T:> openssl s_client -servername gwendragon.de -connect gwendragon.de:443  -CAfile X:\etc\ssl\certs\cacert.pem -showcerts | openssl x509 -text -noout
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = gwendragon.de
verify return:1
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:65:11:b1:fd:ef:b5:2b:43:bd:59:c5:ff:94:0e:06:08:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3
        Validity
            Not Before: Mar 26 08:58:44 2018 GMT
            Not After : Jun 24 08:58:44 2018 GMT
        Subject: CN=gwendragon.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c8:02:00:88:90:47:0c:42:83:78:fc:8b:03:05:
                    eb:b2:7f:98:3f:39:c6:45:e9:b1:9d:7d:18:56:14:
                    d2:a3:09:0f:6d:1f:83:6b:90:45:b4:34:af:61:e5:
                    ce:c9:db:36:98:a5:00:0e:fc:3a:ec:fa:3e:c0:53:
                    43:75:c0:60:88:ed:6c:bf:a7:1d:e3:a1:db:28:cc:
                    8e:80:d7:1f:1a:08:19:5e:ac:3d:80:8f:af:3b:9c:
                    ed:29:d8:e1:3b:0d:16:15:f9:35:03:76:f1:52:1c:
                    ee:c5:28:a4:e1:f7:b1:4b:c5:60:32:f9:cf:81:04:
                    77:a3:6d:8b:d2:40:c4:1a:20:92:6b:cb:f6:09:0a:
                    25:53:da:2e:27:76:4e:f1:2e:73:06:cb:a0:f0:52:
                    8f:6e:d8:b2:e1:6c:3b:59:ae:39:d4:e8:f3:9d:05:
                    b3:21:f7:c7:bc:7d:90:16:59:86:a5:6d:77:75:a5:
                    18:84:28:04:f0:f4:b5:92:d1:89:1f:95:e9:84:3b:
                    d7:a6:8b:2e:e3:14:84:4b:27:7a:a7:24:ed:37:89:
                    7e:a1:50:6b:20:6e:ff:f2:cf:4e:1e:0f:68:a5:ca:
                    bb:b5:b0:e1:03:36:6b:76:47:94:f2:0a:bf:45:00:
                    df:0a:9a:31:1b:a6:7f:b3:22:f9:9a:71:da:0f:77:
                    fc:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier:
                D1:48:60:05:79:7D:CD:B2:DD:AC:7D:8F:FE:72:48:52:5E:1D:48:65
            X509v3 Authority Key Identifier:
                keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1

            Authority Information Access:
                OCSP - URI:http://ocsp.int-x3.letsencrypt.org
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/

            X509v3 Subject Alternative Name:
                DNS:gwendragon.de, DNS:webmail.gwendragon.de, DNS:www.gwendragon.de
            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org
                  User Notice:
                    Explicit Text: This Certificate may only be relied upon by Relying Parties and only in accordance with the Certificate Policy found at https://letsencrypt.org/repository/

    Signature Algorithm: sha256WithRSAEncryption
         61:30:67:83:48:6c:5f:8d:d3:5b:dc:1a:95:74:4a:b3:5b:ce:
         15:a6:70:17:88:3c:6e:76:18:10:6e:80:bb:81:71:d7:1a:d8:
         43:af:ed:9a:a5:b8:c4:c3:31:cd:34:06:ec:2a:4d:83:5d:eb:
         68:3e:7b:e9:e7:1c:76:dd:e6:5b:b9:2e:04:11:c4:4c:01:16:
         78:a2:83:62:16:bc:28:79:aa:46:58:43:52:83:4c:7a:e6:73:
         4d:b0:d5:0b:6b:2f:76:6a:cc:1f:97:06:43:a9:0c:94:43:4c:
         76:96:8c:59:64:c8:3b:aa:99:b0:78:2a:7e:25:bb:2e:da:0f:
         1c:b5:45:82:a7:2b:a3:ca:87:0b:f2:e1:ba:6a:66:f5:45:9e:
         80:83:2f:5b:2f:2b:40:6b:cf:6e:c6:25:9c:a6:93:f2:06:7a:
         9e:f8:db:e6:40:55:60:49:06:f3:a2:c8:3e:a7:ee:67:da:84:
         85:9e:71:7c:52:7e:0c:fd:74:0d:b6:f2:52:57:0c:77:60:4f:
         2e:ce:c8:46:c5:dd:7b:ee:05:71:af:7f:74:07:66:e9:d1:d0:
         2c:d3:b5:28:04:fa:52:60:24:4e:ee:f6:18:67:3a:9f:9c:ae:
         a2:17:ea:f0:af:ea:69:6b:61:cb:33:65:33:89:c1:61:1d:5b:
         a2:9f:80:bc
read:errno=10093