Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

OK, so the problem seems to be on server-side.
holmexx

Okay, the following happens

USER suXXXXX
write to 0x1f2f400 [0x20390c6] (90 bytes => 90 (0x5A))
0000 - 17 03 01 00 20 b3 7c 42-54 35 e2 e7 5b 26 0d e3 .... .|BT5..[&..
0010 - 88 88 7f 23 93 0b 2a c8-02 de de de 8e 00 4a 70 ...#..*.......Jp
0020 - 6e 3d ca c7 87 17 03 01-00 30 b9 b5 39 7c d8 f4 n=.......0..9|..
0030 - d5 6d d1 12 d6 af 0a 05-23 ae c9 37 91 2e 06 52 .m......#..7...R
0040 - 93 ea f8 0c d4 d6 8d e0-8a 00 97 0a d7 72 f0 31 .............r.1
0050 - 98 c0 e4 1e bb 6e f9 16-58 02 .....n..X.
read from 0x1f2f400 [0x2034b73] (5 bytes => 5 (0x5))
0000 - 17 03 01 00 40 ....@
read from 0x1f2f400 [0x2034b78] (64 bytes => 64 (0x40))
0000 - 4e 16 a2 6d 34 dc 1b 25-91 00 34 67 d6 f3 c7 ea N..m4..%..4g....
0010 - c4 98 1d b0 56 37 6c cd-fa 76 00 9e 44 17 90 d1 ....V7l..v..D...
0020 - eb e0 5c 6e 92 fa b2 ec-e9 c8 7e dc a3 2d 37 fb ..\n......~..-7.
0030 - 3e 08 0d 6f 2a 62 54 a2-46 19 b8 20 ac a6 e7 62 >..o*bT.F.. ...b
331 Please specify the password.
PASS **********
write to 0x1f2f400 [0x20390c6] (90 bytes => 90 (0x5A))
0000 - 17 03 01 00 20 53 91 47-ca d0 6b 97 80 18 05 78 .... S.G..k....x
0010 - bf af 7d e4 70 c1 00 31-6e 04 a8 2b d1 b8 ed c3 ..}.p..1n..+....
0020 - ab e2 76 71 16 17 03 01-00 30 71 ef 76 34 95 99 ..vq.....0q.v4..
0030 - 60 dc 3e 79 b3 e8 af 49-47 d1 f3 a8 ba a0 ef ab `.>y...IG.......
0040 - f5 d4 f6 c6 40 c0 40 e7-33 62 91 4c 3e ab cb 04 ....@.@.3b.L>...
0050 - bd d1 6c d6 6b 15 84 9b-a0 69 ..l.k....i
read from 0x1f2f400 [0x2034b73] (5 bytes => 5 (0x5))
0000 - 35 30 30 20 4f 500 O
write to 0x1f2f400 [0x20390c3] (37 bytes => 37 (0x25))
0000 - 15 03 01 00 20 b5 0e 37-15 c0 8f 64 25 c3 d4 4c .... ..7...d%..L
0010 - 00 f6 63 e1 39 98 fa 38-fd 60 2f 8a a7 23 d8 f5 ..c.9..8.`/..#..
0020 - 39 5e 67 9d 91 9^g..
>>> TLS 1.0 Alert [length 0002], fatal protocol_version
02 46
139900097234760:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:339:
write to 0x1f2f400 [0x20390c3] (37 bytes => 37 (0x25))
0000 - 15 03 01 00 20 c0 d8 96-4c 62 80 3b d9 41 b2 49 .... ...Lb.;.A.I
0010 - c1 49 9e d0 ac 43 86 75-ed cf db d9 f7 b9 ff 5f .I...C.u......._
0020 - 0c 16 ac db 78 ....x
>>> TLS 1.0 Alert [length 0002], warning close_notify
01 00

In this case, I've used TLS 1.0. There are no other results with TLS 1.1 or TLS 1.2.

Best regards
holmexx
martin

OK, but you have connected only. That WinSCP can do too.

WinSCP fails only after authentication.

So please type the USER and PASS commands in the openssl s_client, as you can see in WinSCP log.
holmexx

Oh Martin, thank you for your patient ...

Today, I've found a little bit time to change the config. Unfortunately, I still can't connect via WinSCP. But a connection via openssl s_client works now:

