A strainge problem..client authentication
HI,
I am able to work out an application which beside server cert authentication also has client authentication. For server i have created a cert using keytool or jdk1.4 and having its public key in client's trusted store.for client crt i have installed a 60 day Personal certificate on IE. i have exported this cert from IE and hence included its public key in trust store of server and keep its keystore for client authentication.. everything works fine...
say this was a tomcat server on my machine on which i originally installed personal sertificate..say it machine A....now on some other machine on same network for another tomcat i have created another cert using keystore and accessing it..i am having its public key also in the client truststore...i have also kept client's public key of personal cert in the trust store of server of machine B...but for this server it works only without client authentication...
for both machine/servers i have done perfectly same thing..both server has client's public key and client has both servers public key in their respective trust store...i have checked it using the IBM key Man...
the only difference is that A is the machine on which i originally installed the personal certificate..
Any guess or idea...why it might be happening...its killing me...
Akhil
Hi,
i could not find anything suspicious happening in log files...however today i tried to find out access the same server on machine B using my browser IE on my machine A. This is the browser i installed my Personal Certificate. Now its public key is present in trust store of tomcat on machine B.
Hoeever when i accessed it . browser prompts with a list of empty list of client certificates...but when i try to access the my local machine (A) server it prompts me with one certificate..
why is this..what i understand is that "if i am having a personal certificate from some CA installed in my browser,then whatever secure website which needs client authentication i access,my browser should prompt me with the list of certificates installed.." "whether that website has my public key in their trust store or not".....am i correct??....now why my brorwser shows empty list when i access server B and a list with one certificate when i access server A..
any thoughts...
Akhil Nagpal
Similar Messages
-
Strange problem client authentication on the AP
I have a WLC 2504 with six AIR-LAP1042N APs. Authenticate scheme is WPA2 with PSK. All APs in same mobility group.
I have problem, one client cann’t authenticate with one AP. The following occurs: client poweron, associated with nearest AP1, attempts to auth with it, but can’t. It try to connect to other AP2 (not nearest), associated and well authenticated on it. Some seconds later, client found AP1 (nearest) and try to reassociated with it (roaming), but again can’t auth. Then client connect again to AP2, and all repeat infinitely. Outwardly it looks, that wi-fi connecting constantly disappeared and again appeared on client.
When auth failed, AP1 sends to client three EAPOL messages with an interval of one second, but don't receive any answer from client (timer expired).
There is client debug.
5c:0a:5b:47:66:c3 192.168.110.252 - client
0c:d9:96:9d:1b:20 - AP1
0c:d9:96:9d:55:10 - AP2
*pemReceiveTask: Dec 12 17:51:19.430: 5c:0a:5b:47:66:c3 192.168.110.252 Added NPU entry of type 1, dtlFlags 0x0
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 Reassociation received from mobile on AP 0c:d9:96:9d:1b:20
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Changing ACL 'printer' (ACL ID 0) ===> 'printer' (ACL ID 0) --- (caller apf_policy.c:1698)
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 Applying site-specific IPv6 override for station 5c:0a:5b:47:66:c3 - vapId 2, site 'default-group', interface 'dynamic1'
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 Applying IPv6 Interface Policy for station 5c:0a:5b:47:66:c3 - vlan 10, interface id 11, interface 'dynamic1'
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 STA - rates (6): 152 36 48 72 96 108 0 0 0 0 0 0 0 0 0 0
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 Processing RSN IE type 48, length 20 for mobile 5c:0a:5b:47:66:c3
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Deleted mobile LWAPP rule on AP [0c:d9:96:9d:55:10]
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 Updated location for station old AP 0c:d9:96:9d:55:10-0, new AP 0c:d9:96:9d:1b:20-0
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 apfMsRunStateDec
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 apfMs1xStateDec
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Change state to START (0) last state RUN (20)
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 192.168.110.252 START (0) Initializing policy
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 192.168.110.252 START (0) Change state to AUTHCHECK (2) last state RUN (20)
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 192.168.110.252 AUTHCHECK (2) Change state to 8021X_REQD (3) last state RUN (20)
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) DHCP required on AP 0c:d9:96:9d:1b:20 vapId 2 apVapId 2for this client
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 Not Using WMM Compliance code qosCap 00
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 0c:d9:96:9d:1b:20 vapId 2 apVapId 2
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 apfPemAddUser2 (apf_policy.c:223) Changing state for mobile 5c:0a:5b:47:66:c3 on AP 0c:d9:96:9d:1b:20 from Associated to Associated
*apfMsConnTask_5: Dec 12 17:52:04.149: 5c:0a:5b:47:66:c3 Scheduling deletion of Mobile Station: (callerId: 49) in 1800 seconds
*apfMsConnTask_5: Dec 12 17:52:04.150: 5c:0a:5b:47:66:c3 Sending Assoc Response to station on BSSID 0c:d9:96:9d:1b:20 (status 0) ApVapId 2 Slot 0
*apfMsConnTask_5: Dec 12 17:52:04.150: 5c:0a:5b:47:66:c3 apfProcessAssocReq (apf_80211.c:5237) Changing state for mobile 5c:0a:5b:47:66:c3 on AP 0c:d9:96:9d:1b:20 from Associated to Associated
*pemReceiveTask: Dec 12 17:52:04.151: 5c:0a:5b:47:66:c3 192.168.110.252 Removed NPU entry.
*dot1xMsgTask: Dec 12 17:52:04.153: 5c:0a:5b:47:66:c3 Creating a PKC PMKID Cache entry for station 5c:0a:5b:47:66:c3 (RSN 2)
*dot1xMsgTask: Dec 12 17:52:04.153: 5c:0a:5b:47:66:c3 Adding BSSID 0c:d9:96:9d:1b:21 to PMKID cache for station 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:04.153: New PMKID: (16)
*dot1xMsgTask: Dec 12 17:52:04.153: [0000] 1a 44 36 b7 64 f6 8d 8a b1 16 69 2a 75 fe bd d8
*dot1xMsgTask: Dec 12 17:52:04.153: 5c:0a:5b:47:66:c3 Initiating RSN PSK to mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:04.153: 5c:0a:5b:47:66:c3 dot1x - moving mobile 5c:0a:5b:47:66:c3 into Force Auth state
*dot1xMsgTask: Dec 12 17:52:04.153: 5c:0a:5b:47:66:c3 Skipping EAP-Success to mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:04.153: Including PMKID in M1 (16)
*dot1xMsgTask: Dec 12 17:52:04.153: [0000] 1a 44 36 b7 64 f6 8d 8a b1 16 69 2a 75 fe bd d8
*dot1xMsgTask: Dec 12 17:52:04.153: 5c:0a:5b:47:66:c3 Starting key exchange to mobile 5c:0a:5b:47:66:c3, data packets will be dropped
*dot1xMsgTask: Dec 12 17:52:04.153: 5c:0a:5b:47:66:c3 Sending EAPOL-Key Message to mobile 5c:0a:5b:47:66:c3
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*dot1xMsgTask: Dec 12 17:52:04.153: 5c:0a:5b:47:66:c3 Sending 802.11 EAPOL message to mobile 5c:0a:5b:47:66:c3 WLAN 2, AP WLAN 2
*dot1xMsgTask: Dec 12 17:52:04.154: 00000000: 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 ...u............
*dot1xMsgTask: Dec 12 17:52:04.154: 00000010: 00 36 24 73 10 bb 2b 7e 84 3d e0 62 4a 7f 0a f5 .6$s..+~.=.bJ...
*dot1xMsgTask: Dec 12 17:52:04.154: 00000020: 3a bb 17 c7 2f 3c b1 0c c0 94 70 fb 0e c0 28 b3 :.../<....p...(.
*dot1xMsgTask: Dec 12 17:52:04.154: 00000030: b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:04.154: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:04.154: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:04.154: 00000060: 00 00 16 dd 14 00 0f ac 04 1a 44 36 b7 64 f6 8d ..........D6.d..
*dot1xMsgTask: Dec 12 17:52:04.154: 00000070: 8a b1 16 69 2a 75 fe bd d8 ...i*u...
*osapiBsnTimer: Dec 12 17:52:05.156: 5c:0a:5b:47:66:c3 802.1x 'timeoutEvt' Timer expired for station 5c:0a:5b:47:66:c3 and for message = M2
*dot1xMsgTask: Dec 12 17:52:05.157: 5c:0a:5b:47:66:c3 Retransmit 1 of EAPOL-Key M1 (length 121) for mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:05.157: 5c:0a:5b:47:66:c3 Sending 802.11 EAPOL message to mobile 5c:0a:5b:47:66:c3 WLAN 2, AP WLAN 2
*dot1xMsgTask: Dec 12 17:52:05.157: 00000000: 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 ...u............
*dot1xMsgTask: Dec 12 17:52:05.157: 00000010: 01 36 24 73 10 bb 2b 7e 84 3d e0 62 4a 7f 0a f5 .6$s..+~.=.bJ...
*dot1xMsgTask: Dec 12 17:52:05.157: 00000020: 3a bb 17 c7 2f 3c b1 0c c0 94 70 fb 0e c0 28 b3 :.../<....p...(.
*dot1xMsgTask: Dec 12 17:52:05.157: 00000030: b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:05.157: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:05.157: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:05.157: 00000060: 00 00 16 dd 14 00 0f ac 04 1a 44 36 b7 64 f6 8d ..........D6.d..
*dot1xMsgTask: Dec 12 17:52:05.157: 00000070: 8a b1 16 69 2a 75 fe bd d8 ...i*u...
*osapiBsnTimer: Dec 12 17:52:06.156: 5c:0a:5b:47:66:c3 802.1x 'timeoutEvt' Timer expired for station 5c:0a:5b:47:66:c3 and for message = M2
*dot1xMsgTask: Dec 12 17:52:06.157: 5c:0a:5b:47:66:c3 Retransmit 2 of EAPOL-Key M1 (length 121) for mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:06.157: 5c:0a:5b:47:66:c3 Sending 802.11 EAPOL message to mobile 5c:0a:5b:47:66:c3 WLAN 2, AP WLAN 2
*dot1xMsgTask: Dec 12 17:52:06.157: 00000000: 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 ...u............
*dot1xMsgTask: Dec 12 17:52:06.157: 00000010: 02 36 24 73 10 bb 2b 7e 84 3d e0 62 4a 7f 0a f5 .6$s..+~.=.bJ...
*dot1xMsgTask: Dec 12 17:52:06.157: 00000020: 3a bb 17 c7 2f 3c b1 0c c0 94 70 fb 0e c0 28 b3 :.../<....p...(.
*dot1xMsgTask: Dec 12 17:52:06.157: 00000030: b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:06.157: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:06.157: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:06.157: 00000060: 00 00 16 dd 14 00 0f ac 04 1a 44 36 b7 64 f6 8d ..........D6.d..
*dot1xMsgTask: Dec 12 17:52:06.157: 00000070: 8a b1 16 69 2a 75 fe bd d8 ...i*u...
