1

Тема: ошибки работы с сертификатами

Ошибка работы с сертификатом
не работает
https://paste.ubuntu.com/p/HGhN2fCmcQ/

2

Re: ошибки работы с сертификатами

date
Sat 13 Jun 2020 04:24:07 PM EDT

3

Re: ошибки работы с сертификатами

uname -a
Linux Microknoppix 5.2.5-64 #10 SMP PREEMPT Sat Aug 3 20:57:52 CEST 2019 x86_64 GNU/Linux

4

Re: ошибки работы с сертификатами

chkrootkit 
ROOTDIR is `/'
Checking `amd'...                                           not found
Checking `basename'...                                      not infected
Checking `biff'...                                          not found
Checking `chfn'...                                          not infected
Checking `chsh'...                                          not infected
Checking `cron'...                                          not infected
Checking `crontab'...                                       not infected
Checking `date'...                                          not infected
Checking `du'...                                            not infected
Checking `dirname'...                                       not infected
Checking `echo'...                                          not infected
Checking `egrep'...                                         not infected
Checking `env'...                                           not infected
Checking `find'...                                          not infected
Checking `fingerd'...                                       not found
Checking `gpm'...                                           not infected
Checking `grep'...                                          not infected
Checking `hdparm'...                                        not infected
Checking `su'...                                            not infected
Checking `ifconfig'...                                      not infected
Checking `inetd'...                                         not infected
Checking `inetdconf'...                                     not infected
Checking `identd'...                                        not found
Checking `init'...                                          not infected
Checking `killall'...                                       not infected
Checking `ldsopreload'...                                   not infected
Checking `login'...                                         not infected
Checking `ls'...                                            not infected
Checking `lsof'...                                          not infected
Checking `mail'...                                          not infected
Checking `mingetty'...                                      not found
Checking `netstat'...                                       not infected
Checking `named'...                                         not infected
Checking `passwd'...                                        not infected
Checking `pidof'...                                         not infected
Checking `pop2'...                                          not found
Checking `pop3'...                                          not found
Checking `ps'...                                            not infected
Checking `pstree'...                                        not infected
Checking `rpcinfo'...                                       not infected
Checking `rlogind'...                                       not found
Checking `rshd'...                                          not found
Checking `slogin'...                                        not infected
Checking `sendmail'...                                      not infected
Checking `sshd'...                                          not found
Checking `syslogd'...                                       not tested
Checking `tar'...                                           not infected
Checking `tcpd'...                                          not infected
Checking `tcpdump'...                                       not infected
Checking `top'...                                           not infected
Checking `telnetd'...                                       not found
Checking `timed'...                                         not found
Checking `traceroute'...                                    not infected
Checking `vdir'...                                          not infected
Checking `w'...                                             not infected
Checking `write'...                                         not infected
Checking `aliens'...                                        no suspect files
Searching for sniffer's logs, it may take a while...        nothing found
Searching for rootkit HiDrootkit's default files...         nothing found
Searching for rootkit t0rn's default files...               nothing found
Searching for t0rn's v8 defaults...                         nothing found
Searching for rootkit Lion's default files...               nothing found
Searching for rootkit RSHA's default files...               nothing found
Searching for rootkit RH-Sharpe's default files...          nothing found
Searching for Ambient's rootkit (ark) default files and dirs... nothing found
Searching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found:  
/usr/lib/python3/dist-packages/PyQt5/uic/widget-plugins/.noinit /usr/lib/jvm/.java-1.8.0-openjdk-i386.jinfo /usr/lib/python2.7/dist-packages/matplotlib/tests/baseline_images/.keep /usr/lib/python2.7/dist-packages/PyQt5/uic/widget-plugins/.noinit