CONNECTED(00000003)
SSL_connect:before/connect initialization
write to 0xab2700 [0xafa543] (155 bytes => 155 (0x9B))
0000 - 16 03 01 00 96 01 00 00-92 03 01 59 25 3e a3 ea ...........Y%>..
0010 - 31 a2 cd de bd 66 73 8b-d2 f9 08 c8 d4 f9 fc 65 1....fs........e
0020 - e0 91 e5 91 69 6b 34 d3-58 02 03 00 00 4c c0 14 ....ik4.X....L..
0030 - c0 0a 00 39 00 38 00 88-00 87 c0 0f c0 05 00 35 ...9.8.........5
0040 - 00 84 c0 13 c0 09 00 33-00 32 00 9a 00 99 00 45 .......3.2.....E
0050 - 00 44 c0 0e c0 04 00 2f-00 96 00 41 c0 12 c0 08 .D...../...A....
0060 - 00 16 00 13 c0 0d c0 03-00 0a 00 07 c0 11 c0 07 ................
0070 - c0 0c c0 02 00 05 00 04-00 ff 01 00 00 1d 00 0b ................
0080 - 00 04 03 00 01 02 00 0a-00 08 00 06 00 19 00 18 ................
0090 - 00 17 00 23 00 00 00 0f-00 01 01 ...#.......
>>> TLS 1.0 Handshake [length 0096], ClientHello
01 00 00 92 03 01 59 25 3e a3 ea 31 a2 cd de bd
66 73 8b d2 f9 08 c8 d4 f9 fc 65 e0 91 e5 91 69
6b 34 d3 58 02 03 00 00 4c c0 14 c0 0a 00 39 00
38 00 88 00 87 c0 0f c0 05 00 35 00 84 c0 13 c0
09 00 33 00 32 00 9a 00 99 00 45 00 44 c0 0e c0
04 00 2f 00 96 00 41 c0 12 c0 08 00 16 00 13 c0
0d c0 03 00 0a 00 07 c0 11 c0 07 c0 0c c0 02 00
05 00 04 00 ff 01 00 00 1d 00 0b 00 04 03 00 01
02 00 0a 00 08 00 06 00 19 00 18 00 17 00 23 00
00 00 0f 00 01 01
SSL_connect:SSLv3 write client hello A
read from 0xab2700 [0xaf5ff3] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 42 ....B
read from 0xab2700 [0xaf5ff8] (66 bytes => 66 (0x42))
0000 - 02 00 00 3e 03 01 59 25-3e a3 f1 78 e1 ff a9 58 ...>..Y%>..x...X
0010 - 23 ae 19 05 9e 94 71 5c-79 ce b4 83 37 2a 06 75 #.....q\y...7*.u
0020 - 1e d9 9c cf 5c 0b 00 c0-14 00 00 16 ff 01 00 01 ....\...........
0030 - 00 00 0b 00 04 03 00 01-02 00 23 00 00 00 0f 00 ..........#.....
0040 - 01 01 ..
<<< TLS 1.0 Handshake [length 0042], ServerHello
02 00 00 3e 03 01 59 25 3e a3 f1 78 e1 ff a9 58
23 ae 19 05 9e 94 71 5c 79 ce b4 83 37 2a 06 75
1e d9 9c cf 5c 0b 00 c0 14 00 00 16 ff 01 00 01
00 00 0b 00 04 03 00 01 02 00 23 00 00 00 0f 00
01 01
SSL_connect:SSLv3 read server hello A
read from 0xab2700 [0xaf5ff3] (5 bytes => 5 (0x5))
0000 - 16 03 01 0e 25 ....%
read from 0xab2700 [0xaf5ff8] (3621 bytes => 3621 (0xE25))
0000 - 0b 00 0e 21 00 0e 1e 00-07 f5 30 82 07 f1 30 82 ...!......0...0.
0010 - 05 d9 a0 03 02 01 02 02-13 15 00 00 25 2b 39 be ............%+9.
0020 - fc d2 c8 26 ae 33 00 00-00 00 25 2b 30 0d 06 09 ...&.3....%+0...
0030 - 2a 86 48 86 f7 0d 01 01-05 05 00 30 47 31 16 30 *.H........0G1.0
0040 - 14 06 0a 09 92 26 89 93-f2 2c 64 01 19 16 06 69 .....&...,d....i
0050 - 6e 74 65 72 6e 31 19 30-17 06 0a 09 92 26 89 93 ntern1.0.....&..
0060 - f2 2c 64 01 19 16 09 66-65 75 65 72 77 65 68 72 .,d....feuerwehr
0070 - 31 12 30 10 06 03 55 04-03 13 09 66 77 63 65 72 1.0...U....fwcer
0080 - 74 30 30 30 30 1e 17 0d-31 36 30 35 32 37 30 38 t0000...16052708
0090 - 35 34 33 33 5a 17 0d 32-31 30 35 32 36 30 38 35 5433Z..210526085
00a0 - 34 33 33 5a 30 81 af 31-0b 30 09 06 03 55 04 06 433Z0..1.0...U..
00b0 - 13 02 44 45 31 0f 30 0d-06 03 55 04 08 13 06 42 ..DE1.0...U....B
00c0 - 65 72 6c 69 6e 31 0f 30-0d 06 03 55 04 07 13 06 erlin1.0...U....
00d0 - 42 65 72 6c 69 6e 31 1b-30 19 06 03 55 04 0a 13 Berlin1.0...U...
00e0 - 12 42 65 72 6c 69 6e 65-72 20 46 65 75 65 72 77 .Berliner Feuerw
00f0 - 65 68 72 31 0e 30 0c 06-03 55 04 0b 13 05 5a 53 ehr1.0...U....ZS
0100 - 20 49 54 31 22 30 20 06-03 55 04 03 13 19 76 70 IT1"0 ..U....vp
0110 - 6e 2e 62 65 72 6c 69 6e-65 72 2d 66 65 75 65 72 n.berliner-feuer
0120 - 77 65 68 72 2e 64 65 31-2d 30 2b 06 09 2a 86 48 wehr.de1-0+..*.H
0130 - 86 f7 0d 01 09 01 16 1e-77 65 6d 61 73 74 65 72 ........wemaster
0140 - 40 62 65 72 6c 69 6e 65-72 2d 66 65 75 65 72 77 @berliner-feuerw
0150 - 65 68 72 2e 64 65 30 82-02 22 30 0d 06 09 2a 86 ehr.de0.."0...*.
0160 - 48 86 f7 0d 01 01 01 05-00 03 82 02 0f 00 30 82 H.............0.
0170 - 02 0a 02 82 02 01 00 b1-a3 a9 cc 05 27 56 f5 f2 ............'V..
0180 - 3c 48 15 ca b0 0a c0 6a-a7 e4 0c d0 a5 22 1a c2 <H.....j....."..
0190 - 79 e1 6c 93 cb a7 6c f9-8f a0 75 15 a1 51 94 ed y.l...l...u..Q..
01a0 - 38 bf 03 85 7a 16 05 c3-4f cd a4 bf 93 a5 b9 fa 8...z...O.......
01b0 - 30 71 65 52 38 44 fd 1f-0c 33 e5 28 c3 c7 a5 59 0qeR8D...3.(...Y
01c0 - 4f b1 dc 36 0b 3d 1c 50-10 c2 37 04 2f 38 ca e1 O..6.=.P..7./8..
01d0 - 6b e4 8c e0 25 d1 5c 73-8e 27 87 29 62 bc b8 f4 k...%.\s.'.)b...
01e0 - b2 ab c4 63 a4 6e 03 52-e3 e6 da 0c 6e 98 e6 c8 ...c.n.R....n...
01f0 - d3 8f 97 98 f4 c3 27 ed-3f 75 e8 e1 7b 80 c6 c8 ......'.?u..{...
0200 - f5 e6 d0 4d b8 10 28 f7-72 15 0d 25 c0 e6 61 bc ...M..(.r..%..a.
0210 - ee cd 5c e7 3c 3c 85 50-ae c8 4d dc b6 ee 93 45 ..\.<<.P..M....E
0220 - 0d 43 cf 6e 22 a4 b5 1b-5e 90 99 63 18 94 36 55 .C.n"...^..c..6U
0230 - 6b 3d 6e 9e 1d f4 26 eb-2a ab 7c 77 f0 95 2e fc k=n...&.*.|w....
0240 - 32 64 c8 5b d2 a8 f9 1f-cb 1d 9e bc fd 65 dd da 2d.[.........e..
0250 - be d5 1c 66 86 ec 07 37-eb b5 e1 73 35 d1 aa 34 ...f...7...s5..4
0260 - d8 1f 9e df 19 04 25 0a-fb 47 fb 40 7b 5e 40 df ......%..G.@{^@.
0270 - 97 71 66 b9 2c 45 39 d2-82 69 ce 63 d8 cc 1f b5 .qf.,E9..i.c....
0280 - 64 cb 12 d7 8c 07 fb ff-23 8b a1 e5 fa a2 59 b5 d.......#.....Y.
0290 - 62 07 bf 86 a9 a9 0d b8-5d 26 0b 19 47 81 c9 55 b.......]&..G..U
02a0 - 27 61 2b 2a eb 56 5a 67-b2 28 9a 27 91 63 fa eb 'a+*.VZg.(.'.c..
02b0 - 59 06 f4 83 3d d8 93 02-37 53 87 3e 5c 60 64 da Y...=...7S.>\`d.
02c0 - fa 19 13 09 3b 00 ab 7c-98 d1 ef 05 3c 06 f2 d2 ....;..|....<...
02d0 - 5a 67 3b 93 a2 85 3e 8a-d2 70 0c 6b 2f 8d a7 af Zg;...>..p.k/...
02e0 - 1d e0 b0 9a 8b 25 48 b6-d6 36 d8 95 0d 24 ae b0 .....%H..6...$..
02f0 - 5d cf 55 dd 4d 3c e7 ac-e4 7f 43 f7 2a 87 3c a0 ].U.M<....C.*.<.
0300 - ba 4a 77 f4 ae a7 b9 4f-1b 82 0a cc 6b 6a d9 9a .Jw....O....kj..
0310 - 6a 00 7c 90 12 6e f4 e3-bc c8 d8 42 17 b5 78 95 j.|..n.....B..x.
0320 - 6a 74 41 cd 80 d4 6d 93-ea bf 56 5d 52 e8 44 ed jtA...m...V]R.D.
0330 - ab 87 aa 42 8d 96 51 7d-6f 66 a1 f7 e9 61 58 a9 ...B..Q}of...aX.
0340 - cc af ac 9f 6d fc 2f e7-a6 05 f4 48 cd ae 13 e5 ....m./....H....
0350 - d6 d7 e8 2b c7 b6 38 4d-ef 69 2f 1e a7 83 22 d6 ...+..8M.i/...".
0360 - 81 3d 98 80 f6 9a e1 69-4e ae 4b 2f b7 8d 5f ed .=.....iN.K/.._.
0370 - 86 14 18 31 7d 34 df 02-03 01 00 01 a3 82 02 6b ...1}4.........k
0380 - 30 82 02 67 30 1d 06 03-55 1d 0e 04 16 04 14 91 0..g0...U.......
0390 - 7d c2 59 ee 55 47 80 02-ce c3 1d 64 22 c3 76 da }.Y.UG.....d".v.
03a0 - 80 ab ba 30 1f 06 03 55-1d 23 04 18 30 16 80 14 ...0...U.#..0...
03b0 - 0d 7b b7 94 d2 1d 16 7c-06 f4 be 91 0e 76 5f d6 .{.....|.....v_.
03c0 - 29 0f 1c fc 30 81 ce 06-03 55 1d 1f 04 81 c6 30 )...0....U.....0
03d0 - 81 c3 30 81 c0 a0 81 bd-a0 81 ba 86 81 b7 6c 64 ..0...........ld
03e0 - 61 70 3a 2f 2f 2f 43 4e-3d 66 77 63 65 72 74 30 ap:///CN=fwcert0
03f0 - 30 30 2c 43 4e 3d 66 77-63 65 72 74 30 30 30 2c 00,CN=fwcert000,
0400 - 43 4e 3d 43 44 50 2c 43-4e 3d 50 75 62 6c 69 63 CN=CDP,CN=Public
0410 - 25 32 30 4b 65 79 25 32-30 53 65 72 76 69 63 65 %20Key%20Service
0420 - 73 2c 43 4e 3d 53 65 72-76 69 63 65 73 2c 43 4e s,CN=Services,CN
0430 - 3d 43 6f 6e 66 69 67 75-72 61 74 69 6f 6e 2c 44 =Configuration,D
0440 - 43 3d 66 65 75 65 72 77-65 68 72 2c 44 43 3d 69 C=feuerwehr,DC=i
0450 - 6e 74 65 72 6e 3f 63 65-72 74 69 66 69 63 61 74 ntern?certificat
0460 - 65 52 65 76 6f 63 61 74-69 6f 6e 4c 69 73 74 3f eRevocationList?
0470 - 62 61 73 65 3f 6f 62 6a-65 63 74 43 6c 61 73 73 base?objectClass
0480 - 3d 63 52 4c 44 69 73 74-72 69 62 75 74 69 6f 6e =cRLDistribution
0490 - 50 6f 69 6e 74 30 81 c0-06 08 2b 06 01 05 05 07 Point0....+.....
04a0 - 01 01 04 81 b3 30 81 b0-30 81 ad 06 08 2b 06 01 .....0..0....+..
04b0 - 05 05 07 30 02 86 81 a0-6c 64 61 70 3a 2f 2f 2f ...0....ldap:///
04c0 - 43 4e 3d 66 77 63 65 72-74 30 30 30 2c 43 4e 3d CN=fwcert000,CN=
04d0 - 41 49 41 2c 43 4e 3d 50-75 62 6c 69 63 25 32 30 AIA,CN=Public%20
04e0 - 4b 65 79 25 32 30 53 65-72 76 69 63 65 73 2c 43 Key%20Services,C
04f0 - 4e 3d 53 65 72 76 69 63-65 73 2c 43 4e 3d 43 6f N=Services,CN=Co
0500 - 6e 66 69 67 75 72 61 74-69 6f 6e 2c 44 43 3d 66 nfiguration,DC=f
0510 - 65 75 65 72 77 65 68 72-2c 44 43 3d 69 6e 74 65 euerwehr,DC=inte
0520 - 72 6e 3f 63 41 43 65 72-74 69 66 69 63 61 74 65 rn?cACertificate
0530 - 3f 62 61 73 65 3f 6f 62-6a 65 63 74 43 6c 61 73 ?base?objectClas
0540 - 73 3d 63 65 72 74 69 66-69 63 61 74 69 6f 6e 41 s=certificationA
0550 - 75 74 68 6f 72 69 74 79-30 0b 06 03 55 1d 0f 04 uthority0...U...
0560 - 04 03 02 05 a0 30 3c 06-09 2b 06 01 04 01 82 37 .....0<..+.....7
0570 - 15 07 04 2f 30 2d 06 25-2b 06 01 04 01 82 37 15 .../0-.%+.....7.
0580 - 08 86 82 b1 44 87 e7 f9-69 83 91 99 1a 87 e8 df ....D...i.......
0590 - 2b a4 c3 5f 1c 83 fc c7-03 84 93 f0 55 02 01 64 +.._........U..d
05a0 - 02 01 07 30 1d 06 03 55-1d 25 04 16 30 14 06 08 ...0...U.%..0...
05b0 - 2b 06 01 05 05 07 03 02-06 08 2b 06 01 05 05 07 +.........+.....
05c0 - 03 01 30 27 06 09 2b 06-01 04 01 82 37 15 0a 04 ..0'..+.....7...
05d0 - 1a 30 18 30 0a 06 08 2b-06 01 05 05 07 03 02 30 .0.0...+.......0
05e0 - 0a 06 08 2b 06 01 05 05-07 03 01 30 0d 06 09 2a ...+.......0...*
05f0 - 86 48 86 f7 0d 01 01 05-05 00 03 82 02 01 00 35 .H.............5
0600 - f1 c7 7b 25 4c 32 33 84-de 6e d7 33 1d 4a c2 ea ..{%L23..n.3.J..
0610 - 6b 5f 15 e1 3b a4 6c eb-d3 bd 73 41 3a 9a 94 0a k_..;.l...sA:...
0620 - 82 ad f3 c1 da f2 ca 9c-d4 ef 08 67 4b 50 80 08 ...........gKP..
0630 - be 33 92 a4 6b 11 3f 56-77 81 d1 b9 73 ef 70 60 .3..k.?Vw...s.p`
0640 - dc e9 b3 54 aa d2 da a8-0d 08 10 a4 01 55 db 75 ...T.........U.u
0650 - b2 d6 37 b0 ba 63 db 6a-9a 5f 04 de 0a cf 02 35 ..7..c.j._.....5
0660 - 6d 48 d2 42 13 c3 32 ae-f3 75 a1 b1 d1 88 d6 d5 mH.B..2..u......
0670 - 48 d8 79 60 5a c4 83 e0-9b 21 93 f7 34 f2 60 43 H.y`Z....!..4.`C