*osapiBsnTimer: Dec 12 17:52:07.156: 5c:0a:5b:47:66:c3 802.1x 'timeoutEvt' Timer expired for station 5c:0a:5b:47:66:c3 and for message = M2
*dot1xMsgTask: Dec 12 17:52:07.157: 5c:0a:5b:47:66:c3 Retransmit failure for EAPOL-Key M1 to mobile 5c:0a:5b:47:66:c3, retransmit count 3, mscb deauth count 0
*dot1xMsgTask: Dec 12 17:52:07.157: 5c:0a:5b:47:66:c3 Sent Deauthenticate to mobile on BSSID 0c:d9:96:9d:1b:20 slot 0(caller 1x_ptsm.c:534)
*dot1xMsgTask: Dec 12 17:52:07.157: 5c:0a:5b:47:66:c3 Scheduling deletion of Mobile Station: (callerId: 57) in 10 seconds
*apfMsConnTask_3: Dec 12 17:52:15.749: 5c:0a:5b:47:66:c3 Association received from mobile on AP 0c:d9:96:9d:55:10
*apfMsConnTask_3: Dec 12 17:52:15.749: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) Changing ACL 'printer' (ACL ID 0) ===> 'printer' (ACL ID 0) --- (caller apf_policy.c:1698)
*apfMsConnTask_3: Dec 12 17:52:15.749: 5c:0a:5b:47:66:c3 Applying site-specific IPv6 override for station 5c:0a:5b:47:66:c3 - vapId 2, site 'default-group', interface 'dynamic1'
*apfMsConnTask_3: Dec 12 17:52:15.749: 5c:0a:5b:47:66:c3 Applying IPv6 Interface Policy for station 5c:0a:5b:47:66:c3 - vlan 10, interface id 11, interface 'dynamic1'
*apfMsConnTask_3: Dec 12 17:52:15.749: 5c:0a:5b:47:66:c3 STA - rates (6): 152 36 48 72 96 108 0 0 0 0 0 0 0 0 0 0
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 Processing RSN IE type 48, length 20 for mobile 5c:0a:5b:47:66:c3
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) Deleted mobile LWAPP rule on AP [0c:d9:96:9d:1b:20]
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 Updated location for station old AP 0c:d9:96:9d:1b:20-0, new AP 0c:d9:96:9d:55:10-0
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) Initializing policy
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) Change state to AUTHCHECK (2) last state RUN (20)
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 192.168.110.252 AUTHCHECK (2) Change state to 8021X_REQD (3) last state RUN (20)
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) DHCP required on AP 0c:d9:96:9d:55:10 vapId 2 apVapId 2for this client
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 Not Using WMM Compliance code qosCap 00
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 0c:d9:96:9d:55:10 vapId 2 apVapId 2
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 apfPemAddUser2 (apf_policy.c:223) Changing state for mobile 5c:0a:5b:47:66:c3 on AP 0c:d9:96:9d:55:10 from Associated to Associated
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 Scheduling deletion of Mobile Station: (callerId: 49) in 1800 seconds
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 Sending Assoc Response to station on BSSID 0c:d9:96:9d:55:10 (status 0) ApVapId 2 Slot 0
*apfMsConnTask_3: Dec 12 17:52:15.750: 5c:0a:5b:47:66:c3 apfProcessAssocReq (apf_80211.c:5237) Changing state for mobile 5c:0a:5b:47:66:c3 on AP 0c:d9:96:9d:55:10 from Associated to Associated
*dot1xMsgTask: Dec 12 17:52:15.753: 5c:0a:5b:47:66:c3 Creating a PKC PMKID Cache entry for station 5c:0a:5b:47:66:c3 (RSN 2)
*dot1xMsgTask: Dec 12 17:52:15.753: 5c:0a:5b:47:66:c3 Adding BSSID 0c:d9:96:9d:55:11 to PMKID cache for station 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:15.753: New PMKID: (16)
*dot1xMsgTask: Dec 12 17:52:15.753: [0000] 18 16 8e 32 db 77 3f ed 76 87 9a d6 0b 80 5e 12
*dot1xMsgTask: Dec 12 17:52:15.753: 5c:0a:5b:47:66:c3 Initiating RSN PSK to mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:15.753: 5c:0a:5b:47:66:c3 dot1x - moving mobile 5c:0a:5b:47:66:c3 into Force Auth state
*dot1xMsgTask: Dec 12 17:52:15.753: 5c:0a:5b:47:66:c3 Skipping EAP-Success to mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:15.753: Including PMKID in M1 (16)
*dot1xMsgTask: Dec 12 17:52:15.753: [0000] 18 16 8e 32 db 77 3f ed 76 87 9a d6 0b 80 5e 12
*dot1xMsgTask: Dec 12 17:52:15.753: 5c:0a:5b:47:66:c3 Starting key exchange to mobile 5c:0a:5b:47:66:c3, data packets will be dropped
*dot1xMsgTask: Dec 12 17:52:15.753: 5c:0a:5b:47:66:c3 Sending EAPOL-Key Message to mobile 5c:0a:5b:47:66:c3
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*dot1xMsgTask: Dec 12 17:52:15.753: 5c:0a:5b:47:66:c3 Sending 802.11 EAPOL message to mobile 5c:0a:5b:47:66:c3 WLAN 2, AP WLAN 2
*dot1xMsgTask: Dec 12 17:52:15.754: 00000000: 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 ...u............
*dot1xMsgTask: Dec 12 17:52:15.754: 00000010: 00 36 24 73 10 bb 2b 7e 84 3d e0 62 4a 7f 0a f5 .6$s..+~.=.bJ...
*dot1xMsgTask: Dec 12 17:52:15.754: 00000020: 3a bb 17 c7 2f 3c b1 0c c0 94 70 fb 0e c0 28 b3 :.../<....p...(.
*dot1xMsgTask: Dec 12 17:52:15.754: 00000030: b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:15.754: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:15.754: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:15.754: 00000060: 00 00 16 dd 14 00 0f ac 04 18 16 8e 32 db 77 3f ............2.w?
*dot1xMsgTask: Dec 12 17:52:15.754: 00000070: ed 76 87 9a d6 0b 80 5e 12 .v.....^.
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 5c:0a:5b:47:66:c3 Received 802.11 EAPOL message (len 121) from mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 00000000: 01 03 00 75 02 01 0a 00 00 00 00 00 00 00 00 00 ...u............
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 00000010: 00 5e 0c a9 8f ae 78 d7 bc 21 96 bd dd 59 23 bd .^....x..!...Y#.
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 00000020: 03 eb d0 a3 c2 c5 54 ed aa 60 9b 4a 38 b0 07 11 ......T..`.J8...
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 00000030: 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 00000050: 00 f8 7e a2 cd 8d 9f 05 f4 b7 29 52 f5 d5 04 35 ..~.......)R...5
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 00000060: 69 00 16 30 14 01 00 00 0f ac 04 01 00 00 0f ac i..0............
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 00000070: 04 01 00 00 0f ac 02 00 00 .........
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 5c:0a:5b:47:66:c3 Received EAPOL-Key from mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 5c:0a:5b:47:66:c3 Ignoring invalid EAPOL version (1) in EAPOL-key message from mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.790: 5c:0a:5b:47:66:c3 Received EAPOL-key in PTK_START state (message 2) from mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 5c:0a:5b:47:66:c3 Stopping retransmission timer for mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 5c:0a:5b:47:66:c3 Sending EAPOL-Key Message to mobile 5c:0a:5b:47:66:c3
state PTKINITNEGOTIATING (message 3), replay counter 00.00.00.00.00.00.00.01
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 5c:0a:5b:47:66:c3 Sending 802.11 EAPOL message to mobile 5c:0a:5b:47:66:c3 WLAN 2, AP WLAN 2
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000000: 02 03 00 97 02 13 ca 00 10 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000010: 01 36 24 73 10 bb 2b 7e 84 3d e0 62 4a 7f 0a f5 .6$s..+~.=.bJ...
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000020: 3a bb 17 c7 2f 3c b1 0c c0 94 70 fb 0e c0 28 b3 :.../<....p...(.
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000030: b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000050: 00 73 a8 2b 31 96 d7 b7 64 26 61 50 95 42 68 52 .s.+1...d&aP.BhR
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000060: 28 00 38 23 d2 26 34 ae 9b 9f 84 40 60 70 31 35 (.8#.&4....@`p15
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000070: 3b a5 d8 f3 76 9c d0 b0 91 d2 72 5e d2 8f 92 89 ;...v.....r^....
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000080: f3 6f aa 90 d4 d0 02 1b ea 54 fa b3 a0 1b 76 31 .o.......T....v1
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.791: 00000090: 09 2a 39 ad ea 75 9e d6 fc aa 90 .*9..u.....
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 5c:0a:5b:47:66:c3 Received 802.11 EAPOL message (len 99) from mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 00000000: 01 03 00 5f 02 03 0a 00 00 00 00 00 00 00 00 00 ..._............
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 00000010: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 00000050: 00 07 02 8b a7 65 ce 75 37 9f 2e 7c 58 d6 92 f9 .....e.u7..|X...
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 00000060: 7c 00 00 |..
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 5c:0a:5b:47:66:c3 Received EAPOL-Key from mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 5c:0a:5b:47:66:c3 Ignoring invalid EAPOL version (1) in EAPOL-key message from mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.794: 5c:0a:5b:47:66:c3 Received EAPOL-key in PTKINITNEGOTIATING state (message 4) from mobile 5c:0a:5b:47:66:c3
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 apfMs1xStateInc
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) Change state to L2AUTHCOMPLETE (4) last state RUN (20)
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 192.168.110.252 L2AUTHCOMPLETE (4) DHCP required on AP 0c:d9:96:9d:55:10 vapId 2 apVapId 2for this client
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 Not Using WMM Compliance code qosCap 00
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 192.168.110.252 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP 0c:d9:96:9d:55:10 vapId 2 apVapId 2
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 apfMsRunStateInc
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 192.168.110.252 L2AUTHCOMPLETE (4) Change state to RUN (20) last state RUN (20)
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Reached PLUMBFASTPATH: from line 4918
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Adding Fast Path rule
type = Airespace AP Client
on AP 0c:d9:96:9d:55:10, slot 0, interface = 1, QOS = 0
ACL Id = 0, Jumbo Frames = NO
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 7006 IPv6 Vlan = 10, IPv6 intf id = 11
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Successfully plumbed mobile rule (ACL ID 0)
*Dot1x_NW_MsgTask_3: Dec 12 17:52:15.795: 5c:0a:5b:47:66:c3 Stopping retransmission timer for mobile 5c:0a:5b:47:66:c3
*pemReceiveTask: Dec 12 17:52:15.796: 5c:0a:5b:47:66:c3 192.168.110.252 Added NPU entry of type 1, dtlFlags 0x0
*apfMsConnTask_5: Dec 12 17:52:39.650: 5c:0a:5b:47:66:c3 Reassociation received from mobile on AP 0c:d9:96:9d:1b:20
*apfMsConnTask_5: Dec 12 17:52:39.650: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Changing ACL 'printer' (ACL ID 0) ===> 'printer' (ACL ID 0) --- (caller apf_policy.c:1698)
*apfMsConnTask_5: Dec 12 17:52:39.650: 5c:0a:5b:47:66:c3 Applying site-specific IPv6 override for station 5c:0a:5b:47:66:c3 - vapId 2, site 'default-group', interface 'dynamic1'
*apfMsConnTask_5: Dec 12 17:52:39.650: 5c:0a:5b:47:66:c3 Applying IPv6 Interface Policy for station 5c:0a:5b:47:66:c3 - vlan 10, interface id 11, interface 'dynamic1'
*apfMsConnTask_5: Dec 12 17:52:39.650: 5c:0a:5b:47:66:c3 STA - rates (6): 152 36 48 72 96 108 0 0 0 0 0 0 0 0 0 0
*apfMsConnTask_5: Dec 12 17:52:39.650: 5c:0a:5b:47:66:c3 Processing RSN IE type 48, length 20 for mobile 5c:0a:5b:47:66:c3
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Deleted mobile LWAPP rule on AP [0c:d9:96:9d:55:10]
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 Updated location for station old AP 0c:d9:96:9d:55:10-0, new AP 0c:d9:96:9d:1b:20-0
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 apfMsRunStateDec
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 apfMs1xStateDec
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 192.168.110.252 RUN (20) Change state to START (0) last state RUN (20)
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 192.168.110.252 START (0) Initializing policy
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 192.168.110.252 START (0) Change state to AUTHCHECK (2) last state RUN (20)
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 192.168.110.252 AUTHCHECK (2) Change state to 8021X_REQD (3) last state RUN (20)
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) DHCP required on AP 0c:d9:96:9d:1b:20 vapId 2 apVapId 2for this client
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 Not Using WMM Compliance code qosCap 00
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 192.168.110.252 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 0c:d9:96:9d:1b:20 vapId 2 apVapId 2
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 apfPemAddUser2 (apf_policy.c:223) Changing state for mobile 5c:0a:5b:47:66:c3 on AP 0c:d9:96:9d:1b:20 from Associated to Associated
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 Scheduling deletion of Mobile Station: (callerId: 49) in 1800 seconds
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 Sending Assoc Response to station on BSSID 0c:d9:96:9d:1b:20 (status 0) ApVapId 2 Slot 0
*apfMsConnTask_5: Dec 12 17:52:39.651: 5c:0a:5b:47:66:c3 apfProcessAssocReq (apf_80211.c:5237) Changing state for mobile 5c:0a:5b:47:66:c3 on AP 0c:d9:96:9d:1b:20 from Associated to Associated
*pemReceiveTask: Dec 12 17:52:39.652: 5c:0a:5b:47:66:c3 192.168.110.252 Removed NPU entry.
*dot1xMsgTask: Dec 12 17:52:39.655: 5c:0a:5b:47:66:c3 Creating a PKC PMKID Cache entry for station 5c:0a:5b:47:66:c3 (RSN 2)
*dot1xMsgTask: Dec 12 17:52:39.655: 5c:0a:5b:47:66:c3 Adding BSSID 0c:d9:96:9d:1b:21 to PMKID cache for station 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:39.655: New PMKID: (16)
*dot1xMsgTask: Dec 12 17:52:39.655: [0000] 1a 44 36 b7 64 f6 8d 8a b1 16 69 2a 75 fe bd d8
*dot1xMsgTask: Dec 12 17:52:39.655: 5c:0a:5b:47:66:c3 Initiating RSN PSK to mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:39.655: 5c:0a:5b:47:66:c3 dot1x - moving mobile 5c:0a:5b:47:66:c3 into Force Auth state
*dot1xMsgTask: Dec 12 17:52:39.655: 5c:0a:5b:47:66:c3 Skipping EAP-Success to mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:39.655: Including PMKID in M1 (16)
*dot1xMsgTask: Dec 12 17:52:39.655: [0000] 1a 44 36 b7 64 f6 8d 8a b1 16 69 2a 75 fe bd d8
*dot1xMsgTask: Dec 12 17:52:39.655: 5c:0a:5b:47:66:c3 Starting key exchange to mobile 5c:0a:5b:47:66:c3, data packets will be dropped
*dot1xMsgTask: Dec 12 17:52:39.655: 5c:0a:5b:47:66:c3 Sending EAPOL-Key Message to mobile 5c:0a:5b:47:66:c3
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*dot1xMsgTask: Dec 12 17:52:39.655: 5c:0a:5b:47:66:c3 Sending 802.11 EAPOL message to mobile 5c:0a:5b:47:66:c3 WLAN 2, AP WLAN 2
*dot1xMsgTask: Dec 12 17:52:39.655: 00000000: 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 ...u............
*dot1xMsgTask: Dec 12 17:52:39.655: 00000010: 00 36 24 73 10 bb 2b 7e 84 3d e0 62 4a 7f 0a f5 .6$s..+~.=.bJ...
*dot1xMsgTask: Dec 12 17:52:39.655: 00000020: 3a bb 17 c7 2f 3c b1 0c c0 94 70 fb 0e c0 28 b3 :.../<....p...(.
*dot1xMsgTask: Dec 12 17:52:39.655: 00000030: b6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:39.655: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:39.655: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:39.655: 00000060: 00 00 16 dd 14 00 0f ac 04 1a 44 36 b7 64 f6 8d ..........D6.d..
*dot1xMsgTask: Dec 12 17:52:39.655: 00000070: 8a b1 16 69 2a 75 fe bd d8 ...i*u...
*osapiBsnTimer: Dec 12 17:52:40.756: 5c:0a:5b:47:66:c3 802.1x 'timeoutEvt' Timer expired for station 5c:0a:5b:47:66:c3 and for message = M2
*dot1xMsgTask: Dec 12 17:52:40.757: 5c:0a:5b:47:66:c3 Retransmit 1 of EAPOL-Key M1 (length 121) for mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:40.757: 5c:0a:5b:47:66:c3 Sending 802.11 EAPOL message to mobile 5c:0a:5b:47:66:c3 WLAN 2, AP WLAN 2
*dot1xMsgTask: Dec 12 17:52:40.757: 00000000: 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 ...u............
*dot1xMsgTask: Dec 12 17:52:40.757: 00000010: 01 36 24 73 10 bb 2b 7e 84 3d e0 62 4a 7f 0a f5 .6$s..+~.=.bJ...
*dot1xMsgTask: Dec 12 17:52:40.757: 00000020: 3a bb 17 c7 2f 3c b1 0c c0 94 70 fb 0e c0 28 b3 :.../<....p...(.
*dot1xMsgTask: Dec 12 17:52:40.757: 00000030: b6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:40.757: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:40.757: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:40.757: 00000060: 00 00 16 dd 14 00 0f ac 04 1a 44 36 b7 64 f6 8d ..........D6.d..
*dot1xMsgTask: Dec 12 17:52:40.757: 00000070: 8a b1 16 69 2a 75 fe bd d8 ...i*u...
*osapiBsnTimer: Dec 12 17:52:41.756: 5c:0a:5b:47:66:c3 802.1x 'timeoutEvt' Timer expired for station 5c:0a:5b:47:66:c3 and for message = M2
*dot1xMsgTask: Dec 12 17:52:41.757: 5c:0a:5b:47:66:c3 Retransmit 2 of EAPOL-Key M1 (length 121) for mobile 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 12 17:52:41.757: 5c:0a:5b:47:66:c3 Sending 802.11 EAPOL message to mobile 5c:0a:5b:47:66:c3 WLAN 2, AP WLAN 2
*dot1xMsgTask: Dec 12 17:52:41.757: 00000000: 02 03 00 75 02 00 8a 00 10 00 00 00 00 00 00 00 ...u............
*dot1xMsgTask: Dec 12 17:52:41.757: 00000010: 02 36 24 73 10 bb 2b 7e 84 3d e0 62 4a 7f 0a f5 .6$s..+~.=.bJ...
*dot1xMsgTask: Dec 12 17:52:41.757: 00000020: 3a bb 17 c7 2f 3c b1 0c c0 94 70 fb 0e c0 28 b3 :.../<....p...(.
*dot1xMsgTask: Dec 12 17:52:41.757: 00000030: b6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:41.757: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:41.757: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
*dot1xMsgTask: Dec 12 17:52:41.757: 00000060: 00 00 16 dd 14 00 0f ac 04 1a 44 36 b7 64 f6 8d ..........D6.d..
*dot1xMsgTask: Dec 12 17:52:41.757: 00000070: 8a b1 16 69 2a 75 fe bd d8 ...i*u...
*osapiBsnTimer: Dec 12 17:52:42.756: 5c:0a:5b:47:66:c3 802.1x 'timeoutEvt' Timer expired for station 5c:0a:5b:47:66:c3 and for message = M2
*dot1xMsgTask: Dec 12 17:52:42.757: 5c:0a:5b:47:66:c3 Retransmit failure for EAPOL-Key M1 to mobile 5c:0a:5b:47:66:c3, retransmit count 3, mscb deauth count 0
*dot1xMsgTask: Dec 12 17:52:42.757: 5c:0a:5b:47:66:c3 Sent Deauthenticate to mobile on BSSID 0c:d9:96:9d:1b:20 slot 0(caller 1x_ptsm.c:534)
*dot1xMsgTask: Dec 12 17:52:42.757: 5c:0a:5b:47:66:c3 Scheduling deletion of Mobile Station: (callerId: 57) in 10 seconds
Note that other clients work fine with this AP. What it could be? Help please.Yes I can sniff, but is there anything not encrypted?
I looked at the controllers logs and found that not only this client have a problem. For some there are similar but not as frequently and significantly. I'm beginning to doubt that the case samsung galaxy s3.
Logs except client (#cat log | grep retransmissions | grep -v "5c:0a:5b:47:66:c3"):
*dot1xMsgTask: Dec 13 18:30:30.300: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 44:d8:84:65:15:ad
*dot1xMsgTask: Dec 13 18:26:04.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 44:d8:84:65:15:ad
*dot1xMsgTask: Dec 13 18:26:04.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 18:26:01.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*dot1xMsgTask: Dec 13 18:21:15.752: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:26:37:13:7e:73
*dot1xMsgTask: Dec 13 18:21:15.752: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 74:e2:f5:20:b9:a6
*dot1xMsgTask: Dec 13 17:51:03.652: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 3c:d0:f8:1e:13:20
*dot1xMsgTask: Dec 13 17:46:56.236: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 17:46:19.628: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 17:41:15.012: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client e4:ce:8f:bc:54:a3
*dot1xMsgTask: Dec 13 17:28:43.956: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 34:51:c9:9c:a2:56
*dot1xMsgTask: Dec 13 17:25:15.825: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*dot1xMsgTask: Dec 13 17:25:15.825: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 18:87:96:62:44:e5
*dot1xMsgTask: Dec 13 17:25:11.625: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client c0:9f:42:58:56:f4
*dot1xMsgTask: Dec 13 17:20:56.209: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client e4:ce:8f:bc:54:a3
*dot1xMsgTask: Dec 13 17:20:56.209: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 68:09:27:7c:3b:c5
*dot1xMsgTask: Dec 13 16:58:39.761: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 16:58:27.761: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 16:54:45.545: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 74:e2:f5:dc:55:6c
*dot1xMsgTask: Dec 13 16:54:45.545: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 16:54:45.545: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 10:9a:dd:0e:37:dd
*dot1xMsgTask: Dec 13 16:43:48.525: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 16:25:13.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:23:6c:2b:40:9b
*dot1xMsgTask: Dec 13 16:25:13.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 28:cf:da:85:72:bf
*dot1xMsgTask: Dec 13 16:25:13.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*dot1xMsgTask: Dec 13 16:24:39.152: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 10:9a:dd:07:d7:de
*dot1xMsgTask: Dec 13 16:20:46.744: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 16:14:19.128: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 44:d8:84:65:15:ad
*dot1xMsgTask: Dec 13 16:06:49.108: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:06:39.908: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:06:18.108: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:06:05.308: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:05:36.904: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 44:d8:84:2c:dc:b3
*dot1xMsgTask: Dec 13 16:05:06.304: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 15:55:02.020: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 74:e2:f5:dc:55:6c
*dot1xMsgTask: Dec 13 15:54:03.016: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 30:17:c8:45:f1:2f
*dot1xMsgTask: Dec 13 15:28:07.916: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 34:51:c9:9c:a2:56
*dot1xMsgTask: Dec 13 15:24:48.784: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:23:6c:2b:40:9b
*dot1xMsgTask: Dec 13 15:24:48.784: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 15:24:29.584: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 10:9a:dd:07:d7:de
*dot1xMsgTask: Dec 13 15:12:48.728: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 15:08:37.916: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 50:46:5d:1a:a0:f5
*dot1xMsgTask: Dec 13 15:00:50.304: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 14:56:14.088: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 44:a7:cf:74:28:ab
*dot1xMsgTask: Dec 13 14:55:18.288: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 14:25:03.293: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 68:09:27:7c:3b:c5
*dot1xMsgTask: Dec 13 14:24:45.293: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*dot1xMsgTask: Dec 13 14:19:26.077: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 50:46:5d:1b:26:b7
*dot1xMsgTask: Dec 13 14:10:49.433: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:10:39.433: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:10:29.433: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:10:19.633: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:08:41.625: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 18:87:96:62:44:e5
*dot1xMsgTask: Dec 13 14:07:30.625: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:07:16.025: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:07:06.225: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:06:56.225: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:05:54.017: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 13:55:54.593: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*dot1xMsgTask: Dec 13 13:52:41.985: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 74:e2:f5:dc:55:6c
*dot1xMsgTask: Dec 13 13:44:51.749: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 13:42:37.550: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 10:40:f3:b8:3f:01
*dot1xMsgTask: Dec 13 13:42:01.949: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 13:25:46.384: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:19:d2:bb:33:40
*dot1xMsgTask: Dec 13 13:25:33.376: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:19:d2:bb:33:40
*dot1xMsgTask: Dec 13 13:25:19.176: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:19:d2:bb:33:40
*dot1xMsgTask: Dec 13 13:25:08.776: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:19:d2:bb:33:40
*dot1xMsgTask: Dec 13 13:24:03.776: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 13:24:03.776: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:23:6c:2b:40:9b
*dot1xMsgTask: Dec 13 13:19:21.160: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:19:d2:bb:33:40
*dot1xMsgTask: Dec 14 10:48:11.660: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:47:19.460: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:47:02.860: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:46:39.860: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:46:09.252: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:46:00.052: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:38:29.028: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:38:01.428: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:37:30.616: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:37:09.016: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:36:50.216: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:36:41.016: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:34:16.812: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:34:07.612: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:33:48.812: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:33:39.612: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:33:20.812: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:33:11.612: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:33:10.004: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:23:6c:2b:40:9b
*dot1xMsgTask: Dec 14 10:33:10.004: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:16:dc:64:2b:45
*dot1xMsgTask: Dec 14 10:32:52.804: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:32:43.604: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:31:44.804: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:30:56.396: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:30:37.248: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:30:28.049: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:29:14.648: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:29:09.849: %DOT1X-3-WPA_SEND_STATE_ERR: 1x_kxsm.c:1337 Unable to send EAPOL-key msg to client - invalid WPA state (2) for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 14 10:28:00.997: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 14 10:27:54.848: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:27:13.248: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:26:03.844: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:25:02.244: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 14 10:23:43.263: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 14 10:18:58.224: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:18:28.224: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:16:38.216: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:16:14.816: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:16:05.416: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:15:46.608: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:15:37.408: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:14:05.608: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:13:56.408: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:13:37.604: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:13:28.404: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 14 10:13:04.660: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 14 10:12:59.204: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:12:50.004: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 14 10:12:29.665: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*apfMsConnTask_4: Dec 14 10:12:27.666: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 14 10:12:10.004: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:11:51.204: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:11:42.000: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:11:02.400: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:10:53.200: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:09:42.200: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:09:32.996: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:08:32.396: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:08:29.796: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client a0:0b:ba:e3:ad:d4
*dot1xMsgTask: Dec 14 10:08:23.196: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:06:19.388: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 14 10:05:29.388: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:05:08.580: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:04:59.380: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 10:01:36.372: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 74:e2:f5:dc:55:6c
*dot1xMsgTask: Dec 14 09:58:16.756: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client a0:0b:ba:e3:ad:d4
*dot1xMsgTask: Dec 14 09:56:46.956: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:56:37.756: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:52:33.336: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client a0:0b:ba:e3:ad:d4
*dot1xMsgTask: Dec 14 09:43:59.708: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:43:32.100: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:40:51.492: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:39:31.892: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:38:00.692: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:37:42.492: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 44:d8:84:65:15:ad
*dot1xMsgTask: Dec 14 09:37:27.692: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:36:35.288: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client a0:0b:ba:e3:ad:d4
*dot1xMsgTask: Dec 14 09:36:12.088: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:34:40.680: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:33:06.280: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:33:03.480: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 14 09:32:45.872: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:31:08.272: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:30:59.072: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:30:58.272: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client a0:0b:ba:e3:ad:d4
*dot1xMsgTask: Dec 14 09:30:16.925: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:30:07.725: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:29:49.325: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:29:40.125: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:29:12.525: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:26:08.117: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:25:58.917: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:25:27.917: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:25:06.917: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:24:45.717: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:24:29.517: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:24:14.109: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 14 09:13:36.281: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 3c:d0:f8:1e:13:20
*apfMsConnTask_4: Dec 14 09:11:19.057: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*apfMsConnTask_4: Dec 14 09:09:37.980: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*apfMsConnTask_4: Dec 14 09:08:52.861: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 14 06:35:19.753: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 34:51:c9:9c:a2:56
*dot1xMsgTask: Dec 14 04:29:42.673: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 8c:fa:ba:8f:92:c2
*dot1xMsgTask: Dec 14 01:27:59.761: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 8c:fa:ba:8f:92:c2
*dot1xMsgTask: Dec 13 22:26:20.148: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 8c:fa:ba:8f:92:c2
*dot1xMsgTask: Dec 13 22:26:20.148: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client f0:b4:79:18:29:30
*dot1xMsgTask: Dec 13 21:26:14.634: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 8c:fa:ba:8f:92:c2
*dot1xMsgTask: Dec 13 20:27:07.333: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 44:d8:84:2c:dc:b3
*dot1xMsgTask: Dec 13 20:25:55.125: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client d8:a2:5e:61:12:c5
*dot1xMsgTask: Dec 13 19:46:46.621: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 44:d8:84:aa:63:33
*dot1xMsgTask: Dec 13 19:36:50.593: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 50:46:5d:1b:26:b7
*dot1xMsgTask: Dec 13 19:26:57.840: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:1e:13:20
*dot1xMsgTask: Dec 13 18:33:59.504: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:33:50.304: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:33:00.104: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:32:50.904: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:32:00.904: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:31:51.704: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:30:57.500: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:30:30.300: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 44:d8:84:65:15:ad
*dot1xMsgTask: Dec 13 18:30:30.100: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:30:10.500: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:28:37.096: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:27:34.168: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:26:04.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 44:d8:84:65:15:ad
*dot1xMsgTask: Dec 13 18:26:04.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 18:26:01.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*dot1xMsgTask: Dec 13 18:24:19.952: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:24:10.752: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:23:31.752: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:23:11.752: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:23:02.552: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:21:15.752: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:26:37:13:7e:73
*dot1xMsgTask: Dec 13 18:21:15.752: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 74:e2:f5:20:b9:a6
*dot1xMsgTask: Dec 13 18:20:06.748: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:19:57.548: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:18:45.744: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:18:36.544: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:18:08.944: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:17:19.744: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:16:48.544: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:16:24.332: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:16:03.732: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:15:46.732: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:14:52.732: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:14:34.332: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:14:24.932: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:07:40.117: %DOT1X-3-PSK_CONFIG_ERR: 1x_ptsm.c:606 Client 5c:0a:5b:47:66:c3 may be using an incorrect PSK
*dot1xMsgTask: Dec 13 18:07:40.116: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:07:30.716: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:07:14.116: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 18:07:04.916: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 13 17:58:57.674: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 17:51:03.652: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 3c:d0:f8:1e:13:20
*dot1xMsgTask: Dec 13 17:46:56.236: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 17:46:19.628: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 17:44:55.628: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:44:42.228: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:44:29.028: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:41:15.012: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client e4:ce:8f:bc:54:a3
*dot1xMsgTask: Dec 13 17:38:04.804: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:37:55.604: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:37:46.400: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:30:38.968: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:30:19.168: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:29:55.168: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:29:05.556: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 13 17:28:45.890: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 17:28:43.956: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 34:51:c9:9c:a2:56
*apfMsConnTask_4: Dec 13 17:25:56.863: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 17:25:15.825: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*dot1xMsgTask: Dec 13 17:25:15.825: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 18:87:96:62:44:e5
*dot1xMsgTask: Dec 13 17:25:11.625: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client c0:9f:42:58:56:f4
*apfMsConnTask_4: Dec 13 17:21:32.173: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 17:20:56.209: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client e4:ce:8f:bc:54:a3
*dot1xMsgTask: Dec 13 17:20:56.209: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 68:09:27:7c:3b:c5
*dot1xMsgTask: Dec 13 17:20:47.010: %DOT1X-3-WPA_SEND_STATE_ERR: 1x_kxsm.c:1337 Unable to send EAPOL-key msg to client - invalid WPA state (2) for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:20:45.609: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 13 17:20:17.897: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*apfMsConnTask_4: Dec 13 17:19:25.710: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*apfMsConnTask_4: Dec 13 17:19:01.777: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*apfMsConnTask_4: Dec 13 17:17:06.954: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*apfMsConnTask_4: Dec 13 17:16:19.501: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 17:15:53.201: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:14:08.401: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:13:28.989: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:13:19.589: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:13:00.989: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:12:51.789: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:11:30.389: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:11:21.190: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:10:39.589: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:10:21.789: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:09:37.985: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:08:00.785: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:07:35.781: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 17:07:26.381: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 13 17:03:59.348: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 16:58:39.761: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 16:58:27.761: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 16:55:22.753: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:55:13.553: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_4: Dec 13 16:55:08.177: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 16:54:45.545: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 74:e2:f5:dc:55:6c
*dot1xMsgTask: Dec 13 16:54:45.545: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 16:54:45.545: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 10:9a:dd:0e:37:dd
*dot1xMsgTask: Dec 13 16:54:20.545: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:54:06.345: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:53:46.345: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:53:25.945: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:47:30.333: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:47:21.133: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:45:16.325: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:43:48.525: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 16:43:46.125: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:43:08.125: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:42:40.725: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:42:13.325: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:41:43.721: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:41:23.521: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:41:03.321: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:40:43.121: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:40:22.921: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:40:02.521: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:39:42.317: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:39:22.117: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:38:51.117: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:38:14.117: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:37:29.509: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:36:37.509: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:36:28.309: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:36:19.109: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:29:57.098: %DOT1X-3-PSK_CONFIG_ERR: 1x_ptsm.c:606 Client 5c:0a:5b:47:66:c3 may be using an incorrect PSK
*dot1xMsgTask: Dec 13 16:29:57.097: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:29:47.697: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:29:23.697: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:29:14.493: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:28:50.493: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:26:21.160: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:25:13.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:23:6c:2b:40:9b
*dot1xMsgTask: Dec 13 16:25:13.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 28:cf:da:85:72:bf
*dot1xMsgTask: Dec 13 16:25:13.360: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*apfMsConnTask_4: Dec 13 16:24:55.956: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 16:24:39.152: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 10:9a:dd:07:d7:de
*dot1xMsgTask: Dec 13 16:20:46.744: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*dot1xMsgTask: Dec 13 16:14:19.128: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 44:d8:84:65:15:ad
*dot1xMsgTask: Dec 13 16:06:49.109: %DOT1X-3-PSK_CONFIG_ERR: 1x_ptsm.c:606 Client 00:16:d4:61:67:43 may be using an incorrect PSK
*dot1xMsgTask: Dec 13 16:06:49.108: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:06:39.908: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:06:18.108: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:06:05.308: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:05:36.904: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 44:d8:84:2c:dc:b3
*dot1xMsgTask: Dec 13 16:05:06.304: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 16:03:29.492: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 16:01:48.432: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:55:02.020: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 74:e2:f5:dc:55:6c
*apfMsConnTask_4: Dec 13 15:54:44.182: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*apfMsConnTask_2: Dec 13 15:54:37.497: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 30:17:c8:45:f1:2f.
*dot1xMsgTask: Dec 13 15:54:03.016: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 30:17:c8:45:f1:2f
*dot1xMsgTask: Dec 13 15:53:27.216: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:52:58.016: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*apfMsConnTask_2: Dec 13 15:48:04.666: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 30:17:c8:45:f1:2f.
*dot1xMsgTask: Dec 13 15:28:07.916: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 34:51:c9:9c:a2:56
*dot1xMsgTask: Dec 13 15:24:48.784: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 00:23:6c:2b:40:9b
*dot1xMsgTask: Dec 13 15:24:48.784: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*apfMsConnTask_4: Dec 13 15:24:32.147: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 15:24:29.584: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 10:9a:dd:07:d7:de
*dot1xMsgTask: Dec 13 15:21:53.972: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:20:51.768: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:18:29.352: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:13:17.140: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:12:49.728: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:12:48.728: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 15:12:20.528: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:12:11.328: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:11:33.528: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:09:40.324: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:08:37.916: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 50:46:5d:1a:a0:f5
*dot1xMsgTask: Dec 13 15:01:41.904: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:01:03.904: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 15:00:50.304: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 14:59:12.896: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:56:14.088: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 44:a7:cf:74:28:ab
*dot1xMsgTask: Dec 13 14:55:18.288: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 50:ea:d6:e8:b3:e2
*apfMsConnTask_4: Dec 13 14:54:20.459: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 14:48:33.868: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:45:26.464: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:45:06.264: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:44:14.664: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:43:54.464: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:42:42.060: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:42:21.860: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:42:01.660: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:40:57.652: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:40:09.452: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:39:40.852: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:39:22.252: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:39:13.052: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:38:51.244: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:38:42.044: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:38:18.044: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:38:03.844: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:37:18.644: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:25:03.293: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 68:09:27:7c:3b:c5
*dot1xMsgTask: Dec 13 14:24:45.293: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M5 retransmissions exceeded for client 3c:d0:f8:4f:0d:08
*apfMsConnTask_4: Dec 13 14:24:08.445: %APF-3-CHECK_SUPP_RATES_FAILED: apf_utils.c:179 Could not check supported rates. Invalid Supported Rates from station . Length :0. Mobile MAC: 00:16:dc:64:2b:45.
*dot1xMsgTask: Dec 13 14:19:26.077: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 50:46:5d:1b:26:b7
*Dot1x_NW_MsgTask_7: Dec 13 14:19:16.981: %DOT1X-3-INVALID_WPA_KEY_STATE: 1x_eapkey.c:2066 Received EAPOL-key message while in invalid state (0) - version 1, type 3, descriptor 2, client 50:46:5d:1b:26:b7
*dot1xMsgTask: Dec 13 14:10:49.434: %DOT1X-3-PSK_CONFIG_ERR: 1x_ptsm.c:606 Client d4:20:6d:76:e7:5f may be using an incorrect PSK
*dot1xMsgTask: Dec 13 14:10:49.433: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:10:39.433: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:10:29.433: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:10:19.633: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:08:45.425: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:08:41.625: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 18:87:96:62:44:e5
*dot1xMsgTask: Dec 13 14:08:24.625: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:07:45.825: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:07:30.626: %DOT1X-3-PSK_CONFIG_ERR: 1x_ptsm.c:606 Client d4:20:6d:76:e7:5f may be using an incorrect PSK
*dot1xMsgTask: Dec 13 14:07:30.625: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:07:22.425: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:07:16.025: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:07:07.825: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:07:06.225: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:06:56.225: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client d4:20:6d:76:e7:5f
*dot1xMsgTask: Dec 13 14:05:54.017: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M3 retransmissions exceeded for client 00:16:d4:61:67:43
*dot1xMsgTask: Dec 13 14:02:11.801: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:01:51.601: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:01:31.401: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:01:08.001: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:00:47.801: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:00:27.602: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 14:00:07.402: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 13:59:47.193: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 13:59:26.993: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 13:59:06.793: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 13:58:46.593: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 13:58:26.393: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 13:58:06.193: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 5c:0a:5b:47:66:c3
*dot1xMsgTask: Dec 13 13:57:33.389: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: -
Problem in Authenticating Clients using SSL certificates in EP 7.0
Hi all,
Our team is configuring client authentication using ssl certificates to Enterprise Portal 7.0. We have exhausted our search on SDN and have also brought SAP on board to resolve this issue.
We have completed our configuration as defined in following links
http://help.sap.com/saphelp_nw04/helpdata/en/8a/8bc061dcf64638aa695f250ce7ca78/content.htm
http://help.sap.com/saphelp_nw2004s/helpdata/en/b0/881e3e3986f701e10000000a114084/content.htm
and SAP note 583439.
But once a client types in the portal URL a message is shown that your certificate will be mapped to your user. Although we have manually mapped our certificate to a particular user but every time it asks for user ID and password.
So in short it dosent authenticate users on their certicates.
Following are snaps that I have taken from my default logs.
Latest snap.
Date , Time , Message , Severity , Category , Location , Application , User
02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:296 , ssl_debug(74): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Wrote 147 bytes in 1 records, 126 bytes net, 126 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Read 672 bytes in 1 records, 651 bytes net, 651 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Sending alert: Alert Warning: close notify , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Shutting down SSL layer... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Wrote 9523 bytes in 24 records, 9019 bytes net, 375 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Read 11234 bytes in 21 records, 10793 bytes net, 513 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Sending alert: Alert Warning: close notify , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:281 , ssl_debug(73): Shutting down SSL layer... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:28:250 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:953 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:921 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:624 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:593 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:296 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:27:265 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:952 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:921 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:624 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:593 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:296 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:26:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:936 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:623 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:592 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:295 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:25:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:936 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:639 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:295 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:24:264 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:967 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:935 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:638 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:310 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:23:279 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:966 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:935 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:638 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:607 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:310 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:22:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:950 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:637 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:606 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:309 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:21:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:950 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:653 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:309 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:20:278 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:981 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:949 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:324 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:19:293 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:980 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:949 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:621 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:324 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:18:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:964 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:652 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:620 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:323 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:17:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:964 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:667 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:635 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:323 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:16:292 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:995 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:963 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:666 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:635 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:322 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:15:291 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:979 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:963 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:635 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:619 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:291 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:14:275 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:947 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:931 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:603 , ssl_debug(74): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:587 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Read 153 bytes in 3 records, wrote 130 bytes in 3 records. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Handshake completed, statistics: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Session added to session cache. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Received finished message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Received change_cipher_spec message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Sending finished message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:259 , ssl_debug(74): Sending change_cipher_spec message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Selecting CompressionMethod: NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Sending server_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Resuming previous session... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Client is trying to resume session 79:5C:C5:27:04:EB:FC:68... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Client requested SSL version 3.0, selecting version 3.0. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Received v3 client_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:13:243 , ssl_debug(74): Starting handshake (iSaSiLk 3.06)... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:12:462 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:12:118 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:11:774 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:11:446 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:11:102 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:10:758 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:10:414 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:10:086 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:09:742 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:09:398 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:09:054 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:08:726 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:08:382 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:08:038 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:07:694 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:07:366 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:07:022 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:06:678 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:06:334 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:06:006 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:05:662 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:05:318 , ssl_debug(73): Exception reading SSL message: java.net.SocketTimeoutException: Read timed out , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Read 153 bytes in 3 records, wrote 130 bytes in 3 records. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Handshake completed, statistics: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Session added to session cache. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Received finished message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Received change_cipher_spec message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending finished message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending change_cipher_spec message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Selecting CompressionMethod: NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Sending server_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Resuming previous session... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Client is trying to resume session 79:5C:C5:27:04:EB:FC:68... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Client requested SSL version 3.0, selecting version 3.0. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Received v3 client_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:04:834 , ssl_debug(73): Starting handshake (iSaSiLk 3.06)... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Wrote 0 bytes in 0 records, 0 bytes net, 0 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Read 0 bytes in 0 records, 0 bytes net, 0 average. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Shutting down SSL layer... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:286 , ssl_debug(72): Exception reading SSL message: java.io.EOFException: Connection closed by remote host. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Read 943 bytes in 3 records, wrote 861 bytes in 3 records. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Handshake completed, statistics: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Session added to session cache. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Sending finished message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Sending change_cipher_spec message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Received finished message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Received change_cipher_spec message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Exiting method , Path , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , oid: OBJECT ID = SubjectKeyIdentifier , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Certificate: Version: 3
Serial number: 4123385933
Signature algorithm: md5WithRSAEncryption (1.2.840.113549.1.1.4)
Issuer: CN=usmdlsdowa123.dow.com,OU=JV,O=Dow,L=Midland,C=US
Valid not before: Tue Feb 20 09:17:00 EST 2007
not after: Wed Feb 20 09:17:00 EST 2008
Subject: CN=nai2626,OU=J V,O=DOW,L=Midland,ST=MI,C=US
RSA public key (1024 bits):
public exponent: 10001
modulus: c1f13eb65d6d1f934c6504427dedfd963284979fd61e5d64ac8de1c647f85085f84e173d3bee65837aa97030ebfa6b9521e042b1244de3444e7e82a26a3542a419d6f0bbf276b71e0fb3083a5ed8353852816deec7dd9ceb5ded748ec4a52cb068af1a5e93299f882ee9cb531a60cb0e4b77372c832556e8d993a601d7214741
Certificate Fingerprint (MD5) : BD:B4:9E:51:A9:FA:8B:9B:40:5B:85:6E:5A:CC:B1:68
Certificate Fingerprint (SHA-1): 4B:BB:43:8C:CC:DC:A1:92:56:40:CE:0B:8E:88:DA:28:EC:2A:46:52
Extensions: 1
, Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): ChainVerifier: Found a trusted certificate, returning true , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Not after: Wed Feb 20 09:17:00 EST 2008 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Not before: Tue Feb 20 09:17:00 EST 2007 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Serial: f5c5e04d , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Issuer: CN=usmdlsdowa123.dow.com,OU=JV,O=Dow,L=Midland,C=US , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Subject: CN=nai2626,OU=J V,O=DOW,L=Midland,ST=MI,C=US , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , cert [0 of 1] , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:239 , Entering method with ([Ljava.security.cert.X509Certificate;@7bc735, iaik.security.ssl.SSLTransport@539802) , Path , , com.sap.engine.services.ssl.verifyChain () , ,
02/27/2007 , 15:14:03:239 , ssl_debug(72): Received certificate_verify handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Received client_key_exchange handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Client sent a 1024 bit RSA certificate, chain has 1 elements. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Received certificate handshake message with client certificate. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending server_hello_done handshake message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending certificate_request handshake message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending certificate handshake message with server certificate... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Selecting CompressionMethod: NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Sending server_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): CompressionMethods supported by the client: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT_WITH_RC4_40_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_EXPORT1024_WITH_RC4_56_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_3DES_EDE_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_RC4_128_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): CipherSuites supported by the client: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Creating new session 79:5C:C5:27:04:EB:FC:68... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Client requested SSL version 3.0, selecting version 3.0. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:224 , ssl_debug(72): Received v2 client hello message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:14:03:146 , ssl_debug(72): Starting handshake (iSaSiLk 3.06)... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , Error in resource clean up for a disconnected client
java.lang.NullPointerException
at com.sap.engine.services.httpserver.dispatcher.Processor.closeConnection(Processor.java:1684)
at com.sap.engine.services.httpserver.dispatcher.Processor.fail(Processor.java:518)
at com.sap.engine.core.manipulator.TCPRunnableConnection.disposeConnection(TCPRunnableConnection.java:470)
at com.sap.engine.core.manipulator.TCPRunnableConnection$CloseThread.run(TCPRunnableConnection.java:1031)
at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:525)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
, Error , , com.sap.engine.services.httpserver.dispatcher , ,
02/27/2007 , 15:13:59:535 , ssl_debug(71): Closing transport... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , Cannot get input and output streams from socket. ConnectionsManipulator is not initialized.
[EXCEPTION]
java.io.EOFException: Connection closed by remote host.
at iaik.security.ssl.Utils.a(Unknown Source)
at iaik.security.ssl.o.b(Unknown Source)
at iaik.security.ssl.o.c(Unknown Source)
at iaik.security.ssl.r.f(Unknown Source)
at iaik.security.ssl.f.c(Unknown Source)
at iaik.security.ssl.f.a(Unknown Source)
at iaik.security.ssl.r.d(Unknown Source)
at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
at com.sap.engine.services.ssl.factory.SSLSocket.startHandshake(SSLSocket.java:139)
at com.sap.engine.services.ssl.factory.SSLSocket.getInputStream(SSLSocket.java:257)
at com.sap.engine.core.manipulator.TCPRunnableConnection.init(TCPRunnableConnection.java:324)
at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:524)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
, Error , /System/Network , com.sap.engine.core.manipulator.TCPRunnableConnection.init() , ,
02/27/2007 , 15:13:59:535 , Handshake failed
[EXCEPTION]
java.io.EOFException: Connection closed by remote host.
at iaik.security.ssl.Utils.a(Unknown Source)
at iaik.security.ssl.o.b(Unknown Source)
at iaik.security.ssl.o.c(Unknown Source)
at iaik.security.ssl.r.f(Unknown Source)
at iaik.security.ssl.f.c(Unknown Source)
at iaik.security.ssl.f.a(Unknown Source)
at iaik.security.ssl.r.d(Unknown Source)
at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
at iaik.security.ssl.SSLSocket.startHandshake(Unknown Source)
at com.sap.engine.services.ssl.factory.SSLSocket.startHandshake(SSLSocket.java:139)
at com.sap.engine.services.ssl.factory.SSLSocket.getInputStream(SSLSocket.java:257)
at com.sap.engine.core.manipulator.TCPRunnableConnection.init(TCPRunnableConnection.java:324)
at com.sap.engine.core.manipulator.TCPRunnableConnection.run(TCPRunnableConnection.java:524)
at com.sap.engine.frame.core.thread.Task.run(Task.java:64)
at com.sap.engine.core.thread.impl6.SingleThread.execute(SingleThread.java:78)
at com.sap.engine.core.thread.impl6.SingleThread.run(SingleThread.java:148)
, Info , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , ssl_debug(71): Shutting down SSL layer... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , ssl_debug(71): Sending alert: Alert Fatal: handshake failure , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:535 , ssl_debug(71): IOException while handshaking: Connection closed by remote host. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending server_hello_done handshake message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending certificate_request handshake message... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending certificate handshake message with server certificate... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Selecting CompressionMethod: NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Selecting CipherSuite: SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Sending server_hello handshake message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): NULL , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): CompressionMethods supported by the client: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT_WITH_RC4_40_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_EXPORT1024_WITH_RC4_56_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_DES_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_3DES_EDE_CBC_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_RC4_128_SHA , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): SSL_RSA_WITH_RC4_128_MD5 , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): CipherSuites supported by the client: , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Creating new session 65:0B:55:9C:7D:29:83:F8... , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Client requested SSL version 3.0, selecting version 3.0. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Received v2 client hello message. , Debug , , com.sap.engine.services.ssl , ,
02/27/2007 , 15:13:59:504 , ssl_debug(71): Starting handshake (iSaSiLk 3.06)... , Debug , , com.sap.engine.services.ssl , ,
Regards,
Atif MukhtarAtif,
Did you get a solution to the problem you were having? We have a similar problem.
Thanks,
Dave -
Problem in Client authentication in JSSE on a web service
Hi,
I am having a Web service running on my Web server (Sunone 6.1). I need to implement Security on it using JSSE. It has to be a MUTUAL authentication.
I have installed all the certificates and CA certs on both Client and server. But when I try to call the web service from a standalone Java test client I am getting error on the third step of handshake process that is CLient authentication.
I am not able to understand whether it is authentication problem or some problem while encrypting and decrypting the data. I am sending and receiving data in xml format
I am pasting here the debug output from client side. ALthough it is long but please any one help me on this.
Or if any one can point out what are the various steps depicting the debug statement
Thanks
<spusinfradev1:hk186763> $ RUNDNSSEC_DEV
Note: TestDNSSec.java uses or overrides a deprecated API.
Note: Recompile with -deprecation for details.
submitRequest: BEGIN
submitRequest: calling HttpSubmitter.postTransaction()
postTransaction: Begin
postTransaction: XML Request
<?xml version="1.0" encoding="UTF-8"?>
<sunir.share.service.drpl.client.DNSReqXmlDocTag>
<sunir.share.service.drpl.client.DNSReq>
<CheckType>isEmbargo</CheckType>
<IPAddr>203.81.162.9</IPAddr>
<LookupType>always</LookupType>
<Strict>true</Strict>
</sunir.share.service.drpl.client.DNSReq>
</sunir.share.service.drpl.client.DNSReqXmlDocTag>
postTransaction: creating connection to target url
keyStore is : /home/users/hk186763/RDNS/DRPL/TestClient/serverkey
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: /home/users/hk186763/RDNS/DRPL/TestClient/serverkey
trustStore type is : jks
init truststore
adding as trusted cert: [
Version: V1
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@d6c16c
Validity: [From: Sun May 17 17:00:00 PDT 1998,
To: Tue Aug 01 16:59:59 PDT 2028]
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
SerialNumber: [ 7dd9fe07 cfa81eb7 107967fb a78934c6 ]
Algorithm: [SHA1withRSA]
Signature:
0000: 51 4D CD BE 5C CB 98 19 9C 15 B2 01 39 78 2E 4D QM..\.......9x.M
0010: 0F 67 70 70 99 C6 10 5A 94 A4 53 4D 54 6D 2B AF .gpp...Z..SMTm+.
0020: 0D 5D 40 8B 64 D3 D7 EE DE 56 61 92 5F A6 C4 1D .]@.d....Va._...
0030: 10 61 36 D3 2C 27 3C E8 29 09 B9 11 64 74 CC B5 .a6.,'<.)...dt..
0040: 73 9F 1C 48 A9 BC 61 01 EE E2 17 A6 0C E3 40 08 s..H..a.......@.
0050: 3B 0E E7 EB 44 73 2A 9A F1 69 92 EF 71 14 C3 39 ;...Ds*..i..q..9
0060: AC 71 A7 91 09 6F E4 71 06 B3 BA 59 57 26 79 00 .q...o.q...YW&y.
0070: F6 F8 0D A2 33 30 28 D4 AA 58 A0 9D 9D 69 91 FD ....30(..X...i..
adding as trusted cert: [
Version: V3
Subject: CN=RDNS, OU=Class C, OU=Corporate SSL Client, O=Sun Microsystems Inc
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@99681b
Validity: [From: Tue Jan 03 16:00:00 PST 2006,
To: Thu Jan 04 15:59:59 PST 2007]
Issuer: CN=SSL Client CA, OU=Class 2 OnSite Subscriber CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
SerialNumber: [ 0e45c61f 24091c18 b354a76c 71ee15f2 ]
Certificate Extensions: 7
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 12 FB 4E 70 BA E0 53 E5 B2 C2 DC D2 74 BE 7F 17 ..Np..S.....t...
0010: 67 68 55 14 ghU.
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: C9 06 C7 9C F6 0E 1E 36 9E 49 8E 50 AC 06 46 DE .......6.I.P..F.
0010: A1 4D A6 4F .M.O
[3]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 60 30 5E 30 5C A0 5A A0 58 86 56 68 74 74 70 .`0^0\.Z.X.Vhttp
0010: 3A 2F 2F 6F 6E 73 69 74 65 63 72 6C 2E 76 65 72 ://onsitecrl.ver
0020: 69 73 69 67 6E 2E 63 6F 6D 2F 53 75 6E 4D 69 63 isign.com/SunMic
0030: 72 6F 73 79 73 74 65 6D 73 49 6E 63 43 6F 72 70 rosystemsIncCorp
0040: 6F 72 61 74 65 53 53 4C 43 6C 69 65 6E 74 43 6C orateSSLClientCl
0050: 61 73 73 43 2F 4C 61 74 65 73 74 43 52 4C 2E 63 assC/LatestCRL.c
0060: 72 6C rl
[4]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.2]]
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.2]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 risign.com/rpa
[CertificatePolicyId: [2.16.840.1.113536.509.3647]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1B 68 74 74 70 73 3A 2F 2F 77 77 77 2E 73 75 ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B 69 2F 63 70 73 n.com/pki/cps
], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 2B 16 29 4E 6F 74 20 56 61 6C 69 64 61 74 65 0+.)Not Validate0010: 64 20 46 6F 72 20 53 75 6E 20 42 75 73 69 6E 65 d For Sun Busine
0020: 73 73 20 4F 70 65 72 61 74 69 6F 6E 73 ss Operations
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: 72 C1 27 C2 5C 7E D2 8A 39 B8 14 D9 20 8D 6D C6 r.'.\...9... .m.
0010: 7E 34 FC 86 BD 16 30 2E B9 18 05 F9 83 BA FD 43 .4....0........C
0020: 65 E4 48 85 CC 00 C6 19 FC D4 DC E2 ED DC BE F8 e.H.............
0030: 33 65 36 AC AC 32 FD 1E 9C 93 E4 08 FF 1D DD D5 3e6..2..........
0040: AB 81 45 FE AE 5B 0D 90 1E CC 1D 33 CB 56 24 BB ..E..[.....3.V$.
0050: 4D 43 0E 7B B0 EE 04 6B 4F DB 04 3C FB 4E C0 29 MC.....kO..<.N.)
0060: 64 AF 1B E8 9D 22 F0 37 8E 4B A0 19 AC 58 8A A5 d....".7.K...X..
0070: F7 CA 58 B3 D8 7F 36 5C A9 1B A6 7D 13 C7 CF 2E ..X...6\........
0080: 83 4A E0 15 98 1C 0A AD 12 31 7E BC 7B 81 90 B0 .J.......1......
0090: 13 7D 49 D7 FD 17 B0 BE 56 F8 AB 98 33 D9 D3 3E ..I.....V...3..>
00A0: C2 E8 44 7B 29 6D 79 4F A4 88 22 7D 45 3F B4 D8 ..D.)myO..".E?..
00B0: 09 D3 6C 14 13 EC 36 57 FF CE 04 C4 9B 2C 2C CE ..l...6W.....,,.
00C0: 15 0C F3 1A 5E 21 86 A8 E4 BB CA 8B 9B 5E A1 EC ....^!.......^..
00D0: A3 30 2A 36 25 5A BA 91 DF 6E E3 4D 72 BC 41 F8 .0*6%Z...n.Mr.A.
00E0: 25 30 E2 CD 34 7A 08 19 59 19 61 BA 53 FD 1C 2C %0..4z..Y.a.S..,
00F0: 7F EA 38 BA C9 38 0B D3 8D 01 DF 1C 11 CB 3E BB ..8..8........>.
adding as trusted cert: [
Version: V3
Subject: CN=Sun Microsystems Inc SSL CA, OU=Class 3 MPKI Secure Server CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@551f60
Validity: [From: Wed Jun 01 17:00:00 PDT 2005,
To: Mon Jun 01 16:59:59 PDT 2015]
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
SerialNumber: [ 4fa13003 7f5dfd64 3fb367fb af699e7c ]
Certificate Extensions: 7
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
0010: 17 F9 01 FA ....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
[OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US]
SerialNumber: [ 7dd9fe07 cfa81eb7 107967fb a78934c6 ]
[3]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 2D 30 2B 30 29 A0 27 A0 25 86 23 68 74 74 70 .-0+0).'.%.#http
0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
0020: 63 6F 6D 2F 70 63 61 33 2D 67 32 2E 63 72 6C com/pca3-g2.crl
[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[CN=PrivateLabel3-2048-142]]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 risign.com/rpa
[CertificatePolicyId: [2.16.840.1.113536.509.3647]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1B 68 74 74 70 73 3A 2F 2F 77 77 77 2E 73 75 ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B 69 2F 63 70 73 n.com/pki/cps
[7]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:1
Algorithm: [SHA1withRSA]
Signature:
0000: B7 5A 35 83 75 74 8B E1 62 92 86 30 A2 4E 5B 21 .Z5.ut..b..0.N[!
0010: FD 3D 2B 91 A1 AC 98 5E 5F 6A D2 51 BE 27 68 67 .=+....^_j.Q.'hg
0020: 22 C3 FB 69 61 F2 53 00 45 0E 1E E4 A3 DC 27 82 "..ia.S.E.....'.
0030: 5F A8 ED 07 F7 06 73 A1 68 0F 0C E8 4A 66 F4 93 _.....s.h...Jf..
0040: E5 25 50 82 5B DD 2D 9A 2E 55 4E F5 74 3B 90 3B .%P.[.-..UN.t;.;
0050: 40 CA 56 80 87 41 77 17 A3 50 2F 0B 31 15 CC 22 @.V..Aw..P/.1.."
0060: A9 F8 13 DF 4B 77 DB 80 28 80 A9 E0 EF A0 40 0D ....Kw..(.....@.
0070: D7 CF 64 72 8B BC CF 19 9B D9 81 A1 D8 E3 7D 40 ..dr...........@
init context
trigger seeding of SecureRandom
done seeding SecureRandom
postTransaction: creating output stream on connection
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1121389894 bytes = { 177, 208, 214, 162, 50, 118, 129, 69, 14, 124, 134, 197, 180, 112, 220, 185, 218, 97, 213, 180, 222, 100, 98, 105, 221, 111, 135, 84 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 43 D7 0D 46 B1 D0 D6 A2 32 76 ...7..C..F....2v
0010: 81 45 0E 7C 86 C5 B4 70 DC B9 DA 61 D5 B4 DE 64 .E.....p...a...d
0020: 62 69 DD 6F 87 54 00 00 10 00 05 00 04 00 09 00 bi.o.T..........
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 43 D7 0D .............C..
0030: 46 B1 D0 D6 A2 32 76 81 45 0E 7C 86 C5 B4 70 DC F....2v.E.....p.
0040: B9 DA 61 D5 B4 DE 64 62 69 DD 6F 87 54 ..a...dbi.o.T
main, WRITE: SSL v2, contentType = 22, translated length = 16310
main, READ: SSL v3.1 Handshake, length = 4439
*** ServerHello, v3.1
RandomCookie: GMT: 5338 bytes = { 145, 99, 82, 205, 255, 74, 235, 252, 50, 27, 190, 156, 21, 12, 30, 236, 206, 196, 74, 65, 93, 217, 213, 118, 179, 227, 8, 118 }
Session ID: {10, 116, 131, 159, 53, 168, 226, 227, 34, 25, 222, 197, 123, 128, 250, 118, 2, 72, 46, 147, 155, 118, 230, 164, 82, 24, 206, 76, 155, 96, 72, 120}
Cipher Suite: { 0, 5 }
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 00 00 15 DA 91 63 52 CD FF 4A ...F.......cR..J
0010: EB FC 32 1B BE 9C 15 0C 1E EC CE C4 4A 41 5D D9 ..2.........JA].
0020: D5 76 B3 E3 08 76 20 0A 74 83 9F 35 A8 E2 E3 22 .v...v .t..5..."
0030: 19 DE C5 7B 80 FA 76 02 48 2E 93 9B 76 E6 A4 52 ......v.H...v..R
0040: 18 CE 4C 9B 60 48 78 00 05 00 ..L.`Hx...
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=rdns-alpha.sun.com, OU=Class C, O=Sun Microsystems Inc, L=Broomfield, ST=Colorado, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@a2d64
Validity: [From: Sun Nov 20 16:00:00 PST 2005,
To: Tue Nov 21 15:59:59 PST 2006]
Issuer: CN=Sun Microsystems Inc SSL CA, OU=Class 3 MPKI Secure Server CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
SerialNumber: [ 6702ab4c 00bfe850 3a0eb9a9 1ca380eb ]
Certificate Extensions: 8
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 28 30 26 30 24 06 08 2B 06 01 05 05 07 30 01 .(0&0$..+.....0.