Searching for LPD Worm files and dirs...                    nothing found
Searching for Ramen Worm files and dirs...                  nothing found
Searching for Maniac files and dirs...                      nothing found
Searching for RK17 files and dirs...                        nothing found
Searching for Ducoci rootkit...                             nothing found
Searching for Adore Worm...                                 nothing found
Searching for ShitC Worm...                                 nothing found
Searching for Omega Worm...                                 nothing found
Searching for Sadmind/IIS Worm...                           nothing found
Searching for MonKit...                                     nothing found
Searching for Showtee...                                    nothing found
Searching for OpticKit...                                   nothing found
Searching for T.R.K...                                      nothing found
Searching for Mithra...                                     nothing found
Searching for LOC rootkit...                                nothing found
Searching for Romanian rootkit...                           nothing found
Searching for Suckit rootkit...                             nothing found
Searching for Volc rootkit...                               nothing found
Searching for Gold2 rootkit...                              nothing found
Searching for TC2 Worm default files and dirs...            nothing found
Searching for Anonoying rootkit default files and dirs...   nothing found
Searching for ZK rootkit default files and dirs...          nothing found
Searching for ShKit rootkit default files and dirs...       nothing found
Searching for AjaKit rootkit default files and dirs...      nothing found
Searching for zaRwT rootkit default files and dirs...       nothing found
Searching for Madalin rootkit default files...              nothing found
Searching for Fu rootkit default files...                   nothing found
Searching for ESRK rootkit default files...                 nothing found
Searching for rootedoor...                                  nothing found
Searching for ENYELKM rootkit default files...              nothing found
Searching for common ssh-scanners default files...          nothing found
Searching for Linux/Ebury - Operation Windigo ssh...        not tested
Searching for 64-bit Linux Rootkit ...                      nothing found
Searching for 64-bit Linux Rootkit modules...               nothing found
Searching for Mumblehard Linux ...                          nothing found
Searching for Backdoor.Linux.Mokes.a ...                    nothing found
Searching for Malicious TinyDNS ...                         nothing found
Searching for Linux.Xor.DDoS ...                            nothing found
Searching for Linux.Proxy.1.0 ...                           nothing found
Searching for suspect PHP files...                          nothing found
Searching for anomalies in shell history files...           nothing found
Checking `asp'...                                           not infected
Checking `bindshell'...                                     not infected
Checking `lkm'...                                           chkproc: nothing detected
48    /usr/share
1    /usr/share/zsh
4    /usr/share/texmf
1    /usr/share/texmf/tex
1    /usr/share/texmf/fonts
1    /usr/share/texmf/fonts/opentype
2    /usr/share/texmf/fonts/opentype/public
1    /usr/share/texmf/doc
1    /usr/share/qt5
3    /usr/share/python
6    /usr/share/perl5
1    /usr/share/perl
9    /usr/share/perl/5.28.1
1    /usr/share/perl/5.28.1/IO
14    /usr/share/mime
1    /usr/share/maxima
3    /usr/share/fonts
1    /usr/share/fonts/type1
2    /usr/share/fonts/truetype
1    /usr/share/emacs
1    /usr/share/bash-completion
1    /usr/share/sounds
1    /usr/share/sounds/freedesktop
34    /usr/share/locale
1    /usr/share/locale/en
1    /usr/share/locale/de_AT
1    /usr/share/locale/zh_TW
1    /usr/share/locale/zh_HK
1    /usr/share/locale/zh_CN
1    /usr/share/locale/pl_PL
1    /usr/share/locale/fr_CA
2    /usr/share/locale/en_GB
2    /usr/share/locale/en_CA
2    /usr/share/locale/en_AU
1    /usr/share/locale/fil
1    /usr/share/locale/tr
1    /usr/share/locale/sl
1    /usr/share/locale/sk
1    /usr/share/locale/ru
1    /usr/share/locale/pl
1    /usr/share/locale/nl
1    /usr/share/locale/it
1    /usr/share/locale/ja
1    /usr/share/locale/hu
1    /usr/share/locale/hi
1    /usr/share/locale/he
1    /usr/share/locale/fr
1    /usr/share/locale/fi
1    /usr/share/locale/es
1    /usr/share/locale/cs
2    /usr/share/locale/de
1    /usr/share/locale/da
1    /usr/share/locale/bg
1    /usr/share/locale/be
2    /usr/share/dbus-1
1    /usr/share/glib-2.0
1    /usr/share/polkit-1
2    /usr/share/lintian
4    /usr/share/icons
1    /usr/share/icons/gnome
1    /usr/share/icons/gnome/scalable
20    /usr/share/icons/hicolor
1    /usr/share/icons/hicolor/72x72
3    /usr/share/icons/hicolor/64x64
1    /usr/share/icons/hicolor/512x512
3    /usr/share/icons/hicolor/48x48
2    /usr/share/icons/hicolor/256x256
1    /usr/share/icons/hicolor/192x192
1    /usr/share/icons/hicolor/1024x1024
4    /usr/share/icons/hicolor/128x128
1    /usr/share/icons/hicolor/symbolic
4    /usr/share/icons/hicolor/scalable
4    /usr/share/icons/hicolor/32x32
2    /usr/share/icons/hicolor/24x24
3    /usr/share/icons/hicolor/22x22
4    /usr/share/icons/hicolor/16x16
1    /usr/share/icons/HighContrast
1    /usr/share/icons/HighContrast/scalable
1    /usr/share/gnome
10    /usr/share/help
13    /usr/share/man
1    /usr/share/man/zh_CN
1    /usr/share/man/tr
1    /usr/share/man/ru
1    /usr/share/man/pl
1    /usr/share/man/fr
2    /usr/share/man/de
2    /usr/share/doc
2    /usr/share/doc/HTML
chkdirs: nothing detected
Checking `rexedcs'...                                       not found
Checking `sniffer'...                                       lo: not promisc and no packet sniffer sockets
wlan0: PACKET SNIFFER(/UNIONFS/sbin/wpa_supplicant[2788], /UNIONFS/sbin/wpa_supplicant[2788])
Checking `w55808'...                                        not infected
Checking `wted'...                                          chkwtmp: nothing deleted
Checking `scalper'...                                       not infected
Checking `slapper'...                                       not infected
Checking `z2'...                                            unable to open lastlog-file lastlog
Checking `chkutmp'...                                        The tty of the following user process(es) were not found
 in /var/run/utmp !
! RUID          PID TTY    CMD
! root         8460 tty1   bash -login
! root         8461 tty2   bash -login
! root         8463 tty3   bash -login
! root         8462 tty4   bash -login
! root         2617 tty6   /usr/lib/xorg/Xorg :0 -dpi 96 -br -noreset -nolisten tcp vt6
! knoppix      5857 pts/0  /bin/bash
! root         6204 pts/0  bash
! root         9133 pts/0  bash
! root         6980 pts/0  /bin/sh /usr/sbin/chkrootkit
! root         7718 pts/0  ./chkutmp
! root         7719 pts/0  ps axk tty,ruser,args -o tty,pid,ruser,args
! root         6203 pts/0  su
! root         9132 pts/0  su
! root         6202 pts/0  sudo su
! root         9131 pts/0  sudo su
chkutmp: nothing deleted
Checking `OSX_RSPLUG'...                                    not tested

