$ openssl s_client -ssl3 -connect mail.yahoo.com:443
CONNECTED(00000003)
depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
 0 s:/C=US/ST=California/L=Sunnyvale/O=Yahoo Inc./OU=Information Technology/CN=*.login.yahoo.com
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3
 1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
 2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIH0TCCBrmgAwIBAgIQH5hnyxHaabhIK76Fx11n4DANBgkqhkiG9w0BAQUFADCB
tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm
VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwNDA4
MDAwMDAwWhcNMTUwNDA5MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
CkNhbGlmb3JuaWExEjAQBgNVBAcUCVN1bm55dmFsZTETMBEGA1UEChQKWWFob28g
SW5jLjEfMB0GA1UECxQWSW5mb3JtYXRpb24gVGVjaG5vbG9neTEaMBgGA1UEAxQR
Ki5sb2dpbi55YWhvby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDsslUv1vwClwTpm5wgVy1mAKilrjBSvYirVUDDBkxinRGEdNjHKX3e1qkTehy2
yBlD6Jp4RPtVuZGeSMNON1YNik2r6Qqt1t10Jg69216On1OqVy4NnYvcdnUByrzC
GKeiZ0H98Gxk0xjNoxdvFiWMvQEAR3xKkjbj8md5mssIukWgxj3Xa44u/vNMe5qC
XhyAxbvC8fQ6N8ewAI4MnDfpzDdHrjhomltIQKFBGNd8Nu9OOL1AgcEk8mUCEleY
aROl7nLMOg0bojKmYL+zcRRzjNPiKsEkn/cc0/tdILRRmb12YtX6C6vsFrLTJbPy
NpXXMQEQJ2nQ0es5GNl7lyybAgMBAAGjggQGMIIEAjCCAp8GA1UdEQSCApYwggKS
ghEqLmxvZ2luLnlhaG9vLmNvbYIQKi5tYWlsLnlhaG9vLmNvbYIQKi5lZGl0Lnlh
aG9vLmNvbYIRKi5sb2dpbi55YWhvby5uZXSCD2xvZ2luLnlhaG9vLmNvbYIObWFp
bC55YWhvby5jb22CEm1haWwueWFob28taW5jLmNvbYITZmIubWVtYmVyLnlhaG9v
LmNvbYIVbG9naW4ua29yZWEueWFob28uY29tghFhcGkucmVnLnlhaG9vLmNvbYIO
ZWRpdC55YWhvby5jb22CE3dhdGNobGlzdC55YWhvby5jb22CFGVkaXQuaW5kaWEu
eWFob28uY29tghRlZGl0LmtvcmVhLnlhaG9vLmNvbYIVZWRpdC5ldXJvcGUueWFo
b28uY29tghhlZGl0LnNpbmdhcG9yZS55YWhvby5jb22CEmVkaXQudHBlLnlhaG9v
LmNvbYIXbGVnYWxyZWRpcmVjdC55YWhvby5jb22CDG1lLnlhaG9vLmNvbYIYb3Bl
bi5sb2dpbi55YWhvb2FwaXMuY29tghNzdWJzY3JpYmUueWFob28uY29tghVlZGl0
LnNlY3VyZS55YWhvby5jb22CFWVkaXQuY2xpZW50LnlhaG9vLmNvbYIYYnQuZWRp
dC5jbGllbnQueWFob28uY29tgh12ZXJpem9uLmVkaXQuY2xpZW50LnlhaG9vLmNv
bYIYbmEuZWRpdC5jbGllbnQueWFob28uY29tghRhdS5hcGkucmVnLnlhaG9vLmNv
bYIQYXUucmVnLnlhaG9vLmNvbYIRcHJvZmlsZS55YWhvby5jb22CGHN0YXRpYy5w
cm9maWxlLnlhaG9vLmNvbYIQb3BlbmlkLnlhaG9vLmNvbTAJBgNVHRMEAjAAMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwQwYD
VR0gBDwwOjA4BgpghkgBhvhFAQc2MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3
LnZlcmlzaWduLmNvbS9jcHMwHwYDVR0jBBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+
eaUwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL1NWUlNlY3VyZS1HMy1jcmwudmVy
aXNpZ24uY29tL1NWUlNlY3VyZUczLmNybDB2BggrBgEFBQcBAQRqMGgwJAYIKwYB
BQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlzaWduLmNvbTBABggrBgEFBQcwAoY0aHR0
cDovL1NWUlNlY3VyZS1HMy1haWEudmVyaXNpZ24uY29tL1NWUlNlY3VyZUczLmNl
cjANBgkqhkiG9w0BAQUFAAOCAQEAja24FxaYOMWqMd/B5V/kdkRCq3joKrizMxin
Pd+YBBGp8IKP+P7Y8aThXLaQey9Z+WKQQnky6nPHhmeuNZ4y9jTf2pOQyfvATEpI
AqiadPu5cLW1SK74gFbO0xQF21wShu/OCmgzaeYxNUNgRzyrAMX860dc+aYvUpxZ
hy5Lb/Z3CsVVyCX2X2+r8vOiC2i/groaZwffiPMsoiizMh1nE9/FpNtJFZYd0sX3
0xTueliLNSnWpiCL6qv4qxS+gLIXRJON+ds3yrSitm7FiXw59WPZC78zr1cMc++0
Mna8N7OiZ82M0f4fTlzX6UmZOrmafnbK1jRThb8OfMsEgEMQJw==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Sunnyvale/O=Yahoo Inc./OU=Information Technology/CN=*.login.yahoo.com
issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3
---
No client certificate CA names sent
---
SSL handshake has read 5284 bytes and written 284 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : ECDHE-RSA-RC4-SHA
    Session-ID: 41A682887952197CC9B978EFD01964B6CEFDC7040D461B798E351792CABEDA24
    Session-ID-ctx: 
    Master-Key: C7FC1F6F72EB3BEFDCE457587A903427CCDFA9EA15B833BEAE47FD55520B437C7443DD9F8CF044F8B39B55E6A1E9718E
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1413453636
    Timeout   : 7200 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---