文章总结: 本文基于badssl.com测试平台分析SSL/TLS证书安全问题,重点探讨缺失CommonName字段的证书验证案例。通过curl和openssl命令演示证书过期错误掩盖CN缺失问题,验证无CN证书仍能通过主机名验证。文档提供具体命令行操作方法和证书链解析过程,为SSL/TLS安全测试提供实用参考。 综合评分: 78 文章分类: WEB安全,应用安全,漏洞分析,技术标准,安全工具
Wireshark TS | Badssl Certificate 测试案例三
原创
7ACE 7ACE
Echo Reply
2026年6月22日 08:08 江苏
在小说阅读器读本章
去阅读
Refresh Your Life
简介
基于 badssl.com 网站,简单测试下 SSL/TLS 安全问题,当然主要还是从 Wireshark 网络数据包分析的角度,此次案例包含缺失“Common Name”和“Subject”、不完整证书链等问题。
badssl.com 是 SSL/TLS 安全的”沙盒实验室”,提供各种故意配置错误的 HTTPS 站点,供开发者和安全人员测试、学习和验证客户端的安全处理能力。
Certificate
no-common-name
通过 curl 测试,预期是“no common name”问题,但报错还是提示 curl: (60) SSL certificate problem: certificate has expired,证书过期。推测 curl 先检查有效期,发现过期,立即报错,如果有效期通过,才会检查 CN/SAN。
# curl -v https://no-common-name.badssl.com/
* Trying 104.154.89.105:443...
* Connected to no-common-name.badssl.com (104.154.89.105) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.2 (OUT), TLS alert, certificate expired (557):
* SSL certificate problem: certificate has expired
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
#
如何验证没有“Common Name”,如下,Subject 确实没有 CN 字段。
# echo | openssl s_client -connect no-common-name.badssl.com:443 2>/dev/null | openssl x509 -noout -subject -issuer -dates
subject=C = US, ST = California, L = Walnut Creek, O = Lucas Garron, OU = Multi-Domain SSL
issuer=C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Organization Validation Secure Server CA
notBefore=Mar 23 00:00:00 2017 GMT
notAfter=Jun 22 23:59:59 2020 GMT
#
depth=0 无 CN,但 Verified peername: no-common-name.badssl.com 验证正常,最终也是 Verify return code: 0 (ok) 。
# openssl s_client -connect no-common-name.badssl.com:443 -no_check_time -verify_hostname no-common-name.badssl.com
CONNECTED(00000003)
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Organization Validation Secure Server CA
verify return:1
depth=0 C = US, ST = California, L = Walnut Creek, O = Lucas Garron, OU = Multi-Domain SSL
verify return:1
---
Certificate chain
0 s:C = US, ST = California, L = Walnut Creek, O = Lucas Garron, OU = Multi-Domain SSL
i:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Organization Validation Secure Server CA
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Mar 23 00:00:00 2017 GMT; NotAfter: Jun 22 23:59:59 2020 GMT
1 s:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Organization Validation Secure Server CA
i:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA384
v:NotBefore: Feb 12 00:00:00 2014 GMT; NotAfter: Feb 11 23:59:59 2029 GMT
2 s:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA384
v:NotBefore: May 30 10:48:38 2000 GMT; NotAfter: May 30 10:48:38 2020 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIQb2K/ExoExTaU4F70HuUTJTANBgkqhkiG9w0BAQsFADCB
ljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNV
BAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0xNzAzMjMwMDAwMDBaFw0yMDA2MjIyMzU5NTlaMGsxCzAJBgNV
BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRUwEwYDVQQHEwxXYWxudXQgQ3Jl