0680 - 05 0d 77 eb 96 4e 9e c4-6d fd 30 19 e4 8d 36 02 ..w..N..m.0...6.
0690 - 2a e7 56 40 ae 6a 71 54-49 7e 9f 2c ff 78 f6 00 *.V@.jqTI~.,.x..
06a0 - ff 91 9a 5f d0 c1 63 ff-b9 15 43 53 e2 c6 65 ef ..._..c...CS..e.
06b0 - 0c f1 07 e9 5b 70 b0 b9-e2 85 3a 8d b3 09 82 ca ....[p....:.....
06c0 - eb 67 07 41 f0 1f a0 7c-07 cc 67 93 72 8e a5 15 .g.A...|..g.r...
06d0 - d4 2c 8b 38 72 2b 7b 9d-51 a5 a4 75 c3 26 24 e1 .,.8r+{.Q..u.&$.
06e0 - 04 d2 ba 0c 02 61 7d da-c6 c3 dc f7 52 80 d6 09 .....a}.....R...
06f0 - da 77 15 0e cc b3 69 2b-e3 33 85 8f 0b e7 9b a2 .w....i+.3......
0700 - 68 b5 4c f5 f2 ef 05 66-31 3c f0 17 57 9d f6 dd h.L....f1<..W...
0710 - 83 20 68 9d 52 fc 6e c7-23 d1 22 9e 9e c8 56 ba . h.R.n.#."...V.
0720 - 92 60 be 29 b3 cc 3b 82-6a 55 ff 34 d9 4f 8d 7c .`.)..;.jU.4.O.|
0730 - ae c2 b1 c8 7e e1 8b 57-74 d4 e5 c1 1a 09 b3 e1 ....~..Wt.......
0740 - d7 dd e3 c9 c0 ba 65 f9-71 f1 fd 20 39 e6 75 16 ......e.q.. 9.u.
0750 - 09 33 8b 87 fa 9d 34 3d-6e c1 58 8e 77 6c 50 f9 .3....4=n.X.wlP.
0760 - 5f a7 fb 21 f2 0d 02 00-aa ec f3 06 18 6d db 8c _..!.........m..
0770 - d3 b6 98 c3 e9 4b a8 e9-41 42 17 42 ed 0d c9 e7 .....K..AB.B....
0780 - b3 b6 6a f3 ab a9 c9 f5-08 a4 e2 cc 96 9b b2 bd ..j.............
0790 - 6b 0f 52 16 6a df fc c9-54 0b 55 79 d8 04 67 37 k.R.j...T.Uy..g7
07a0 - d3 7c 6f b4 44 6e f1 15-21 95 ed 56 c3 19 c6 fc .|o.Dn..!..V....
07b0 - 3e ba ba d0 b3 66 33 aa-66 05 45 37 51 8c de e6 >....f3.f.E7Q...
07c0 - 83 66 2a 3a 92 35 33 d0-04 ba 8a c9 a9 75 38 4c .f*:.53......u8L
07d0 - ab 0f 5f 59 54 38 30 68-c9 26 0d d8 61 37 19 d4 .._YT80h.&..a7..
07e0 - 0d f7 d8 1e d0 e3 72 83-58 b6 2d 23 19 1b b3 59 ......r.X.-#...Y
07f0 - b6 7c 16 c5 b4 55 f3 6b-49 02 c0 1a 7f 5f ba 00 .|...U.kI...._..
0800 - 06 23 30 82 06 1f 30 82-04 07 a0 03 02 01 02 02 .#0...0.........
0810 - 10 02 91 70 d1 4f f8 08-99 42 70 f1 2a e4 88 59 ...p.O...Bp.*..Y
0820 - b1 30 0d 06 09 2a 86 48-86 f7 0d 01 01 05 05 00 .0...*.H........
0830 - 30 47 31 16 30 14 06 0a-09 92 26 89 93 f2 2c 64 0G1.0.....&...,d
0840 - 01 19 16 06 69 6e 74 65-72 6e 31 19 30 17 06 0a ....intern1.0...
0850 - 09 92 26 89 93 f2 2c 64-01 19 16 09 66 65 75 65 ..&...,d....feue
0860 - 72 77 65 68 72 31 12 30-10 06 03 55 04 03 13 09 rwehr1.0...U....
0870 - 66 77 63 65 72 74 30 30-30 30 1e 17 0d 30 35 30 fwcert0000...050
0880 - 37 30 38 31 31 34 30 35-30 5a 17 0d 32 35 30 37 708114050Z..2507
0890 - 30 38 31 31 34 38 33 32-5a 30 47 31 16 30 14 06 08114832Z0G1.0..
08a0 - 0a 09 92 26 89 93 f2 2c-64 01 19 16 06 69 6e 74 ...&...,d....int
08b0 - 65 72 6e 31 19 30 17 06-0a 09 92 26 89 93 f2 2c ern1.0.....&...,
08c0 - 64 01 19 16 09 66 65 75-65 72 77 65 68 72 31 12 d....feuerwehr1.
08d0 - 30 10 06 03 55 04 03 13-09 66 77 63 65 72 74 30 0...U....fwcert0
08e0 - 30 30 30 82 02 22 30 0d-06 09 2a 86 48 86 f7 0d 000.."0...*.H...
08f0 - 01 01 01 05 00 03 82 02-0f 00 30 82 02 0a 02 82 ..........0.....
0900 - 02 01 00 d3 58 46 e1 3b-d1 81 f8 7c 01 12 62 8e ....XF.;...|..b.
0910 - 69 22 a5 cb 8f d5 74 6a-2c 85 30 79 c3 6e bd f1 i"....tj,.0y.n..
0920 - c2 ad ed c3 1b 1c 60 38-9d ea 06 5a ff 32 76 c3 ......`8...Z.2v.
0930 - 9b 16 2f e7 a1 67 09 9e-9c 05 2d 66 d2 4e f1 d1 ../..g....-f.N..
0940 - 23 c0 21 2f b8 29 43 df-2c 56 ae e6 1a 2a db 65 #.!/.)C.,V...*.e
0950 - de c3 a8 f1 27 a2 fb 9a-11 c7 e4 be 4f 96 d1 68 ....'.......O..h
0960 - 24 2c d7 94 ef e1 31 39-a6 7a 3b cc d9 5a 68 be $,....19.z;..Zh.
0970 - 69 98 29 de 18 1c eb a2-eb 42 51 63 76 6d e9 f3 i.)......BQcvm..
0980 - 0b c4 9a b0 ab 23 d9 df-7f d9 4e 4d b9 62 bd 55 .....#....NM.b.U
0990 - 55 13 c6 f4 f8 c0 ec d7-16 d4 13 3d 98 c3 f8 d3 U..........=....
09a0 - 11 da 50 9c f5 7c d0 aa-4c 26 be bd d7 8e b5 81 ..P..|..L&......
09b0 - 74 fb cc 57 f0 75 6a a9-61 3c c1 63 f0 d4 6a 40 t..W.uj.a<.c..j@
09c0 - 8f bd 2a c7 31 14 9e 56-18 ea f0 3d b4 0b dd 36 ..*.1..V...=...6
09d0 - 2c 5b 57 61 fe 9c 7d 15-bb b3 7e 50 f9 53 fc da ,[Wa..}...~P.S..
09e0 - 3c e5 f8 98 a8 6e b7 83-80 b6 b4 62 a5 f5 fd ea <....n.....b....
09f0 - 34 c5 6c 4a 49 1e cf 1c-13 5a b4 05 c0 45 72 a5 4.lJI....Z...Er.
0a00 - b0 26 b8 1a f7 ab ce 37-ff 3a 5d a6 3f 30 bb 89 .&.....7.:].?0..
0a10 - 12 ad 19 2f 3c b9 0b 3f-8c a0 0f 8b c9 f4 19 3e .../<..?.......>
0a20 - e3 e6 37 bc 37 03 16 fe-de 78 c5 d2 b1 af bc 70 ..7.7....x.....p
0a30 - 14 c0 f0 6f 15 9c 99 4d-4a 57 c8 2b 1d 72 69 11 ...o...MJW.+.ri.
0a40 - 17 b7 15 80 04 c6 e9 d2-43 d9 17 c9 a1 34 f5 26 ........C....4.&
0a50 - 93 a7 18 b5 db 65 70 67-87 c3 96 5f 0f 71 f9 18 .....epg..._.q..
0a60 - b0 6c b9 35 90 1c 95 8c-ae fa 32 11 02 0a 96 e6 .l.5......2.....
0a70 - c0 fd 08 a7 81 8c 26 8f-b8 c1 57 01 f7 da cd fc ......&...W.....
0a80 - 7b 79 e8 e3 4f 18 20 c2-d5 99 61 a5 67 b7 b1 fc {y..O. ...a.g...
0a90 - aa de 3e 20 f0 fc 1c c6-3d 95 36 f2 d7 1e 5c b8 ..> ....=.6...\.
0aa0 - 5f d6 6e d8 1c 86 b4 e3-99 35 20 05 34 b0 fa de _.n......5 .4...
0ab0 - 97 af b6 5c d3 43 28 77-e1 17 7e de a1 93 17 08 ...\.C(w..~.....
0ac0 - 7f b1 ec 7d 9a d3 ad 2c-a8 59 7d 44 81 83 ad 52 ...}...,.Y}D...R
0ad0 - 64 94 24 76 2c 8e 27 da-9d 51 a4 10 b4 a4 2b 2d d.$v,.'..Q....+-
0ae0 - 72 75 52 8f b4 e6 a3 28-e8 47 b7 ae 40 77 8d 9d ruR....(.G..@w..
0af0 - d4 cb 4b 6d 68 76 96 c9-25 e7 a0 3d 4b c2 a1 a5 ..Kmhv..%..=K...
0b00 - 0c 21 93 02 03 01 00 01-a3 82 01 05 30 82 01 01 .!..........0...
0b10 - 30 0b 06 03 55 1d 0f 04-04 03 02 01 86 30 0f 06 0...U........0..
0b20 - 03 55 1d 13 01 01 ff 04-05 30 03 01 01 ff 30 1d .U.......0....0.
0b30 - 06 03 55 1d 0e 04 16 04-14 0d 7b b7 94 d2 1d 16 ..U.......{.....
0b40 - 7c 06 f4 be 91 0e 76 5f-d6 29 0f 1c fc 30 10 06 |.....v_.)...0..
0b50 - 09 2b 06 01 04 01 82 37-15 01 04 03 02 01 00 30 .+.....7.......0
0b60 - 81 af 06 03 55 1d 20 04-81 a7 30 81 a4 30 81 a1 ....U. ...0..0..
0b70 - 06 09 2a 03 04 05 06 07-08 09 1f 30 81 93 30 4a ..*........0..0J
0b80 - 06 08 2b 06 01 05 05 07-02 02 30 3e 1e 3c 00 43 ..+.......0>.<.C
0b90 - 00 65 00 72 00 74 00 69-00 66 00 69 00 63 00 61 .e.r.t.i.f.i.c.a
0ba0 - 00 74 00 65 00 20 00 50-00 72 00 61 00 63 00 74 .t.e. .P.r.a.c.t
0bb0 - 00 69 00 63 00 65 00 20-00 53 00 74 00 61 00 74 .i.c.e. .S.t.a.t
0bc0 - 00 65 00 6d 00 65 00 6e-00 74 30 45 06 08 2b 06 .e.m.e.n.t0E..+.
0bd0 - 01 05 05 07 02 01 16 39-68 74 74 70 3a 2f 2f 66 .......9http://f
0be0 - 77 63 65 72 74 30 30 31-2e 66 65 75 65 72 77 65 wcert001.feuerwe
0bf0 - 68 72 2e 69 6e 74 65 72-6e 2f 4c 65 67 61 6c 50 hr.intern/LegalP
0c00 - 6f 6c 69 63 79 2f 72 6f-6f 74 63 70 73 2e 68 74 olicy/rootcps.ht
0c10 - 6d 30 0d 06 09 2a 86 48-86 f7 0d 01 01 05 05 00 m0...*.H........
0c20 - 03 82 02 01 00 77 6d 9f-65 84 03 63 8d 23 37 5a .....wm.e..c.#7Z
0c30 - bc 6b d7 0f 4c d9 0f 9b-26 d0 e7 49 64 7e 25 78 .k..L...&..Id~%x
0c40 - 30 50 47 07 9e e6 89 f5-5a 81 55 05 82 89 3f 5c 0PG.....Z.U...?\
0c50 - bf f5 80 91 6a 21 15 c8-aa d4 d8 51 7a ee 73 e2 ....j!.....Qz.s.
0c60 - c0 a6 06 7b 6d 49 0d 2f-61 2d 94 13 ee f7 68 37 ...{mI./a-....h7
0c70 - 32 6c 17 99 0c 54 ca c1-5f f7 ca 32 74 16 48 b5 2l...T.._..2t.H.
0c80 - 08 9a 8c e7 cd 20 96 ef-29 88 20 0b 6a 3e 19 dc ..... ..). .j>..
0c90 - ab 7d 07 81 56 70 c0 27-45 01 82 02 b3 1a 89 b6 .}..Vp.'E.......
0ca0 - fa 2a b7 58 fc cc 17 ca-a5 56 e0 7a 74 2c 7c ce .*.X.....V.zt,|.
0cb0 - 21 6a 45 5c 81 6f b2 73-26 a2 78 79 ed 0d d9 bd !jE\.o.s&.xy....
0cc0 - 5c 55 45 91 9e 54 9b 37-f7 fa 03 99 eb cf f3 07 \UE..T.7........
0cd0 - 3e 4c b1 33 80 88 fc 10-f0 3a 26 b4 7c 1b 06 e3 >L.3.....:&.|...
0ce0 - cc 85 68 f7 a4 91 a3 4c-f7 1d 72 a1 4e b8 de 79 ..h....L..r.N..y
0cf0 - 28 d6 41 33 0b de 55 86-36 28 56 f3 92 a1 71 8a (.A3..U.6(V...q.
0d00 - 7d e1 80 6c 55 60 3e 11-f3 a1 e9 11 87 b9 5c 17 }..lU`>.......\.
0d10 - f1 0d 90 f5 ee 9f 5d 47-32 d7 f1 9d de a9 bb a1 ......]G2.......
0d20 - 40 c5 6e 9b dd 88 09 ba-d7 29 bd ef 08 d0 0f b2 @.n......)......
0d30 - 51 75 37 fc 5e fb 1d 81-88 30 de 42 67 fa b2 59 Qu7.^....0.Bg..Y
0d40 - 07 c2 20 14 51 01 bc 82-25 28 93 8a 9b c8 36 0e .. .Q...%(....6.
0d50 - 25 92 ec b9 61 94 a5 e6-25 cd 93 41 1f 39 cd ed %...a...%..A.9..
0d60 - d4 e8 f9 c2 48 33 4b 82-87 97 9b c4 14 f0 71 27 ....H3K.......q'
0d70 - b1 d4 5e 7e 1b 77 c7 30-d8 fd eb 1f ad d9 96 8f ..^~.w.0........
0d80 - 84 02 cd 1a 18 7e 37 4b-fb 52 c7 e2 e4 97 ef 11 .....~7K.R......
0d90 - 98 da 0c 9d 74 ca f2 33-05 a6 95 da 4c 99 23 ca ....t..3....L.#.
0da0 - 71 eb d6 47 0d 58 67 25-8f 65 de ee d7 5c f0 30 q..G.Xg%.e...\.0
0db0 - 74 87 62 96 21 05 95 e5-76 f1 00 0f 59 b5 c3 55 t.b.!...v...Y..U
0dc0 - 77 c5 72 d5 10 d2 45 bd-e9 8e 49 38 57 6d 23 11 w.r...E...I8Wm#.
0dd0 - 4d d6 2a 89 97 8a b0 29-d4 d8 a1 f8 f9 d0 e0 f0 M.*....)........
0de0 - 57 14 13 3d 1f 84 59 f2-69 cc 22 6b 2b 5f 92 24 W..=..Y.i."k+_.$
0df0 - 26 72 c4 9b d9 c4 fa 8a-6c 0a 26 4b 70 bc d5 18 &r......l.&Kp...
0e00 - f9 9a 69 aa cb fc e7 cc-47 ae 62 1f ef dd cb ea ..i.....G.b.....
0e10 - aa b8 a4 d1 de 95 7b 19-d7 10 5c 9b 46 b9 b5 bb ......{...\.F...
0e20 - 66 4e af fc d2 fN...
<<< TLS 1.0 Handshake [length 0e25], Certificate
0b 00 0e 21 00 0e 1e 00 07 f5 30 82 07 f1 30 82
05 d9 a0 03 02 01 02 02 13 15 00 00 25 2b 39 be
fc d2 c8 26 ae 33 00 00 00 00 25 2b 30 0d 06 09
2a 86 48 86 f7 0d 01 01 05 05 00 30 47 31 16 30
14 06 0a 09 92 26 89 93 f2 2c 64 01 19 16 06 69
6e 74 65 72 6e 31 19 30 17 06 0a 09 92 26 89 93
f2 2c 64 01 19 16 09 66 65 75 65 72 77 65 68 72
31 12 30 10 06 03 55 04 03 13 09 66 77 63 65 72
74 30 30 30 30 1e 17 0d 31 36 30 35 32 37 30 38
35 34 33 33 5a 17 0d 32 31 30 35 32 36 30 38 35
34 33 33 5a 30 81 af 31 0b 30 09 06 03 55 04 06
13 02 44 45 31 0f 30 0d 06 03 55 04 08 13 06 42
65 72 6c 69 6e 31 0f 30 0d 06 03 55 04 07 13 06
42 65 72 6c 69 6e 31 1b 30 19 06 03 55 04 0a 13
12 42 65 72 6c 69 6e 65 72 20 46 65 75 65 72 77
65 68 72 31 0e 30 0c 06 03 55 04 0b 13 05 5a 53
20 49 54 31 22 30 20 06 03 55 04 03 13 19 76 70
6e 2e 62 65 72 6c 69 6e 65 72 2d 66 65 75 65 72
