RuntimeError: cannot use string() on <cdata 'char *' NULL>
TheTechromancer opened this issue · 2 comments
TheTechromancer commented
I ran into the following error while connecting to 52.112.67.51:443. The full cert at the time of the error is included below in PEM format.
2023-03-31 04:07:44,154 [ERROR] bbot.scanner.manager manager.py:327 Error in sslcert.visit_host(): cannot use string() on <cdata 'char *' NULL>
2023-03-31 04:07:44,155 [TRACE] bbot.scanner.manager manager.py:328 Traceback (most recent call last):
File "/root/bbot/bbot/scanner/manager.py", line 321, in catch
ret = callback(*args, **kwargs)
File "/root/bbot/bbot/modules/sslcert.py", line 163, in visit_host
dns_names = set(self.get_cert_sans(cert))
File "/root/bbot/bbot/modules/sslcert.py", line 176, in get_cert_sans
if "subjectAltName" in str(ext.get_short_name()):
File "/root/.cache/pypoetry/virtualenvs/bbot-aKeTQkGo-py3.9/lib/python3.9/site-packages/OpenSSL/crypto.py", line 907, in get_short_name
return _ffi.string(_lib.OBJ_nid2sn(nid))
RuntimeError: cannot use string() on <cdata 'char *' NULL>$ openssl s_client -connect 52.112.67.51:443 -showcerts </dev/null | openssl x509 -outform pem > /tmp/cert.pem
Can't use SSL_get_servername
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root G2
verify return:1
depth=1 C = US, O = Microsoft Corporation, CN = Microsoft Azure TLS Issuing CA 06
verify return:1
depth=0 C = US, ST = WA, L = Redmond, O = Microsoft Corporation, CN = sipfed.online.lync.com
verify return:1
DONE$ cat /tmp/cert.pem
-----BEGIN CERTIFICATE-----
MIIIkTCCBnmgAwIBAgITMwA+NOE91QSEAn8XCAAAAD404TANBgkqhkiG9w0BAQwF
ADBZMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MSowKAYDVQQDEyFNaWNyb3NvZnQgQXp1cmUgVExTIElzc3VpbmcgQ0EgMDYwHhcN
MjIwNjA4MTcwNjA2WhcNMjMwNjAzMTcwNjA2WjBtMQswCQYDVQQGEwJVUzELMAkG
A1UECBMCV0ExEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD
b3Jwb3JhdGlvbjEfMB0GA1UEAxMWc2lwZmVkLm9ubGluZS5seW5jLmNvbTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN6P8KayT1vrZO/uUO5kATSpIK4L
YiXyIQdAdbGKIpUNZZISUCjgHV2jTqAM+MORt5a4Ks1OFszZc/ht78eoyKzr+vWA
iwLtXDHYW9XN9fphzCXj4mE86F7A3Mf9TBogmegAokEkCdySB2Ay6NXoaSZqRoU9
HQsmhhLFnGaxISrjnbM+rVYuSMrphdZLPIwbAxPQozlb1Fnlws/sjbBek2vhSqAB
HZxJmEBU8LQBFr17ESEC+DUPuRqFRQ6kDiXmUXTKYsnlsKdCMxAPLnZsPxJ4zVu+
wDGXVinN0vywEQOl3Moor5W38vMw69EnKl+rs7wvlxhVfRblbzGo7PsP5KECAwEA
