ssl - Openssl: secure renegotiation supported, even certificate is unverified -


i testing openssl builtin server , client applications, s_client , s_server. have prepared self ca following tutorial , signed server certificate ca used connection.

both server , client commands outputs below. commands execute successfully, means, connection established , debug message, among others, on server side says secure renegotiation supported , on client side verify return code: 21 (unable verify first certificate) both responses below. other similar kind of question similar question. if certificates not verified, why connection not terminated, , why certificate cannot verified. in debug messages has found certificate chain, can seen in out put below. 

d:\opensslexample> openssl s_server -accept 5555 -cert server.crt -key server.key -state  using default temp dh parameters accept ssl_accept:before/accept initialization ssl_accept:sslv3 read client hello ssl_accept:sslv3 write server hello ssl_accept:sslv3 write certificate ssl_accept:sslv3 write key exchange ssl_accept:sslv3 write server done ssl_accept:sslv3 flush data ssl_accept:sslv3 read client certificate ssl_accept:sslv3 read client key exchange ssl_accept:sslv3 read certificate verify ssl_accept:sslv3 read finished ssl_accept:sslv3 write session ticket ssl_accept:sslv3 write change cipher spec ssl_accept:sslv3 write finished ssl_accept:sslv3 flush data -----begin ssl session parameters----- mfocaqecagmdbalamaqabdbe6xqlju14xniv6sparad6geaxqo20tdq8aeqcvxgp vzgq9cuu906koy8+ochqzpmhbgiewza3+kieagiblkqgbaqbaaaaqwmeaqe= -----end ssl session parameters----- shared ciphers:ecdhe-rsa-aes256-gcm-sha384:ecdhe-ecdsa-aes256-gcm-sha384:ecdhe-rsa-aes256-sha384:ecdhe-ecdsa-aes256-sha384:ecdhe-rsa-aes256-sha:ecdhe-ecdsa-aes256-sha:dh-dss-aes256-gcm-sha384:dhe -dss-aes256-gcm-sha384:dh-rsa-aes256-gcm-sha384:dhe-rsa-aes256-gcm-sha384:dhe-rsa-aes256-sha256:dhe-dss-aes256-sha256:dh-rsa-aes256-sha256:dh-dss-aes256-sha256:dhe-rsa-aes256-sha:dhe-dss-aes256-s ha:dh-rsa-aes256-sha:dh-dss-aes256-sha:dhe-rsa-camellia256-sha:dhe-dss-camellia256-sha:dh-rsa-camellia256-sha:dh-dss-camellia256-sha:ecdh-rsa-aes256-gcm-sha384:ecdh-ecdsa-aes256-gcm-sha384:ecdh-r sa-aes256-sha384:ecdh-ecdsa-aes256-sha384:ecdh-rsa-aes256-sha:ecdh-ecdsa-aes256-sha:aes256-gcm-sha384:aes256-sha256:aes256-sha:camellia256-sha:ecdhe-rsa-aes128-gcm-sha256:ecdhe-ecdsa-aes128-gcm-s ha256:ecdhe-rsa-aes128-sha256:ecdhe-ecdsa-aes128-sha256:ecdhe-rsa-aes128-sha:ecdhe-ecdsa-aes128-sha:dh-dss-aes128-gcm-sha256:dhe-dss-aes128-gcm-sha256:dh-rsa-aes128-gcm-sha256:dhe-rsa-aes128-gcm- sha256:dhe-rsa-aes128-sha256:dhe-dss-aes128-sha256 signature algorithms: rsa+sha512:dsa+sha512:ecdsa+sha512:rsa+sha384:dsa+sha384:ecdsa+sha384:rsa+sha256:dsa+sha256:ecdsa+sha256:rsa+sha224:dsa+sha224:ecdsa+sha224:rsa+sha1:dsa+sha1:ecdsa+sha1 shared signature algorithms: rsa+sha512:dsa+sha512:ecdsa+sha512:rsa+sha384:dsa+sha384:ecdsa+sha384:rsa+sha256:dsa+sha256:ecdsa+sha256:rsa+sha224:dsa+sha224:ecdsa+sha224:rsa+sha1:dsa+sha1:ecdsa+sh a1 supported elliptic curve point formats: uncompressed:ansix962_compressed_prime:ansix962_compressed_char2 supported elliptic curves: p-256:p-521:brainpoolp512r1:brainpoolp384r1:p-384:brainpoolp256r1:secp256k1:b-571:k-571:k-409:b-409:k-283:b-283 shared elliptic curves: p-256:p-521:brainpoolp512r1:brainpoolp384r1:p-384:brainpoolp256r1:secp256k1:b-571:k-571:k-409:b-409:k-283:b-283 cipher ecdhe-rsa-aes256-gcm-sha384 secure renegotiation supported

