<......F.0070 - 8d 14 c9 19 32 7e 5d 91-67 7e 1b 6a fc 25 7f d5....2~].g~.j.%..0080 - d4 54 88 b5 bf 80 5f 98-c3 fb 8d fb 9b 11 51 b2.T...._.......Q.0090 - 76 87 c6 30 f9 dd bc 29-18 2d 77 d0 e9 8a c4 1cv..0...).-w.....00a0 - 79 57 8f f7 0a 2b 45 a2-af 6a e8 ed a9 71 d9 1ayW...+E..j...q..00b0 - e9 4c 00 c3 af 55 7f c5-ea e6 21 79 06 c1 17 e2.L...U....!y....00c0 - 51 fd 13 1f 86 23 3b 4a-83 ef cd ca f2 58 03 f7Q....#;J.....X..Start Time: 1594350907Timeout: 7200 (sec)Verify return code: 18 (self signed certificate)Extended master secret: noMax Early Data: 0---read R BLOCK---Post-Handshake New Session Ticket arrived:SSL-Session:Protocol: TLSv1.3Cipher: TLS_AES_256_GCM_SHA384Session-ID: D6A0BFC0E2A25C3FC3727B67723A048261942DCAA417B935E3D6A4877B6C552BSession-ID-ctx: Resumption PSK: 54BBD1FB31F49E9B554E260474049F9BFA31648106BBC4E46BC2D6273C00E454F78AFB37A02DE2FE614552FB380CFD63PSK identity: NonePSK identity hint: NoneSRP username: NoneTLS session ticket lifetime hint: 7200 (seconds)TLS session ticket:0000 - 35 b2 1c ea 7e 51 96 41-4e 88 7b 99 bf 98 fe ce5...~Q.AN.{.....0010 - 0f b3 9e 27 43 3a e3 f7-70 e2 f7 79 f0 3a dc 60...'C:..p..y.:.`0020 - f1 35 61 c9 ac 31 5b d2-e3 89 56 98 c8 77 a7 cf.5a..1[...V..w..0030 - 1d 39 c3 ba 67 49 3b ec-da e0 22 84 c5 c0 6f 96.9..gI;..."...o.0040 - 1b 6e 17 b4 cd 50 51 26-f1 a7 88 32 49 c6 76 3c.n...PQ&...2I.v<0050 - 73 5a 70 9e 23 91 6f 91-ea 83 45 cb fe cb 07 7csZp.#.o...E....|0060 - 10 6c 6b 2d f8 02 f4 e4-f2 10 58 b8 7c 6f 62 a0.lk-......X.|ob.0070 - d4 59 82 c4 54 f7 94 b0-ca b8 32 e3 34 59 84 32.Y..T.....2.4Y.20080 - 2f da 66 31 06 0c dd e2-ca d7 50 2b 6c 00 d8 01/.f1......P+l...0090 - 23 a7 af b9 bf e2 e6 24-41 fd fe a1 ad f1 34 96#......$A.....4.00a0 - cb 44 b9 89 67 3c bd a1-c7 e8 c7 0b 48 f6 15 31.D..g<......H..100b0 - 65 03 eb eb b9 b0 6e f9-1e c5 39 ed ac 87 ac 7ae.....n...9....z00c0 - ed 8f ea 24 b6 f6 62 a3-37 8c c1 0f ea 28 7b 41...$..b.7....({AStart Time: 1594350907Timeout: 7200 (sec)Verify return code: 18 (self signed certificate)Extended master secret: noMax Early Data: 0---read R BLOCKhello world!
好了双向认证成功了！
单向认证测试结果
服务器端输入- 2020 -key .key -cert .crt
客户端输入- :2020
连上后服务器端输入hello world!结果如下：
google@ubuntu1404:~/workspace/openssl/server$ openssl s_server -accept 2020 -key server.key -cert server.crtUsing default temp DH parametersACCEPT-----BEGIN SSL SESSION PARAMETERS-----MH4CAQECAgMEBAITAgQg6MN1pjhacTJ/ijwV2gvpytlE9bxjLgTYRI1G5XTsh3IEMLxDbU0tZkzKY3rJva1tABWPVq+4xa3Qzo69aTUuOAwiM0vvGCswUgUtakdO/t623aEGAgRfB97WogQCAhwgpAYEBAEAAACuBwIFANs4vlg=-----END SSL SESSION PARAMETERS-----Shared ciphers:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHASignature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1:DSA+SHA224:DSA+SHA1:DSA+SHA256:DSA+SHA384:DSA+SHA512Shared Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1Supported Elliptic Groups: X25519:P-256:X448:P-521:P-384Shared Elliptic groups: X25519:P-256:X448:P-521:P-384CIPHER is TLS_AES_256_GCM_SHA384Secure Renegotiation IS supportedhello world!