AaOCBDwwggQ4MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdwCt9776fP8QyIud
PZwePhhqtGcpXc+xDCTKhYY069yCigAAAYFEUPr7AAAEAwBIMEYCIQDgLfE/h+fB
pLnhep2HOWOJCzbJ1t/QZEUl5WGpb30+BwIhAMPLzGeqJ+BXEPy2LJF5bTIQmLZY
Wi2OKgH9cM9yeGKeAHUAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoA
AAGBRFD7agAABAMARjBEAiAEMOBJhPDhcoxllOkjVCQMmYL8K5TJjDIW+vHX37uS
DwIgLr3AKWENdgLSfei+2fPOW7p1dVpbe0YkZMqWJuIcDOYAdQDoPtDaPvUGNTLn
Vyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYFEUPspAAAEAwBGMEQCIAF7FvxlJbfU
fvkWZFSb2qb6uM/wdxuQn4ycRtHJ/MFoAiAvC8hFJ2+m/1Nz1xDQqlIGzBkwD+88
PbQM6evl/1hO9zAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUF
BwMBMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQBgjcVCIe91xuB5+tGgoGdLo7QDIfw
2h1dgoTlaYLzpz4CAWQCASUwga4GCCsGAQUFBwEBBIGhMIGeMG0GCCsGAQUFBzAC
hmFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29m
dCUyMEF6dXJlJTIwVExTJTIwSXNzdWluZyUyMENBJTIwMDYlMjAtJTIweHNpZ24u
Y3J0MC0GCCsGAQUFBzABhiFodHRwOi8vb25lb2NzcC5taWNyb3NvZnQuY29tL29j
c3AwHQYDVR0OBBYEFNDaJzkngDOwon8QYRy6ltdYQwLQMA4GA1UdDwEB/wQEAwIE
sDBSBgNVHREESzBJghZzaXBmZWQub25saW5lLmx5bmMuY29tghEqLm9ubGluZS5s
eW5jLmNvbYIQKi5pbmZyYS5seW5jLmNvbYIKKi5seW5jLmNvbTAMBgNVHRMBAf8E
AjAAMGQGA1UdHwRdMFswWaBXoFWGU2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9w
a2lvcHMvY3JsL01pY3Jvc29mdCUyMEF6dXJlJTIwVExTJTIwSXNzdWluZyUyMENB
JTIwMDYuY3JsMGYGA1UdIARfMF0wUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUH
AgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0
b3J5Lmh0bTAIBgZngQwBAgIwHwYDVR0jBBgwFoAU1cFnOsKjnfR3UltZEjgp5lVo
u6UwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBDAUA
A4ICAQAjGW3q0nEj4weD7ec2OG9AzJwzJjIwqlEXCBboDVXojyclybRPBR3MYITz
VHWJSbjhpbDVVYpBNrrsAqhCxM+YBqTLf50c87I1zqF5usmUboro3aj19i0IwmGx
wO2uBM2N/LNN7B9j9a3vY53scknr/Umkvj1qG9q7gQIFwKga8k6efRoypGZBbyoF
WITAIReSAVUMYrFddHj8ld0P5QrwartepgHVpBJgB3zc9LRbiGTykZq0U9PFEo0q
zJNaX+CHFfEnPCzpyjVk3ciJZgIHeozk9MegO1GhKIHHW/pBcZejhha7ScYbYJFb
tqatah+hrfx9EK1V1uUXel6I9hivk1hmeQ1PjyxbacM7YdPj75xGM9J5ai54UQHf
UC/1xTVf2WxXGtt6s6u0aA34/O4/I8NGF3s9yrv7kNgZ97sN9H6aKinSKij2tpYP
wQsmX0vQ+sl4uRCogTOWzd19cb3gXSloeAhK6mfByeDTCzD42fOTRx/WWnT2f2L5
Ca5bMUQKT+kshOEXGwmuRhIkzYZq27F2sRxz+nPPd7I853StYkoPGLtjWHpe6Ke2
2dlA/ewxoMztaiZV2CsmuGr2Q8dano7DZ4cxAf5yHmQ0YupQqRTmk1nc+86l/GXl
3krpF5K+xWyjc9IQ/A0yScdmAJ6WcPkxGIr6H3X5pNtefZqvXw==