and client side response

d:\opensslexample> openssl s_client -connect 127.0.0.1:5555 -state -msg  connected(00000003) ssl_connect:before/connect initialization >>> tls 1.2  [length 0005]     16 03 01 01 2f >>> tls 1.2 handshake [length 012f], clienthello     01 00 01 2b 03 03 b1 28 3d 02 70 39 27 b8 17 14     1e 02 ee 4c 72 77 59 1e 30 65 d1 9d 6b 46 a3 51     26 48 c3 a6 a3 34 00 00 ac c0 30 c0 2c c0 28 c0     24 c0 14 c0 0a 00 a5 00 a3 00 a1 00 9f 00 6b 00     6a 00 69 00 68 00 39 00 38 00 37 00 36 00 88 00     87 00 86 00 85 c0 32 c0 2e c0 2a c0 26 c0 0f c0     05 00 9d 00 3d 00 35 00 84 c0 2f c0 2b c0 27 c0     23 c0 13 c0 09 00 a4 00 a2 00 a0 00 9e 00 67 00     40 00 3f 00 3e 00 33 00 32 00 31 00 30 00 9a 00     99 00 98 00 97 00 45 00 44 00 43 00 42 c0 31 c0     2d c0 29 c0 25 c0 0e c0 04 00 9c 00 3c 00 2f 00     96 00 41 00 07 c0 11 c0 07 c0 0c c0 02 00 05 00     04 c0 12 c0 08 00 16 00 13 00 10 00 0d c0 0d c0     03 00 0a 00 ff 02 01 00 00 55 00 0b 00 04 03 00     01 02 00 0a 00 1c 00 1a 00 17 00 19 00 1c 00 1b     00 18 00 1a 00 16 00 0e 00 0d 00 0b 00 0c 00 09     00 0a 00 23 00 00 00 0d 00 20 00 1e 06 01 06 02     06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01     03 02 03 03 02 01 02 02 02 03 00 0f 00 01 01 ssl_connect:sslv2/v3 write client hello <<< ??? [length 0005]     16 03 03 00 42 <<< tls 1.2 handshake [length 0042], serverhello     02 00 00 3e 03 03 f8 63 e6 de e8 13 a2 ec 30 ba     a3 d2 3a 12 29 00 61 a2 21 a3 d2 a2 2a 29 c2 e0     5c 23 8f 2c 26 e0 00 c0 30 01 00 16 ff 01 00 01     00 00 0b 00 04 03 00 01 02 00 23 00 00 00 0f 00     01 01 ssl_connect:sslv3 read server hello <<< ??? [length 0005]     16 03 03 03 5d <<< tls 1.2 handshake [length 035d], certificate     0b 00 03 59 00 03 56 00 03 53 30 82 03 4f 30 82     02 37 02 09 00 a9 d8 71 db 17 18 f3 c3 30 0d 06     09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 60 31 0b     30 09 06 03 55 04 06 13 02 55 4b 31 10 30 0e 06     03 55 04 08 0c 07 45 6e 67 6c 61 6e 64 31 14 30     12 06 03 55 04 0a 0c 0b 4f 42 49 20 4c 69 6d 69     74 65 64 31 0c 30 0a 06 03 55 04 0b 0c 03 43 41     20 31 1b 30 19 06 09 2a 86 48 86 f7 0d 01 09 01     16 0c 69 6e 66 6f 40 6f 62 69 2e 6f 72 67 30 1e     17 0d 31 37 30 38 31 38 30 39 31 32 31 38 5a 17     0d 31 38 31 32 33 31 30 39 31 32 31 38 5a 30 73     31 0b 30 09 06 03 55 04 06 13 02 44 45 31 0f 30     0d 06 03 55 04 08 0c 06 4d 55 4e 49 43 48 31 0f     30 0d 06 03 55 04 0a 0c 06 73 65 72 76 65 72 31     0c 30 0a 06 03 55 04 0b 0c 03 41 54 43 31 12 30     10 06 03 55 04 03 0c 09 73 65 72 76 65 72 2e 64     65 31 20 30 1e 06 09 2a 86 48 86 f7 0d 01 09 01     16 11 73 65 72 76 65 72 40 73 65 72 76 65 72 2e     63 6f 6d 30 82 01 22 30 0d 06 09 2a 86 48 86 f7     0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02     82 01 01 00 c3 e5 b4 