openssl s_client コマンドの -trace
オプションを使うと SSL/TLS のメッセージを人間に優しい形でみることができる。
どういうメッセージが見られるかは OpenSSL with trace などで試すことができる。
ただ、リファレンスにある通り、このオプションは enable-ssl-trace
をつけてビルドをしないと利用できず、例えば apt で配布されているバイナリでは無効になっている。
なので、 Debian buster コンテナ上でのビルド方法をここにメモしておく。
$ docker run -it --rm buildpack-deps:buster bash root# cd /usr/local/src root# curl -O https://www.openssl.org/source/openssl-1.1.1d.tar.gz root# tar zxf openssl-1.1.1d.tar.gz root# cd openssl-1.1.1d root# ./config enable-ssl-trace && make && make install && make clean && ldconfig
こんな感じ。
root# openssl s_client -trace -connect google.com:443 -cipher "DEFAULT:@SECLEVEL=2" CONNECTED(00000003) Sent Record Header: Version = TLS 1.0 (0x301) Content Type = Handshake (22) Length = 301 ClientHello, Length=297 client_version=0x303 (TLS 1.2) Random: gmt_unix_time=0xBF8D65C0 random_bytes (len=28): (snip) session_id (len=32): (snip) cipher_suites (len=62) {0x13, 0x02} TLS_AES_256_GCM_SHA384 {0x13, 0x03} TLS_CHACHA20_POLY1305_SHA256 {0x13, 0x01} TLS_AES_128_GCM_SHA256 {0xC0, 0x2C} TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 {0xC0, 0x30} TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {0x00, 0x9F} TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {0xCC, 0xA9} TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 {0xCC, 0xA8} TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 {0xCC, 0xAA} TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 {0xC0, 0x2B} TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 {0xC0, 0x2F} TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 {0x00, 0x9E} TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 {0xC0, 0x24} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 {0xC0, 0x28} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 {0x00, 0x6B} TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0xC0, 0x23} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 {0xC0, 0x27} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67} TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0xC0, 0x0A} TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA {0xC0, 0x14} TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39} TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0xC0, 0x09} TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA {0xC0, 0x13} TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33} TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x9D} TLS_RSA_WITH_AES_256_GCM_SHA384 {0x00, 0x9C} TLS_RSA_WITH_AES_128_GCM_SHA256 {0x00, 0x3D} TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3C} TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x35} TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x2F} TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0xFF} TLS_EMPTY_RENEGOTIATION_INFO_SCSV compression_methods (len=1) No Compression (0x00) extensions, length = 162 extension_type=server_name(0), length=15 0000 - 00 0d 00 00 0a 67 6f 6f-67 6c 65 2e 63 6f 6d .....google.com extension_type=ec_point_formats(11), length=4 uncompressed (0) ansiX962_compressed_prime (1) ansiX962_compressed_char2 (2) extension_type=supported_groups(10), length=12 ecdh_x25519 (29) secp256r1 (P-256) (23) ecdh_x448 (30) secp521r1 (P-521) (25) secp384r1 (P-384) (24) extension_type=session_ticket(35), length=0 extension_type=encrypt_then_mac(22), length=0 extension_type=extended_master_secret(23), length=0 extension_type=signature_algorithms(13), length=42 ecdsa_secp256r1_sha256 (0x0403) ecdsa_secp384r1_sha384 (0x0503) ecdsa_secp521r1_sha512 (0x0603) ed25519 (0x0807) ed448 (0x0808) rsa_pss_pss_sha256 (0x0809) rsa_pss_pss_sha384 (0x080a) rsa_pss_pss_sha512 (0x080b) rsa_pss_rsae_sha256 (0x0804) rsa_pss_rsae_sha384 (0x0805) rsa_pss_rsae_sha512 (0x0806) rsa_pkcs1_sha256 (0x0401) rsa_pkcs1_sha384 (0x0501) rsa_pkcs1_sha512 (0x0601) ecdsa_sha224 (0x0303) rsa_pkcs1_sha224 (0x0301) dsa_sha224 (0x0302) dsa_sha256 (0x0402) dsa_sha384 (0x0502) dsa_sha512 (0x0602) extension_type=supported_versions(43), length=9 TLS 1.3 (772) TLS 1.2 (771) TLS 1.1 (770) TLS 1.0 (769) extension_type=psk_key_exchange_modes(45), length=2 psk_dhe_ke (1) extension_type=key_share(51), length=38 NamedGroup: ecdh_x25519 (29) key_exchange: (len=32): (snip) Received Record Header: Version = TLS 1.2 (0x303) Content Type = Handshake (22) Length = 122 ServerHello, Length=118 server_version=0x303 (TLS 1.2) Random: gmt_unix_time=0x142E888C random_bytes (len=28): (snip) session_id (len=32): (snip) cipher_suite {0x13, 0x02} TLS_AES_256_GCM_SHA384 compression_method: No Compression (0x00) extensions, length = 46 extension_type=key_share(51), length=36 NamedGroup: ecdh_x25519 (29) key_exchange: (len=32): (snip) extension_type=supported_versions(43), length=2 TLS 1.3 (772) (snip)