1. Forum
  2. Usenet
  3. NEWS.ADMIN.PEERING

  • Re: openssl S-client info was Re: Abemus Usenet News [testing]

    From Nomen Nescio@21:1/5 to All on Thu Apr 3 15:41:50 2025
    XPost: alt.privacy.anon-server, news.software.nntp

    On 02 Apr 2025, doctor@doctor.nl2k.ab.ca (The Doctor) posted some news:vsjm3m$1eok$1@gallifrey.nk.ca:

    In article <feda87216a868a05fe3e02c13165bc2c@dizum.com>,
    Nomen Nescio <nobody@dizum.com> wrote:
    On 01 Apr 2025, doctor@doctor.nl2k.ab.ca (The Doctor) posted some >>news:vsgse6$1ib5$4@gallifrey.nk.ca:

    I have a wildcard certificate and here is what comes up

    openssl s_client news.nk.ca:119
    CONNECTED(00000003)
    0020C1DD88210000:error:0A00010B:SSL routines:ssl3_get_record:wrong
    version number:ssl/record/ssl3_record.c:355: ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 5 bytes and written 316 bytes
    Verification: OK
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    Early data was not sent
    Verify return code: 0 (ok)
    ---



    openssl s_client news.nk.ca:563
    CONNECTED(00000003)
    0020E12CA7390000:error:0A00010B:SSL routines:ssl3_get_record:wrong
    version number:ssl/record/ssl3_record.c:355: ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 5 bytes and written 316 bytes
    Verification: OK
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    Early data was not sent
    Verify return code: 0 (ok)
    ---


    Is their and issue with wildcard certs?

    Hello, This is the output I received. I compared it to several other
    news servers on port 119 and it's identical except for start time.

    openssl s_client -connect news.nk.ca:119
    CONNECTED(00000248)
    8376:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown >>protocol:.\ssl\s23_clnt.c:794:
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 7 bytes and written 307 bytes
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    SSL-Session:
    Protocol : TLSv1.2
    Cipher : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1743564579
    Timeout : 300 (sec)
    Verify return code: 0 (ok)
    ---


    I "fixed" it with the correct cert but NOw I get a timeout.

    Telnet

    telnet news.nk.ca 119

    502 You have no permission to talk. Goodbye!

    Connection to host lost.

    Telnet via Tor SOCKS5

    Will use SOCKS 5 proxy at 127.0.0.1:9054 to connect to news.nk.ca:119
    Looking up host "127.0.0.1" for proxy
    Connecting to SOCKS 5 proxy at 127.0.0.1 port 9054
    502 You have no permission to talk. Goodbye!

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)