1b 9d 93 26 8f 04 f4 3a 12     da 1c 7e d3 02 22 90 29 5c 27 2e fa 0d 97 89     29 c3 6f 12 f2 79 74 5e d2 76 1d b5 c0 29 16 d9     9b 7d 27 a0 22 c2 0b 23 e7 9f 1d f5 da 6d 5c ec     c8 94 49 40 ee 3e 3a b5 fc 96 0b 85 49 bf 58 66     90 c4 13 ad dc 45 ed c9 89 78 d2 af 30 ba ab 32     b4 77 32 b3 9f fd 1b e7 c2 49 69 6e 05 f0 6f 49     d1 e7 d1 85 72 80 93 d4 02 cd f6 ee ef 25 77 81     2b 5c ba b6 d1 3c 01 ac 2b 76 21 e9 51 00 02     e3 90 98 27 72 2d 15 45 08 37 e4 32 e2 7b d1 bd     61 93 cd 5d 60 1d 35 70 90 35 09 4a a3 a2 70 6c     16 9d 04 f1 72 09 d4 62 ad 4e cd f7 4f 7e 5b 49     d0 a6 9a 9b 3b 6c 0e bc 11 87 83 3e 0d 0a 92 41     e9 01 5f 25 87 74 59 c9 1b 46 86 9f 44 5c 40 04     48 dd 2e e3 f8 ac 3f e4 e7 89 93 25 19 93 0e 76     ae af 43 1f 0c 8e 8e 5d 55 3a 16 84 42 a4 8e df     f2 69 c6 1b 02 03 01 00 01 30 0d 06 09 2a 86 48     86 f7 0d 01 01 0b 05 00 03 82 01 01 00 5c aa 44     c0 96 30 97 21 14 62 f6 68 bf 73 3f b9 d9 f9 45     b9 d7 0e 1e 6b 70 33 09 00 f5 7a f2 45 f1 98 48     f1 82 7e 90 a3 b8 f6 df 92 11 4d 46 d3 c6 24 4a     f1 7f 14 dd a2 88 e4 b2 5b 2a 01 6b 6f 64 89 72     86 4e df 00 34 9c 7a 24 93 e9 6a 11 6b 96 6a aa     45 81 23 ad bc 54 09 40 64 9b 11 54 3c 3c 97 a0     ae 3b 05 12 4e 16 23 c8 d3 e4 cf fe f7 9a 3b b5     b2 dc 82 10 ab 04 1b 55 ff 67 6f c4 5e e9 cb 9f     79 1a 12 93 8f 52 81 39 d4 04 d6 15 54 fc a5 c2     af 69 d2 20 00 da 8d 20 21 90 ff 13 c8 59 fe d6     f6 6c 68 c1 79 a3 ce 1a 70 34 e8 5e 1e c6 df fa     f0 da 61 fe 67 d4 55 8b 72 8a ef 77 5b 71 cb 8d     89 39 ce 6f fb 05 d9 48 a2 db 65 e4 c3 18 c1 b6     b8 13 9f b3 ba d1 8a d8 f5 72 73 a7 88 68 b9 f1     b5 16 b8 54 0c b0 07 4e 31 d0 8f d3 a3 ef f0 dc     a3 65 61 3a f5 b6 36 c9 69 bd 52 75 c8 depth=0 c = de, st = munich, o = server, ou = atc, cn = server.de, emailaddress = server@server.com verify error:num=20:unable local issuer certificate verify return:1 depth=0 c = de, st = munich, o = server, ou = atc, cn = server.de, emailaddress = server@server.com verify error:num=21:unable verify first certificate verify return:1 ssl_connect:sslv3 read server certificate <<< ??? [length 0005]     16 03 03 01 4d <<< tls 1.2 handshake [length 014d], serverkeyexchange     0c 00 01 49 03 00 17 41 04 bf a1 75 4f fc 1e b1     25 e4 33 83 60 7f 23 10 d2 5d 4f f8 c4 f3 f9 53     40 5c 05 8c 8b 08 7f 26 7b 16 5e 3e e5 38 a6 6c     cc 45 57 77 0e 6e c3 3d 67 f2 74 9e 47 2b 6c 4a     20 e8 2b bc 01 6c bf b3 5a 06 01 01 00 0f a3 bb     e6 6d 98 f2 70 c1 08 08 25 56 a6 4d d3 b2 67 9e     59 39 4e 8d e2 f6 c6 ef d4 af cc d8 b0 42 8c 27     69 5b a6 47 ce d8 09 69 b7 96 31 75 85 86 4c 2a     3d 56 ed 6e 55 de 7d db d4 39 5c f1 f6 6e 56 26     3d b9 e4 82 e2 73 d6 08 5f 92 4b 56 d4 0d fd 80     af 4c 2a 14 ee fb d8 ca e7 ce f7 4b aa ab 89 a0     3f d4 1f 6d a8 4b 56 c9 00 67 13 29 26 