-----END CERTIFICATE-----$ openssl x509 -in /tmp/cert.pem -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:00:3e:34:e1:3d:d5:04:84:02:7f:17:08:00:00:00:3e:34:e1
Signature Algorithm: sha384WithRSAEncryption
Issuer: C = US, O = Microsoft Corporation, CN = Microsoft Azure TLS Issuing CA 06
Validity
Not Before: Jun 8 17:06:06 2022 GMT
Not After : Jun 3 17:06:06 2023 GMT
Subject: C = US, ST = WA, L = Redmond, O = Microsoft Corporation, CN = sipfed.online.lync.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:8f:f0:a6:b2:4f:5b:eb:64:ef:ee:50:ee:64:
01:34:a9:20:ae:0b:62:25:f2:21:07:40:75:b1:8a:
22:95:0d:65:92:12:50:28:e0:1d:5d:a3:4e:a0:0c:
f8:c3:91:b7:96:b8:2a:cd:4e:16:cc:d9:73:f8:6d:
ef:c7:a8:c8:ac:eb:fa:f5:80:8b:02:ed:5c:31:d8:
5b:d5:cd:f5:fa:61:cc:25:e3:e2:61:3c:e8:5e:c0:
dc:c7:fd:4c:1a:20:99:e8:00:a2:41:24:09:dc:92:
07:60:32:e8:d5:e8:69:26:6a:46:85:3d:1d:0b:26:
86:12:c5:9c:66:b1:21:2a:e3:9d:b3:3e:ad:56:2e:
48:ca:e9:85:d6:4b:3c:8c:1b:03:13:d0:a3:39:5b:
d4:59:e5:c2:cf:ec:8d:b0:5e:93:6b:e1:4a:a0:01:
1d:9c:49:98:40:54:f0:b4:01:16:bd:7b:11:21:02:
f8:35:0f:b9:1a:85:45:0e:a4:0e:25:e6:51:74:ca:
62:c9:e5:b0:a7:42:33:10:0f:2e:76:6c:3f:12:78:
cd:5b:be:c0:31:97:56:29:cd:d2:fc:b0:11:03:a5:
dc:ca:28:af:95:b7:f2:f3:30:eb:d1:27:2a:5f:ab:
b3:bc:2f:97:18:55:7d:16:e5:6f:31:a8:ec:fb:0f:
e4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
Timestamp : Jun 8 17:16:06.779 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:E0:2D:F1:3F:87:E7:C1:A4:B9:E1:7A:
9D:87:39:63:89:0B:36:C9:D6:DF:D0:64:45:25:E5:61:
A9:6F:7D:3E:07:02:21:00:C3:CB:CC:67:AA:27:E0:57:
10:FC:B6:2C:91:79:6D:32:10:98:B6:58:5A:2D:8E:2A:
01:FD:70:CF:72:78:62:9E
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09:
4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A
Timestamp : Jun 8 17:16:06.890 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:04:30:E0:49:84:F0:E1:72:8C:65:94:E9:
23:54:24:0C:99:82:FC:2B:94:C9:8C:32:16:FA:F1:D7:
DF:BB:92:0F:02:20:2E:BD:C0:29:61:0D:76:02:D2:7D:
E8:BE:D9:F3:CE:5B:BA:75:75:5A:5B:7B:46:24:64:CA:
96:26:E2:1C:0C:E6
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
Timestamp : Jun 8 17:16:06.825 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:01:7B:16:FC:65:25:B7:D4:7E:F9:16:64:
54:9B:DA:A6:FA:B8:CF:F0:77:1B:90:9F:8C:9C:46:D1:
C9:FC:C1:68:02:20:2F:0B:C8:45:27:6F:A6:FF:53:73:
D7:10:D0:AA:52:06:CC:19:30:0F:EF:3C:3D:B4:0C:E9:
EB:E5:FF:58:4E:F7
1.3.6.1.4.1.311.21.10:
0.0
..+.......0
..+.......
