Session id using curl_7_35
0
I want to use curl to get the session id. So, please help me if there is any way to get the session id using Curl. Earlier I was using Open SSL to capture the session id. Now, I don't want to use it.
I tried to send this command:
curl_7_35_0 -v -k -tls1.2 --sessionid 'not_sure_what_to_use_here' https://30.1.1.101/ssl_ecdhe.txt
Am I missing something here? If yes, please do let me know.
Output if I use OpenSSL
Cli31(runs)#/usr/local/ssl/bin/openssl s_client -connect 30.1.1.101:443 -tls1_2 -servername 20.1.1.1 -reconnect -crlf
CONNECTED(00000003)
depth=0 C = US, ST = California, L = San Jose, O = A10Networks Inc., OU = QA, CN = www.automationserver.com, emailAddress = info@a10networks.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = California, L = San Jose, O = A10Networks Inc., OU = QA, CN = www.automationserver.com, emailAddress = info@a10networks.com
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
i:/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICkTCCAjigAwIBAgIJAMSTNrUEbSQ4MAkGByqGSM49BAEwgaUxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEZMBcG
A1UECgwQQTEwTmV0d29ya3MgSW5jLjELMAkGA1UECwwCUUExITAfBgNVBAMMGHd3
dy5hdXRvbWF0aW9uc2VydmVyLmNvbTEjMCEGCSqGSIb3DQEJARYUaW5mb0BhMTBu
ZXR3b3Jrcy5jb20wHhcNMTQxMTE0MDk0ODU2WhcNMjQxMTExMDk0ODU2WjCBpTEL
MAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFNhbiBK
b3NlMRkwFwYDVQQKDBBBMTBOZXR3b3JrcyBJbmMuMQswCQYDVQQLDAJRQTEhMB8G
A1UEAwwYd3d3LmF1dG9tYXRpb25zZXJ2ZXIuY29tMSMwIQYJKoZIhvcNAQkBFhRp
bmZvQGExMG5ldHdvcmtzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEIt
e+YKJNyZtyshcoELz8raSxvviLnYElxSdhedUSWluLOdV7RQFvcA7vUSSXpJkKCN
LFSsN3ZuLe0bEOfe/RyjUDBOMB0GA1UdDgQWBBRdh99xn941eV8A/zYpsSWKE8vW
cjAfBgNVHSMEGDAWgBRdh99xn941eV8A/zYpsSWKE8vWcjAMBgNVHRMEBTADAQH/
MAkGByqGSM49BAEDSAAwRQIhAOvWNfesjT2CPQjEDato2C84lEXeOGx8wKxDKKLV
7kxfAiBDcWCPPXPQLfW/PtEn+yrRNyrd2KDKk3uU3CvviFJt6w==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
issuer=/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1010 bytes and written 475 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
GET /ssl_ecdhe.txt HTTP/1.0
read:errno=104
curl ssl
asked Aug 21 '17 at 10:19
alphaalpha
12
bumped to the homepage by Community♦ 1 hour ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
0
I want to use curl to get the session id. So, please help me if there is any way to get the session id using Curl. Earlier I was using Open SSL to capture the session id. Now, I don't want to use it.
I tried to send this command:
curl_7_35_0 -v -k -tls1.2 --sessionid 'not_sure_what_to_use_here' https://30.1.1.101/ssl_ecdhe.txt
Am I missing something here? If yes, please do let me know.
