Connect to Gmail via SSL commands

最新推荐文章于 2024-07-11 09:30:56 发布
最新推荐文章于 2024-07-11 09:30:56 发布
阅读量1.5k 收藏
点赞数
分类专栏: Network 文章标签: gmail ssl google random command file

From: http://kevinhenrikson.com/2006/06/18/gmail-pop-ssl-certs-for-symbian-nokia-phones/

We can check the SSL cert that Gmail is advertising via command line.
$ penssl s_client -connect pop.gmail.com:995 -showcerts

Loading 'screen' into random state - done

CONNECTED(00000768)

depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com

verify error:num=20:unable to get local issuer certificate

verify return:1

depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com

verify error:num=27:certificate not trusted

verify return:1

depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com

verify error:num=21:unable to verify the first certificate

verify return:1

---

Certificate chain

 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com

   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority

-----BEGIN CERTIFICATE-----

MIIC3TCCAkagAwIBAgIDCDijMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT

MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0

aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcxMDI1MTc1MzE2WhcNMDkxMjI0MTg1MzE2

WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN

TW91bnRhaW4gVmlldzEUMBIGA1UEChMLR29vZ2xlIEluYy4xFjAUBgNVBAMTDXBv

cC5nbWFpbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO03QxerFKZV

8yeomuL4zSl8Pr7hMWnKMMgp/CwhwadeBmL0LQHHbjL/6z/Z59ZQvrztqkwhchA2

APKzUwRVTyn7Shx6vBqk6oFmTqoOLmY6hbq6l8uVdUv0AfbHwio8CnLpK2+nbuFl

flPwx1DH0E3grD8+CrH5SmScfTWbDkcXAgMBAAGjga4wgaswDgYDVR0PAQH/BAQD

AgTwMB0GA1UdDgQWBBTJRG/OFpZt+BV43JM3NshHMjpwazA6BgNVHR8EMzAxMC+g

LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDAf

BgNVHSMEGDAWgBRI5mj5K9KylddH2CMgEE8zmJCf1DAdBgNVHSUEFjAUBggrBgEF

BQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQEFBQADgYEAOKr3mhxtwFCS3J6lbeaf

3KrHKi935BZkI75sRbON+hog0t2ovcM2i7fxs3xneH8USLsHgfxNBj9tkMogMK/K

sO/NUVZ/IfyqcNNkp2619qTQXthKRH42JKpAKgNhT1bdno3pxn+eDEpqmU3CE7IP

HDCjWOK1fGkZ/yFAuTxuxAc=

-----END CERTIFICATE-----

---

Server certificate

subject=/C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com

issuer=/C=US/O=Equifax/OU=Equifax Secure Certificate Authority

---

No client certificate CA names sent

---

SSL handshake has read 883 bytes and written 306 bytes

---

New, TLSv1/SSLv3, Cipher is RC4-MD5

Server public key is 1024 bit

Compression: NONE

Expansion: NONE

SSL-Session:

    Protocol  : TLSv1

    Cipher    : RC4-MD5

    Session-ID: E2BDEF22495DDFDE21B9B47101C2E38205A032E5E1353AFF4268CFB250DFDA5F



    Session-ID-ctx:

    Master-Key: 2A8979F3F3D34744ABE64E897AF76B7123A1A0535B807604B6DB21E846BF84A3

DA20D9A46AECDEE35F7C780DF0FB4EA4

    Key-Arg   : None

    Start Time: 1220345433

    Timeout   : 300 (sec)

    Verify return code: 21 (unable to verify the first certificate)

---

+OK Gpop ready for requests from 122.200.68.230 m27pf3798629pof.11

From this we see the root certificate is from Equifax. This certificate can be found in common root cert bundles. For reference here’s the Equifax root certificate.

-----BEGIN CERTIFICATE-----

MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV

UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy

dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1

MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx

dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B

AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f

BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A

cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC

AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ

MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm

aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw

ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj

IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF

MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA

A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y

7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh

1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4

-----END CERTIFICATE-----

We can copy the above text into a text file, and save the file as "equifax.pem". The next step, convert it to a der format using open ssl.

$openssl x509 -outform DER -in equifax.pem -out equifax.der

The final step is to transfer these certificates to your phone. USB, IR, or Bluetooth will all work for this purpose.