1.3.6.1.4.1.311.21.7:
0-.%+.....7.........F...........]...i...>..d..%
Authority Information Access:
CA Issuers - URI:http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2006%20-%20xsign.crt
OCSP - URI:http://oneocsp.microsoft.com/ocsp
X509v3 Subject Key Identifier:
D0:DA:27:39:27:80:33:B0:A2:7F:10:61:1C:BA:96:D7:58:43:02:D0
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Data Encipherment
X509v3 Subject Alternative Name:
DNS:sipfed.online.lync.com, DNS:*.online.lync.com, DNS:*.infra.lync.com, DNS:*.lync.com
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
Full Name:
URI:http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2006.crl
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.311.76.509.1.1
CPS: http://www.microsoft.com/pkiops/Docs/Repository.htm
Policy: 2.23.140.1.2.2
X509v3 Authority Key Identifier:
D5:C1:67:3A:C2:A3:9D:F4:77:52:5B:59:12:38:29:E6:55:68:BB:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
Signature Algorithm: sha384WithRSAEncryption
Signature Value:
23:19:6d:ea:d2:71:23:e3:07:83:ed:e7:36:38:6f:40:cc:9c:
33:26:32:30:aa:51:17:08:16:e8:0d:55:e8:8f:27:25:c9:b4:
4f:05:1d:cc:60:84:f3:54:75:89:49:b8:e1:a5:b0:d5:55:8a:
41:36:ba:ec:02:a8:42:c4:cf:98:06:a4:cb:7f:9d:1c:f3:b2:
35:ce:a1:79:ba:c9:94:6e:8a:e8:dd:a8:f5:f6:2d:08:c2:61:
b1:c0:ed:ae:04:cd:8d:fc:b3:4d:ec:1f:63:f5:ad:ef:63:9d:
ec:72:49:eb:fd:49:a4:be:3d:6a:1b:da:bb:81:02:05:c0:a8:
1a:f2:4e:9e:7d:1a:32:a4:66:41:6f:2a:05:58:84:c0:21:17:
92:01:55:0c:62:b1:5d:74:78:fc:95:dd:0f:e5:0a:f0:6a:bb:
5e:a6:01:d5:a4:12:60:07:7c:dc:f4:b4:5b:88:64:f2:91:9a:
b4:53:d3:c5:12:8d:2a:cc:93:5a:5f:e0:87:15:f1:27:3c:2c:
e9:ca:35:64:dd:c8:89:66:02:07:7a:8c:e4:f4:c7:a0:3b:51:
a1:28:81:c7:5b:fa:41:71:97:a3:86:16:bb:49:c6:1b:60:91:
5b:b6:a6:ad:6a:1f:a1:ad:fc:7d:10:ad:55:d6:e5:17:7a:5e:
88:f6:18:af:93:58:66:79:0d:4f:8f:2c:5b:69:c3:3b:61:d3:
e3:ef:9c:46:33:d2:79:6a:2e:78:51:01:df:50:2f:f5:c5:35:
5f:d9:6c:57:1a:db:7a:b3:ab:b4:68:0d:f8:fc:ee:3f:23:c3:
46:17:7b:3d:ca:bb:fb:90:d8:19:f7:bb:0d:f4:7e:9a:2a:29:
d2:2a:28:f6:b6:96:0f:c1:0b:26:5f:4b:d0:fa:c9:78:b9:10:
a8:81:33:96:cd:dd:7d:71:bd:e0:5d:29:68:78:08:4a:ea:67:
c1:c9:e0:d3:0b:30:f8:d9:f3:93:47:1f:d6:5a:74:f6:7f:62:
f9:09:ae:5b:31:44:0a:4f:e9:2c:84:e1:17:1b:09:ae:46:12:
24:cd:86:6a:db:b1:76:b1:1c:73:fa:73:cf:77:b2:3c:e7:74:
ad:62:4a:0f:18:bb:63:58:7a:5e:e8:a7:b6:d9:d9:40:fd:ec:
31:a0:cc:ed:6a:26:55:d8:2b:26:b8:6a:f6:43:c7:5a:9e:8e:
c3:67:87:31:01:fe:72:1e:64:34:62:ea:50:a9:14:e6:93:59:
dc:fb:ce:a5:fc:65:e5:de:4a:e9:17:92:be:c5:6c:a3:73:d2:
10:fc:0d:32:49:c7:66:00:9e:96:70:f9:31:18:8a:fa:1f:75:
f9:a4:db:5e:7d:9a:af:5fOS: Linux localhost 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 GNU/Linux
Python: 3.9.2
pyOpenSSL: 23.0.0
alex commented
This is fixed in 23.1.1, try upgrading
…On Fri, Mar 31, 2023 at 12:37 AM TheTechromancer ***@***.***> wrote:
I ran into the following error while connecting to 52.112.67.51:443. The
full cert at the time of the error is included below in PEM format.