Output if I use OpenSSL
Cli31(runs)#/usr/local/ssl/bin/openssl s_client -connect 30.1.1.101:443 -tls1_2 -servername 20.1.1.1 -reconnect -crlf
CONNECTED(00000003)
depth=0 C = US, ST = California, L = San Jose, O = A10Networks Inc., OU = QA, CN = www.automationserver.com, emailAddress = info@a10networks.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = California, L = San Jose, O = A10Networks Inc., OU = QA, CN = www.automationserver.com, emailAddress = info@a10networks.com
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
i:/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICkTCCAjigAwIBAgIJAMSTNrUEbSQ4MAkGByqGSM49BAEwgaUxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEZMBcG
A1UECgwQQTEwTmV0d29ya3MgSW5jLjELMAkGA1UECwwCUUExITAfBgNVBAMMGHd3
dy5hdXRvbWF0aW9uc2VydmVyLmNvbTEjMCEGCSqGSIb3DQEJARYUaW5mb0BhMTBu
ZXR3b3Jrcy5jb20wHhcNMTQxMTE0MDk0ODU2WhcNMjQxMTExMDk0ODU2WjCBpTEL
MAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFNhbiBK
b3NlMRkwFwYDVQQKDBBBMTBOZXR3b3JrcyBJbmMuMQswCQYDVQQLDAJRQTEhMB8G
A1UEAwwYd3d3LmF1dG9tYXRpb25zZXJ2ZXIuY29tMSMwIQYJKoZIhvcNAQkBFhRp
bmZvQGExMG5ldHdvcmtzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEIt
e+YKJNyZtyshcoELz8raSxvviLnYElxSdhedUSWluLOdV7RQFvcA7vUSSXpJkKCN
LFSsN3ZuLe0bEOfe/RyjUDBOMB0GA1UdDgQWBBRdh99xn941eV8A/zYpsSWKE8vW
cjAfBgNVHSMEGDAWgBRdh99xn941eV8A/zYpsSWKE8vWcjAMBgNVHRMEBTADAQH/
MAkGByqGSM49BAEDSAAwRQIhAOvWNfesjT2CPQjEDato2C84lEXeOGx8wKxDKKLV
7kxfAiBDcWCPPXPQLfW/PtEn+yrRNyrd2KDKk3uU3CvviFJt6w==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
issuer=/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1010 bytes and written 475 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
GET /ssl_ecdhe.txt HTTP/1.0
read:errno=104
curl ssl
asked Aug 21 '17 at 10:19
alphaalpha
12
bumped to the homepage by Community♦ 1 hour ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
0
0
0
I want to use curl to get the session id. So, please help me if there is any way to get the session id using Curl. Earlier I was using Open SSL to capture the session id. Now, I don't want to use it.
I tried to send this command:
curl_7_35_0 -v -k -tls1.2 --sessionid 'not_sure_what_to_use_here' https://30.1.1.101/ssl_ecdhe.txt
Am I missing something here? If yes, please do let me know.
Output if I use OpenSSL
Cli31(runs)#/usr/local/ssl/bin/openssl s_client -connect 30.1.1.101:443 -tls1_2 -servername 20.1.1.1 -reconnect -crlf
CONNECTED(00000003)
depth=0 C = US, ST = California, L = San Jose, O = A10Networks Inc., OU = QA, CN = www.automationserver.com, emailAddress = info@a10networks.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = California, L = San Jose, O = A10Networks Inc., OU = QA, CN = www.automationserver.com, emailAddress = info@a10networks.com
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
i:/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICkTCCAjigAwIBAgIJAMSTNrUEbSQ4MAkGByqGSM49BAEwgaUxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEZMBcG
A1UECgwQQTEwTmV0d29ya3MgSW5jLjELMAkGA1UECwwCUUExITAfBgNVBAMMGHd3
dy5hdXRvbWF0aW9uc2VydmVyLmNvbTEjMCEGCSqGSIb3DQEJARYUaW5mb0BhMTBu
ZXR3b3Jrcy5jb20wHhcNMTQxMTE0MDk0ODU2WhcNMjQxMTExMDk0ODU2WjCBpTEL
MAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFNhbiBK
b3NlMRkwFwYDVQQKDBBBMTBOZXR3b3JrcyBJbmMuMQswCQYDVQQLDAJRQTEhMB8G
A1UEAwwYd3d3LmF1dG9tYXRpb25zZXJ2ZXIuY29tMSMwIQYJKoZIhvcNAQkBFhRp
bmZvQGExMG5ldHdvcmtzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEIt
e+YKJNyZtyshcoELz8raSxvviLnYElxSdhedUSWluLOdV7RQFvcA7vUSSXpJkKCN
LFSsN3ZuLe0bEOfe/RyjUDBOMB0GA1UdDgQWBBRdh99xn941eV8A/zYpsSWKE8vW
cjAfBgNVHSMEGDAWgBRdh99xn941eV8A/zYpsSWKE8vWcjAMBgNVHRMEBTADAQH/
MAkGByqGSM49BAEDSAAwRQIhAOvWNfesjT2CPQjEDato2C84lEXeOGx8wKxDKKLV
7kxfAiBDcWCPPXPQLfW/PtEn+yrRNyrd2KDKk3uU3CvviFJt6w==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
issuer=/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1010 bytes and written 475 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
GET /ssl_ecdhe.txt HTTP/1.0
read:errno=104
curl ssl
asked Aug 21 '17 at 10:19
alphaalpha
12
I want to use curl to get the session id. So, please help me if there is any way to get the session id using Curl. Earlier I was using Open SSL to capture the session id. Now, I don't want to use it.