dc 03 ee     ba d2 26 1b 54 f2 ac 70 b4 70 6c e4 30 54 a0     3f b8 93 92 2e d3 29 d4 96 00 7a cc 89 9f 07 0b     aa 9b 99 ed b0 10 8d 1e f9 41 a8 dc c6 d6 46 73     ca 81 35 75 87 0c cf d8 66 80 e0 db b6 14 0a 0c     eb fc 80 21 02 7d 5d 2c 4d 16 e2 6f 4c e3 54 ca     09 83 32 6e da 65 42 14 33 5b 6d d4 03 89 48 9f     03 af 85 a6 69 4c 53 15 f0 2b a2 79 e2 8c b4 7c     a1 56 cc 28 37 5e b7 92 ca a3 f6 dc ee d8 90 df     af ab 9c fa 8d 07 30 bf 45 fe 3b 38 19 ssl_connect:sslv3 read server key exchange <<< ??? [length 0005]     16 03 03 00 04 <<< tls 1.2 handshake [length 0004], serverhellodone     0e 00 00 00 ssl_connect:sslv3 read server done >>> ??? [length 0005]     16 03 03 00 46 >>> tls 1.2 handshake [length 0046], clientkeyexchange     10 00 00 42 41 04 54 69 ec f4 27 56 f5 bf 07 5a     59 0e 94 a4 0e 42 c1 fc 3a 16 01 99 37 20 20 99     21 a4 7d 7d 2c 5f 4a c7 eb f3 97 f1 a3 9f b8     56 29 da fb 48 2d ef 1c e1 c0 14 d1 92 60 07 54     c1 d9 bf 25 1d 10 ssl_connect:sslv3 write client key exchange >>> ??? [length 0005]     14 03 03 00 01 >>> tls 1.2 changecipherspec [length 0001]     01 ssl_connect:sslv3 write change cipher spec >>> ??? [length 0005]     16 03 03 00 31 >>> tls 1.2 handshake [length 0010], finished     14 00 00 0c ea 46 d3 9d 58 34 bb cb 48 6f ab d0 ssl_connect:sslv3 write finished ssl_connect:sslv3 flush data <<< ??? [length 0005]     16 03 03 00 aa <<< tls 1.2 handshake [length 00aa]???     04 00 00 a6 00 00 01 2c 00 a0 ed 0c cb b2 d7 61     84 03 c9 61 0c 21 2c c6 ee 16 97 81 2d 3c 72 51     d1 60 f8 fd a9 41 d9 0f 98 64 3a f9 91 72 eb 3d     29 9a 1b 83 2d 35 10 8b 1d 4c 84 9e 7f b9 c9 07     4e 77 d3 d5 3c 6a 71 60 9d 65 f7 b6 45 49 03 c9     09 48 44 f6 91 ac fe 07 42 1f 4e f9 19 f4 61 cb     1f 9d b0 cd 57 7d da cb a4 a2 5a fc dc ee 57 a1     9b 38 41 0e d6 0d b6 04 b7 c4 81 ef bf ff 86 bf     ae d1 2f c3 7d 38 81 3a a2 9b 69 02 f5 e1 4f 33     58 40 c3 93 fa d4 6f 2c 19 d8 82 40 5c 55 68 a4     a2 6c dc a4 00 78 e9 7a bc 21 ssl_connect:sslv3 read server session ticket <<< ??? [length 0005]     14 03 03 00 01 <<< tls 1.2 changecipherspec [length 0001]     01 <<< ??? [length 0005]     16 03 03 00 31 <<< tls 1.2 handshake [length 0010], finished     14 00 00 0c 99 c3 93 cf 27 bc 18 18 89 1c e8 25 ssl_connect:sslv3 read finished --- certificate chain  0 s:/c=de/st=munich/o=server/ou=atc/cn=server.de/emailaddress=server@server.com    i:/c=uk/st=england/o=obi limited/ou=ca /emailaddress=info@obi.org --- server certificate -----begin certificate----- miidtzccajcccqcp2hhbfxjzwzanbgkqhkig9w0baqsfadbgmqswcqydvqqgewjv szeqma4ga1uecawhrw5nbgfuzdeumbiga1uecgwlt0jjiexpbwl0zwqxddakbgnv basma0nbidebmbkgcsqgsib3dqejarymaw5mb0bvymkub3jnmb4xdte3mdgxoda5 mtixofoxdte4mtizmta5mtixofowczelmakga1uebhmcreuxdzanbgnvbagmbk1v tkldsdepma0ga1uecgwgc2vydmvymqwwcgydvqqldanbvemxejaqbgnvbammcxnl