2023-03-31 04:07:44,154 [ERROR] bbot.scanner.manager manager.py:327 Error in sslcert.visit_host(): cannot use string() on <cdata 'char *' NULL>2023-03-31 04:07:44,155 [TRACE] bbot.scanner.manager manager.py:328 Traceback (most recent call last):
File "/root/bbot/bbot/scanner/manager.py", line 321, in catch
ret = callback(*args, **kwargs)
File "/root/bbot/bbot/modules/sslcert.py", line 163, in visit_host
dns_names = set(self.get_cert_sans(cert))
File "/root/bbot/bbot/modules/sslcert.py", line 176, in get_cert_sans
if "subjectAltName" in str(ext.get_short_name()):
File "/root/.cache/pypoetry/virtualenvs/bbot-aKeTQkGo-py3.9/lib/python3.9/site-packages/OpenSSL/crypto.py", line 907, in get_short_name
return _ffi.string(_lib.OBJ_nid2sn(nid))RuntimeError: cannot use string() on <cdata 'char *' NULL>
$ openssl s_client -connect 52.112.67.51:443 -showcerts </dev/null | openssl x509 -outform pem > /tmp/cert.pem
Can't use SSL_get_servernamedepth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root G2verify return:1depth=1 C = US, O = Microsoft Corporation, CN = Microsoft Azure TLS Issuing CA 06verify return:1depth=0 C = US, ST = WA, L = Redmond, O = Microsoft Corporation, CN = sipfed.online.lync.comverify return:1DONE
$ cat /tmp/cert.pem
-----BEGIN CERTIFICATE-----
MIIIkTCCBnmgAwIBAgITMwA+NOE91QSEAn8XCAAAAD404TANBgkqhkiG9w0BAQwF
ADBZMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u
MSowKAYDVQQDEyFNaWNyb3NvZnQgQXp1cmUgVExTIElzc3VpbmcgQ0EgMDYwHhcN
MjIwNjA4MTcwNjA2WhcNMjMwNjAzMTcwNjA2WjBtMQswCQYDVQQGEwJVUzELMAkG
A1UECBMCV0ExEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD
b3Jwb3JhdGlvbjEfMB0GA1UEAxMWc2lwZmVkLm9ubGluZS5seW5jLmNvbTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN6P8KayT1vrZO/uUO5kATSpIK4L
YiXyIQdAdbGKIpUNZZISUCjgHV2jTqAM+MORt5a4Ks1OFszZc/ht78eoyKzr+vWA
iwLtXDHYW9XN9fphzCXj4mE86F7A3Mf9TBogmegAokEkCdySB2Ay6NXoaSZqRoU9
HQsmhhLFnGaxISrjnbM+rVYuSMrphdZLPIwbAxPQozlb1Fnlws/sjbBek2vhSqAB
HZxJmEBU8LQBFr17ESEC+DUPuRqFRQ6kDiXmUXTKYsnlsKdCMxAPLnZsPxJ4zVu+
wDGXVinN0vywEQOl3Moor5W38vMw69EnKl+rs7wvlxhVfRblbzGo7PsP5KECAwEA
AaOCBDwwggQ4MIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdwCt9776fP8QyIud
PZwePhhqtGcpXc+xDCTKhYY069yCigAAAYFEUPr7AAAEAwBIMEYCIQDgLfE/h+fB
pLnhep2HOWOJCzbJ1t/QZEUl5WGpb30+BwIhAMPLzGeqJ+BXEPy2LJF5bTIQmLZY
Wi2OKgH9cM9yeGKeAHUAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoA
AAGBRFD7agAABAMARjBEAiAEMOBJhPDhcoxllOkjVCQMmYL8K5TJjDIW+vHX37uS
DwIgLr3AKWENdgLSfei+2fPOW7p1dVpbe0YkZMqWJuIcDOYAdQDoPtDaPvUGNTLn
Vyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYFEUPspAAAEAwBGMEQCIAF7FvxlJbfU
fvkWZFSb2qb6uM/wdxuQn4ycRtHJ/MFoAiAvC8hFJ2+m/1Nz1xDQqlIGzBkwD+88
PbQM6evl/1hO9zAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUF
BwMBMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQBgjcVCIe91xuB5+tGgoGdLo7QDIfw
2h1dgoTlaYLzpz4CAWQCASUwga4GCCsGAQUFBwEBBIGhMIGeMG0GCCsGAQUFBzAC
hmFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29m
dCUyMEF6dXJlJTIwVExTJTIwSXNzdWluZyUyMENBJTIwMDYlMjAtJTIweHNpZ24u
Y3J0MC0GCCsGAQUFBzABhiFodHRwOi8vb25lb2NzcC5taWNyb3NvZnQuY29tL29j
c3AwHQYDVR0OBBYEFNDaJzkngDOwon8QYRy6ltdYQwLQMA4GA1UdDwEB/wQEAwIE
sDBSBgNVHREESzBJghZzaXBmZWQub25saW5lLmx5bmMuY29tghEqLm9ubGluZS5s
eW5jLmNvbYIQKi5pbmZyYS5seW5jLmNvbYIKKi5seW5jLmNvbTAMBgNVHRMBAf8E
AjAAMGQGA1UdHwRdMFswWaBXoFWGU2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9w
a2lvcHMvY3JsL01pY3Jvc29mdCUyMEF6dXJlJTIwVExTJTIwSXNzdWluZyUyMENB
JTIwMDYuY3JsMGYGA1UdIARfMF0wUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUH
AgEWM2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0
b3J5Lmh0bTAIBgZngQwBAgIwHwYDVR0jBBgwFoAU1cFnOsKjnfR3UltZEjgp5lVo
u6UwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBDAUA
A4ICAQAjGW3q0nEj4weD7ec2OG9AzJwzJjIwqlEXCBboDVXojyclybRPBR3MYITz
VHWJSbjhpbDVVYpBNrrsAqhCxM+YBqTLf50c87I1zqF5usmUboro3aj19i0IwmGx
wO2uBM2N/LNN7B9j9a3vY53scknr/Umkvj1qG9q7gQIFwKga8k6efRoypGZBbyoF
WITAIReSAVUMYrFddHj8ld0P5QrwartepgHVpBJgB3zc9LRbiGTykZq0U9PFEo0q
zJNaX+CHFfEnPCzpyjVk3ciJZgIHeozk9MegO1GhKIHHW/pBcZejhha7ScYbYJFb
tqatah+hrfx9EK1V1uUXel6I9hivk1hmeQ1PjyxbacM7YdPj75xGM9J5ai54UQHf
UC/1xTVf2WxXGtt6s6u0aA34/O4/I8NGF3s9yrv7kNgZ97sN9H6aKinSKij2tpYP
wQsmX0vQ+sl4uRCogTOWzd19cb3gXSloeAhK6mfByeDTCzD42fOTRx/WWnT2f2L5
Ca5bMUQKT+kshOEXGwmuRhIkzYZq27F2sRxz+nPPd7I853StYkoPGLtjWHpe6Ke2
2dlA/ewxoMztaiZV2CsmuGr2Q8dano7DZ4cxAf5yHmQ0YupQqRTmk1nc+86l/GXl
3krpF5K+xWyjc9IQ/A0yScdmAJ6WcPkxGIr6H3X5pNtefZqvXw==
-----END CERTIFICATE-----
$ openssl x509 -in /tmp/cert.pem -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:00:3e:34:e1:3d:d5:04:84:02:7f:17:08:00:00:00:3e:34:e1
Signature Algorithm: sha384WithRSAEncryption
Issuer: C = US, O = Microsoft Corporation, CN = Microsoft Azure TLS Issuing CA 06
Validity
Not Before: Jun 8 17:06:06 2022 GMT
Not After : Jun 3 17:06:06 2023 GMT
Subject: C = US, ST = WA, L = Redmond, O = Microsoft Corporation, CN = sipfed.online.lync.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:de:8f:f0:a6:b2:4f:5b:eb:64:ef:ee:50:ee:64:
01:34:a9:20:ae:0b:62:25:f2:21:07:40:75:b1:8a:
22:95:0d:65:92:12:50:28:e0:1d:5d:a3:4e:a0:0c:
f8:c3:91:b7:96:b8:2a:cd:4e:16:cc:d9:73:f8:6d:
ef:c7:a8:c8:ac:eb:fa:f5:80:8b:02:ed:5c:31:d8:
5b:d5:cd:f5:fa:61:cc:25:e3:e2:61:3c:e8:5e:c0:
dc:c7:fd:4c:1a:20:99:e8:00:a2:41:24:09:dc:92:
07:60:32:e8:d5:e8:69:26:6a:46:85:3d:1d:0b:26:
86:12:c5:9c:66:b1:21:2a:e3:9d:b3:3e:ad:56:2e:
48:ca:e9:85:d6:4b:3c:8c:1b:03:13:d0:a3:39:5b:
d4:59:e5:c2:cf:ec:8d:b0:5e:93:6b:e1:4a:a0:01:
1d:9c:49:98:40:54:f0:b4:01:16:bd:7b:11:21:02:
f8:35:0f:b9:1a:85:45:0e:a4:0e:25:e6:51:74:ca:
62:c9:e5:b0:a7:42:33:10:0f:2e:76:6c:3f:12:78:
cd:5b:be:c0:31:97:56:29:cd:d2:fc:b0:11:03:a5:
dc:ca:28:af:95:b7:f2:f3:30:eb:d1:27:2a:5f:ab:
b3:bc:2f:97:18:55:7d:16:e5:6f:31:a8:ec:fb:0f:
e4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : AD:F7:BE:FA:7C:FF:10:C8:8B:9D:3D:9C:1E:3E:18:6A:
B4:67:29:5D:CF:B1:0C:24:CA:85:86:34:EB:DC:82:8A
Timestamp : Jun 8 17:16:06.779 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:E0:2D:F1:3F:87:E7:C1:A4:B9:E1:7A:
9D:87:39:63:89:0B:36:C9:D6:DF:D0:64:45:25:E5:61:
A9:6F:7D:3E:07:02:21:00:C3:CB:CC:67:AA:27:E0:57:
10:FC:B6:2C:91:79:6D:32:10:98:B6:58:5A:2D:8E:2A:
01:FD:70:CF:72:78:62:9E
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09:
4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A
Timestamp : Jun 8 17:16:06.890 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:04:30:E0:49:84:F0:E1:72:8C:65:94:E9:
23:54:24:0C:99:82:FC:2B:94:C9:8C:32:16:FA:F1:D7:
DF:BB:92:0F:02:20:2E:BD:C0:29:61:0D:76:02:D2:7D:
E8:BE:D9:F3:CE:5B:BA:75:75:5A:5B:7B:46:24:64:CA:
96:26:E2:1C:0C:E6
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
Timestamp : Jun 8 17:16:06.825 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:01:7B:16:FC:65:25:B7:D4:7E:F9:16:64:
54:9B:DA:A6:FA:B8:CF:F0:77:1B:90:9F:8C:9C:46:D1:
C9:FC:C1:68:02:20:2F:0B:C8:45:27:6F:A6:FF:53:73:
D7:10:D0:AA:52:06:CC:19:30:0F:EF:3C:3D:B4:0C:E9:
EB:E5:FF:58:4E:F7
1.3.6.1.4.1.311.21.10:
0.0
..+.......0
..+.......
1.3.6.1.4.1.311.21.7:
0-.%+.....7.........F...........]...i...>..d..%
Authority Information Access:
CA Issuers - URI:http://www.microsoft.com/pkiops/certs/Microsoft%20Azure%20TLS%20Issuing%20CA%2006%20-%20xsign.crt
OCSP - URI:http://oneocsp.microsoft.com/ocsp
X509v3 Subject Key Identifier:
D0:DA:27:39:27:80:33:B0:A2:7F:10:61:1C:BA:96:D7:58:43:02:D0
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Data Encipherment
X509v3 Subject Alternative Name:
DNS:sipfed.online.lync.com, DNS:*.online.lync.com, DNS:*.infra.lync.com, DNS:*.lync.com
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
Full Name:
URI:http://www.microsoft.com/pkiops/crl/Microsoft%20Azure%20TLS%20Issuing%20CA%2006.crl
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.311.76.509.1.1
CPS: http://www.microsoft.com/pkiops/Docs/Repository.htm
Policy: 2.23.140.1.2.2
X509v3 Authority Key Identifier:
D5:C1:67:3A:C2:A3:9D:F4:77:52:5B:59:12:38:29:E6:55:68:BB:A5
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
Signature Algorithm: sha384WithRSAEncryption
Signature Value:
23:19:6d:ea:d2:71:23:e3:07:83:ed:e7:36:38:6f:40:cc:9c:
33:26:32:30:aa:51:17:08:16:e8:0d:55:e8:8f:27:25:c9:b4:
4f:05:1d:cc:60:84:f3:54:75:89:49:b8:e1:a5:b0:d5:55:8a:
41:36:ba:ec:02:a8:42:c4:cf:98:06:a4:cb:7f:9d:1c:f3:b2:
35:ce:a1:79:ba:c9:94:6e:8a:e8:dd:a8:f5:f6:2d:08:c2:61:
b1:c0:ed:ae:04:cd:8d:fc:b3:4d:ec:1f:63:f5:ad:ef:63:9d:
ec:72:49:eb:fd:49:a4:be:3d:6a:1b:da:bb:81:02:05:c0:a8:
1a:f2:4e:9e:7d:1a:32:a4:66:41:6f:2a:05:58:84:c0:21:17:
92:01:55:0c:62:b1:5d:74:78:fc:95:dd:0f:e5:0a:f0:6a:bb:
5e:a6:01:d5:a4:12:60:07:7c:dc:f4:b4:5b:88:64:f2:91:9a:
b4:53:d3:c5:12:8d:2a:cc:93:5a:5f:e0:87:15:f1:27:3c:2c:
e9:ca:35:64:dd:c8:89:66:02:07:7a:8c:e4:f4:c7:a0:3b:51:
a1:28:81:c7:5b:fa:41:71:97:a3:86:16:bb:49:c6:1b:60:91:
5b:b6:a6:ad:6a:1f:a1:ad:fc:7d:10:ad:55:d6:e5:17:7a:5e:
88:f6:18:af:93:58:66:79:0d:4f:8f:2c:5b:69:c3:3b:61:d3:
e3:ef:9c:46:33:d2:79:6a:2e:78:51:01:df:50:2f:f5:c5:35:
5f:d9:6c:57:1a:db:7a:b3:ab:b4:68:0d:f8:fc:ee:3f:23:c3:
46:17:7b:3d:ca:bb:fb:90:d8:19:f7:bb:0d:f4:7e:9a:2a:29:
d2:2a:28:f6:b6:96:0f:c1:0b:26:5f:4b:d0:fa:c9:78:b9:10:
a8:81:33:96:cd:dd:7d:71:bd:e0:5d:29:68:78:08:4a:ea:67:
c1:c9:e0:d3:0b:30:f8:d9:f3:93:47:1f:d6:5a:74:f6:7f:62:
f9:09:ae:5b:31:44:0a:4f:e9:2c:84:e1:17:1b:09:ae:46:12:
24:cd:86:6a:db:b1:76:b1:1c:73:fa:73:cf:77:b2:3c:e7:74:
ad:62:4a:0f:18:bb:63:58:7a:5e:e8:a7:b6:d9:d9:40:fd:ec:
31:a0:cc:ed:6a:26:55:d8:2b:26:b8:6a:f6:43:c7:5a:9e:8e:
c3:67:87:31:01:fe:72:1e:64:34:62:ea:50:a9:14:e6:93:59:
dc:fb:ce:a5:fc:65:e5:de:4a:e9:17:92:be:c5:6c:a3:73:d2:
10:fc:0d:32:49:c7:66:00:9e:96:70:f9:31:18:8a:fa:1f:75:
f9:a4:db:5e:7d:9a:af:5f
OS: Linux localhost 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 GNU/Linux
Python: 3.9.2
pyOpenSSL: 23.0.0
—
Reply to this email directly, view it on GitHub
<#1207>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBBDDJZZPLJNWS2ZK6DW6ZNPVANCNFSM6AAAAAAWOESUOQ>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
--
All that is necessary for evil to succeed is for good people to do nothing.
TheTechromancer commented
This is fixed in 23.1.1, try upgrading
Worked! Thanks