ZWsxFTATBgNVBAoTDEx1Y2FzIEdhcnJvbjEZMBcGA1UECxMQTXVsdGktRG9tYWlu
IFNTTDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMIE7PiM7gTCs9hQ
1XBYzJMY61yoaEmwIrX5lZ6xKyx2PmzAS2BMTOqytMAPgLaw+XLJhgL5XEFdEyt/
ccRLvOmULlA3pmccYYz2QULFRtMWhyefdOsKnRFSJiFzbIRMeVXk0WvoBj1IFVKt
syjbqv9u/2CVSndrOfEk0TG23U3AxPxTuW1CrbV8/q71FdIzSOciccfCFHpsKOo3
St/qbLVytH5aohbcabFXRNsKEqveww9HdFxBIuGa+RuT5q0iBikusbpJHAwnnqP7
i/dAcgCskgjZjFeEU4EFy+b+a1SYQCeFxxC7c3DvaRhBB0VVfPlkPz0sw6l865Ma
TIbRyoUCAwEAAaOCAeMwggHfMB8GA1UdIwQYMBaAFJrzK9rPrU+2L7sqSEgqErcb
QsEkMB0GA1UdDgQWBBSd7sF7gQs6R2lxGH0RN5O8pRs/+zAOBgNVHQ8BAf8EBAMC
BaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
UAYDVR0gBEkwRzA7BgwrBgEEAbIxAQIBAwQwKzApBggrBgEFBQcCARYdaHR0cHM6
Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BN
oEuGSWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlv
blZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYsGCCsGAQUFBwEBBH8wfTBV
BggrBgEFBQcwAoZJaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3Jn
YW5pemF0aW9uVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcw
AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMCQGA1UdEQQdMBuCGW5vLWNvbW1v
bi1uYW1lLmJhZHNzbC5jb20wDQYJKoZIhvcNAQELBQADggEBAGn8JUbAnmbzu/gW
f+YaNETISJzuGKI6a0TNe3ygcII1ju8modJKiPP6nDuf6X6rpvLc4ptad4cXti30
reCtSi+5d8wZVcG+pNiUu6/ujD+YM6mvv0hiuTUSVmgzLfyT8mYWUrhqRVq3bdid
jOYsUZTMTsCwP4psz9mSLYW1STBxLtZnZAT6e7PShbKx69Oj9k1ChGmzuyTs7bim
wu1LloluOp6TPIJlYfnQaHzNSKEJTaxCZSG/QGFPA00kmuKr0mchm//8sjEdAhcb
riynJbzZtK70hzX9bPDrPgOyyw7Epylr844hOLJMRtLDvzLqV79pSxQV5vTKaizt
F0Y7e2Y=
-----END CERTIFICATE-----
subject=C = US, ST = California, L = Walnut Creek, O = Lucas Garron, OU = Multi-Domain SSL
issuer=C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Organization Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Peer signature type: RSA
Server Temp Key: ECDH, prime256v1, 256 bits
---
SSL handshake has read 5063 bytes and written 453 bytes
Verification: OK
Verified peername: no-common-name.badssl.com
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 5DD0FB2C5F5AFA616124521F981F4EAFD2CD628AAD1E4EFAF3B8487DA9DD3AAB
Session-ID-ctx:
Master-Key: A20B8B1F34F58FD01FF2B45648DF55DA32E257043DF670AF20506A9B1ABCBB648EFB00BA345C98AAD6DB95F6005F24E3
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - bd 9a a3 a3 1d 4d 70 51-44 21 d2 00 7e 16 bc 89 .....MpQD!..~...
0010 - f6 7e 05 17 fe a0 dc b4-86 49 14 78 56 de 4c 49 .~.......I.xV.LI
0020 - 1b ce 0b f9 9c b6 4a 57-9d 9d a9 2d 4e c1 60 3c ......JW...-N.`<
0030 - b6 bf 39 14 80 aa 87 ca-0b ac 89 f8 81 6f 35 aa ..9..........o5.
0040 - aa b5 36 db 4a 8d 42 d5-6f 53 85 96 a0 39 45 e0 ..6.J.B.oS...9E.
0050 - 4f 5c 35 32 49 18 68 50-db 12 7f 51 ec 0c 90 75 O\52I.hP...Q...u
0060 - 1c ff 0a dc db ce a9 a4-d0 b0 be 1c 8f 01 cc fc ................
0070 - 86 11 4f 40 93 0a ee 86-66 45 8e 06 91 f1 50 56 [email protected]
0080 - 8b 1d 4b 73 49 1f ef 97-f5 d7 0f c9 74 d4 d8 31 ..KsI.......t..1
0090 - 41 ee 0e c4 33 33 b1 37-b6 a8 c0 09 a9 60 5a c0 A...33.7.....`Z.