77 65 68 72 2e 64 65 31 2d 30 2b 06 09 2a 86 48
86 f7 0d 01 09 01 16 1e 77 65 6d 61 73 74 65 72
40 62 65 72 6c 69 6e 65 72 2d 66 65 75 65 72 77
65 68 72 2e 64 65 30 82 02 22 30 0d 06 09 2a 86
48 86 f7 0d 01 01 01 05 00 03 82 02 0f 00 30 82
02 0a 02 82 02 01 00 b1 a3 a9 cc 05 27 56 f5 f2
3c 48 15 ca b0 0a c0 6a a7 e4 0c d0 a5 22 1a c2
79 e1 6c 93 cb a7 6c f9 8f a0 75 15 a1 51 94 ed
38 bf 03 85 7a 16 05 c3 4f cd a4 bf 93 a5 b9 fa
30 71 65 52 38 44 fd 1f 0c 33 e5 28 c3 c7 a5 59
4f b1 dc 36 0b 3d 1c 50 10 c2 37 04 2f 38 ca e1
6b e4 8c e0 25 d1 5c 73 8e 27 87 29 62 bc b8 f4
b2 ab c4 63 a4 6e 03 52 e3 e6 da 0c 6e 98 e6 c8
d3 8f 97 98 f4 c3 27 ed 3f 75 e8 e1 7b 80 c6 c8
f5 e6 d0 4d b8 10 28 f7 72 15 0d 25 c0 e6 61 bc
ee cd 5c e7 3c 3c 85 50 ae c8 4d dc b6 ee 93 45
0d 43 cf 6e 22 a4 b5 1b 5e 90 99 63 18 94 36 55
6b 3d 6e 9e 1d f4 26 eb 2a ab 7c 77 f0 95 2e fc
32 64 c8 5b d2 a8 f9 1f cb 1d 9e bc fd 65 dd da
be d5 1c 66 86 ec 07 37 eb b5 e1 73 35 d1 aa 34
d8 1f 9e df 19 04 25 0a fb 47 fb 40 7b 5e 40 df
97 71 66 b9 2c 45 39 d2 82 69 ce 63 d8 cc 1f b5
64 cb 12 d7 8c 07 fb ff 23 8b a1 e5 fa a2 59 b5
62 07 bf 86 a9 a9 0d b8 5d 26 0b 19 47 81 c9 55
27 61 2b 2a eb 56 5a 67 b2 28 9a 27 91 63 fa eb
59 06 f4 83 3d d8 93 02 37 53 87 3e 5c 60 64 da
fa 19 13 09 3b 00 ab 7c 98 d1 ef 05 3c 06 f2 d2
5a 67 3b 93 a2 85 3e 8a d2 70 0c 6b 2f 8d a7 af
1d e0 b0 9a 8b 25 48 b6 d6 36 d8 95 0d 24 ae b0
5d cf 55 dd 4d 3c e7 ac e4 7f 43 f7 2a 87 3c a0
ba 4a 77 f4 ae a7 b9 4f 1b 82 0a cc 6b 6a d9 9a
6a 00 7c 90 12 6e f4 e3 bc c8 d8 42 17 b5 78 95
6a 74 41 cd 80 d4 6d 93 ea bf 56 5d 52 e8 44 ed
ab 87 aa 42 8d 96 51 7d 6f 66 a1 f7 e9 61 58 a9
cc af ac 9f 6d fc 2f e7 a6 05 f4 48 cd ae 13 e5
d6 d7 e8 2b c7 b6 38 4d ef 69 2f 1e a7 83 22 d6
81 3d 98 80 f6 9a e1 69 4e ae 4b 2f b7 8d 5f ed
86 14 18 31 7d 34 df 02 03 01 00 01 a3 82 02 6b
30 82 02 67 30 1d 06 03 55 1d 0e 04 16 04 14 91
7d c2 59 ee 55 47 80 02 ce c3 1d 64 22 c3 76 da
80 ab ba 30 1f 06 03 55 1d 23 04 18 30 16 80 14
0d 7b b7 94 d2 1d 16 7c 06 f4 be 91 0e 76 5f d6
29 0f 1c fc 30 81 ce 06 03 55 1d 1f 04 81 c6 30
81 c3 30 81 c0 a0 81 bd a0 81 ba 86 81 b7 6c 64
61 70 3a 2f 2f 2f 43 4e 3d 66 77 63 65 72 74 30
30 30 2c 43 4e 3d 66 77 63 65 72 74 30 30 30 2c
43 4e 3d 43 44 50 2c 43 4e 3d 50 75 62 6c 69 63
25 32 30 4b 65 79 25 32 30 53 65 72 76 69 63 65
73 2c 43 4e 3d 53 65 72 76 69 63 65 73 2c 43 4e
3d 43 6f 6e 66 69 67 75 72 61 74 69 6f 6e 2c 44
43 3d 66 65 75 65 72 77 65 68 72 2c 44 43 3d 69
6e 74 65 72 6e 3f 63 65 72 74 69 66 69 63 61 74
65 52 65 76 6f 63 61 74 69 6f 6e 4c 69 73 74 3f
62 61 73 65 3f 6f 62 6a 65 63 74 43 6c 61 73 73
3d 63 52 4c 44 69 73 74 72 69 62 75 74 69 6f 6e
50 6f 69 6e 74 30 81 c0 06 08 2b 06 01 05 05 07
01 01 04 81 b3 30 81 b0 30 81 ad 06 08 2b 06 01
05 05 07 30 02 86 81 a0 6c 64 61 70 3a 2f 2f 2f
43 4e 3d 66 77 63 65 72 74 30 30 30 2c 43 4e 3d
41 49 41 2c 43 4e 3d 50 75 62 6c 69 63 25 32 30
4b 65 79 25 32 30 53 65 72 76 69 63 65 73 2c 43
4e 3d 53 65 72 76 69 63 65 73 2c 43 4e 3d 43 6f
6e 66 69 67 75 72 61 74 69 6f 6e 2c 44 43 3d 66
65 75 65 72 77 65 68 72 2c 44 43 3d 69 6e 74 65
72 6e 3f 63 41 43 65 72 74 69 66 69 63 61 74 65
3f 62 61 73 65 3f 6f 62 6a 65 63 74 43 6c 61 73
73 3d 63 65 72 74 69 66 69 63 61 74 69 6f 6e 41
75 74 68 6f 72 69 74 79 30 0b 06 03 55 1d 0f 04
04 03 02 05 a0 30 3c 06 09 2b 06 01 04 01 82 37
15 07 04 2f 30 2d 06 25 2b 06 01 04 01 82 37 15
08 86 82 b1 44 87 e7 f9 69 83 91 99 1a 87 e8 df
2b a4 c3 5f 1c 83 fc c7 03 84 93 f0 55 02 01 64
02 01 07 30 1d 06 03 55 1d 25 04 16 30 14 06 08
2b 06 01 05 05 07 03 02 06 08 2b 06 01 05 05 07
03 01 30 27 06 09 2b 06 01 04 01 82 37 15 0a 04
1a 30 18 30 0a 06 08 2b 06 01 05 05 07 03 02 30
0a 06 08 2b 06 01 05 05 07 03 01 30 0d 06 09 2a
86 48 86 f7 0d 01 01 05 05 00 03 82 02 01 00 35
f1 c7 7b 25 4c 32 33 84 de 6e d7 33 1d 4a c2 ea
6b 5f 15 e1 3b a4 6c eb d3 bd 73 41 3a 9a 94 0a
82 ad f3 c1 da f2 ca 9c d4 ef 08 67 4b 50 80 08
be 33 92 a4 6b 11 3f 56 77 81 d1 b9 73 ef 70 60
dc e9 b3 54 aa d2 da a8 0d 08 10 a4 01 55 db 75
b2 d6 37 b0 ba 63 db 6a 9a 5f 04 de 0a cf 02 35
6d 48 d2 42 13 c3 32 ae f3 75 a1 b1 d1 88 d6 d5
48 d8 79 60 5a c4 83 e0 9b 21 93 f7 34 f2 60 43
05 0d 77 eb 96 4e 9e c4 6d fd 30 19 e4 8d 36 02
2a e7 56 40 ae 6a 71 54 49 7e 9f 2c ff 78 f6 00
ff 91 9a 5f d0 c1 63 ff b9 15 43 53 e2 c6 65 ef
0c f1 07 e9 5b 70 b0 b9 e2 85 3a 8d b3 09 82 ca
eb 67 07 41 f0 1f a0 7c 07 cc 67 93 72 8e a5 15
d4 2c 8b 38 72 2b 7b 9d 51 a5 a4 75 c3 26 24 e1
04 d2 ba 0c 02 61 7d da c6 c3 dc f7 52 80 d6 09
da 77 15 0e cc b3 69 2b e3 33 85 8f 0b e7 9b a2
68 b5 4c f5 f2 ef 05 66 31 3c f0 17 57 9d f6 dd
83 20 68 9d 52 fc 6e c7 23 d1 22 9e 9e c8 56 ba
92 60 be 29 b3 cc 3b 82 6a 55 ff 34 d9 4f 8d 7c
ae c2 b1 c8 7e e1 8b 57 74 d4 e5 c1 1a 09 b3 e1
d7 dd e3 c9 c0 ba 65 f9 71 f1 fd 20 39 e6 75 16
09 33 8b 87 fa 9d 34 3d 6e c1 58 8e 77 6c 50 f9
5f a7 fb 21 f2 0d 02 00 aa ec f3 06 18 6d db 8c
d3 b6 98 c3 e9 4b a8 e9 41 42 17 42 ed 0d c9 e7
b3 b6 6a f3 ab a9 c9 f5 08 a4 e2 cc 96 9b b2 bd
6b 0f 52 16 6a df fc c9 54 0b 55 79 d8 04 67 37
d3 7c 6f b4 44 6e f1 15 21 95 ed 56 c3 19 c6 fc
3e ba ba d0 b3 66 33 aa 66 05 45 37 51 8c de e6
83 66 2a 3a 92 35 33 d0 04 ba 8a c9 a9 75 38 4c
ab 0f 5f 59 54 38 30 68 c9 26 0d d8 61 37 19 d4
0d f7 d8 1e d0 e3 72 83 58 b6 2d 23 19 1b b3 59
b6 7c 16 c5 b4 55 f3 6b 49 02 c0 1a 7f 5f ba 00
06 23 30 82 06 1f 30 82 04 07 a0 03 02 01 02 02
10 02 91 70 d1 4f f8 08 99 42 70 f1 2a e4 88 59
b1 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00
30 47 31 16 30 14 06 0a 09 92 26 89 93 f2 2c 64
01 19 16 06 69 6e 74 65 72 6e 31 19 30 17 06 0a
09 92 26 89 93 f2 2c 64 01 19 16 09 66 65 75 65
72 77 65 68 72 31 12 30 10 06 03 55 04 03 13 09
66 77 63 65 72 74 30 30 30 30 1e 17 0d 30 35 30
37 30 38 31 31 34 30 35 30 5a 17 0d 32 35 30 37
30 38 31 31 34 38 33 32 5a 30 47 31 16 30 14 06
0a 09 92 26 89 93 f2 2c 64 01 19 16 06 69 6e 74
65 72 6e 31 19 30 17 06 0a 09 92 26 89 93 f2 2c
64 01 19 16 09 66 65 75 65 72 77 65 68 72 31 12
30 10 06 03 55 04 03 13 09 66 77 63 65 72 74 30
30 30 30 82 02 22 30 0d 06 09 2a 86 48 86 f7 0d
01 01 01 05 00 03 82 02 0f 00 30 82 02 0a 02 82
02 01 00 d3 58 46 e1 3b d1 81 f8 7c 01 12 62 8e
69 22 a5 cb 8f d5 74 6a 2c 85 30 79 c3 6e bd f1
c2 ad ed c3 1b 1c 60 38 9d ea 06 5a ff 32 76 c3
9b 16 2f e7 a1 67 09 9e 9c 05 2d 66 d2 4e f1 d1
23 c0 21 2f b8 29 43 df 2c 56 ae e6 1a 2a db 65
de c3 a8 f1 27 a2 fb 9a 11 c7 e4 be 4f 96 d1 68
24 2c d7 94 ef e1 31 39 a6 7a 3b cc d9 5a 68 be
69 98 29 de 18 1c eb a2 eb 42 51 63 76 6d e9 f3
0b c4 9a b0 ab 23 d9 df 7f d9 4e 4d b9 62 bd 55
55 13 c6 f4 f8 c0 ec d7 16 d4 13 3d 98 c3 f8 d3
11 da 50 9c f5 7c d0 aa 4c 26 be bd d7 8e b5 81
74 fb cc 57 f0 75 6a a9 61 3c c1 63 f0 d4 6a 40
8f bd 2a c7 31 14 9e 56 18 ea f0 3d b4 0b dd 36
2c 5b 57 61 fe 9c 7d 15 bb b3 7e 50 f9 53 fc da
3c e5 f8 98 a8 6e b7 83 80 b6 b4 62 a5 f5 fd ea
34 c5 6c 4a 49 1e cf 1c 13 5a b4 05 c0 45 72 a5
b0 26 b8 1a f7 ab ce 37 ff 3a 5d a6 3f 30 bb 89
12 ad 19 2f 3c b9 0b 3f 8c a0 0f 8b c9 f4 19 3e
e3 e6 37 bc 37 03 16 fe de 78 c5 d2 b1 af bc 70
14 c0 f0 6f 15 9c 99 4d 4a 57 c8 2b 1d 72 69 11
17 b7 15 80 04 c6 e9 d2 43 d9 17 c9 a1 34 f5 26
93 a7 18 b5 db 65 70 67 87 c3 96 5f 0f 71 f9 18
b0 6c b9 35 90 1c 95 8c ae fa 32 11 02 0a 96 e6
c0 fd 08 a7 81 8c 26 8f b8 c1 57 01 f7 da cd fc
7b 79 e8 e3 4f 18 20 c2 d5 99 61 a5 67 b7 b1 fc
aa de 3e 20 f0 fc 1c c6 3d 95 36 f2 d7 1e 5c b8
5f d6 6e d8 1c 86 b4 e3 99 35 20 05 34 b0 fa de
97 af b6 5c d3 43 28 77 e1 17 7e de a1 93 17 08
7f b1 ec 7d 9a d3 ad 2c a8 59 7d 44 81 83 ad 52
64 94 24 76 2c 8e 27 da 9d 51 a4 10 b4 a4 2b 2d
72 75 52 8f b4 e6 a3 28 e8 47 b7 ae 40 77 8d 9d
d4 cb 4b 6d 68 76 96 c9 25 e7 a0 3d 4b c2 a1 a5
0c 21 93 02 03 01 00 01 a3 82 01 05 30 82 01 01
30 0b 06 03 55 1d 0f 04 04 03 02 01 86 30 0f 06
03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 1d
06 03 55 1d 0e 04 16 04 14 0d 7b b7 94 d2 1d 16
7c 06 f4 be 91 0e 76 5f d6 29 0f 1c fc 30 10 06
09 2b 06 01 04 01 82 37 15 01 04 03 02 01 00 30
81 af 06 03 55 1d 20 04 81 a7 30 81 a4 30 81 a1
06 09 2a 03 04 05 06 07 08 09 1f 30 81 93 30 4a
06 08 2b 06 01 05 05 07 02 02 30 3e 1e 3c 00 43
00 65 00 72 00 74 00 69 00 66 00 69 00 63 00 61
00 74 00 65 00 20 00 50 00 72 00 61 00 63 00 74
00 69 00 63 00 65 00 20 00 53 00 74 00 61 00 74
00 65 00 6d 00 65 00 6e 00 74 30 45 06 08 2b 06
01 05 05 07 02 01 16 39 68 74 74 70 3a 2f 2f 66
77 63 65 72 74 30 30 31 2e 66 65 75 65 72 77 65
68 72 2e 69 6e 74 65 72 6e 2f 4c 65 67 61 6c 50
6f 6c 69 63 79 2f 72 6f 6f 74 63 70 73 2e 68 74
6d 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00
03 82 02 01 00 77 6d 9f 65 84 03 63 8d 23 37 5a
bc 6b d7 0f 4c d9 0f 9b 26 d0 e7 49 64 7e 25 78
30 50 47 07 9e e6 89 f5 5a 81 55 05 82 89 3f 5c
bf f5 80 91 6a 21 15 c8 aa d4 d8 51 7a ee 73 e2
c0 a6 06 7b 6d 49 0d 2f 61 2d 94 13 ee f7 68 37
32 6c 17 99 0c 54 ca c1 5f f7 ca 32 74 16 48 b5
08 9a 8c e7 cd 20 96 ef 29 88 20 0b 6a 3e 19 dc
ab 7d 07 81 56 70 c0 27 45 01 82 02 b3 1a 89 b6
fa 2a b7 58 fc cc 17 ca a5 56 e0 7a 74 2c 7c ce
21 6a 45 5c 81 6f b2 73 26 a2 78 79 ed 0d d9 bd
5c 55 45 91 9e 54 9b 37 f7 fa 03 99 eb cf f3 07
3e 4c b1 33 80 88 fc 10 f0 3a 26 b4 7c 1b 06 e3
cc 85 68 f7 a4 91 a3 4c f7 1d 72 a1 4e b8 de 79
28 d6 41 33 0b de 55 86 36 28 56 f3 92 a1 71 8a
7d e1 80 6c 55 60 3e 11 f3 a1 e9 11 87 b9 5c 17
f1 0d 90 f5 ee 9f 5d 47 32 d7 f1 9d de a9 bb a1
40 c5 6e 9b dd 88 09 ba d7 29 bd ef 08 d0 0f b2
51 75 37 fc 5e fb 1d 81 88 30 de 42 67 fa b2 59
07 c2 20 14 51 01 bc 82 25 28 93 8a 9b c8 36 0e
25 92 ec b9 61 94 a5 e6 25 cd 93 41 1f 39 cd ed
d4 e8 f9 c2 48 33 4b 82 87 97 9b c4 14 f0 71 27
b1 d4 5e 7e 1b 77 c7 30 d8 fd eb 1f ad d9 96 8f
84 02 cd 1a 18 7e 37 4b fb 52 c7 e2 e4 97 ef 11
98 da 0c 9d 74 ca f2 33 05 a6 95 da 4c 99 23 ca
71 eb d6 47 0d 58 67 25 8f 65 de ee d7 5c f0 30
74 87 62 96 21 05 95 e5 76 f1 00 0f 59 b5 c3 55
