Vérification avec OPenSSL :
$ openssl s_client -connect iperf.fr:443 -status -servername iperf.fr
CONNECTED(00000003)
depth=1 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Class 1 Primary Intermediate Server CA
verify error:num=20:unable to get local issuer certificate
verify return:0
OCSP response:
======================================
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: C = IL, O = StartCom Ltd. (Start Commercial Limited), CN = StartCom Class 1 Server OCSP Signer
Produced At: Apr 17 02:24:09 2015 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 6568874F40750F016A3475625E1F5C93E5A26D58
Issuer Key Hash: EB4234D098B0AB9FF41B6B08F7CC642EEF0E2C45
Serial Number: 10E6DC
Cert Status: good
This Update: Apr 17 02:24:09 2015 GMT
Next Update: Apr 19 02:24:09 2015 GMT
Signature Algorithm: sha1WithRSAEncryption
40:f3:e7:17:95:6c:55:ca:6d:91:8d:03:d1:dd:bd:bb:19:25:
79:81:a5:51:38:91:c7:89:93:0c:26:6c:cc:d1:b5:20:29:c6:
44:6c:ae:75:97:f2:31:72:05:fa:98:d6:d7:f1:1d:42:ff:67:
81:7a:d5:7e:43:8f:a2:55:2e:c5:5f:2d:41:b8:72:29:1c:8c:
39:a2:bb:f1:01:85:1c:e8:a4:bc:9d:36:43:12:b7:12:74:6b:
c3:75:99:de:44:8e:f7:92:79:9a:62:8c:d2:3f:22:13:02:79:
92:99:e4:86:a1:47:61:d7:a2:36:f6:ee:64:1c:1a:d0:47:76:
dc:ce:6f:cf:0a:ca:b4:f1:24:ab:7e:98:a8:25:8c:ec:e6:34:
69:9d:85:59:b7:01:11:9e:96:7a:c3:35:fc:7b:d0:ad:3f:67:
37:a8:c3:78:a2:68:b2:97:15:93:f3:a0:d6:94:39:52:af:25:
5f:27:ff:bc:45:34:33:09:01:d2:e4:f5:3c:05:58:5f:0b:b4:
39:ec:90:e7:41:cc:d9:fa:7a:b6:9e:6c:ac:5c:a7:86:04:17:
43:a0:f2:ed:d4:36:53:ad:a4:e6:0e:77:d7:b9:7e:92:cf:6c:
60:fb:c0:f2:2d:dd:a1:30:82:79:3f:d6:fb:7e:59:03:7e:7d:
00:c9:97:74
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1531175 (0x175d27)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Class 1 Primary Intermediate Server CA
Validity
Not Before: Mar 22 22:07:45 2015 GMT
Not After : May 2 02:12:05 2015 GMT
Subject: C=IL, O=StartCom Ltd. (Start Commercial Limited), CN=StartCom Class 1 Server OCSP Signer
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b9:56:1b:4c:45:31:87:17:17:80:84:e9:6e:17:
8d:f2:25:5e:18:ed:8d:8e:cc:7c:2b:7b:51:a6:c1:
c2:e6:bf:0a:a3:60:30:66:f1:32:fe:10:ae:97:b5:
0e:99:fa:24:b8:3f:c5:3d:d2:77:74:96:38:7d:14:
e1:c3:a9:b6:a4:93:3e:2a:c1:24:13:d0:85:57:0a:
95:b8:14:74:14:a0:bc:00:7c:7b:cf:22:24:46:ef:
7f:1a:15:6d:7e:a1:c5:77:fc:5f:0f:ac:df:d4:2e:
b0:f5:97:49:90:cb:2f:5c:ef:eb:ce:ef:4d:1b:dc:
7a:e5:c1:07:5c:5a:99:a9:31:71:f2:b0:84:5b:4f:
f0:86:4e:97:3f:cf:e3:2f:9d:75:11:ff:87:a3:e9:
43:41:0c:90:a4:49:3a:30:6b:69:44:35:93:40:a9:
ca:96:f0:2b:66:ce:67:f0:28:df:29:80:a6:aa:ee:
8d:5d:5d:45:2b:8b:0e:b9:3f:92:3c:c1:e2:3f:cc:
cb:db:e7:ff:cb:11:4d:08:fa:7a:6a:3c:40:4f:82:
5d:1a:0e:71:59:35:cf:62:3a:8c:7b:59:67:00:14:
ed:06:22:f6:08:9a:94:47:a7:a1:90:10:f7:fe:58:
f8:41:29:a2:76:5e:a3:67:82:4d:1c:3b:b2:fd:a3:
08:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment, Key Agreement
X509v3 Extended Key Usage:
OCSP Signing, OCSP No Check
X509v3 Subject Key Identifier:
45:E0:A3:66:95:41:4C:5D:D4:49:BC:00:E3:3C:DC:DB:D2:34:3E:17
X509v3 Authority Key Identifier:
keyid:EB:42:34:D0:98:B0:AB:9F:F4:1B:6B:08:F7:CC:64:2E:EF:0E:2C:45
X509v3 Issuer Alternative Name:
URI:http://www.startssl.com/
Signature Algorithm: sha1WithRSAEncryption
3f:59:f8:17:f5:18:75:33:d4:d4:92:40:dd:1c:22:55:47:32:
e8:18:95:0d:b0:71:72:dd:32:1e:0d:b1:34:08:41:73:a2:06:
a7:be:bd:49:81:56:1b:7e:fd:23:36:be:d4:f3:58:4b:bb:b5:
39:16:4c:ef:0c:77:2b:f6:ec:7d:7a:9f:9b:16:7f:c1:6d:51:
9c:68:bf:c8:26:18:bc:5c:9d:df:16:87:e0:3d:84:59:d6:66:
72:ef:a0:57:5e:ca:01:31:41:a0:c7:77:7f:5c:09:ab:e0:be:
09:39:c0:37:1b:57:a5:82:aa:20:8f:0a:35:6a:86:c3:c8:8f:
ce:de:5d:39:cc:a2:90:25:5d:e2:7c:66:ed:10:ac:60:d3:31:
74:dc:1e:43:19:bd:df:e2:36:a4:d3:03:d6:ec:41:a8:b1:69:
28:7e:4f:d0:7d:7a:33:32:48:44:07:7d:74:4f:07:ce:da:54:
58:ad:c3:a5:f4:ee:ae:6b:8b:53:3b:2a:64:c6:c9:8d:40:38:
81:f0:d1:c5:fc:19:f0:06:de:96:b2:5b:6c:5d:52:37:d3:b5:
d2:f8:5f:87:7a:04:dd:0d:39:1e:4f:c4:8a:84:98:f9:9a:bc:
ba:15:36:08:52:ca:32:b8:67:94:73:e6:53:e5:53:11:48:90:
c3:a2:9f:e2
-----BEGIN CERTIFICATE-----
MIIEGTCCAwGgAwIBAgIDF10nMA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJ
TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTUwMzIyMjIwNzQ1
WhcNMTUwNTAyMDIxMjA1WjBuMQswCQYDVQQGEwJJTDExMC8GA1UEChMoU3RhcnRD
b20gTHRkLiAoU3RhcnQgQ29tbWVyY2lhbCBMaW1pdGVkKTEsMCoGA1UEAxMjU3Rh
cnRDb20gQ2xhc3MgMSBTZXJ2ZXIgT0NTUCBTaWduZXIwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQC5VhtMRTGHFxeAhOluF43yJV4Y7Y2OzHwre1GmwcLm
vwqjYDBm8TL+EK6XtQ6Z+iS4P8U90nd0ljh9FOHDqbakkz4qwSQT0IVXCpW4FHQU
oLwAfHvPIiRG738aFW1+ocV3/F8PrN/ULrD1l0mQyy9c7+vO700b3HrlwQdcWpmp
MXHysIRbT/CGTpc/z+MvnXUR/4ej6UNBDJCkSTowa2lENZNAqcqW8CtmzmfwKN8p
gKaq7o1dXUUriw65P5I8weI/zMvb5//LEU0I+npqPEBPgl0aDnFZNc9iOox7WWcA
FO0GIvYImpRHp6GQEPf+WPhBKaJ2XqNngk0cO7L9owhTAgMBAAGjgaAwgZ0wCQYD
VR0TBAIwADALBgNVHQ8EBAMCA6gwHgYDVR0lBBcwFQYIKwYBBQUHAwkGCSsGAQUF
