回答編集履歴
1
確認方法を追記
test
CHANGED
@@ -1 +1,189 @@
|
|
1
1
|
TLS 1.2 が、サポートされたのは、OpenSSL version 1.0.1 からだと思うのですが、お使いの環境の OpenSSL のバージョンは、いくつでしょうか?
|
2
|
+
|
3
|
+
|
4
|
+
|
5
|
+
確認方法:
|
6
|
+
|
7
|
+
|
8
|
+
|
9
|
+
```
|
10
|
+
|
11
|
+
openssl s_client -connect www.google.com:443 -tls1_2
|
12
|
+
|
13
|
+
```
|
14
|
+
|
15
|
+
|
16
|
+
|
17
|
+
対応している場合
|
18
|
+
|
19
|
+
|
20
|
+
|
21
|
+
```
|
22
|
+
|
23
|
+
CONNECTED(00000003)
|
24
|
+
|
25
|
+
depth=2 OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign
|
26
|
+
|
27
|
+
verify return:1
|
28
|
+
|
29
|
+
depth=1 C = US, O = Google Trust Services, CN = Google Internet Authority G3
|
30
|
+
|
31
|
+
verify return:1
|
32
|
+
|
33
|
+
depth=0 C = US, ST = California, L = Mountain View, O = Google LLC, CN = www.google.com
|
34
|
+
|
35
|
+
verify return:1
|
36
|
+
|
37
|
+
---
|
38
|
+
|
39
|
+
Certificate chain
|
40
|
+
|
41
|
+
0 s:/C=US/ST=California/L=Mountain View/O=Google LLC/CN=www.google.com
|
42
|
+
|
43
|
+
i:/C=US/O=Google Trust Services/CN=Google Internet Authority G3
|
44
|
+
|
45
|
+
1 s:/C=US/O=Google Trust Services/CN=Google Internet Authority G3
|
46
|
+
|
47
|
+
i:/OU=GlobalSign Root CA - R2/O=GlobalSign/CN=GlobalSign
|
48
|
+
|
49
|
+
---
|
50
|
+
|
51
|
+
Server certificate
|
52
|
+
|
53
|
+
-----BEGIN CERTIFICATE-----
|
54
|
+
|
55
|
+
(省略)
|
56
|
+
|
57
|
+
-----END CERTIFICATE-----
|
58
|
+
|
59
|
+
subject=/C=US/ST=California/L=Mountain View/O=Google LLC/CN=www.google.com
|
60
|
+
|
61
|
+
issuer=/C=US/O=Google Trust Services/CN=Google Internet Authority G3
|
62
|
+
|
63
|
+
---
|
64
|
+
|
65
|
+
No client certificate CA names sent
|
66
|
+
|
67
|
+
Peer signing digest: SHA256
|
68
|
+
|
69
|
+
Server Temp Key: ECDH, P-256, 256 bits
|
70
|
+
|
71
|
+
---
|
72
|
+
|
73
|
+
SSL handshake has read 2986 bytes and written 415 bytes
|
74
|
+
|
75
|
+
---
|
76
|
+
|
77
|
+
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
|
78
|
+
|
79
|
+
Server public key is 2048 bit
|
80
|
+
|
81
|
+
Secure Renegotiation IS supported
|
82
|
+
|
83
|
+
Compression: NONE
|
84
|
+
|
85
|
+
Expansion: NONE
|
86
|
+
|
87
|
+
No ALPN negotiated
|
88
|
+
|
89
|
+
SSL-Session:
|
90
|
+
|
91
|
+
Protocol : TLSv1.2
|
92
|
+
|
93
|
+
Cipher : ECDHE-RSA-AES128-GCM-SHA256
|
94
|
+
|
95
|
+
Session-ID: 9279A0635D520A443EB6E4F8B49571E05E678212FDB4E2FEF21498BAEED9A042
|
96
|
+
|
97
|
+
Session-ID-ctx:
|
98
|
+
|
99
|
+
Master-Key: B0E2902118E3182E9ADEBEB731C0FF080580986DFC9F90242EA64DF5C9A37408862B28EE0AC285E17EDDE711D2006B8A
|
100
|
+
|
101
|
+
Key-Arg : None
|
102
|
+
|
103
|
+
Krb5 Principal: None
|
104
|
+
|
105
|
+
PSK identity: None
|
106
|
+
|
107
|
+
PSK identity hint: None
|
108
|
+
|
109
|
+
TLS session ticket lifetime hint: 100800 (seconds)
|
110
|
+
|
111
|
+
TLS session ticket:
|
112
|
+
|
113
|
+
0000 - 00 03 c1 16 a8 05 68 cb-be 36 04 0d 94 4a 5e e1 ......h..6...J^.
