远程监控RDP证书

远程监控RDP证书

我们在 CentOS 6 服务器上使用 OpenSSL 来监控服务器上的 RDP 证书。

为此我们使用:

openssl s_client -connect SERVER01:3389 -prexit

此功能一直运行正常,直到 4 天前,它突然不再显示已使用证书,而是显示单个服务器的以下内容:

CONNECTED(00000003)
140439032170136:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1539710511
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1539710511
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

我发现旧版本的 OpenSSL 导致了此错误,但由于版本没有改变(1.0.1e)并且它正在运行,所以我看不出问题所在。

我也尝试重置服务器的 RDP 证书,但仍然没有变化。

相关内容