77 c5 72 d5 10 d2 45 bd e9 8e 49 38 57 6d 23 11
4d d6 2a 89 97 8a b0 29 d4 d8 a1 f8 f9 d0 e0 f0
57 14 13 3d 1f 84 59 f2 69 cc 22 6b 2b 5f 92 24
26 72 c4 9b d9 c4 fa 8a 6c 0a 26 4b 70 bc d5 18
f9 9a 69 aa cb fc e7 cc 47 ae 62 1f ef dd cb ea
aa b8 a4 d1 de 95 7b 19 d7 10 5c 9b 46 b9 b5 bb
66 4e af fc d2
depth=1 DC = intern, DC = feuerwehr, CN = fwcert000
verify error:num=19:self signed certificate in certificate chain
verify return:0
SSL_connect:SSLv3 read server certificate A
read from 0xab2700 [0xaf5ff3] (5 bytes => 5 (0x5))
0000 - 16 03 01 02 8f .....
read from 0xab2700 [0xaf5ff8] (655 bytes => 655 (0x28F))
0000 - 0c 00 02 8b 03 00 19 85-04 01 66 00 5e c2 3c 2c ..........f.^.<,
0010 - 60 44 7b 4d 42 5b 1d 74-c7 87 f9 ad 15 62 be 87 `D{MB[.t.....b..
0020 - 81 bc d5 21 cf 15 f6 61-45 46 2c 0e a3 fc 74 7f ...!...aEF,...t.
0030 - 2e f9 16 35 c4 45 4b 0d-cc c7 1f f2 c4 26 af 2c ...5.EK......&.,
0040 - 05 e3 e8 15 d6 82 f5 92-6b bf 8f 01 25 fb 74 ab ........k...%.t.
0050 - 04 d2 f5 d8 bf ff 81 bd-d9 cc 02 53 dd f6 a5 14 ...........S....
0060 - 56 63 e3 8f f6 b5 d5 9d-b0 86 94 2f ba 63 08 0d Vc........./.c..
0070 - a3 05 e5 50 f5 af 6f f0-17 6b d8 f0 be ef 2c c9 ...P..o..k....,.
0080 - 3f ad 3a d7 90 b3 d6 66-68 45 2a 00 a5 02 00 1b ?.:....fhE*.....
0090 - cf ac 36 f9 30 2e 83 4f-54 52 46 96 a0 d8 79 92 ..6.0..OTRF...y.
00a0 - 19 51 36 22 ea 26 34 64-12 0f 4c aa 9a 51 8a 86 .Q6".&4d..L..Q..
00b0 - 55 36 04 68 1d db d3 63-94 cc 30 0f f7 12 e6 42 U6.h...c..0....B
00c0 - 73 46 b4 ec e3 f1 66 47-12 ac f8 21 6b ef a9 01 sF....fG...!k...
00d0 - b5 9f 12 16 06 59 1b 82-5f 28 46 81 e1 3f 23 ae .....Y.._(F..?#.
00e0 - 99 31 f1 d3 b7 87 17 c9-34 ac 47 b3 1c 38 f4 cb .1......4.G..8..
00f0 - 0c 90 3d cf ef de fc 3f-84 e5 f6 f4 6e 86 73 e4 ..=....?....n.s.
0100 - 18 e5 bb a4 ec 26 30 35-6c 0a 30 62 18 62 a3 81 .....&05l.0b.b..
0110 - b4 38 3a 3b 86 c6 f4 ae-99 65 ec d0 ed 8f 8f 29 .8:;.....e.....)
0120 - ea a2 fe 5f 33 4b d1 ad-5d 15 bd 96 44 86 d3 46 ..._3K..]...D..F
0130 - dc 9c 4e 3f cb 03 67 37-ea 83 36 e0 4c 1d f4 48 ..N?..g7..6.L..H
0140 - ec ed 02 d4 37 8e 36 01-07 d2 55 06 75 8b 69 18 ....7.6...U.u.i.
0150 - 15 8d f7 3c 1f da 86 3f-30 c0 bb 43 aa ae fe 63 ...<...?0..C...c
0160 - ff 22 65 a7 74 d5 43 54-e9 3f 4f 2e 04 14 94 64 ."e.t.CT.?O....d
0170 - 89 e1 ef 5f fc 7c 4b 9f-00 d5 eb 06 fe 5d cb 91 ..._.|K......]..
0180 - e3 5e b8 e3 92 69 be 5e-a2 ce b2 ce cc 72 52 30 .^...i.^.....rR0
0190 - 0d 1d 9f bc 7b a1 96 94-6d af 11 81 bd ce cd c9 ....{...m.......
01a0 - 52 00 4e b1 ca 22 63 6f-6c 6a 9b 30 50 c1 74 fc R.N.."colj.0P.t.
01b0 - fa ff db 9c 23 0c 71 15-10 ff c9 0f d8 1c 56 79 ....#.q.......Vy
01c0 - 28 81 33 80 80 5e de 4f-81 a2 69 5e c4 78 27 45 (.3..^.O..i^.x'E
01d0 - b0 8a 85 a9 36 23 16 81-3e 5c 48 d4 02 69 18 97 ....6#..>\H..i..
01e0 - d6 17 32 b7 64 ae 7a 3d-14 c8 6e 73 91 e6 b4 d8 ..2.d.z=..ns....
01f0 - 6d ee e6 70 7b e9 4e 5d-24 a6 34 94 ff e0 32 76 m..p{.N]$.4...2v
0200 - 23 30 f8 25 28 00 31 d0-8b 84 8b a2 e3 29 d9 88 #0.%(.1......)..
0210 - d2 77 96 fa f6 aa 14 27-6a 36 d6 73 da f1 1a e7 .w.....'j6.s....
0220 - 8e ab 98 3c 32 da 38 77-3c 2b 97 f2 c7 66 ce b0 ...<2.8w<+...f..
0230 - f0 44 f6 80 5b 80 17 c1-c4 cf f6 af b2 86 fa ce .D..[...........
0240 - 1b 63 54 1f a6 29 2b f6-2b 8e 74 f0 8c 33 8b 41 .cT..)+.+.t..3.A
0250 - 58 a0 bf a2 f8 a6 f5 c2-57 7d 34 ea 5e dc b6 57 X.......W}4.^..W
0260 - 29 bd 11 fa 0e 36 a6 2e-a6 b4 59 5f 5e af 71 26 )....6....Y_^.q&
0270 - 0e 29 9c f0 4f 3f 2f ba-b3 22 7a e2 0c 26 a4 04 .)..O?/.."z..&..
0280 - 59 52 75 c5 21 9b 4f e0-29 b5 98 a1 7c 36 3b YRu.!.O.)...|6;
<<< TLS 1.0 Handshake [length 028f], ServerKeyExchange
0c 00 02 8b 03 00 19 85 04 01 66 00 5e c2 3c 2c
...
0e 29 9c f0 4f 3f 2f ba b3 22 7a e2 0c 26 a4 04
59 52 75 c5 21 9b 4f e0 29 b5 98 a1 7c 36 3b
SSL_connect:SSLv3 read server key exchange A
read from 0xab2700 [0xaf5ff3] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 04 .....
read from 0xab2700 [0xaf5ff8] (4 bytes => 4 (0x4))
0000 - 0e .
0004 - <SPACES/NULS>
<<< TLS 1.0 Handshake [length 0004], ServerHelloDone
0e 00 00 00
SSL_connect:SSLv3 read server done A
>>> TLS 1.0 Handshake [length 008a], ClientKeyExchange
10 00 00 86 85 04 00 b2 f0 0c 23 10 8f c2 dc fc
e8 95 18 fe c4 f9 a2 24 1d 26 b2 9e 2a a9 6f 32
9e c6 61 2d cd fc 43 8a 6c 91 15 1c 28 84 a1 a7
74 48 15 b6 14 e0 18 94 43 f7 35 41 8b 56 4a 29
cf ca 5b 6e 55 c9 35 af 01 dd 71 32 d1 46 6a 2e
69 33 b1 72 d1 55 5e 21 c7 b4 5c ba d4 bf 01 b8
0c e7 90 30 b1 ec 0e bb b7 ff 79 a0 d2 fd c3 b3
20 53 27 14 3a ea 4a 81 6d 4a 5e db b4 e5 9b 3a
4d 94 03 91 99 0b e1 c2 46 07
write to 0xab2700 [0xaffa10] (143 bytes => 143 (0x8F))
0000 - 16 03 01 00 8a 10 00 00-86 85 04 00 b2 f0 0c 23 ...............#
0010 - 10 8f c2 dc fc e8 95 18-fe c4 f9 a2 24 1d 26 b2 ............$.&.
0020 - 9e 2a a9 6f 32 9e c6 61-2d cd fc 43 8a 6c 91 15 .*.o2..a-..C.l..
0030 - 1c 28 84 a1 a7 74 48 15-b6 14 e0 18 94 43 f7 35 .(...tH......C.5
0040 - 41 8b 56 4a 29 cf ca 5b-6e 55 c9 35 af 01 dd 71 A.VJ)..[nU.5...q
0050 - 32 d1 46 6a 2e 69 33 b1-72 d1 55 5e 21 c7 b4 5c 2.Fj.i3.r.U^!..\
0060 - ba d4 bf 01 b8 0c e7 90-30 b1 ec 0e bb b7 ff 79 ........0......y
0070 - a0 d2 fd c3 b3 20 53 27-14 3a ea 4a 81 6d 4a 5e ..... S'.:.J.mJ^
0080 - db b4 e5 9b 3a 4d 94 03-91 99 0b e1 c2 46 07 ....:M.......F.
SSL_connect:SSLv3 write client key exchange A
>>> TLS 1.0 ChangeCipherSpec [length 0001]
01
write to 0xab2700 [0xaffa10] (6 bytes => 6 (0x6))
0000 - 14 03 01 00 01 01 ......
SSL_connect:SSLv3 write change cipher spec A
>>> TLS 1.0 Handshake [length 0010], Finished
14 00 00 0c b4 e7 72 5d 57 18 a8 2e f4 cb 35 8a
write to 0xab2700 [0xaffa10] (53 bytes => 53 (0x35))
0000 - 16 03 01 00 30 21 58 2e-e9 70 26 ae 92 f1 5f 97 ....0!X..p&..._.
0010 - 63 8d 84 6a af 1c c8 f5-01 08 98 e3 21 ff f2 23 c..j........!..#
0020 - b3 3a 77 1a 82 d0 4e 95-db ef d3 cf 71 cd 45 44 .:w...N.....q.ED
0030 - 5d 69 50 82 a6 ]iP..
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
read from 0xab2700 [0xaf5ff3] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 aa .....
read from 0xab2700 [0xaf5ff8] (170 bytes => 170 (0xAA))
0000 - 04 00 00 a6 7f ff ff ff-00 a0 49 f5 12 96 15 1c ..........I.....
0010 - 9b c0 c2 e9 78 2c 63 1f-ab 23 72 96 18 57 35 bc ....x,c..#r..W5.
0020 - a8 f7 b5 d7 86 be 04 65-dc e3 1c 4b 0a 27 06 19 .......e...K.'..
0030 - 94 d1 f9 d3 99 89 c2 45-5c 8e 06 a1 7a cc 4c 1d .......E\...z.L.
0040 - 36 e5 7c 9d 9a 1f 8c fa-e5 5d ba ae 08 ba e7 02 6.|......]......
0050 - d8 2b 89 e7 9a 4c f6 71-59 2d c5 47 dc 38 34 59 .+...L.qY-.G.84Y
0060 - 6a ed b0 2b 62 b1 fe 0d-80 00 47 83 52 76 83 23 j..+b.....G.Rv.#
0070 - ff 83 8f a5 64 58 d0 b6-39 6b 82 9d ae 0d 08 7d ....dX..9k.....}
0080 - 94 15 10 15 9e ed 66 12-f6 c6 41 d1 aa 4f d2 f6 ......f...A..O..
0090 - d4 89 86 a8 dc 30 2d 00-f1 78 da c2 ad 3a 24 79 .....0-..x...:$y
00a0 - 72 2c 6d 55 6f 94 51 21-68 07 r,mUo.Q!h.
<<< TLS 1.0 Handshake [length 00aa]???
04 00 00 a6 7f ff ff ff 00 a0 49 f5 12 96 15 1c
9b c0 c2 e9 78 2c 63 1f ab 23 72 96 18 57 35 bc
a8 f7 b5 d7 86 be 04 65 dc e3 1c 4b 0a 27 06 19
94 d1 f9 d3 99 89 c2 45 5c 8e 06 a1 7a cc 4c 1d
36 e5 7c 9d 9a 1f 8c fa e5 5d ba ae 08 ba e7 02
d8 2b 89 e7 9a 4c f6 71 59 2d c5 47 dc 38 34 59
6a ed b0 2b 62 b1 fe 0d 80 00 47 83 52 76 83 23
ff 83 8f a5 64 58 d0 b6 39 6b 82 9d ae 0d 08 7d
94 15 10 15 9e ed 66 12 f6 c6 41 d1 aa 4f d2 f6
d4 89 86 a8 dc 30 2d 00 f1 78 da c2 ad 3a 24 79
72 2c 6d 55 6f 94 51 21 68 07
SSL_connect:SSLv3 read server session ticket A
read from 0xab2700 [0xaf5ff3] (5 bytes => 5 (0x5))
0000 - 14 03 01 00 01 .....
read from 0xab2700 [0xaf5ff8] (1 bytes => 1 (0x1))
0000 - 01 .
<<< TLS 1.0 ChangeCipherSpec [length 0001]
01
read from 0xab2700 [0xaf5ff3] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 30 ....0
read from 0xab2700 [0xaf5ff8] (48 bytes => 48 (0x30))
0000 - a8 42 8e fe fd 58 26 70-1f 2f dc 43 7e 01 7c b0 .B...X&p./.C~.|.
0010 - 2d 1c d1 eb 23 71 ee 82-2d c1 56 5f a6 ed 3d 92 -...#q..-.V_..=.
0020 - ee 14 92 13 ad 5b 8e 70-5b d1 5e 4b e5 2f bd 21 .....[.p[.^K./.!
<<< TLS 1.0 Handshake [length 0010], Finished
14 00 00 0c 0e d4 99 14 04 38 83 e1 d1 68 03 b8
SSL_connect:SSLv3 read finished A
---
Certificate chain
...
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIH8TCCBdmgAwIBAgITFQAAJSs5vvzSyCauMwAAAAAlKzANBgkqhkiG9w0BAQUF
...
LSMZG7NZtnwWxbRV82tJAsAaf1+6
-----END CERTIFICATE-----
subject=/C=DE/ST=Berlin/L=Berlin/O=Berliner Feuerwehr/OU=ZS IT/CN=vpn.berliner-feuerwehr.de/emailAddress=wemaster@berliner-feuerwehr.de
issuer=/DC=intern/DC=feuerwehr/CN=fwcert000
---
No client certificate CA names sent
Server Temp Key: ECDH, secp521r1, 521 bits
---
SSL handshake has read 4600 bytes and written 357 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : ECDHE-RSA-AES256-SHA
Session-ID: 58B36C73EDBEE058CFB781B3DD438B79DD62C1757E194F23D5B136E6FDC22297
Session-ID-ctx:
Master-Key: 07852F40A50325A955804B6A5410A04F357C2F484315B7B8112A6D2DF26473B4F0F75B47B0E54463413C76D6A952C4E9
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint: 2147483647 (seconds)
TLS session ticket:
0000 - 49 f5 12 96 15 1c 9b c0-c2 e9 78 2c 63 1f ab 23 I.........x,c..#
0010 - 72 96 18 57 35 bc a8 f7-b5 d7 86 be 04 65 dc e3 r..W5........e..
0020 - 1c 4b 0a 27 06 19 94 d1-f9 d3 99 89 c2 45 5c 8e .K.'.........E\.
0030 - 06 a1 7a cc 4c 1d 36 e5-7c 9d 9a 1f 8c fa e5 5d ..z.L.6.|......]
0040 - ba ae 08 ba e7 02 d8 2b-89 e7 9a 4c f6 71 59 2d .......+...L.qY-
0050 - c5 47 dc 38 34 59 6a ed-b0 2b 62 b1 fe 0d 80 00 .G.84Yj..+b.....
0060 - 47 83 52 76 83 23 ff 83-8f a5 64 58 d0 b6 39 6b G.Rv.#....dX..9k
0070 - 82 9d ae 0d 08 7d 94 15-10 15 9e ed 66 12 f6 c6 .....}......f...
0080 - 41 d1 aa 4f d2 f6 d4 89-86 a8 dc 30 2d 00 f1 78 A..O.......0-..x
0090 - da c2 ad 3a 24 79 72 2c-6d 55 6f 94 51 21 68 07 ...:$yr,mUo.Q!h.

