1
0
Fork 0
mirror of https://git.sr.ht/~oppen/ariane synced 2024-12-26 01:38:40 +00:00

update readme

This commit is contained in:
Jonathan Fisher 2020-11-06 16:42:01 +00:00
parent 0a737765d0
commit 4f487d9855

View file

@ -46,50 +46,13 @@ From this it's clear general requests should NOT use a client cert (to protect u
That's it as far as the spec is concered, the rest is down to the Android API
## Android TLS
## Ariane TLS
Display a servers certs with:
`openssl s_client -showcerts -connect gus.guru:1965`
### Android API
* [SSLSocket](https://developer.android.com/reference/javax/net/ssl/SSLSocket)
* [Android keystore system](https://developer.android.com/training/articles/keystore.html)
Ariane is failing a socket handshake with flounder.online, we're investigating. Server details: https://www.ssllabs.com/ssltest/analyze.html?d=flounder.online
```
socket error: javax.net.ssl.SSLHandshakeException: Read error: ssl=0xb4000075dcd530d8: Failure in SSL library, usually a protocol error
```
Flounder tls details:
`openssl s_client -showcerts -connect flounder.online:1965`
```
CONNECTED(00000003)
depth=0
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:
i:
-----BEGIN CERTIFICATE-----
```
compared to a working capsule:
`openssl s_client -showcerts -connect gus.guru:1965`
```
CONNECTED(00000003)
depth=0 CN = gus.guru
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = gus.guru
verify return:1
---
Certificate chain
0 s:CN = gus.guru
i:CN = gus.guru
-----BEGIN CERTIFICATE-----
```