00a0 - 4c e1 f1 2d a5 13 ab 0d-b3 e0 c8 be 11 67 56 18 L..-.........gV.
00b0 - 5a a9 69 1d 09 2f f9 34-20 5d 03 77 b6 85 49 9b Z.i../.4 ].w..I.
00c0 - ed 65 fc 91 a5 96 d5 16-68 1c 4e 4a 3a c2 64 b7 .e......h.NJ:.d.
Start Time: 1780926774
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
closed
#
因为证书中有 SAN,OpenSSL 通过 SAN 成功匹配域名,所以验证通过(Verify return code: 0)。badssl 的 “no-common-name” 测试证明:现代 TLS 完全依赖 SAN 进行域名验证,没有 CN 只有 SAN 的证书可以正常工作。
# echo | openssl s_client -connect no-common-name.badssl.com:443 2>/dev/null | openssl x509 -noout -text | grep -A2 "Subject Alternative Name"
X509v3 Subject Alternative Name:
DNS:no-common-name.badssl.com
Signature Algorithm: sha256WithRSAEncryption
#
在 Wireshark 中可以看到,服务器端 No.7 数据包显示证书确实无 common name,且过期 2020-06-22 23:59:59。
但在 extensions 中存在 SAN: no-common-name.badssl.com,匹配成功。
对于浏览器测试,Chrome 会提示并警告,此处仍是证书过期的警告,但仍然可以点”继续前往”,在无 CN 有 SAN 的情况下,仍然是可以正常连接的。
net::ERR_CERT_DATE_INVALID
Subject: Lucas Garron
Issuer: COMODO RSA Organization Validation Secure Server CA
Expires on: 2020年6月23日
Current date: 2026年6月8日
而在部分 TCP 流中,浏览器返回的错误码是 46,更通用的证书未知错误,此处仍然指的是证书过期问题。No.136 数据包详情中,可以看到 Alert Message Certificate Unknown(46)。
no-subject
no-subject 测试的过程和结果几乎和 no-common-name 一样。通过 curl 测试,预期是“no subject”问题,但报错还是提示 curl: (60) SSL certificate problem: certificate has expired,证书过期。推测 curl 先检查有效期,发现过期,立即报错,如果有效期通过,才会检查 CN/SAN。
# curl -v https://no-subject.badssl.com/
* Trying 104.154.89.105:443...
* Connected to no-subject.badssl.com (104.154.89.105) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.2 (OUT), TLS alert, certificate expired (557):
* SSL certificate problem: certificate has expired
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
#
如何验证没有“Subject”,如下,为空。
# echo | openssl s_client -connect no-subject.badssl.com:443 2>/dev/null | openssl x509 -noout -subject
subject=
#
depth=0 s: 为空,但同样 Verified peername: no-subject.badssl.com 验证正常,最终也是 Verify return code: 0 (ok) 。
# openssl s_client -connect no-subject.badssl.com:443 -no_check_time -verify_hostname no-subject.badssl.com
CONNECTED(00000003)
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = UbiquiTLS\E2\84\A2 DV RSA Server CA
verify return:1
depth=0
verify return:1
---
Certificate chain
0 s:
i:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = UbiquiTLS\E2\84\A2 DV RSA Server CA
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
v:NotBefore: Mar 17 00:00:00 2017 GMT; NotAfter: Jun 16 23:59:59 2020 GMT
1 s:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = UbiquiTLS\E2\84\A2 DV RSA Server CA
i:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA384
v:NotBefore: Mar 29 00:00:00 2016 GMT; NotAfter: Mar 29 23:59:59 2031 GMT
2 s:C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
i:C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA384
v:NotBefore: May 30 10:48:38 2000 GMT; NotAfter: May 30 10:48:38 2020 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGdTCCBV2gAwIBAgIQI+ZPIMN8DYcQH3GS78XTcjANBgkqhkiG9w0BAQsFADCB
gDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJjAkBgNV
BAMMHVViaXF1aVRMU+KEoiBEViBSU0EgU2VydmVyIENBMB4XDTE3MDMxNzAwMDAw
MFoXDTIwMDYxNjIzNTk1OVowADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIE7PiM7gTCs9hQ1XBYzJMY61yoaEmwIrX5lZ6xKyx2PmzAS2BMTOqytMAP
gLaw+XLJhgL5XEFdEyt/ccRLvOmULlA3pmccYYz2QULFRtMWhyefdOsKnRFSJiFz
bIRMeVXk0WvoBj1IFVKtsyjbqv9u/2CVSndrOfEk0TG23U3AxPxTuW1CrbV8/q71
FdIzSOciccfCFHpsKOo3St/qbLVytH5aohbcabFXRNsKEqveww9HdFxBIuGa+RuT
5q0iBikusbpJHAwnnqP7i/dAcgCskgjZjFeEU4EFy+b+a1SYQCeFxxC7c3DvaRhB
B0VVfPlkPz0sw6l865MaTIbRyoUCAwEAAaOCA2gwggNkMB8GA1UdIwQYMBaAFDgS
xnkCZjgC4zck5YsP/0WVaeYxMB0GA1UdDgQWBBSd7sF7gQs6R2lxGH0RN5O8pRs/
+zAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwUAYDVR0gBEkwRzA7BgwrBgEEAbIxAQIBAwQwKzApBggr
BgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLm5ldC9DUFMwCAYGZ4EMAQIB
MHQGCCsGAQUFBwEBBGgwZjA+BggrBgEFBQcwAoYyaHR0cDovL2NydC5jb21vZG9j
YS5jb20vVWJpcXVpVExTRFZSU0FTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0
dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAjBgNVHREBAf8EGTAXghVuby1zdWJqZWN0
LmJhZHNzbC5jb20wggH2BgorBgEEAdZ5AgQCBIIB5gSCAeIB4AB2AKS5CZC0GFgU
h7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABWt5t4gUAAAQDAEcwRQIhAIQE7oHj
PQvtURUCoh6+dM8GdC6OEfAANupRYHYMo6a8AiBgL5fwtsOp+XR8vQ8XkMKMXYRs
0awe+B3ZNuIaXGmEWQB3AFYUBpov18Ls0/XhvUSyPsdGdrm8mRFcwO+UmFXWidDd
AAABWt5t4CwAAAQDAEgwRgIhAIlY3Jz655VWCZm6WMoEcU2nExX1pyK8SL7oj+fp
3HmPAiEAmHu87c0EInS/wDJrnbiSWzyc47UM2xr3kYhY/lP8OVwAdQDuS723dc5g
uuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAVrebeHfAAAEAwBGMEQCIFMOvF7H
hM3jdnhdM2BwMohT35uuzrGL3DNJhmKtqTg8AiBL8Mjn00eDbR4a1HKipKgmvt87
MfXLexBSoRb/lgXT5QB2ALvZ37wfinG1k5Qjl6qSe0c4V5UKq1LoGpCWZDaOHtGF
AAABWt56EsgAAAQDAEcwRQIhAN7MnjhZoLr3ci0nNfSZ9Ftu/+FT+N3gIfC75fyw
XQR+AiAiExEXXf+G09W8F93gJDPZwC7bM2VoWb1bZlkVcvtRdTANBgkqhkiG9w0B
AQsFAAOCAQEAHv5koaT/MZ+zhKQs+6fHJDgTQ2+66u8k6PKQLV3OcfFusJBt/TrD
P/nNgidru2vObn5NUu2MydVrCfoKwK8hf+7j+fjyLSKZYOvrqhRnN0svqlrX4wWC
01rrEttc5H8UNf/oaylbOG4vePw8bF5n2aiU4vmGkuTPIkvqxtZ6IJjxqSQqaRhA
ZRc7d/YAS+MyFF5JXAo9aSyi+AIvhFeTFi+0nmzPwp6wpxz97ylm6DymFMY3IqmP
RYq4/yqbWE2yz4tRfnedeWBzGSAO4kWDQIN6NDjYwVjGsTk9rSpq/sEtPhUrXWB0
yd8BGrY2DQplAarq7e1IBIK+tBSRIYF3Ag==
-----END CERTIFICATE-----
subject=
issuer=C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = UbiquiTLS\E2\84\A2 DV RSA Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Peer signature type: RSA
Server Temp Key: ECDH, prime256v1, 256 bits
---
SSL handshake has read 5302 bytes and written 449 bytes
Verification: OK
Verified peername: no-subject.badssl.com
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 5D6C3BED348AA0FC4A3806F985B8A81328A09DB9065F6CA9101AF5A3B7BEC4EC
Session-ID-ctx:
Master-Key: 5C0C93F7DC068A19B119D79A26A919A1DF669352D0D2BCB2C657F8D335E6711D974D118D4A4B0A66808B2247019FA584
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - bd 9a a3 a3 1d 4d 70 51-44 21 d2 00 7e 16 bc 89 .....MpQD!..~...