Start Time: 1495613091
Timeout : 7200 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---
read from 0xab2700 [0xaf5ff3] (5 bytes => 5 (0x5))
0000 - 17 03 01 00 30 ....0
read from 0xab2700 [0xaf5ff8] (48 bytes => 48 (0x30))
0000 - 0c 63 75 ce 02 d7 a1 09-3c cf a5 d9 3d 01 fe 48 .cu.....<...=..H
0010 - 0a 29 95 af 11 4f 34 8c-09 46 45 19 d6 dd fc 1c .)...O4..FE.....
0020 - b5 3a e9 1f 43 56 83 55-44 a6 8c c9 9b dd 44 82 .:..CV.UD.....D.
220 (vsFTPd 3.0.2)

The error on WinSCP side is the same as posted before:

. 2017-05-24 09:54:14.991 SSL3 alert write: fatal: protocol version
. 2017-05-24 09:54:14.991 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
. 2017-05-24 09:54:14.991 wrong version number
. 2017-05-24 09:54:14.991 TLS layer changed state from connected to aborted

Best regards
holmexx
martin

OK, but can you open the implicit 990 port just for testing?
And use openssl s_client with that?
holmexx

The first log is against the new server, the second one against the old one. Both ftp servers of them are configured as FTP with explicit encryption. This is, the servers are listening at port 21, not at port 990. SFTP will not be used here. I can't change this, because I need to take account of some very modern :-) XP machines. Furthermore, vsftpd.conf, userlist etc. - even the certificate files - are absolute identical between the ftp servers.
martin

Re: Login failed after vsftpd upgrade (2.2.2 --> 3.0.2)

Is that against the new server?

