0

Windows Server 2012, Web Application has SSL installed from GoDaddy Ubuntu box has a running application which has a different SSL installed from GoDaddy.

Application on Ubuntu points to the application on Windows Server 2012.

in SSH, curl -Is https://appliation.xxxx.us:443 | head -1 output: HTTP/1.1 200

telnet is successful. ports are verified DNS entries are added correctly

HTTPS Application on Ubuntu works fine when points to HTTP web app on Windows Server. What could be the reason? Are there any useful commands to run to see the log files on Ubuntu to troubleshoot this issue?

I thought it could be a handshake issue, so I added the CA cert of Windows web app to CA-certificates on Ubuntu box (followed these steps -- How do I install a root certificate?)

UPDATE: ran : curl -1vsS https://appliation.xxxx.us:443

partial output:

  • found 149 certificates in /etc/ssl/certs/ca-certificates.crt
  • found 596 certificates in /etc/ssl/certs
  • ALPN, offering http/1.1
  • SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
  • server certificate verification OK
  • server certificate status verification SKIPPED
  • common name: des-ubillfs-s1.arlingtonva.us (matched)
  • server certificate expiration date OK
  • server certificate activation date OK
  • certificate public key: RSA
  • certificate version: #3
  • subject: OU=Domain Control Validated,CN=des-ubillfs-s1.arlingtonva.us
  • start date: Wed, 13 Mar 2019 16:30:25 GMT
  • expire date: Sat, 13 Mar 2021 16:30:25 GMT
  • issuer: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, Inc.,OU=http://certs.godaddy.com/repository/,CN=Go Daddy Secure Certificate Authority - G2
  • compression: NULL * ALPN, server did not agree to a protocol /> GET / HTTP/1.1
Tasha
  • 1

1 Answers1

0

It was resolved.

Ran openssl s_client -connect [HOST]:[PORT] the output showed that the cert did not have the root and intermediate certs added the missing certs , so Ubuntu could verify the issuer

Tasha
  • 1