0010 - cc de 92 79 65 d4 82 5e-b7 58 cf 84 99 1b 29 82 ...ye..^.X....).
0020 - 7b 4c e2 c3 9e 74 08 ce-37 41 dc b3 eb bf 58 de {L...t..7A....X.
0030 - e8 5a ad c7 90 26 f8 30-b3 98 71 64 1e 60 31 8d .Z...&.0..qd.`1.
0040 - e6 9d b6 ac 8c bd 22 fa-4c fb d9 79 4e 5c ad 85 ......".L..yN\..
0050 - ce 4f 64 a3 c5 9b 85 2f-f4 fc 22 7d 30 b2 66 b2 .Od..../.."}0.f.
0060 - 87 58 88 e8 5f cdfc d5-db 0f 6c 6e 56 b3 04 43 .X.._.....lnV..C
0070 - f9 bf d6 86 c5 e3 85 6a-d8 8a 32 47 02 4f 65 ee .......j..2G.Oe.
0080 - 39 30 c0 72 b6 19 c7 17-83 d4 73 53 d3 64 10 ed 90.r......sS.d..
0090 - 30 a2 ca 79 d6 36 88 75-13 9d 54 cd e6 54 07 b7 0..y.6.u..T..T..
00a0 - 7f aa 67 e6 e4 37 db 7a-32 d6 23 9f 2e 26 15 61 ..g..7.z2.#..&.a
00b0 - e8 ba 83 92 f5 33 29 ed-a3 bf 4e ef e4 1c f2 05 .....3)...N.....
00c0 - 37 bf 59 b4 be 8f 20 5d-70 b7 9a 8c 9f ed d9 a3 7.Y... ]p.......
Start Time: 1780929343
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
^C
#
因为证书中有 SAN,OpenSSL 通过 SAN 成功匹配域名,所以验证通过(Verify return code: 0)。badssl 的 “no-subject” 测试证明:现代 TLS 完全依赖 SAN 进行域名验证,没有 Subject 中的 CN 只有 SAN 的证书可以正常工作。
# echo | openssl s_client -connect no-subject.badssl.com:443 2>/dev/null | openssl x509 -noout -text | grep -A2 "Subject Alternative Name"
X509v3 Subject Alternative Name: critical
DNS:no-subject.badssl.com
CT Precertificate SCTs:
#
在 Wireshark 中可以看到,服务器端 No.6 数据包显示证书确实无 subject,且过期 2020-06-16 23:59:59。
但在 extensions 中存在 SAN: no-subject.badssl.com,匹配成功。
对于浏览器测试,Chrome 会提示并警告,此处仍是证书过期的警告,但仍然可以点”继续前往”,在无 Subject CN 有 SAN 的情况下,仍然是可以正常连接的。
net::ERR_CERT_DATE_INVALID
Subject:
Issuer: UbiquiTLS™ DV RSA Server CA
Expires on: 2020年6月17日
Current date: 2026年6月8日
而在部分 TCP 流中,浏览器返回的错误码是 46,更通用的证书未知错误,此处仍然指的是证书过期问题。No.102 数据包详情中,可以看到 Alert Message Certificate Unknown(46)。
incomplete-chain
通过 curl 测试,提示 curl: (60) SSL certificate problem: unable to get local issuer certificate,无法从服务器证书找到上级。
# curl -v https://incomplete-chain.badssl.com/
* Trying 104.154.89.105:443...
