Re: Cisco's SSL Certificate

Daniel Céspedes · ‎03-22-2024

Hello community

I am checking the certificate issuer for cisco.com and they have one of the most secures ones, HydrantID Trusted Certificate Service.
However since I am Linux user, I try to get the things done in the Linux way and surprisingly I found (???) some issues there.
Screenshot from 2024-03-22 13-14-57.png

Does someone understand this "no peer certificate" highlighted ?I could not find any useful information yet and I run this command in other websites and it does show accurate information, so I am confused this time the command is not really showing accurate information.

Thanks for helping

Daniel

marce1000 · ‎03-22-2024

- Following a thread like this , if you have for instance firewall(s) or proxies in between that could become a side effect :
https://community.cisco.com/t5/network-security/smart-registration-licensing-url-s/td-p/3750279

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Torbjørn · ‎03-22-2024

A peer certificate is a certificate that can be used to mutually authenticate the peer(your machine) to the server using an installed certificate. You should see the same in the output you get from other servers as well.

As to the error message and missing output. That OpenSSL command relieas on TLS renegotiation to work. As the error states, legacy renegotiation has been disabled, and secure negotiation has not been enabled for the server. This is not really an issue for most other purposes than checking certificate information with "openssl s_client -connect".

You can read more about this here: https://github.com/openssl/openssl/issues/21296

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev