Announcement

Collapse
No announcement yet.

SSL Cert errors on start up

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    SSL Cert errors on start up

    I keep getting these errors when I start up my PC. This is before I start chrome or thunderbird or anything else, it's just getting to the desktop. Sometimes it's three in a row, sometimes only one or two and occasionally it will boot without any errors at all.

    I ran 'openssl s_client -CApath /etc/ssl/certs/ -connect google.com:443' and it claims everything is OK.

    Here is the output:

    Code:
    $ openssl s_client -CApath /etc/ssl/certs/ -connect google.com:443
CONNECTED(00000003)
depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority
verify return:1
depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
verify return:1
depth=1 C = US, O = Google Inc, CN = Google Internet Authority G2
verify return:1
depth=0 C = US, ST = California, L = Mountain View, O = Google Inc, CN = *.google.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.google.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority G2
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHIDCCBgigAwIBAgIIOxljhfc8wNYwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTMwNzMxMTIwMTM0WhcNMTQwNzMxMTIwMTM0
WjBmMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEVMBMGA1UEAwwMKi5n
b29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQvtbOtE
XoC2YTxjndTfksIihvkckqyPA+/oI3hT7GRijQw185chLTqLWPO4570NCbGMiCsD
taYvSt4+LYyvvpVNGjfQzLyVSGwlkKvYIcfYeVsLTjtXoWHrvrpug/ijZ8zFao5w
47o2A0QHh+B+FhuzTD+skHzxFOrFsidutBzjjDo78X7bbyxXmheG8VZ9p+otxR1J
FIlEGZ4ivegXhUIgvLQP6NbSuJTJZShIf7dMWAxG6jC8cCHP8yVBxHUseG7vNxdJ
cD/t5rfMDGSb9SZNaBurnmshwEDULUqrZiB69n2EsY0fLw0rHLVkACB55DK7RUqc
3sGnZBshq4Om1wIDAQABo4ID7TCCA+kwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMIICwwYDVR0RBIICujCCAraCDCouZ29vZ2xlLmNvbYINKi5hbmRyb2lk
LmNvbYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYISKi5jbG91ZC5nb29nbGUuY29t
ghYqLmdvb2dsZS1hbmFseXRpY3MuY29tggsqLmdvb2dsZS5jYYILKi5nb29nbGUu
Y2yCDiouZ29vZ2xlLmNvLmlugg4qLmdvb2dsZS5jby5qcIIOKi5nb29nbGUuY28u
dWuCDyouZ29vZ2xlLmNvbS5hcoIPKi5nb29nbGUuY29tLmF1gg8qLmdvb2dsZS5j
b20uYnKCDyouZ29vZ2xlLmNvbS5jb4IPKi5nb29nbGUuY29tLm14gg8qLmdvb2ds
ZS5jb20udHKCDyouZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29vZ2xl
LmVzggsqLmdvb2dsZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsqLmdv                                                                                                                                                                             
b2dsZS5ubIILKi5nb29nbGUucGyCCyouZ29vZ2xlLnB0gg8qLmdvb2dsZWFwaXMu                                                                                                                                                                             
Y26CFCouZ29vZ2xlY29tbWVyY2UuY29tgg0qLmdzdGF0aWMuY29tggwqLnVyY2hp                                                                                                                                                                             
bi5jb22CECoudXJsLmdvb2dsZS5jb22CFioueW91dHViZS1ub2Nvb2tpZS5jb22C                                                                                                                                                                             
DSoueW91dHViZS5jb22CFioueW91dHViZWVkdWNhdGlvbi5jb22CCyoueXRpbWcu                                                                                                                                                                             
Y29tggthbmRyb2lkLmNvbYIEZy5jb4IGZ29vLmdsghRnb29nbGUtYW5hbHl0aWNz                                                                                                                                                                             
LmNvbYIKZ29vZ2xlLmNvbYISZ29vZ2xlY29tbWVyY2UuY29tggp1cmNoaW4uY29t                                                                                                                                                                             
ggh5b3V0dS5iZYILeW91dHViZS5jb22CFHlvdXR1YmVlZHVjYXRpb24uY29tMGgG                                                                                                                                                                             
CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t                                                                                                                                                                             
L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j                                                                                                                                                                             
