Some days ago i wanted to do a check of a certificate of an ip address. No big deal - so i did:
schroff@zerberus:~$ openssl s_client -showcerts -connect 82.165.229.87.87:443
140011908769088:error:2008F002:BIO routines:BIO_lookup_ex:system
lib:../crypto/bio/b_addr.c:726:Name or service not known
connect:errno=22
So i opened google to find a solution.
But on google i found nothing really helpful.
?
The answer was very easy:
If i read the command line carfully, i would have detected my error:
THE IP ADDRESS WAS INVALID
I wrote an ipv4 with 5 numbers and not with 4...
After using a correct ipv4 number the command worked like expected:
schroff@zerberus:~$ openssl s_client -showcerts -connect 82.165.229.87:443 #
CONNECTED(00000003)
Can't use SSL_get_servername
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = GeoTrust RSA CA 2018
verify return:1
depth=0 C = DE, ST = Rheinland-Pfalz, L = Montabaur, O = 1&1 Mail & Media GmbH, CN = gmx.net
verify return:1
---
Thanks! That helped me!
ReplyDeleteGood spot. You get the same/similar error if you enter a bad/unknown domain name, rather than its IP address. The error message is a little oblique.
ReplyDelete