5

Re: ошибки работы с сертификатами

https://cloud.mail.ru/public/5yhs/2cxxpB9o6

6

Re: ошибки работы с сертификатами

 wget https://google.ru
--2020-06-13 17:39:17--  https://google.ru/
Resolving google.ru (google.ru)... 216.58.207.227, 2a00:1450:400f:80c::2003
Connecting to google.ru (google.ru)|216.58.207.227|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://www.google.ru/ [following]
--2020-06-13 17:39:18--  https://www.google.ru/
Resolving www.google.ru (www.google.ru)... 172.217.21.163, 2a00:1450:400f:80a::2003
Connecting to www.google.ru (www.google.ru)|172.217.21.163|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’

index.html              [ <=>                ]  12.26K  --.-KB/s    in 0.01s   

2020-06-13 17:39:19 (1.13 MB/s) - ‘index.html’ saved [12554]

7

Re: ошибки работы с сертификатами

curl РАБОТАЕТ

8 (2020-06-13 18:13:54 отредактировано belka2)

Re: ошибки работы с сертификатами

Высылаю письмо о железе и логах а обратную связь

9

Re: ошибки работы с сертификатами

Очень странно, у меня работает curl.

curl https://belka3.chatovod.ru/ -v -o /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 195.211.101.131...
* TCP_NODELAY set
* Connected to belka3.chatovod.ru (195.211.101.131) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [94 bytes data]
* NPN, negotiated HTTP1.1
{ [5 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [4548 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [262 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Unknown (67):
} [36 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / AES256-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: OU=Domain Control Validated; OU=GoGetSSL Wildcard SSL; CN=*.chatovod.ru
*  start date: Nov 18 00:00:00 2019 GMT
*  expire date: Feb 26 23:59:59 2021 GMT
*  subjectAltName: host "belka3.chatovod.ru" matched cert's "*.chatovod.ru"
*  issuer: C=LV; L=Riga; O=GoGetSSL; CN=GoGetSSL RSA DV CA
*  SSL certificate verify ok.
} [5 bytes data]
> GET / HTTP/1.1
> Host: belka3.chatovod.ru
> User-Agent: curl/7.58.0
> Accept: */*
> 
{ [5 bytes data]
< HTTP/1.1 200 
< Server: nginx
< Date: Sat, 13 Jun 2020 18:25:31 GMT
< Content-Type: text/html;charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Vary: Accept-Encoding
< Set-Cookie: lang=ru;Max-Age=157680000;path=/
< Set-Cookie: sid=efeca46acad64a50ac20a350945c26cb; Path=/; Secure; HttpOnly; SameSite=None
< P3P: CP="Website does not have a P3P policy."
< 
{ [16017 bytes data]
100 34854    0 34854    0     0   724k      0 --:--:-- --:--:-- --:--:--  724k
* Connection #0 to host belka3.chatovod.ru left intact

И wget

wget https://belka3.chatovod.ru/
--2020-06-13 21:31:46--  https://belka3.chatovod.ru/
Resolving belka3.chatovod.ru (belka3.chatovod.ru)... 195.211.101.131
Connecting to belka3.chatovod.ru (belka3.chatovod.ru)|195.211.101.131|:443... connected.
HTTP request sent, awaiting response... 200 
Length: unspecified [text/html]
Saving to: ‘index.html’

index.html                                        [ <=>                                                                                             ]  34.04K  --.-KB/s    in 0s      

2020-06-13 21:31:46 (78.1 MB/s) - ‘index.html’ saved [34854]
http://chatovod.ru - чат для вашего сайта

10

Re: ошибки работы с сертификатами

Исправлено, проверьте.

http://chatovod.ru - чат для вашего сайта

11 (2020-06-13 19:07:52 отредактировано belka2)

Re: ошибки работы с сертификатами

да нашел. не поставлены апдейты
можно закрыть тему