b20vb2NzcDAdBgNVHQ4EFgQU2Tx+K68B7oL/j9OOEknCNnEmqbYwDAYDVR0TAQH/                                                                                                                                                                             
BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO                                                                                                                                                                             
MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n                                                                                                                                                                             
bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAYlzdTrScsxKN68gR                                                                                                                                                                             
Te3LVmE6Y0SM910sUU07w7WQZj/9yA5Y2eE6sapQT3ORBr2YYnl2wd3TUXhhYcy7                                                                                                                                                                             
pvUjrn9eT6UQwYjUJWG1+jcNlRoX2H5GXtONGIWRL+SfD0X/Y7HZ80LpxzoK/LlX                                                                                                                                                                             
wz+XFmB8gPpybZlIZ8uQ/sGDN9yxrYoZw/YZbS9R17JjQVDL5qSaMyTLs9yi2wEI                                                                                                                                                                             
YAlkruDOfxpAoJx/TLWKwyerOfpuyzePm8IxSLlNM+usdzJlXEKwmB9SU02Y01HI                                                                                                                                                                             
uNdujdo4mX2t/RruebVkPH6vahHzFkxUKDia7Co/F0oBzJUaBeGLHb3LXPRtWfY4                                                                                                                                                                             
Ljxa/g==                                                                                                                                                                                                                                     
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.google.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority G2
---
No client certificate CA names sent
---
SSL handshake has read 4404 bytes and written 347 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.1
    Cipher    : ECDHE-RSA-RC4-SHA
    Session-ID: 340023FCE749C4593C1800F23E2AE2930AB1BEA67E1B4C5D14587603B58E4212
    Session-ID-ctx: 
    Master-Key: 8C82D45E2B4DE459528B684CE7242F5D8B0E119AF6468ACF3F7D903AFCD110901C703205A4C69E21482565F8860B1690
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - 0d ce 83 83 d8 8f d3 44-a1 4f 76 ee 75 a1 ac 48   .......D.Ov.u..H
    0010 - c7 d7 4d 52 2e 9d 78 b8-a5 b7 30 d2 c3 dd fc ea   ..MR..x...0.....
    0020 - 63 54 2d 24 de 7d 18 11-90 d7 aa 1d 94 2c 50 cb   cT-$.}.......,P.
    0030 - 63 f2 22 6c 66 ff 3c 95-40 1b f8 97 be 11 5c e5   c."lf.<.@.....\.
    0040 - 49 2b a3 f1 cf ad 1b 57-45 da dd b1 6c 57 57 99   I+.....WE...lWW.
    0050 - de 1a f6 85 5d 40 fc bb-bd b9 76 94 c2 e2 e9 66   ....]@....v....f
    0060 - 8a d5 69 f3 35 e2 cc 45-4c 4d 7e 29 00 6e fa 71   ..i.5..ELM~).n.q
    0070 - df d3 b8 6a 4f 39 2b 27-b9 a2 7b fb 06 04 58 68   ...jO9+'..{...Xh
    0080 - cb b0 da 94 12 3e 99 a1-70 2c 18 51 ab 42 4a 90   .....>..p,.Q.BJ.
    0090 - 69 3e 44 fd                                       i>D.

    Start Time: 1376168267
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
    Has anyone else seen this?
    Attached Files
    Tags: certificate, kubuntu, plasma, ssl
    • Top
    • Bottom
    #2
    Possibly KDE bug 312550. I see occasional instances of this, too. Not at startup, but when using Rekonq or Konqueror to visit certain sites. I've learned to live with it.

    You must have something during startup that's making a TLS connection to Google. What is it?
    • Top
    • Bottom

    Comment

      #3
      It has to be one of my widgets but I have no idea which one. None of them have anything to do with google so I don't know why they would need to connect.
      • Top
      • Bottom

      Comment

        #4
        Well, which widgets do you have?
        • Top
        • Bottom

        Comment

        Previous template Next
        Working...
        X