:D5:FA:47:DC:A1:73:94:B2:5E:E6:F6:C7:0E:CA
Timestamp : Apr 14 22:38:14.774 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:AF:B1:1C:66:A6:20:64:BF:5B:BC:CD:
1B:E1:C6:34:E7:E7:66:B2:7E:6B:91:63:80:2A:AF:EF:
F6:B6:47:5F:CB:02:21:00:E1:71:88:88:95:40:FB:0B:
3D:30:5E:19:A7:3B:39:84:4F:28:89:E5:F2:BE:A9:53:
8B:E7:8E:1D:EC:E7:EE:F0
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : F6:5C:94:2F:D1:77:30:22:14:54:18:08:30:94:56:8E:
E3:4D:13:19:33:BF:DF:0C:2F:20:0B:CC:4E:F1:64:E3
Timestamp : Apr 14 22:38:14.814 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:07:F5:DC:27:D7:69:84:5F:15:DE:9D:E6:
9D:5B:E2:E6:54:8B:D3:75:89:A3:93:C1:FE:FE:DC:5C:
55:7B:05:7B:02:21:00:99:38:70:6D:94:E9:1C:32:64:
8F:D6:6A:66:EF:F5:0D:C8:43:23:72:68:2F:78:98:E9:
8F:14:48:86:9D:5C:E9
Signature Algorithm: sha256WithRSAEncryption
40:1a:a6:01:6e:a1:62:a1:14:da:d3:b2:4d:8b:ac:6f:60:f8:
b0:db:22:1e:42:f2:b5:b6:9f:38:15:77:80:26:89:ff:3d:b8:
63:5f:00:7b:c2:d3:6e:1a:d2:58:52:b2:cd:34:90:92:30:49:
cc:1f:2a:1d:16:96:37:a7:47:6b:c4:8b:b2:f5:d3:22:8a:60:
04:37:0f:9f:10:38:d4:34:20:8d:c3:bf:e8:4f:3d:81:04:89:
a7:76:34:18:d9:c1:6a:d1:9c:3f:58:d3:18:92:72:28:9c:97:
d3:9c:2a:0a:15:69:52:c1:95:37:dd:15:2e:08:e7:87:43:92:
7c:91:76:0c:96:8c:e7:03:59:4b:5f:e3:40:3d:ae:09:0a:7b:
87:dd:e5:da:2d:e2:0f:4a:c8:1a:c2:3e:8d:af:4b:d5:f7:4e:
15:af:ee:c7:25:ef:a0:91:02:0c:4b:34:c1:af:f7:68:f0:83:
42:ea:f8:49:1e:5b:76:40:83:e2:46:9d:45:4b:af:62:db:e3:
b9:63:9d:06:87:c2:78:80:ee:1c:90:89:6f:f0:29:b0:d1:e4:
b2:23:f7:85:e9:7c:5d:72:b6:04:45:87:9a:c0:c7:b3:f8:3e:
29:a0:93:0a:47:b6:07:28:46:46:ee:db:ef:ce:6a:00:b6:99:
e2:38:83:22
DONE
24:00 過ぎたけど、復旧しない。
とりあえず、
- XigmaNAS / wiki
2021-04-23 17:08 追記
タイミングは不明だが、無事復旧した模様
タグ
コメントをかく