|
114
|
+
|
115
|
+
0010 - f7 94 06 7f 69 62 8c 3b-26 df 36 c1 fc 94 2a 7b ....ib.;&.6...*{
|
116
|
+
|
117
|
+
0020 - db 52 9e 7d 5c 9a 00 99-00 c8 2d 6b eb 0d c2 1f .R.}.....-k....
|
118
|
+
|
119
|
+
0030 - af 0d 7a 4f d3 5b 5c c2-b3 5b c7 64 52 d0 e0 2f ..zO.[..[.dR../
|
120
|
+
|
121
|
+
0040 - 19 5e ac d9 62 db 18 11-19 af 4d 26 89 79 20 48 .^..b.....M&.y H
|
122
|
+
|
123
|
+
0050 - 2f ae 8a 56 d7 0e 51 11-48 6c 59 26 73 48 c9 a0 /..V..Q.HlY&sH..
|
124
|
+
|
125
|
+
0060 - 79 38 de 19 ec 0a 67 8a-40 f9 ed 16 9f 90 0b dd y8....g.@.......
|
126
|
+
|
127
|
+
0070 - b9 3b c2 b7 26 e6 7d d2-9b d5 2b b1 53 ed 9f f7 .;..&.}...+.S...
|
128
|
+
|
129
|
+
0080 - ef 77 d5 2b 7a 03 05 4d-43 c9 6d 42 51 47 d3 ac .w.+z..MC.mBQG..
|
130
|
+
|
131
|
+
0090 - 62 28 f8 35 d0 e0 be 09-56 bc c9 fe 98 83 c1 cc b(.5....V.......
|
132
|
+
|
133
|
+
00a0 - b3 af 04 7e 67 fb ca 7e-7e b3 0f 80 5d 8f 01 18 ...~g..~~...]...
|
134
|
+
|
135
|
+
00b0 - 93 50 10 b1 5b 8d ae 95-2e 67 8b 30 72 a1 d8 af .P..[....g.0r...
|
136
|
+
|
137
|
+
00c0 - 93 25 43 90 df 8d e5 a6-7e 57 96 85 6f 24 c0 1e .%C.....~W..o$..
|
138
|
+
|
139
|
+
00d0 - 6b 86 ee 9d 9c k....
|
140
|
+
|
141
|
+
|
142
|
+
|
143
|
+
Start Time: 1537337921
|
144
|
+
|
145
|
+
Timeout : 7200 (sec)
|
146
|
+
|
147
|
+
Verify return code: 0 (ok)
|
148
|
+
|
149
|
+
---
|
150
|
+
|
151
|
+
(以下略)
|
152
|
+
|
153
|
+
```
|
154
|
+
|
155
|
+
のような結果で、
|
156
|
+
|
157
|
+
```
|
158
|
+
|
159
|
+
SSL-Session:
|
160
|
+
|
161
|
+
Protocol : TLSv1.2
|
162
|
+
|
163
|
+
Cipher : ECDHE-RSA-AES128-GCM-SHA256
|
164
|
+
|
165
|
+
Session-ID: 9279A0635D520A443EB6E4F8B49571E05E678212FDB4E2FEF21498BAEED9A042
|
166
|
+
|
167
|
+
Session-ID-ctx:
|
168
|
+
|
169
|
+
```
|
170
|
+
|
171
|
+
とあります。
|
172
|
+
|
173
|
+
|
174
|
+
|
175
|
+
対応していない場合
|
176
|
+
|
177
|
+
```
|
178
|
+
|
179
|
+
$ openssl s_client -connect www.google.com:443 -tls1_2
|
180
|
+
|
181
|
+
unknown option -tls1_2
|
182
|
+
|
183
|
+
usage: s_client args
|
184
|
+
|
185
|
+
```
|
186
|
+
|
187
|
+
|
188
|
+
|
189
|
+
オプションのエラーになります。
|