I tried to send this command:
curl_7_35_0 -v -k -tls1.2 --sessionid 'not_sure_what_to_use_here' https://30.1.1.101/ssl_ecdhe.txt
Am I missing something here? If yes, please do let me know.
Output if I use OpenSSL
Cli31(runs)#/usr/local/ssl/bin/openssl s_client -connect 30.1.1.101:443 -tls1_2 -servername 20.1.1.1 -reconnect -crlf
CONNECTED(00000003)
depth=0 C = US, ST = California, L = San Jose, O = A10Networks Inc., OU = QA, CN = www.automationserver.com, emailAddress = info@a10networks.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = California, L = San Jose, O = A10Networks Inc., OU = QA, CN = www.automationserver.com, emailAddress = info@a10networks.com
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
i:/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICkTCCAjigAwIBAgIJAMSTNrUEbSQ4MAkGByqGSM49BAEwgaUxCzAJBgNVBAYT
AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhTYW4gSm9zZTEZMBcG
A1UECgwQQTEwTmV0d29ya3MgSW5jLjELMAkGA1UECwwCUUExITAfBgNVBAMMGHd3
dy5hdXRvbWF0aW9uc2VydmVyLmNvbTEjMCEGCSqGSIb3DQEJARYUaW5mb0BhMTBu
ZXR3b3Jrcy5jb20wHhcNMTQxMTE0MDk0ODU2WhcNMjQxMTExMDk0ODU2WjCBpTEL
MAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcMCFNhbiBK
b3NlMRkwFwYDVQQKDBBBMTBOZXR3b3JrcyBJbmMuMQswCQYDVQQLDAJRQTEhMB8G
A1UEAwwYd3d3LmF1dG9tYXRpb25zZXJ2ZXIuY29tMSMwIQYJKoZIhvcNAQkBFhRp
bmZvQGExMG5ldHdvcmtzLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEIt
e+YKJNyZtyshcoELz8raSxvviLnYElxSdhedUSWluLOdV7RQFvcA7vUSSXpJkKCN
LFSsN3ZuLe0bEOfe/RyjUDBOMB0GA1UdDgQWBBRdh99xn941eV8A/zYpsSWKE8vW
cjAfBgNVHSMEGDAWgBRdh99xn941eV8A/zYpsSWKE8vWcjAMBgNVHRMEBTADAQH/
MAkGByqGSM49BAEDSAAwRQIhAOvWNfesjT2CPQjEDato2C84lEXeOGx8wKxDKKLV
7kxfAiBDcWCPPXPQLfW/PtEn+yrRNyrd2KDKk3uU3CvviFJt6w==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
issuer=/C=US/ST=California/L=San Jose/O=A10Networks Inc./OU=QA/CN=www.automationserver.com/emailAddress=info@a10networks.com
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 1010 bytes and written 475 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
drop connection and then reconnect
CONNECTED(00000003)
---
Reused, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-AES128-SHA
Session-ID: 0AABABCBB2C24ABD3D5BD4B84A1914EC563E3D518108A89487A6B056BB879CC4
Session-ID-ctx:
Master-Key: BCD8B034C67DB603132FB69295FEB996628502A08BE9E58BAF03D365A8FFCC03E117A4D836BB782AAA2D65424686BB2A
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1503310272
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
GET /ssl_ecdhe.txt HTTP/1.0
read:errno=104
curl ssl
curl ssl
asked Aug 21 '17 at 10:19
alphaalpha
12
asked Aug 21 '17 at 10:19
alphaalpha
12
asked Aug 21 '17 at 10:19
alphaalpha
12
asked Aug 21 '17 at 10:19
alphaalpha
12
asked Aug 21 '17 at 10:19
alphaalpha
12
12
bumped to the homepage by Community♦ 1 hour ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 1 hour ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
0
I don't think there is a --sessionid option for curl or something similar you could use here. It would not make any sense too since the TLS session id (and session token) both refer to internal SSL states from an existing TLS handshake which the curl client does not have.