cnzlci5kztegmb4gcsqgsib3dqejaryrc2vydmvyqhnlcnzlci5jb20wggeima0g csqgsib3dqebaquaa4ibdwawggekaoibaqdd5bqbnzmmjwt0ohk+2hx+0wiikclc jy76dzejkcnvevj5df7sdh21wckw2zt9j6aiwgsj558d9dptxozilela7j46tfyw c4vjv1hmkmqtrdxf7cmjenkvmlqrmrr3mrof/rvnwklpbgxwb0nr59gfcoct1aln 9u7vjxebk1y6tte8aawrdihpuqc+auoqmcdylrvfcdfkmuj70b1hk81dyb01cja1 cuqjonbsfp0e8xij1gktts33t35bsdcmmps7ba68eyedpg0kkkhpav8lh3rzyrtg hp9exeaesn0u4/isp+tnizmlgzmodq6vqx8mjo5dvtowhekkjt/yacybagmbaaew dqyjkozihvcnaqelbqadggebafyqrmcwmjchfgl2al9zp7nz+uw51w4ea3azcqd1 evjf8zhi8yj+kko49t+seu1g08yksvf/fn2iiosywyoba29kixkgtt8anjx6jjpp ahfrlmqqryejrbxucubkmxfupdyxok47brjofipi0+tp/veao7wy3iiqqwqbvf9n b8re6cuferosk49sgtnubnyvvpylwq9p0iaa2o0gizd/e8hz/tb2bgjbeapogna0 6f4ext/68nph/mfuvytyiu93w3hljyk5zm/7bdliottl5mmywba4e5+zutgk2pvy c6eialnxtra4vaywb04x0i/to+/w3knlytr1tjbjab1sdcg= -----end certificate----- subject=/c=de/st=munich/o=server/ou=atc/cn=server.de/emailaddress=server@server.com issuer=/c=uk/st=england/o=obi limited/ou=ca /emailaddress=info@obi.org --- no client certificate ca names sent peer signing digest: sha512 server temp key: ecdh, p-256, 256 bits --- ssl handshake has read 1519 bytes , written 443 bytes --- new, tlsv1/sslv3, cipher ecdhe-rsa-aes256-gcm-sha384 server public key 2048 bit secure renegotiation supported compression: zlib compression expansion: zlib compression no alpn negotiated ssl-session:     protocol  : tlsv1.2     cipher    : ecdhe-rsa-aes256-gcm-sha384     session-id: 71ae827ca9a9cc7d2b3b3497c9a5cce9f06ba9eaa628a3a95da0bc9ee958f024     session-id-ctx:     master-key: db36ef70888c35cf2375a5f46531e7987aa8411075944979a95be322ccd51e1e32d742d32677cc9fafd6388c613cedd0     key-arg   : none     psk identity: none     psk identity hint: none     srp username: none     tls session ticket lifetime hint: 300 (seconds)     tls session ticket:     0000 - ed 0c cb b2 d7 61 84 03-c9 61 0c 21 2c c6 ee 16   .....a...a.!,...     0010 - 97 81 2d 3c 72 51 d1 60-f8 fd a9 41 d9 0f 98 64   ..-<rq.`...a...d     0020 - 3a f9 91 72 eb 3d 29 9a-1b 83 2d 35 10 8b 1d 4c   :..r.=)...-5...l     0030 - 84 9e 7f b9 c9 07 4e 77-d3 d5 3c 6a 71 60 9d 65   ......nw..<jq`.e     0040 - f7 b6 45 49 03 c9 09 48-44 f6 91 ac fe 07 42 1f   ..ei...hd.....b.     0050 - 4e f9 19 f4 61 cb 1f 9d-b0 cd 57 7d da cb a4 a2   n...a.....w}....     0060 - 5a fc dc ee 57 a1 9b 38-41 0e d6 0d b6 04 b7 c4   z...w..8a.......     0070 - 81 ef bf ff 86 bf ae d1-2f c3 7d 38 81 3a a2 9b   ......../.}8.:..     0080 - 69 02 f5 e1 4f 33 58 40-c3 93 fa d4 6f 2c 19 d8   i...o3x@....o,..     0090 - 82 40 5c 55 68 a4 a2 6c-dc a4 00 78 e9 7a bc 21   .@\uh..l...x.z.!      compression: 1 (zlib compression)     start time: 1503049911     timeout   : 300 (sec)     verify return code: 21 (unable verify first certificate)    -----------------