Do you have an FTP server listening on the implicit TLS/SSL port 990? Can you try the openssl s_client against that port?
holmexx

Re: Login failed after vsftpd upgrade (2.2.2 --> 3.0.2)

Okay, I'll give you 2 log's: the first one is the one wich failed (WinSCP 5.9.5 --> vsftpd 3.0.2)

. 2017-05-15 11:25:28.205 --------------------------------------------------------------------------
. 2017-05-15 11:25:28.216 WinSCP Version 5.9.5 (Build 7441) (OS 6.3.9600 - Windows 8.1 Pro)
. 2017-05-15 11:25:28.216 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2017-05-15 11:25:28.216 Log level: Debug 2
. 2017-05-15 11:25:28.216 Local account: FEUERWEHR\xxxxxxxx
. 2017-05-15 11:25:28.216 Working directory: C:\Program Files\WinSCP
. 2017-05-15 11:25:28.216 Process ID: 3656
. 2017-05-15 11:25:28.217 Command-line: "C:\Program Files\WinSCP\WinSCP.exe"
. 2017-05-15 11:25:28.217 Time zone: Current: GMT+2, Standard: GMT+1 (Mitteleuropäische Zeit), DST: GMT+2 (Mitteleuropäische Sommerzeit), DST Start: 26.03.2017, DST End: 29.10.2017
. 2017-05-15 11:25:28.217 Login time: Montag, 15. Mai 2017 11:25:28
. 2017-05-15 11:25:28.217 --------------------------------------------------------------------------
. 2017-05-15 11:25:28.217 Session name: suxxxxx@fwkom001 (Site)
. 2017-05-15 11:25:28.217 Host name: fwkom001 (Port: 21)
. 2017-05-15 11:25:28.218 User name: suxxxxx (Password: No, Key file: No, Passphrase: No)
. 2017-05-15 11:25:28.218 Transfer Protocol: FTP
. 2017-05-15 11:25:28.218 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
. 2017-05-15 11:25:28.218 Disable Nagle: No
. 2017-05-15 11:25:28.218 Proxy: None
. 2017-05-15 11:25:28.218 Send buffer: 262144
. 2017-05-15 11:25:28.218 UTF: Auto
. 2017-05-15 11:25:28.218 FTPS: Explicit TLS/SSL [Client certificate: No]
. 2017-05-15 11:25:28.218 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
. 2017-05-15 11:25:28.218 Session reuse: Yes
. 2017-05-15 11:25:28.218 TLS/SSL versions: TLSv1.1-TLSv1.1
. 2017-05-15 11:25:28.218 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2017-05-15 11:25:28.218 Cache directory changes: Yes, Permanent: Yes
. 2017-05-15 11:25:28.218 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2017-05-15 11:25:28.218 Timezone offset: 0h 0m
. 2017-05-15 11:25:28.218 --------------------------------------------------------------------------
. 2017-05-15 11:25:28.251 Session upkeep
. 2017-05-15 11:25:28.493 Verbinde mit fwkom001 ...
. 2017-05-15 11:25:28.493 TLS layer changed state from unconnected to connecting
. 2017-05-15 11:25:28.493 TLS layer changed state from connecting to connected
. 2017-05-15 11:25:28.493 Verbunden mit fwkom001, TLS Verbindung wird ausgehandelt...
< 2017-05-15 11:25:28.493 220 (vsFTPd 3.0.2)
> 2017-05-15 11:25:28.493 AUTH TLS
< 2017-05-15 11:25:28.493 234 Proceed with negotiation.
. 2017-05-15 11:25:28.493 TLS connect: SSLv3 read server hello A
. 2017-05-15 11:25:28.494 TLS connect: SSLv3 read server certificate A
. 2017-05-15 11:25:28.498 TLS connect: SSLv3 read server key exchange A
. 2017-05-15 11:25:28.498 TLS connect: SSLv3 read server done A
. 2017-05-15 11:25:28.528 TLS connect: SSLv3 write client key exchange A
. 2017-05-15 11:25:28.528 TLS connect: SSLv3 write change cipher spec A
. 2017-05-15 11:25:28.528 TLS connect: SSLv3 write finished A
. 2017-05-15 11:25:28.528 TLS connect: SSLv3 flush data
. 2017-05-15 11:25:28.531 TLS connect: SSLv3 read server session ticket A
. 2017-05-15 11:25:28.531 TLS connect: SSLv3 read finished A
. 2017-05-15 11:25:28.531 Verifying certificate for "Berliner Feuerwehr" with fingerprint <...fingerprint...> and 19 failures
. 2017-05-15 11:25:28.531 Certificate common name "vpn.berliner-feuerwehr.de" does not match hostname
. 2017-05-15 11:25:28.531 Certificate for "Berliner Feuerwehr" matches cached fingerprint and failures
. 2017-05-15 11:25:28.531 Using TLSv1.1, cipher TLSv1/SSLv3: DHE-RSA-AES256-SHA, 4096 bit RSA, DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
. 2017-05-15 11:25:28.531 Session upkeep
. 2017-05-15 11:25:28.545 TLS Verbindung hergestellt. Warte auf die Willkommensnachricht...
> 2017-05-15 11:25:28.545 USER suxxxxx
< 2017-05-15 11:25:28.545 331 Please specify the password.
. 2017-05-15 11:25:29.546 Session upkeep
. 2017-05-15 11:25:30.547 Session upkeep
. 2017-05-15 11:25:31.547 Session upkeep
. 2017-05-15 11:25:32.547 Session upkeep
. 2017-05-15 11:25:33.547 Session upkeep
> 2017-05-15 11:25:33.959 PASS **********
. 2017-05-15 11:25:34.015 SSL3 alert write: fatal: protocol version
. 2017-05-15 11:25:34.015 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
. 2017-05-15 11:25:34.015 wrong version number
. 2017-05-15 11:25:34.015 TLS layer changed state from connected to closed
. 2017-05-15 11:25:34.015 Verbindung zum entferneten Rechner abgebrochen
. 2017-05-15 11:25:34.015 Verbindung fehlgeschlagen.
. 2017-05-15 11:25:34.015 Got reply 1004 to the command 1
* 2017-05-15 11:25:34.061 (EFatal) Verbindung fehlgeschlagen.
* 2017-05-15 11:25:34.061 Using TLSv1.1, cipher TLSv1/SSLv3: DHE-RSA-AES256-SHA, 4096 bit RSA, DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
* 2017-05-15 11:25:34.061
* 2017-05-15 11:25:34.061 SSL3 alert write: fatal: protocol version
* 2017-05-15 11:25:34.061 wrong version number
* 2017-05-15 11:25:34.061 Verbindung zum entferneten Rechner abgebrochen
* 2017-05-15 11:25:34.061 Verbindung fehlgeschlagen.

and the second one is the one which works (same WinSCP Client --> vsftpd 2.2.2, other server)

. 2017-05-15 11:25:41.992 --------------------------------------------------------------------------
. 2017-05-15 11:25:42.006 WinSCP Version 5.9.5 (Build 7441) (OS 6.3.9600 - Windows 8.1 Pro)
. 2017-05-15 11:25:42.006 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2017-05-15 11:25:42.006 Log level: Debug 2
. 2017-05-15 11:25:42.006 Local account: FEUERWEHR\xxxxxxxx
. 2017-05-15 11:25:42.006 Working directory: C:\Program Files\WinSCP
. 2017-05-15 11:25:42.006 Process ID: 3656
. 2017-05-15 11:25:42.006 Command-line: "C:\Program Files\WinSCP\WinSCP.exe"
. 2017-05-15 11:25:42.006 Time zone: Current: GMT+2, Standard: GMT+1 (Mitteleuropäische Zeit), DST: GMT+2 (Mitteleuropäische Sommerzeit), DST Start: 26.03.2017, DST End: 29.10.2017
. 2017-05-15 11:25:42.006 Login time: Montag, 15. Mai 2017 11:25:42
. 2017-05-15 11:25:42.006 --------------------------------------------------------------------------
. 2017-05-15 11:25:42.006 Session name: suxxxxx@10.21.23.59 (Site)
. 2017-05-15 11:25:42.006 Host name: 10.21.23.59 (Port: 21)
. 2017-05-15 11:25:42.006 User name: suxxxxx (Password: No, Key file: No, Passphrase: No)
. 2017-05-15 11:25:42.006 Transfer Protocol: FTP
. 2017-05-15 11:25:42.006 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
. 2017-05-15 11:25:42.006 Disable Nagle: No
. 2017-05-15 11:25:42.006 Proxy: None
. 2017-05-15 11:25:42.006 Send buffer: 262144
. 2017-05-15 11:25:42.006 UTF: Auto
. 2017-05-15 11:25:42.006 FTPS: Explicit TLS/SSL [Client certificate: No]
. 2017-05-15 11:25:42.006 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
. 2017-05-15 11:25:42.006 Session reuse: Yes
. 2017-05-15 11:25:42.006 TLS/SSL versions: TLSv1.0-TLSv1.2
. 2017-05-15 11:25:42.006 Local directory: C:\Users\xxxxxxxx\Documents, Remote directory: /, Update: Yes, Cache: Yes
. 2017-05-15 11:25:42.006 Cache directory changes: Yes, Permanent: Yes
. 2017-05-15 11:25:42.006 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2017-05-15 11:25:42.006 Timezone offset: 0h 0m
. 2017-05-15 11:25:42.006 --------------------------------------------------------------------------
. 2017-05-15 11:25:42.008 Session upkeep
. 2017-05-15 11:25:42.037 Verbinde mit 10.21.23.59 ...
. 2017-05-15 11:25:42.037 TLS layer changed state from unconnected to connecting
. 2017-05-15 11:25:42.037 TLS layer changed state from connecting to connected
. 2017-05-15 11:25:42.037 Verbunden mit 10.21.23.59, TLS Verbindung wird ausgehandelt...
< 2017-05-15 11:25:42.037 220 (vsFTPd 2.2.2)
> 2017-05-15 11:25:42.037 AUTH TLS
< 2017-05-15 11:25:42.037 234 Proceed with negotiation.
. 2017-05-15 11:25:42.052 TLS connect: SSLv3 read server hello A
. 2017-05-15 11:25:42.062 TLS connect: SSLv3 read server certificate A
. 2017-05-15 11:25:42.075 TLS connect: SSLv3 read server key exchange A
. 2017-05-15 11:25:42.075 TLS connect: SSLv3 read server certificate request A
. 2017-05-15 11:25:42.075 TLS connect: SSLv3 read server done A
. 2017-05-15 11:25:42.075 Der Server wünscht eine Authentifizierung mit einem Client Zertifikat.
. 2017-05-15 11:25:42.075 TLS connect: SSLv3 write client certificate A
. 2017-05-15 11:25:42.079 TLS connect: SSLv3 write client key exchange A
. 2017-05-15 11:25:42.079 TLS connect: SSLv3 write change cipher spec A
. 2017-05-15 11:25:42.080 TLS connect: SSLv3 write finished A
. 2017-05-15 11:25:42.080 TLS connect: SSLv3 flush data
. 2017-05-15 11:25:42.083 TLS connect: SSLv3 read server session ticket A
. 2017-05-15 11:25:42.083 TLS connect: SSLv3 read finished A
. 2017-05-15 11:25:42.083 Verifying certificate for "Berliner Feuerwehr" with fingerprint <...fingerprint...> and 19 failures
. 2017-05-15 11:25:42.083 Certificate for "Berliner Feuerwehr" matches cached fingerprint and failures
. 2017-05-15 11:25:42.083 Using TLSv1.2, cipher TLSv1/SSLv3: ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA, ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
. 2017-05-15 11:25:42.089 TLS Verbindung hergestellt. Warte auf die Willkommensnachricht...
> 2017-05-15 11:25:42.089 USER suxxxxx
< 2017-05-15 11:25:42.089 331 Please specify the password.
. 2017-05-15 11:25:43.090 Session upkeep
. 2017-05-15 11:25:44.090 Session upkeep
. 2017-05-15 11:25:45.090 Session upkeep
. 2017-05-15 11:25:46.090 Session upkeep
> 2017-05-15 11:25:46.167 PASS **********
< 2017-05-15 11:25:46.255 230 Login successful.
> 2017-05-15 11:25:46.255 SYST
< 2017-05-15 11:25:46.255 215 UNIX Type: L8
> 2017-05-15 11:25:46.255 FEAT
< 2017-05-15 11:25:46.256 211-Features:
< 2017-05-15 11:25:46.256 AUTH SSL
< 2017-05-15 11:25:46.256 AUTH TLS
< 2017-05-15 11:25:46.256 EPRT
< 2017-05-15 11:25:46.256 EPSV
< 2017-05-15 11:25:46.257 MDTM
< 2017-05-15 11:25:46.257 PASV
< 2017-05-15 11:25:46.257 PBSZ
< 2017-05-15 11:25:46.257 PROT
< 2017-05-15 11:25:46.257 REST STREAM
< 2017-05-15 11:25:46.257 SIZE
< 2017-05-15 11:25:46.257 TVFS
< 2017-05-15 11:25:46.257 UTF8
< 2017-05-15 11:25:46.257 211 End
> 2017-05-15 11:25:46.257 OPTS UTF8 ON
< 2017-05-15 11:25:46.258 200 Always in UTF8 mode.
> 2017-05-15 11:25:46.258 PBSZ 0
< 2017-05-15 11:25:46.258 200 PBSZ set to 0.
> 2017-05-15 11:25:46.258 PROT P
< 2017-05-15 11:25:46.259 200 PROT now Private.
. 2017-05-15 11:25:46.259 Session upkeep
. 2017-05-15 11:25:46.268 Verbunden
martin

Re: Login failed after vsftpd upgrade (2.2.2 --> 3.0.2)

You cannot connect with openssl s_client to FTP port 21. That cannot work.