0010: 86 18 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 76 65 ..http://ocsp.ve
0020: 72 69 73 69 67 6E 2E 63 6F 6D risign.com
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 45 7D F2 17 01 02 2F 0D C6 89 E8 A7 63 A0 D6 B6 E...../.....c...
0010: 13 3F 8C A8 .?..
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
0010: 17 F9 01 FA ....
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 72 30 70 30 6E A0 6C A0 6A 86 68 68 74 74 70 .r0p0n.l.j.hhttp
0010: 3A 2F 2F 53 56 52 43 33 53 65 63 75 72 65 53 75 ://SVRC3SecureSu
0020: 6E 4D 69 63 72 6F 73 79 73 74 65 6D 73 2D 4D 50 nMicrosystems-MP
0030: 4B 49 2D 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E KI-crl.verisign.
0040: 63 6F 6D 2F 53 75 6E 4D 69 63 72 6F 73 79 73 74 com/SunMicrosyst
0050: 65 6D 73 49 6E 63 43 6C 61 73 73 43 55 6E 69 66 emsIncClassCUnif
0060: 69 65 64 2F 4C 61 74 65 73 74 43 52 4C 53 72 76 ied/LatestCRLSrv
0070: 2E 63 72 6C .crl
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 risign.com/rpa
[CertificatePolicyId: [2.16.840.1.113536.509.3647]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 2B 1A 29 4E 6F 74 20 56 61 6C 69 64 61 74 65 0+.)Not Validate0010: 64 20 46 6F 72 20 53 75 6E 20 42 75 73 69 6E 65 d For Sun Busine
0020: 73 73 20 4F 70 65 72 61 74 69 6F 6E 73 ss Operations
], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1B 68 74 74 70 73 3A 2F 2F 77 77 77 2E 73 75 ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B 69 2F 63 70 73 n.com/pki/cps
[6]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2]]
[7]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
[8]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: 08 EA E4 7E FB 1B A6 4D DC EA BE 44 44 0E 9E 97 .......M...DD...
0010: BC B3 4A 85 39 4A AF B0 7F AB CB C4 9F C4 11 90 ..J.9J..........
0020: C6 0F FC C5 D0 41 4E 87 C8 93 1A 27 8F F4 7A 26 .....AN....'..z&
0030: A8 26 DE 52 D9 0A CC 78 5E 55 21 04 D9 C6 B2 22 .&.R...x^U!...."
0040: C5 18 EA 19 EF C0 EA F3 C0 95 B0 6C DB 16 E7 B8 ...........l....
0050: 9D 22 06 50 E1 70 19 71 C0 8E 9D 0C AD 6E 11 AE .".P.p.q.....n..
0060: C6 DE 7E 54 9F 39 48 9C E8 3E F3 1B 1D 1B 00 5B ...T.9H..>.....[
0070: F5 DB 63 CE 16 07 3A 70 B0 FB AF 8D 82 9B DD 58 ..c...:p.......X
0080: 57 AC 33 9C 2D D4 CE 76 51 7E 4F 9E EA 59 90 B0 W.3.-..vQ.O..Y..
0090: 91 A7 A8 E0 F9 F6 E0 4B 1E 24 51 92 E0 31 43 E4 .......K.$Q..1C.
00A0: 70 6E 7D E9 13 93 84 E9 1C 88 CC 85 72 55 91 13 pn..........rU..
00B0: 33 4C 91 45 13 32 D0 F1 72 82 E1 A9 F3 6E 7F FD 3L.E.2..r....n..
00C0: 73 38 D8 8D 04 70 DB 28 E0 5D A1 17 20 06 B8 83 s8...p.(.].. ...
00D0: FE 80 37 55 32 77 12 BF DC FC 2D E5 6B EE C8 23 ..7U2w....-.k..#
00E0: 89 1F D4 53 51 EE 36 ED 68 26 0D B7 A3 3C E2 9C ...SQ.6.h&...<..
00F0: E5 B3 61 96 BD 6B 37 A0 7E 15 76 29 EB 97 5B E8 ..a..k7...v)..[.
chain [1] = [
Version: V3
Subject: CN=Sun Microsystems Inc SSL CA, OU=Class 3 MPKI Secure Server CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@89cf1e
Validity: [From: Wed Jun 01 17:00:00 PDT 2005,
To: Mon Jun 01 16:59:59 PDT 2015]
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
SerialNumber: [ 4fa13003 7f5dfd64 3fb367fb af699e7c ]
Certificate Extensions: 7
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
0010: 17 F9 01 FA ....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
[OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US]
SerialNumber: [ 7dd9fe07 cfa81eb7 107967fb a78934c6 ]
[3]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 2D 30 2B 30 29 A0 27 A0 25 86 23 68 74 74 70 .-0+0).'.%.#http
0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
0020: 63 6F 6D 2F 70 63 61 33 2D 67 32 2E 63 72 6C com/pca3-g2.crl
[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[CN=PrivateLabel3-2048-142]]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 risign.com/rpa
[CertificatePolicyId: [2.16.840.1.113536.509.3647]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1B 68 74 74 70 73 3A 2F 2F 77 77 77 2E 73 75 ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B 69 2F 63 70 73 n.com/pki/cps
[7]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:1
Algorithm: [SHA1withRSA]
Signature:
0000: B7 5A 35 83 75 74 8B E1 62 92 86 30 A2 4E 5B 21 .Z5.ut..b..0.N[!
0010: FD 3D 2B 91 A1 AC 98 5E 5F 6A D2 51 BE 27 68 67 .=+....^_j.Q.'hg
0020: 22 C3 FB 69 61 F2 53 00 45 0E 1E E4 A3 DC 27 82 "..ia.S.E.....'.
0030: 5F A8 ED 07 F7 06 73 A1 68 0F 0C E8 4A 66 F4 93 _.....s.h...Jf..
0040: E5 25 50 82 5B DD 2D 9A 2E 55 4E F5 74 3B 90 3B .%P.[.-..UN.t;.;
0050: 40 CA 56 80 87 41 77 17 A3 50 2F 0B 31 15 CC 22 @.V..Aw..P/.1.."
0060: A9 F8 13 DF 4B 77 DB 80 28 80 A9 E0 EF A0 40 0D ....Kw..(.....@.
0070: D7 CF 64 72 8B BC CF 19 9B D9 81 A1 D8 E3 7D 40 ..dr...........@
chain [2] = [
Version: V1
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@7ce4e7
Validity: [From: Sun May 17 17:00:00 PDT 1998,
To: Tue Aug 01 16:59:59 PDT 2028]
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
SerialNumber: [ 7dd9fe07 cfa81eb7 107967fb a78934c6 ]
Algorithm: [SHA1withRSA]
Signature:
0000: 51 4D CD BE 5C CB 98 19 9C 15 B2 01 39 78 2E 4D QM..\.......9x.M
0010: 0F 67 70 70 99 C6 10 5A 94 A4 53 4D 54 6D 2B AF .gpp...Z..SMTm+.
0020: 0D 5D 40 8B 64 D3 D7 EE DE 56 61 92 5F A6 C4 1D .]@.d....Va._...
0030: 10 61 36 D3 2C 27 3C E8 29 09 B9 11 64 74 CC B5 .a6.,'<.)...dt..
0040: 73 9F 1C 48 A9 BC 61 01 EE E2 17 A6 0C E3 40 08 s..H..a.......@.
0050: 3B 0E E7 EB 44 73 2A 9A F1 69 92 EF 71 14 C3 39 ;...Ds*..i..q..9
0060: AC 71 A7 91 09 6F E4 71 06 B3 BA 59 57 26 79 00 .q...o.q...YW&y.
0070: F6 F8 0D A2 33 30 28 D4 AA 58 A0 9D 9D 69 91 FD ....30(..X...i..
stop on trusted cert: [
Version: V3
Subject: CN=Sun Microsystems Inc SSL CA, OU=Class 3 MPKI Secure Server CA, OU=VeriSign Trust Network, O=Sun Microsystems Inc
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@89cf1e
Validity: [From: Wed Jun 01 17:00:00 PDT 2005,
To: Mon Jun 01 16:59:59 PDT 2015]
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
SerialNumber: [ 4fa13003 7f5dfd64 3fb367fb af699e7c ]
Certificate Extensions: 7
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
0010: 17 F9 01 FA ....
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
[OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US]
SerialNumber: [ 7dd9fe07 cfa81eb7 107967fb a78934c6 ]
[3]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 2D 30 2B 30 29 A0 27 A0 25 86 23 68 74 74 70 .-0+0).'.%.#http
0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
0020: 63 6F 6D 2F 70 63 61 33 2D 67 32 2E 63 72 6C com/pca3-g2.crl
[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[CN=PrivateLabel3-2048-142]]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.23.3]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 risign.com/rpa
[CertificatePolicyId: [2.16.840.1.113536.509.3647]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1B 68 74 74 70 73 3A 2F 2F 77 77 77 2E 73 75 ..https://www.su0010: 6E 2E 63 6F 6D 2F 70 6B 69 2F 63 70 73 n.com/pki/cps
[7]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:1
Algorithm: [SHA1withRSA]
Signature:
0000: B7 5A 35 83 75 74 8B E1 62 92 86 30 A2 4E 5B 21 .Z5.ut..b..0.N[!
0010: FD 3D 2B 91 A1 AC 98 5E 5F 6A D2 51 BE 27 68 67 .=+....^_j.Q.'hg
0020: 22 C3 FB 69 61 F2 53 00 45 0E 1E E4 A3 DC 27 82 "..ia.S.E.....'.
0030: 5F A8 ED 07 F7 06 73 A1 68 0F 0C E8 4A 66 F4 93 _.....s.h...Jf..
0040: E5 25 50 82 5B DD 2D 9A 2E 55 4E F5 74 3B 90 3B .%P.[.-..UN.t;.;
0050: 40 CA 56 80 87 41 77 17 A3 50 2F 0B 31 15 CC 22 @.V..Aw..P/.1.."
0060: A9 F8 13 DF 4B 77 DB 80 28 80 A9 E0 EF A0 40 0D ....Kw..(.....@.
0070: D7 CF 64 72 8B BC CF 19 9B D9 81 A1 D8 E3 7D 40 ..dr...........@
[read] MD5 and SHA1 hashes: len = 3479
0000: 0B 00 0D 93 00 0D 90 00 05 0A 30 82 05 06 30 82 ..........0...0.
0010: 03 EE A0 03 02 01 02 02 10 67 02 AB 4C 00 BF E8 .........g..L...
0020: 50 3A 0E B9 A9 1C A3 80 EB 30 0D 06 09 2A 86 48 P:.......0...*.H
0030: 86 F7 0D 01 01 05 05 00 30 81 8E 31 1D 30 1B 06 ........0..1.0..
0040: 03 55 04 0A 13 14 53 75 6E 20 4D 69 63 72 6F 73 .U....Sun Micros
0050: 79 73 74 65 6D 73 20 49 6E 63 31 1F 30 1D 06 03 ystems Inc1.0...
0060: 55 04 0B 13 16 56 65 72 69 53 69 67 6E 20 54 72 U....VeriSign Tr
0070: 75 73 74 20 4E 65 74 77 6F 72 6B 31 26 30 24 06 ust Network1&0$.
0080: 03 55 04 0B 13 1D 43 6C 61 73 73 20 33 20 4D 50 .U....Class 3 MP
0090: 4B 49 20 53 65 63 75 72 65 20 53 65 72 76 65 72 KI Secure Server
00A0: 20 43 41 31 24 30 22 06 03 55 04 03 13 1B 53 75 CA1$0"..U....Su
00B0: 6E 20 4D 69 63 72 6F 73 79 73 74 65 6D 73 20 49 n Microsystems I
00C0: 6E 63 20 53 53 4C 20 43 41 30 1E 17 0D 30 35 31 nc SSL CA0...051
00D0: 31 32 31 30 30 30 30 30 30 5A 17 0D 30 36 31 31 121000000Z..0611
00E0: 32 31 32 33 35 39 35 39 5A 30 81 83 31 0B 30 09 21235959Z0..1.0.
00F0: 06 03 55 04 06 13 02 55 53 31 11 30 0F 06 03 55 ..U....US1.0...U
0100: 04 08 13 08 43 6F 6C 6F 72 61 64 6F 31 13 30 11 ....Colorado1.0.
