[root@localhost ~]# curl --tlsv1.2 -I -v -L https://nginxtest.xinet.kr
* Trying 112.175.245.208:443...
* Connected to nginxtest.xinet.kr (112.175.245.208) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
* CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: CN=nginxtest.xinet.kr
* start date: Sep 20 05:57:18 2023 GMT
* expire date: Oct 21 05:57:17 2024 GMT
* subjectAltName: host "nginxtest.xinet.kr" matched cert's "nginxtest.xinet.kr"
* issuer: C=BE; O=GlobalSign nv-sa; CN=AlphaSSL CA - SHA256 - G4
* SSL certificate verify ok.
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://nginxtest.xinet.kr/
* [HTTP/2] [1] [:method: HEAD]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: nginxtest.xinet.kr]
* [HTTP/2] [1] [:path: /]
* [HTTP/2] [1] [user-agent: curl/8.3.0]
* [HTTP/2] [1] [accept: */*]
> HEAD / HTTP/2
B등급을 받고 This server’s certificate chain is incomplete. Grade capped to B. 표시가 된다 / chain 인증서가 잘못된다 표시
디테일하게 보면 chain cert1 인증서와 root1 인증서가 만료되었다는 것을 확인 할수가 있다 (기본 도메인 인증서는 정상이지만 )
정상적으로 A등급을 받았으며