* Connected to incomplete-chain.badssl.com (104.154.89.105) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.2 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
#
depth=0 CN = *.badssl.com
verify error:num=20:unable to get local issuer certificate
verify error:num=21:unable to verify the first certificate
OpenSSL 输出只有 depth=0,没有 depth=1 和 depth=2,证明服务器只发送了服务器证书,中间 CA 和根 CA 都缺失。错误 20(找不到签发者证书)和 21(无法验证第一个证书)明确指向证书链不完整。
# openssl s_client -connect incomplete-chain.badssl.com:443 -showcerts
CONNECTED(00000003)
depth=0 CN = *.badssl.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = *.badssl.com
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 CN = *.badssl.com
verify return:1
---
#
在 Wireshark 中可以看到,客户端 No.8 数据包提示 Alert(Level: Fatal, Description: Unknown CA),连接最终 RST 。而在 No.8 数据包详情中,可以看到 Alert Message ,描述 Unknown CA(48),此时未知 CA 属于证书链验证失败,不完整。
继续展开服务器发送的 No.6 数据包详情,可以看到只有一张服务器证书,没有中间 CA 证书,无法验证签名。
对于浏览器测试,Chrome 可以直接打开页面,如下显示。Chrome 能打开是因为支持 AIA fetching:从证书中的 AIA 地址自动下载缺失的中间 CA,或从缓存中获取。Curl/OpenSSL 不支持此功能,所以验证失败。页面提示正是说明这个机制在起作用。
# echo | openssl s_client -connect incomplete-chain.badssl.com:443 2>/dev/null | openssl x509 -noout -text | grep -A2 "Authority Information Access"
Authority Information Access:
CA Issuers - URI:http://r13.i.lencr.org/
X509v3 Subject Alternative Name:
#
原因 1:浏览器缓存了中间 CA
Chrome 之前访问过其他使用 Let's Encrypt R13 证书的网站
→ 已经下载并缓存了 R13 中间 CA
→ 这次虽然服务器没发送,但 Chrome 从缓存找到
→ 验证通过 ✅
原因 2:AIA fetching(主动下载)
服务器证书中有 Authority Information Access 扩展:
CA Issuers - URI:http://r13.i.lencr.org/
Chrome 发现缺少中间 CA:
→ 读取证书中的 AIA 地址
→ 自动下载 http://r13.i.lencr.org/(R13 中间 CA)
→ 补充到证书链
→ 验证通过 ✅
Wireshark 所捕获的 TCP 数据流显示如下,数据传输交互一切正常。
往期推荐
1. Wireshark 提示和技巧 | 捕获点之 TCP 三次握手
2. Wireshark 提示和技巧 | a == ${a} 显示过滤宏
3. Wireshark TS | 当超时或快速重传遇到零窗口
4. Wireshark TS | 防火墙空闲会话超时问题
5. 网络设备 MTU MSS Jumboframe 全解
后台回复「TT」获取 Wireshark 提示和技巧系列 合集
后台回复「TS」获取 Wireshark Troubleshooting系列 合集
如需交流,可后台直接留言,我会在第一时间回复,谢谢!
免责声明:
本文所载程序、技术方法仅面向合法合规的安全研究与教学场景,旨在提升网络安全防护能力,具有明确的技术研究属性。
任何单位或个人未经授权,将本文内容用于攻击、破坏等非法用途的,由此引发的全部法律责任、民事赔偿及连带责任,均由行为人独立承担,本站不承担任何连带责任。
本站内容均为技术交流与知识分享目的发布,若存在版权侵权或其他异议,请通过邮件联系处理,具体联系方式可点击页面上方的联系我。
本文转载自:Echo Reply 7ACE 7ACE《Wireshark TS | Badssl Certificate 测试案例三》
版权声明
本站仅做备份收录,仅供研究与教学参考之用。
读者将信息用于其他用途的,全部法律及连带责任由读者自行承担,本站不承担任何责任。
评论