Socket errors running “openssl s_client -showcerts”












0















I have a .PEM file that I want to install on a Tomcat server. The file looks something like this:



friendlyName: 
subject=CN=myserver.ca.example.com, OU=servers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Issuing CA G3, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

subject=CN=Example Basic Assurance Software Issuing CA G3, OU=certservers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

subject=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,E2EC8A310F02CA01

xxxxxxxx
-----END RSA PRIVATE KEY-----


When I run the command "openssl s_client -showcerts -cert myserver.pem", I get this:



Enter pass phrase for myserver.pem:
socket: Bad file descriptor
connect:errno=9


I'm not sure why I'm getting this when I just want to show the certificates in the file. I've tried various options, such as -prexit, and I'm not seeing anything useful. Do I need to extract the root certificate and install it somewhere? If so, where? Or is my problem something completely different?










share|improve this question


















  • 1





    The s_client subcommand of the openssl command line tool is for making TLS connections to a server. If you just want to see the contents of a .pem, use the x509 subcommand.

    – Spiff
    Jan 2 at 23:16
















0















I have a .PEM file that I want to install on a Tomcat server. The file looks something like this:



friendlyName: 
subject=CN=myserver.ca.example.com, OU=servers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Issuing CA G3, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

subject=CN=Example Basic Assurance Software Issuing CA G3, OU=certservers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

subject=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,E2EC8A310F02CA01

xxxxxxxx
-----END RSA PRIVATE KEY-----


When I run the command "openssl s_client -showcerts -cert myserver.pem", I get this:



Enter pass phrase for myserver.pem:
socket: Bad file descriptor
connect:errno=9


I'm not sure why I'm getting this when I just want to show the certificates in the file. I've tried various options, such as -prexit, and I'm not seeing anything useful. Do I need to extract the root certificate and install it somewhere? If so, where? Or is my problem something completely different?










share|improve this question


















  • 1





    The s_client subcommand of the openssl command line tool is for making TLS connections to a server. If you just want to see the contents of a .pem, use the x509 subcommand.

    – Spiff
    Jan 2 at 23:16














0












0








0








I have a .PEM file that I want to install on a Tomcat server. The file looks something like this:



friendlyName: 
subject=CN=myserver.ca.example.com, OU=servers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Issuing CA G3, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

subject=CN=Example Basic Assurance Software Issuing CA G3, OU=certservers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

subject=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,E2EC8A310F02CA01

xxxxxxxx
-----END RSA PRIVATE KEY-----


When I run the command "openssl s_client -showcerts -cert myserver.pem", I get this:



Enter pass phrase for myserver.pem:
socket: Bad file descriptor
connect:errno=9


I'm not sure why I'm getting this when I just want to show the certificates in the file. I've tried various options, such as -prexit, and I'm not seeing anything useful. Do I need to extract the root certificate and install it somewhere? If so, where? Or is my problem something completely different?










share|improve this question














I have a .PEM file that I want to install on a Tomcat server. The file looks something like this:



friendlyName: 
subject=CN=myserver.ca.example.com, OU=servers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Issuing CA G3, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

subject=CN=Example Basic Assurance Software Issuing CA G3, OU=certservers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

subject=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
issuer=CN=Example Basic Assurance Software Root CA G2, OU=certservers, O=Example, C=US
-----BEGIN CERTIFICATE-----
xxxxxxxx
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,E2EC8A310F02CA01

xxxxxxxx
-----END RSA PRIVATE KEY-----


When I run the command "openssl s_client -showcerts -cert myserver.pem", I get this:



Enter pass phrase for myserver.pem:
socket: Bad file descriptor
connect:errno=9


I'm not sure why I'm getting this when I just want to show the certificates in the file. I've tried various options, such as -prexit, and I'm not seeing anything useful. Do I need to extract the root certificate and install it somewhere? If so, where? Or is my problem something completely different?







ssl certificate






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Jan 2 at 22:50









samwysesamwyse

1133




1133








  • 1





    The s_client subcommand of the openssl command line tool is for making TLS connections to a server. If you just want to see the contents of a .pem, use the x509 subcommand.

    – Spiff
    Jan 2 at 23:16














  • 1





    The s_client subcommand of the openssl command line tool is for making TLS connections to a server. If you just want to see the contents of a .pem, use the x509 subcommand.

    – Spiff
    Jan 2 at 23:16








1




1





The s_client subcommand of the openssl command line tool is for making TLS connections to a server. If you just want to see the contents of a .pem, use the x509 subcommand.

– Spiff
Jan 2 at 23:16





The s_client subcommand of the openssl command line tool is for making TLS connections to a server. If you just want to see the contents of a .pem, use the x509 subcommand.

– Spiff
Jan 2 at 23:16










0






active

oldest

votes











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1389977%2fsocket-errors-running-openssl-s-client-showcerts%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes
















draft saved

draft discarded




















































Thanks for contributing an answer to Super User!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1389977%2fsocket-errors-running-openssl-s-client-showcerts%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Probability when a professor distributes a quiz and homework assignment to a class of n students.

Aardman Animations

Are they similar matrix