Comments

Post a Comment

Popular posts from this blog

Is there a better way to structure post methods in Class Based Views -

i'm using class based views in django , never specify url in ajax calls , omit action parameter in form because know these requests go through post method of class based view. notice view - profile page make many requests depending on user updating on page - post method become convoluted , if/else mess example: def post(self, request, *args, **kwargs): # handle user changing available date if request.post.get('availabledate') != none: self.updateavailabledate(request) return jsonresponse({'result':'success'}) if request.post.get('newprojectname') != none: creative_user = creativeuserprofile.objects.get(id = request.user.id) project = project.create_project(creative_user, request.post['newprojectname']) project.save() return jsonresponse({'projectid': project.id }) if request.post.get('projectimage') != none , request.files['file']: proj
Read more

performance - Why is XCHG reg, reg a 3 micro-op instruction on modern Intel architectures? -

i'm doing micro-optimization on performance critical part of code , came across sequence of instructions (in at&t syntax): add %rax, %rbx mov %rdx, %rax mov %rbx, %rdx i thought had use case xchg allow me shave instruction , write: add %rbx, %rax xchg %rax, %rdx however, dimay found agner fog's instruction tables , xchg 3 micro-op instruction 2 cycle latency on sandy bridge, ivy bridge, broadwell, haswell , skylake. 3 whole micro-ops , 2 cycles of latency! 3 micro-ops throws off 4-1-1-1 cadence , 2 cycle latency makes worse original in best case since last 2 instructions in original might execute in parallel. now... cpu might breaking instruction micro-ops equivalent to: mov %rax, %tmp mov %rdx, %rax mov %tmp, %rdx where tmp anonymous internal register , suppose last 2 micro-ops run in parallel latency 2 cycles. given register renaming occurs on these micro-architectures, though, doesn't make sense me done way. why wouldn't register renamer
Read more

jquery - Responsive Navbar with Sub Navbar -

good day, forgive me nav vocabulary not best. if question confusing apologize. i'm working on navigation bar needs centered on page @ 768px , above. items in nav open (or perhaps toggle) subnav lives directly below. these nav should appear centered on page. i have been able work through responsive portion of nav bar, having main items align vertically , sub nav menu of each item roll out below, , gave them indent separation. working well. however, issue not responsive side, behavior @ width greater 768px. happens toggling menu's sub navigation pushes other main items down page below sub nav. here's code: $(document).ready(function () { //stick in fixed 100% height behind navbar don't wrap $('#slide-nav.navbar-inverse').after($('<div class="inverse" id="navbar-height-col"></div>')); $('#slide-nav.navbar-default').after($('<div id="navbar-height-col"></d
Read more