BzABBTAdBgNVHQ4EFgQUReCjZpVBTF3USbwA4zzc29I0PhcwHwYDVR0jBBgwFoAU
60I00Jiwq5/0G2sI98xkLu8OLEUwIwYDVR0SBBwwGoYYaHR0cDovL3d3dy5zdGFy
dHNzbC5jb20vMA0GCSqGSIb3DQEBBQUAA4IBAQA/WfgX9Rh1M9TUkkDdHCJVRzLo
GJUNsHFy3TIeDbE0CEFzoganvr1JgVYbfv0jNr7U81hLu7U5FkzvDHcr9ux9ep+b
Fn/BbVGcaL/IJhi8XJ3fFofgPYRZ1mZy76BXXsoBMUGgx3d/XAmr4L4JOcA3G1el
gqogjwo1aobDyI/O3l05zKKQJV3ifGbtEKxg0zF03B5DGb3f4jak0wPW7EGosWko
fk/QfXozMkhEB310TwfO2lRYrcOl9O6ua4tTOypkxsmNQDiB8NHF/BnwBt6Wslts
XVI307XS+F+HegTdDTkeT8SKhJj5mry6FTYIUsoyuGeUc+ZT5VMRSJDDop/i
-----END CERTIFICATE-----
======================================
---
Certificate chain
0 s:/C=FR/CN=www.iperf.fr/emailAddress=postmaster@iperf.fr
i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
1 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHLzCCBhegAwIBAgIDEObcMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYDVQQGEwJJ
TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTQwNjA0MjI0MTUy
WhcNMTUwNjA1MjM0MTIwWjBIMQswCQYDVQQGEwJGUjEVMBMGA1UEAxMMd3d3Lmlw
ZXJmLmZyMSIwIAYJKoZIhvcNAQkBFhNwb3N0bWFzdGVyQGlwZXJmLmZyMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1+1nAcQOqasU1lBbU3DMOvwvKKlM
ha5j0mKf4QWPE2Ni2GVL3l79tRkb9sphcULjWtcObQ6mZdYjX0pFS8C6pN0Rz5/V
lrXjMC3Xyxf07H/ao3lRGgJOOT3JPBTtXApaZ4Ncxd+nURpen/+KtTadVe38T5Do
aaW/HWH5yKNwC3fKSnxxE8EdGFPKgl7nXVyw5wCDQ4YqmvC9XBX2Njk3re4qzafu
fZ30H8L724PAF75Or1emE85h5D7lFnVx0xPbAUV9K1ZASrPYa7u8fHw/xjGRXC+v
0SrdrZkRW7EbQlaeML1iHEzo2rSB+9ti1NHDrTpyboqtg/QA4Y0cxFu3RYMj6IKy
QEaQI6q9JnJeygemAvhyzEZp9HyZM6F7ZU6KOXBH5BqvdwJKBNp0Qy+vZFhGcRal
ecgR3cQpgqTW43rTIWsFPbqF3RD5L6nSc0DN4m2lo3gOOoZckQR34cOlX6pitqpj
fN4oee5qsuXJ3DxIrknBYaQHoQt334Y6XUQ4/58rfYq0pokXz65KcJy9N8dNc9vb
FYV9T9buILhRSfe2FSt7y/Dva16WdRivZXy6/WvIpFYVBcZ9z8XdNCO5wh6/QZJV
Xz8D2wF/27zOiqz0509jhTrPSJF30896HS9/Aci3GrVGWvqHP31KGS+AM/R86Bhx
/+CsOf19yKkb5fkCAwEAAaOCAtswggLXMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOo
MBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQWBBRRFMIjzrOMRzuvCRNWRYVI
91fMcjAfBgNVHSMEGDAWgBTrQjTQmLCrn/Qbawj3zGQu7w4sRTAhBgNVHREEGjAY
ggx3d3cuaXBlcmYuZnKCCGlwZXJmLmZyMIIBVgYDVR0gBIIBTTCCAUkwCAYGZ4EM
AQIBMIIBOwYLKwYBBAGBtTcBAgMwggEqMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3
LnN0YXJ0c3NsLmNvbS9wb2xpY3kucGRmMIH3BggrBgEFBQcCAjCB6jAnFiBTdGFy
dENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTADAgEBGoG+VGhpcyBjZXJ0aWZp
Y2F0ZSB3YXMgaXNzdWVkIGFjY29yZGluZyB0byB0aGUgQ2xhc3MgMSBWYWxpZGF0
aW9uIHJlcXVpcmVtZW50cyBvZiB0aGUgU3RhcnRDb20gQ0EgcG9saWN5LCByZWxp