CodeJoker
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
【网络安全】SSLSplit中间人攻击实例
Walter的专栏
06-14 8632
recently demonstrated how to perform a man-in-the-middle attack on HTTP(S) connections using mitmproxy. While mitmproxy works just great for HTTP-based communication, it does not understand other TL
How to Get IPC MJPEG Stream via HTTP Commands.pdf
01-07
How to Get IPC MJPEG Stream via HTTP Commands
connect to Gmail Imap using javamail
cowboy的专栏
08-02 3610
import java.util.Properties; import javax.mail.Folder; import javax.mail.Message; import javax.mail.Session; import javax.mail.Store; public class Program {     /**      * @param args
手动收邮件
iteye_10111的博客
08-10 2944
       最近想用mutt体验一下作高手的感觉,发现高手这个虚名真是害人不浅。        引用大家常说的一句话。mutt是一个整合工具,本身的作用并不大。收发都依赖别的程序完成。其实mutt也有一点收发的功能。用mutt -v 看一看有哪些带+号。这些带+号的就说明是有的功能,那些没有的功能就继续怨念吧。       姑且就认为自己的mutt不带收发功能吧。然后我们收发邮件可以分别利...
connect to db by mysqldb-python and use it
mr~li的博客
07-25 385
#通过Python连接数据库 用Python来编写网站,必须要能够通过python操作数据库,所谓操作数据库,就是通过python实现对数据的连接,以及对记录、字段的各种操作。 ##安装python-MySQLdb 要想通过python来操作数据库,还需要在已经安装了mysql的基础上安装一个称之为mysqldb的库,它是一个接口程序,python通过它对mysql数据实现各种操作。 在编...
How to install SuiteCRM on Debian 9
weixin_33913332的博客
04-19 354
SuiteCRM, a fork of SugarCRM, is an enterprise open source Customer RelationshipManagement (CRM) platform written in PHP programming language that can be used for creating business strateg...
How-To-Secure-A-Linux-Server
weixin_30670965的博客
05-08 1281
Reference: https://raw.githubusercontent.com/imthenachoman/How-To-Secure-A-Linux-Server/master/linux-kernel-sysctl-hardening.md https://github.com/imthenachoman/How-To-Secure-A-Linux-Server https:/...
关于 Ansible 中的一些奇技淫巧整理
山河已无恙
03-24 830
分享一些 Ansible 中日常剧本中不常用但是需要知道的一些知识点博文适合了解 Ansible 的小伙伴,可以用作温习理解不足小伙伴帮忙指正对每个人而言,真正的职责只有一个:找到自我。然后在心中坚守其一生,全心全意,永不停息。所有其它的路都是不完整的,是人的逃避方式,是对大众理想的懦弱回归,是随波逐流,是对内心的恐惧 ——赫尔曼·黑塞《德米安》对于配置文件,可以通过Jinja2模板来实现。使用方式常用的有变量、for循环、if-else{{ item }}{% else %}
How to Build an High Availability MQTT Cluster for the Internet of Things
~笑对人生~
06-06 2037
出自:https://medium.com/@lelylan/how-to-build-an-high-availability-mqtt-cluster-for-the-internet-of-things-8011a06bd000#.sgxc9xdfb TL;DR In this article I’ll show you how to creare a scalabl
vsftpd.conf全部配置参数官网详细说明
weixin_34013044的博客
04-12 516
NAMEvsftpd.conf - config file for vsftpdDESCRIPTIONvsftpd.conf may be used to control various aspects of vsftpd's behaviour. By default, vsftpd looks for this file at the location/etc/...
VIA AT Commands Spec V3 12
12-06
VIA AT Commands Spec V3 12
A few frequently used SSL commands
01-01
SSL(Secure Sockets Layer)是网络安全领域中一种广泛使用的协议,用于在互联网上提供安全通信。它通过加密传输数据来保护用户的隐私和信息安全。本文将详细介绍一些常用的与SSL相关的OpenSSL命令,帮助你管理和...
Quectel_EC2x&EG9x&EM05_SSL_AT_Commands_Manual_V1.0.pdf
06-19
Quectel_EC2x&EG9x&EM05_SSL_AT_Commands_Manual_V1.0.pdf
compile_commands.json
06-23
win10下vim开发stm32编译数据库文件例子
Windows下编译OpenSSL静态库
mickey2007的博客
07-08 993
OpenSSL是一个功能丰富且开源的安全工具箱,它提供的主要功能有:SSL协议实现(包括SSLv2、SSLv3和TLSv1)、大量软算法(对称/非对称/摘要)、大数运算、非对称算法密钥生成、ASN.1编解码库、证书请求(PKCS10)编解码、数字证书编解码、CRL编解码、OCSP协议、数字证书验证、PKCS7标准实现和PKCS12个人数字证书格式实现等功能。
使用openssl生成自签名证书
super的博客
07-10 342
/CN= Common Name 域名或IP www.xxxx.com。#/O= Organization 组织或企业。# X.509证书包含三个文件:key,csr,crt。# -out server.key 生成的私钥文件名。# -genra 生成RSA私钥。# -subj 生成CSR证书的参数。# 生成CSR(证书签名请求)# -req 生成证书签名请求。# -out 生成的CSR文件。# 生成私钥(key文件)# -key 生成私钥文件。# -1024 私钥长度。
SSL 证书错误:如何修复以及错误发生的原因
最新发布
web_geek的博客
07-11 794
要确认您的网站已安装SSL证书,一种方法是使用浏览器访问您的网站并查看地址栏。如果您的网站主机在主机提供商上并且有SSL错误,可能是因为没有Whois电子邮件连接到您的网站。导致SSL证书错误的因素有很多,包括证书过期、服务器配置错误、域名不匹配以及由不受信任或未知的证书颁发机构签发的证书。然而,如果您的SSL证书出现错误,您可能会得到一个“不安全”的标签,这可能会导致访问者失去对您网站的信任并转向竞争对手。如果证书是自签名的,它是由您的服务器生成的,而不是由证书颁发机构生成的。不同服务器的过程有所不同。
[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:841)
zzz12341的博客
07-10 251
【代码】[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:841)
docker cannot connect to x server
06-03
This error message usually occurs when you are trying to run a graphical application inside a Docker container and the application is unable to connect to the X server running on the host machine. To fix this issue, you need to pass the X server socket file to the Docker container as a volume or an environment variable. Here are the steps to do this: 1. Install the x11-xserver-utils package on the host machine using the following command: ``` sudo apt-get install x11-xserver-utils ``` 2. Allow other users to connect to the X server by running the following command on the host machine: ``` xhost + ``` 3. Start the Docker container with the following command, which passes the X server socket file as a volume: ``` docker run -it --rm -v /tmp/.X11-unix:/tmp/.X11-unix <image_name> ``` Replace `<image_name>` with the name of the Docker image you want to run. 4. Alternatively, you can pass the X server socket file as an environment variable using the following command: ``` docker run -it --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix <image_name> ``` This command sets the `DISPLAY` environment variable to the value of the `DISPLAY` variable on the host machine. After running one of these commands, you should be able to run graphical applications inside the Docker container without encountering the "cannot connect to X server" error.

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值