answered Aug 21 '17 at 10:29
Steffen UllrichSteffen Ullrich
1,461811
They have provided --sessionid in their man page. Please find the snippet. --no-sessionid (SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0) Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.
– alpha
Aug 21 '17 at 10:39
I think you are right. Thanks for the help
– alpha
Aug 21 '17 at 10:43
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f387388%2fsession-id-using-curl-7-35%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
0
I don't think there is a --sessionid option for curl or something similar you could use here. It would not make any sense too since the TLS session id (and session token) both refer to internal SSL states from an existing TLS handshake which the curl client does not have.
answered Aug 21 '17 at 10:29
Steffen UllrichSteffen Ullrich
1,461811
They have provided --sessionid in their man page. Please find the snippet. --no-sessionid (SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0) Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.
– alpha
Aug 21 '17 at 10:39
I think you are right. Thanks for the help
– alpha
Aug 21 '17 at 10:43
add a comment |
0
I don't think there is a --sessionid option for curl or something similar you could use here. It would not make any sense too since the TLS session id (and session token) both refer to internal SSL states from an existing TLS handshake which the curl client does not have.
answered Aug 21 '17 at 10:29
Steffen UllrichSteffen Ullrich
1,461811
They have provided --sessionid in their man page. Please find the snippet. --no-sessionid (SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0) Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.
– alpha
Aug 21 '17 at 10:39
I think you are right. Thanks for the help
– alpha
Aug 21 '17 at 10:43
add a comment |
0
0
0
I don't think there is a --sessionid option for curl or something similar you could use here. It would not make any sense too since the TLS session id (and session token) both refer to internal SSL states from an existing TLS handshake which the curl client does not have.
answered Aug 21 '17 at 10:29
Steffen UllrichSteffen Ullrich
1,461811
I don't think there is a --sessionid option for curl or something similar you could use here. It would not make any sense too since the TLS session id (and session token) both refer to internal SSL states from an existing TLS handshake which the curl client does not have.
answered Aug 21 '17 at 10:29
Steffen UllrichSteffen Ullrich
1,461811
answered Aug 21 '17 at 10:29
Steffen UllrichSteffen Ullrich
1,461811
answered Aug 21 '17 at 10:29
Steffen UllrichSteffen Ullrich
1,461811
answered Aug 21 '17 at 10:29
Steffen UllrichSteffen Ullrich
1,461811
1,461811
They have provided --sessionid in their man page. Please find the snippet. --no-sessionid (SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0) Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.
– alpha
Aug 21 '17 at 10:39
I think you are right. Thanks for the help
– alpha
Aug 21 '17 at 10:43
add a comment |
They have provided --sessionid in their man page. Please find the snippet. --no-sessionid (SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0) Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.
– alpha
Aug 21 '17 at 10:39
I think you are right. Thanks for the help
– alpha
Aug 21 '17 at 10:43
They have provided --sessionid in their man page. Please find the snippet. --no-sessionid (SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0) Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.
– alpha
Aug 21 '17 at 10:39
They have provided --sessionid in their man page. Please find the snippet. --no-sessionid (SSL) Disable curl's use of SSL session-ID caching. By default all transfers are done using the cache. Note that while nothing should ever get hurt by attempting to reuse SSL session-IDs, there seem to be broken SSL implementations in the wild that may require you to disable this in order for you to succeed. (Added in 7.16.0) Note that this is the negated option name documented. You can thus use --sessionid to enforce session-ID caching.
– alpha
Aug 21 '17 at 10:39
I think you are right. Thanks for the help
– alpha
Aug 21 '17 at 10:43
I think you are right. Thanks for the help
– alpha
Aug 21 '17 at 10:43
add a comment |
draft saved
draft discarded
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f387388%2fsession-id-using-curl-7-35%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