YW5jZSBvbmx5IGZvciB0aGUgaW50ZW5kZWQgcHVycG9zZSBpbiBjb21wbGlhbmNl
IG9mIHRoZSByZWx5aW5nIHBhcnR5IG9ibGlnYXRpb25zLjA1BgNVHR8ELjAsMCqg
KKAmhiRodHRwOi8vY3JsLnN0YXJ0c3NsLmNvbS9jcnQxLWNybC5jcmwwgY4GCCsG
AQUFBwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNv
bS9zdWIvY2xhc3MxL3NlcnZlci9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2FpYS5z
dGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMS5zZXJ2ZXIuY2EuY3J0MCMGA1Ud
EgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG9w0BAQsFAAOC
AQEAK4NOozk70hsdoZDO00YiW9QOt9oGIC3yeeimYEUrvL+d/whFRVg0yQqosmpc
eeniXLdx14TvIfZ3oPZKxTdTAoLyzKxLx2dwBYzbfc/LXn0oFjrAzxUDaHt8DroK
LJTwkVvxQXWkrTbwTSnqnZmkSQcTAxyUEaa4AaWIxKjz/hnWc70H+uv3wDM2t6fY
uxRM3Pgqm/ljvP2l5lTBKpcoyOu6wEHFldVx7KUtFpjNIQKoqTHbBcqP9RSc5Tf3
v0GJ//m+tMJ86+PrhwD1uformaRLn82SRo0w11oVz5IngBFZjIVRpxPVgQGFOdn3
iqj5rz0niiTcvDx9qXzOK7oL2w==
-----END CERTIFICATE-----
subject=/C=FR/CN=www.iperf.fr/emailAddress=postmaster@iperf.fr
issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
---
No client certificate CA names sent
---
SSL handshake has read 6038 bytes and written 461 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: EAEDCF6F751E4E2CC71A6220181492A65B30F0D4732443691632313816844DA5
Session-ID-ctx:
Master-Key: 4DB87E0551F55D17F2BC20542926083E30F25CD1B9BD6DA4FEFD0773F8093A59AD30077A0A7838AC374909FDECBBD42B
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - f2 49 26 15 4d c7 25 4e-a1 36 a6 a8 98 0f 3d e9 .I&.M.%N.6....=.
0010 - bf e2 09 a8 96 b0 6a 01-bf 9c e4 72 0b 64 52 01 ......j....r.dR.
0020 - 2a e3 bd 6a b6 27 80 ff-e6 46 8b 84 d3 7c 6b f3 *..j.'...F...|k.
0030 - 09 86 e1 40 1c 03 45 90-6b 13 9a 3c f6 6e 26 27 ...@..E.k..<.n&'
0040 - 42 d3 ac f1 59 00 a3 72-f1 e3 91 1c 09 4e db d3 B...Y..r.....N..
0050 - 6e 76 76 27 21 58 0c 23-cb ad 8f 06 1d 47 91 c2 nvv'!X.#.....G..
0060 - f2 4b 7d 38 56 87 c0 c9-e0 60 48 c0 6a cc 51 ed .K}8V....`H.j.Q.
0070 - 95 90 12 55 99 9a 4f e9-8c da 36 75 f2 fc 60 d6 ...U..O...6u..`.
0080 - 17 e6 fe e1 cf 4f a0 87-2b 26 3c 3c ec 2f 2c 65 .....O..+&<<./,e
0090 - 54 49 33 c8 d9 d5 1c c5-16 0e 9a f9 34 67 77 01 TI3.........4gw.
00a0 - 6b 0f 86 50 1d 1a 7f ba-67 87 ee 10 92 0f 4f c6 k..P....g.....O.
00b0 - d0 c9 26 0f 9a f3 6f e5-ea d4 c2 16 a2 ec 3f f1 ..&...o.......?.
00c0 - 3b 32 0f ca a7 8f 41 2f-d9 94 67 fa d8 cc 04 4d ;2....A/..g....M
Start Time: 1429249071
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---