Show us WinSCP log file.
holmexx

Re: Login failed after vsftpd upgrade (2.2.2 --> 3.0.2)

Even with debug_ssl=ON vsftpd.log contains only 1 line more ...

I've installed another CentOS in the meantime and

'openssl s_client -connect 10.21.23.140:21 -state -debug -tls1_2 -msg'

gives me this:

SSL_connect:before/connect initialization
CONNECTED(00000003)
write to 0x14ca700 [0x1512543] (247 bytes => 247 (0xF7))
0000 - 16 03 01 00 f2 01 00 00-ee 03 03 59 14 54 30 0b ...........Y.T0.
0010 - a2 e8 e8 60 16 1b 23 f5-88 6d 1f 64 11 55 97 71 ...`..#..m.d.U.q
0020 - 81 84 9f 1b 75 42 cb f1-10 45 54 00 00 84 c0 30 ....uB...ET....0
0030 - c0 2c c0 28 c0 24 c0 14-c0 0a 00 a3 00 9f 00 6b .,.(.$.........k
0040 - 00 6a 00 39 00 38 00 88-00 87 c0 32 c0 2e c0 2a .j.9.8.....2...*
0050 - c0 26 c0 0f c0 05 00 9d-00 3d 00 35 00 84 c0 2f .&.......=.5.../
0060 - c0 2b c0 27 c0 23 c0 13-c0 09 00 a2 00 9e 00 67 .+.'.#.........g
0070 - 00 40 00 33 00 32 00 9a-00 99 00 45 00 44 c0 31 .@.3.2.....E.D.1
0080 - c0 2d c0 29 c0 25 c0 0e-c0 04 00 9c 00 3c 00 2f .-.).%.......<./
0090 - 00 96 00 41 c0 12 c0 08-00 16 00 13 c0 0d c0 03 ...A............
00a0 - 00 0a 00 07 c0 11 c0 07-c0 0c c0 02 00 05 00 04 ................
00b0 - 00 ff 01 00 00 41 00 0b-00 04 03 00 01 02 00 0a .....A..........
00c0 - 00 08 00 06 00 19 00 18-00 17 00 23 00 00 00 0d ...........#....
00d0 - 00 20 00 1e 06 01 06 02-06 03 05 01 05 02 05 03 . ..............
00e0 - 04 01 04 02 04 03 03 01-03 02 03 03 02 01 02 02 ................
00f0 - 02 03 00 0f 00 01 01 .......
>>> TLS 1.2 Handshake [length 00f2], ClientHello
01 00 00 ee 03 03 59 14 54 30 0b a2 e8 e8 60 16
1b 23 f5 88 6d 1f 64 11 55 97 71 81 84 9f 1b 75
42 cb f1 10 45 54 00 00 84 c0 30 c0 2c c0 28 c0
24 c0 14 c0 0a 00 a3 00 9f 00 6b 00 6a 00 39 00
38 00 88 00 87 c0 32 c0 2e c0 2a c0 26 c0 0f c0
05 00 9d 00 3d 00 35 00 84 c0 2f c0 2b c0 27 c0
23 c0 13 c0 09 00 a2 00 9e 00 67 00 40 00 33 00
32 00 9a 00 99 00 45 00 44 c0 31 c0 2d c0 29 c0
25 c0 0e c0 04 00 9c 00 3c 00 2f 00 96 00 41 c0
12 c0 08 00 16 00 13 c0 0d c0 03 00 0a 00 07 c0
11 c0 07 c0 0c c0 02 00 05 00 04 00 ff 01 00 00
41 00 0b 00 04 03 00 01 02 00 0a 00 08 00 06 00
19 00 18 00 17 00 23 00 00 00 0d 00 20 00 1e 06
01 06 02 06 03 05 01 05 02 05 03 04 01 04 02 04
03 03 01 03 02 03 03 02 01 02 02 02 03 00 0f 00
01 01
SSL_connect:SSLv3 write client hello A
read from 0x14ca700 [0x150dff3] (5 bytes => 5 (0x5))
0000 - 32 32 30 20 28 220 (
write to 0x14ca700 [0x1517a10] (7 bytes => 7 (0x7))
0000 - 15 03 03 00 02 02 46 ......F
>>> TLS 1.2 Alert [length 0002], fatal protocol_version
02 46
SSL3 alert write:fatal:protocol version
SSL_connect:error in SSLv3 read server hello A
140673296328608:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:339:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1494504496
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---

The tls version in the command above doesn't matter, nothing of them works. Does this help a little bit more?

Regards from Berlin, Germany
holmexx
martin

With FileZilla the problem is exactly the same.

I'm sure a verbosity of vsftpd log can be increased.
holmexx

... in the meantime I've installed a brand new FileZilla. A connection can't be established, due to:

Trace: CControlSocket::SendNextCommand()
Trace: CFtpLogonOpData::Send() in state 0
Status: Verbinde mit 10.21.23.140:21...
Status: Verbindung hergestellt, warte auf Willkommensnachricht...
Trace: CFtpControlSocket::OnReceive()
Antwort: 220 (vsFTPd 3.0.2)
Trace: CFtpLogonOpData::ParseResponse() in state 1
Trace: CControlSocket::SendNextCommand()
Trace: CFtpLogonOpData::Send() in state 2
Befehl: AUTH TLS
Trace: CFtpControlSocket::OnReceive()
Antwort: 234 Proceed with negotiation.
Trace: CFtpLogonOpData::ParseResponse() in state 2
Status: Initialisiere TLS...
Trace: CTlsSocketImpl::Handshake()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: TLS handshake: About to send CLIENT HELLO
Trace: TLS handshake: Sent CLIENT HELLO
Trace: CTlsSocketImpl::OnSend()
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: TLS handshake: Received SERVER HELLO
Trace: TLS handshake: Processed SERVER HELLO
Trace: TLS handshake: Received CERTIFICATE
Trace: TLS handshake: Processed CERTIFICATE
Trace: TLS handshake: Received SERVER KEY EXCHANGE
Trace: TLS handshake: Processed SERVER KEY EXCHANGE
Trace: TLS handshake: Received CERTIFICATE REQUEST
Trace: TLS handshake: Processed CERTIFICATE REQUEST
Trace: TLS handshake: Received SERVER HELLO DONE
Trace: TLS handshake: Processed SERVER HELLO DONE
Trace: TLS handshake: About to send CERTIFICATE
Trace: TLS handshake: Sent CERTIFICATE
Trace: TLS handshake: About to send CLIENT KEY EXCHANGE
Trace: TLS handshake: Sent CLIENT KEY EXCHANGE
Trace: TLS handshake: About to send FINISHED
Trace: TLS handshake: Sent FINISHED
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::ContinueHandshake()
Trace: TLS handshake: Received NEW SESSION TICKET
Trace: TLS handshake: Processed NEW SESSION TICKET
Trace: TLS handshake: Received FINISHED
Trace: TLS handshake: Processed FINISHED
Trace: TLS Handshake successful
Trace: Protocol: TLS1.2, Key exchange: ECDHE-RSA, Cipher: AES-256-GCM, MAC: AEAD
Status: Überprüfe Zertifikat...
Status: TLS-Verbindung hergestellt.
Trace: CControlSocket::SendNextCommand()
Trace: CFtpLogonOpData::Send() in state 5
Befehl: USER sumaass
Trace: CTlsSocketImpl::OnRead()
Trace: CFtpControlSocket::OnReceive()
Antwort: 331 Please specify the password.
Trace: CFtpLogonOpData::ParseResponse() in state 5
Trace: CControlSocket::SendNextCommand()
Trace: CFtpLogonOpData::Send() in state 5
Befehl: PASS **********
Trace: CTlsSocketImpl::OnRead()
Trace: CTlsSocketImpl::Failure(-15)
Fehler: GnuTLS-Fehler -15: An unexpected TLS packet was received.
Trace: CRealControlSocket::OnClose(106)
Trace: CControlSocket::DoClose(66)
Trace: CFtpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Fehler: Herstellen der Verbindung zum Server fehlgeschlagen
Trace: CFileZillaEnginePrivate::ResetOperation(66)
Status: Nächsten Versuch abwarten...
...
<next try omitted, due to the same result>
...
Trace: CRealControlSocket::OnClose(106)
Trace: CControlSocket::DoClose(66)
Trace: CFtpControlSocket::ResetOperation(66)
Trace: CControlSocket::ResetOperation(66)
Fehler: Herstellen der Verbindung zum Server fehlgeschlagen
Trace: CFileZillaEnginePrivate::ResetOperation(66)
holmexx

Hi Martin,

the very verbose - cough - vsftpd log contains this:

Tue May 9 11:00:00 2017 [pid 2986] CONNECT: Client "10.21.136.157"
Tue May 9 11:00:04 2017 [pid 2985] [sumaass] OK LOGIN: Client "10.21.136.157"

Okay, that's me: 10.21.136.157 is my computer, sumaass is the helpless ;-) admin himself.

Year's ago, I've tried FileZilla with no success (infamous GnuTLS error -15, unsolved so far). That was the reason to use WinSCP. WinSCP has been worked very well for years! BTW, thank you for that.

Regards, holmexx
martin

Re: Login failed after vsftpd upgrade (2.2.2 --> 3.0.2)

It's strange, as an initial TLS exchange succeeded. It fails only after authentication. It rather looks like the session is abruptly closed after WinSCP sends a password. If there at least something in the vsftpd log?

Can you login with any other FTPES client?
holmexx

Login failed after vsftpd upgrade (2.2.2 --> 3.0.2)

Hi all,

for historical reasons I have to connect to a vsftpd server via FTPES (FTP, explict encryption). WinSCP 5.9.5 works fine with vsftpd 2.2.2. Now, we want to upgrade our ftp server. But WinSCP cannot connect to a vsftpd server 3.0.2 anymore. The error message reads as:

2017-05-09 11:00:04.663 SSL3 alert write: fatal: protocol version
2017-05-09 11:00:04.663 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

To simplify the comparision I've copied the vsftpd conf file and the certificate files from the old server to the new one. Could this be a WinSCP problem? And if so, can anybody help me with this issue?

holmexx, one of the admin's of the Berlin Fire Department

P.S.:

this is the relevant content of the WinSCP log file:

. 2017-05-09 11:00:00.068 Verbinde mit fwkom001 ...
. 2017-05-09 11:00:00.068 TLS layer changed state from unconnected to connecting
. 2017-05-09 11:00:00.068 TLS layer changed state from connecting to connected
. 2017-05-09 11:00:00.068 Verbunden mit fwkom001, TLS Verbindung wird ausgehandelt...
< 2017-05-09 11:00:00.068 220 (vsFTPd 3.0.2)
> 2017-05-09 11:00:00.068 AUTH TLS
< 2017-05-09 11:00:00.068 234 Proceed with negotiation.
. 2017-05-09 11:00:00.068 TLS connect: SSLv3 read server hello A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 read server certificate A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 read server key exchange A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 read server certificate request A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 read server done A
. 2017-05-09 11:00:00.069 Der Server wünscht eine Authentifizierung mit einem Client Zertifikat.
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 write client certificate A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 write client key exchange A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 write change cipher spec A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 write finished A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 flush data
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 read server session ticket A
. 2017-05-09 11:00:00.069 TLS connect: SSLv3 read finished A
. 2017-05-09 11:00:00.069 Verifying certificate for "Berliner Feuerwehr" with fingerprint <..removed..> and 19 failures
. 2017-05-09 11:00:00.069 Certificate common name "ftp.berliner-feuerwehr.de" does not match hostname
. 2017-05-09 11:00:00.069 Certificate for "Berliner Feuerwehr" matches cached fingerprint and failures
. 2017-05-09 11:00:00.069 Using TLSv1.2, cipher TLSv1/SSLv3: ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA, ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
. 2017-05-09 11:00:00.120 TLS Verbindung hergestellt. Warte auf die Willkommensnachricht...
> 2017-05-09 11:00:00.121 USER <the_wonderful_ftp_user>
< 2017-05-09 11:00:00.121 331 Please specify the password.
. 2017-05-09 11:00:01.121 Session upkeep
. 2017-05-09 11:00:02.121 Session upkeep
. 2017-05-09 11:00:03.121 Session upkeep
. 2017-05-09 11:00:04.121 Session upkeep
> 2017-05-09 11:00:04.612 PASS **********
. 2017-05-09 11:00:04.663 SSL3 alert write: fatal: protocol version
. 2017-05-09 11:00:04.663 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
. 2017-05-09 11:00:04.663 wrong version number
. 2017-05-09 11:00:04.664 TLS layer changed state from connected to aborted

vsftpd logging is very poor and does not contain any useful informations :-(