0110: 06 03 55 04 07 14 0A 42 72 6F 6F 6D 66 69 65 6C ..U....Broomfiel
0120: 64 31 1D 30 1B 06 03 55 04 0A 14 14 53 75 6E 20 d1.0...U....Sun
0130: 4D 69 63 72 6F 73 79 73 74 65 6D 73 20 49 6E 63 Microsystems Inc
0140: 31 10 30 0E 06 03 55 04 0B 14 07 43 6C 61 73 73 1.0...U....Class
0150: 20 43 31 1B 30 19 06 03 55 04 03 14 12 72 64 6E C1.0...U....rdn
0160: 73 2D 61 6C 70 68 61 2E 73 75 6E 2E 63 6F 6D 30 s-alpha.sun.com0
0170: 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 ..0...*.H.......
0180: 00 03 81 8D 00 30 81 89 02 81 81 00 E3 8A 2F 46 .....0......../F
0190: 49 FD 71 6B 5E F3 72 64 22 25 36 06 D0 B7 AC 28 I.qk^.rd"%6....(
01A0: 28 30 0D 34 66 56 22 63 40 F9 8C 1B 9A 54 1C 5B (0.4fV"[email protected].[
01B0: 76 FF 1A D7 18 D3 5A 39 A5 C6 67 8C B0 B0 99 C6 v.....Z9..g.....
01C0: 32 6C 18 FF E3 61 EF 31 DE D6 0C 76 BE 6D CA C4 2l...a.1...v.m..
01D0: 2B A7 84 A7 47 E3 E2 2F 5E 71 02 8E 03 89 B7 66 +...G../^q.....f
01E0: 9C 53 5B C5 81 81 41 E8 82 2F B4 DA 9E 4D 41 C7 .S[...A../...MA.
01F0: E8 05 43 EC BA F6 1C 26 F2 CF 07 9A 5C A2 D2 B9 ..C....&....\...
0200: AB 3C 91 6A 90 DE 0D 58 B8 0B 57 AB 02 03 01 00 .<.j...X..W.....
0210: 01 A3 82 01 EB 30 82 01 E7 30 09 06 03 55 1D 13 .....0...0...U..
0220: 04 02 30 00 30 1D 06 03 55 1D 0E 04 16 04 14 45 ..0.0...U......E
0230: 7D F2 17 01 02 2F 0D C6 89 E8 A7 63 A0 D6 B6 13 ...../.....c....
0240: 3F 8C A8 30 1F 06 03 55 1D 23 04 18 30 16 80 14 ?..0...U.#..0...
0250: D7 DD 5E 81 BE CF 5C E3 DC D2 F2 8D ED 04 B8 AC ..^...\.........
0260: 17 F9 01 FA 30 0E 06 03 55 1D 0F 01 01 FF 04 04 ....0...U.......
0270: 03 02 05 A0 30 1D 06 03 55 1D 25 04 16 30 14 06 ....0...U.%..0..
0280: 08 2B 06 01 05 05 07 03 01 06 08 2B 06 01 05 05 .+.........+....
0290: 07 03 02 30 81 B9 06 03 55 1D 20 04 81 B1 30 81 ...0....U. ...0.
02A0: AE 30 39 06 0B 60 86 48 01 86 F8 45 01 07 17 03 .09..`.H...E....
02B0: 30 2A 30 28 06 08 2B 06 01 05 05 07 02 01 16 1C 0*0(..+.........
02C0: 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 72 69 https://www.veri
02D0: 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 30 71 06 0B sign.com/rpa0q..
02E0: 60 86 48 01 86 F7 00 83 7D 9C 3F 30 62 30 27 06 `.H.......?0b0'.
02F0: 08 2B 06 01 05 05 07 02 01 16 1B 68 74 74 70 73 .+.........https
0300: 3A 2F 2F 77 77 77 2E 73 75 6E 2E 63 6F 6D 2F 70 ://www.sun.com/p
0310: 6B 69 2F 63 70 73 30 37 06 08 2B 06 01 05 05 07 ki/cps07..+.....
0320: 02 02 30 2B 1A 29 4E 6F 74 20 56 61 6C 69 64 61 ..0+.)Not Valida
0330: 74 65 64 20 46 6F 72 20 53 75 6E 20 42 75 73 69 ted For Sun Busi
0340: 6E 65 73 73 20 4F 70 65 72 61 74 69 6F 6E 73 30 ness Operations0
0350: 79 06 03 55 1D 1F 04 72 30 70 30 6E A0 6C A0 6A y..U...r0p0n.l.j
0360: 86 68 68 74 74 70 3A 2F 2F 53 56 52 43 33 53 65 .hhttp://SVRC3Se
0370: 63 75 72 65 53 75 6E 4D 69 63 72 6F 73 79 73 74 cureSunMicrosyst
0380: 65 6D 73 2D 4D 50 4B 49 2D 63 72 6C 2E 76 65 72 ems-MPKI-crl.ver
0390: 69 73 69 67 6E 2E 63 6F 6D 2F 53 75 6E 4D 69 63 isign.com/SunMic
03A0: 72 6F 73 79 73 74 65 6D 73 49 6E 63 43 6C 61 73 rosystemsIncClas
03B0: 73 43 55 6E 69 66 69 65 64 2F 4C 61 74 65 73 74 sCUnified/Latest
03C0: 43 52 4C 53 72 76 2E 63 72 6C 30 34 06 08 2B 06 CRLSrv.crl04..+.
03D0: 01 05 05 07 01 01 04 28 30 26 30 24 06 08 2B 06 .......(0&0$..+.
03E0: 01 05 05 07 30 01 86 18 68 74 74 70 3A 2F 2F 6F ....0...http://o
03F0: 63 73 70 2E 76 65 72 69 73 69 67 6E 2E 63 6F 6D csp.verisign.com
0400: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 0...*.H.........
0410: 82 01 01 00 08 EA E4 7E FB 1B A6 4D DC EA BE 44 ...........M...D
0420: 44 0E 9E 97 BC B3 4A 85 39 4A AF B0 7F AB CB C4 D.....J.9J......
0430: 9F C4 11 90 C6 0F FC C5 D0 41 4E 87 C8 93 1A 27 .........AN....'
0440: 8F F4 7A 26 A8 26 DE 52 D9 0A CC 78 5E 55 21 04 ..z&.&.R...x^U!.
0450: D9 C6 B2 22 C5 18 EA 19 EF C0 EA F3 C0 95 B0 6C ..."...........l
0460: DB 16 E7 B8 9D 22 06 50 E1 70 19 71 C0 8E 9D 0C .....".P.p.q....
0470: AD 6E 11 AE C6 DE 7E 54 9F 39 48 9C E8 3E F3 1B .n.....T.9H..>..
0480: 1D 1B 00 5B F5 DB 63 CE 16 07 3A 70 B0 FB AF 8D ...[..c...:p....
0490: 82 9B DD 58 57 AC 33 9C 2D D4 CE 76 51 7E 4F 9E ...XW.3.-..vQ.O.
04A0: EA 59 90 B0 91 A7 A8 E0 F9 F6 E0 4B 1E 24 51 92 .Y.........K.$Q.
04B0: E0 31 43 E4 70 6E 7D E9 13 93 84 E9 1C 88 CC 85 .1C.pn..........
04C0: 72 55 91 13 33 4C 91 45 13 32 D0 F1 72 82 E1 A9 rU..3L.E.2..r...
04D0: F3 6E 7F FD 73 38 D8 8D 04 70 DB 28 E0 5D A1 17 .n..s8...p.(.]..
04E0: 20 06 B8 83 FE 80 37 55 32 77 12 BF DC FC 2D E5 .....7U2w....-.
04F0: 6B EE C8 23 89 1F D4 53I am having the same problem , did you ever found the solution for this. I am getting an error " .... no IV for cipher". I am trying to do the Client Authentication to IIS from Java client.
Any help is greatly appreciated.
Thanks -
Problem sending data with HTTPS using client authentication.
Hi,
I�m tryingto send a message to a secure server using for this client certificate, apparently if I make a GET of "/" (server root) , everything works fine (authentication, and data received), from the moment that I try to ways send data to the "/pvtn " directory i obtain the following error.
This is a sample of the code i�m using:
import com.sun.net.ssl.KeyManagerFactory;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.Writer;
import java.net.Socket;
import java.security.*;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PublicKey;
import java.util.Collection;
import java.util.Date;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.security.cert.*;
import javax.security.cert.X509Certificate;
public class Test
public static final String TARGET_HTTPS_SERVER = "mymachine.mydomain.pt";
public static final int TARGET_HTTPS_PORT = 443;
public static void main(String[] args) throws Exception
System.setProperty("javax.net.ssl.trustStore","/certificados/truststore.txt");
System.setProperty("javax.net.ssl.trustStorePassword","trustpwd");
System.setProperty("javax.net.ssl.keyStore","/certificados/truststore.txt");
System.setProperty("javax.net.ssl.keyStorePassword","trustpwd");
java.security.Security.removeProvider("SunJSSE");
java.security.Security.insertProviderAt(new com.sun.net.ssl.internal.ssl.Provider(),2);
KeyManagerFactory kmf= KeyManagerFactory.getInstance("SunX509", "SunJSSE") ;
//Socket
SSLSocket jsslSoc = (SSLSocket) SSLSocketFactory.getDefault().createSocket(TARGET_HTTPS_SERVER, TARGET_HTTPS_PORT);
String [] ciphers = jsslSoc.getSupportedCipherSuites() ;
//// Select the ciphers you want and put them.
//// Here we will put all availabel ciphers
jsslSoc.setEnabledCipherSuites(ciphers);
//// We are creating socket in client mode
jsslSoc.setUseClientMode(true);
//// Do SSL handshake
jsslSoc.startHandshake();
// Print negotiated cipher
System.out.println("Negotiated Cipher Suite: " + jsslSoc.getSession().getCipherSuite());
System.out.println("");
X509Certificate[] peerCerts = ((javax.net.ssl.SSLSocket)jsslSoc).getSession().getPeerCertificateChain();
if (peerCerts != null)
System.out.println("Printing server information:");
for(int i =0; i < peerCerts.length; i++)
System.out.println("Peer Certificate ["+i+"] Information:");
System.out.println("- Subject: " + peerCerts.getSubjectDN().getName());
System.out.println("- Issuer: " + peerCerts[i].getIssuerDN().getName());
System.out.println("- Version: " + peerCerts[i].getVersion());
System.out.println("- Start Time: " + peerCerts[i].getNotBefore().toString());
System.out.println("- End Time: " + peerCerts[i].getNotAfter().toString());
System.out.println("- Signature Algorithm: " + peerCerts[i].getSigAlgName());
System.out.println("- Serial Number: " + peerCerts[i].getSerialNumber());
else
System.out.println("Failed to get peer certificates");
try
Writer out = new OutputStreamWriter(jsslSoc.getOutputStream(), "ISO-8859-1");
//THIS WAY WORKS FINE
out.write("GET / HTTP/1.1\r\n");
// HERE COMES THE TROUBLES
//out.write("GET /pvtn?someparameter=paramvalue HTTP/1.1\r\n");
out.write("Host: " + TARGET_HTTPS_SERVER + ":" + TARGET_HTTPS_PORT + "\r\n");
out.write("Proxy-Connection: Keep-Alive\r\n");
out.write("User-Agent: SSL-TEST \r\n");
out.write("\r\n");
out.flush();
BufferedReader in = new BufferedReader(new InputStreamReader(jsslSoc.getInputStream(), "ISO-8859-1"));
String line = null;
while ((line = in.readLine()) != null)
System.out.println(line);
finally
jsslSoc.close();
the ssl log until sending the GET is
main, WRITE: SSL v3.1 Handshake, length = 36
main, READ: SSL v3.1 Change Cipher Spec, length = 1
main, READ: SSL v3.1 Handshake, length = 36
Plaintext after DECRYPTION: len = 36
0000: 14 00 00 0C 71 AB 40 CC 6C 33 92 05 E9 69 4B 8F [email protected].
0010: D1 77 3F 6E 3C DB F0 A0 B7 9C CF 49 B6 6D C8 17 .w?n<......I.m..
0020: 7E 03 52 14 ..R.
*** Finished, v3.1
verify_data: { 113, 171, 64, 204, 108, 51, 146, 5, 233, 105, 75, 143 }
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
[read] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 71 AB 40 CC 6C 33 92 05 E9 69 4B 8F [email protected].
Negotiated Cipher Suite: SSL_RSA_WITH_RC4_128_SHA
When i send the GET
Plaintext before ENCRYPTION: len = 247
0000: 47 45 54 20 2F 70 76 74 6E 3F 41 30 33 30 3D 4D GET /pvtn?A030=M
main, WRITE: SSL v3.1 Application Data, length = 247
main, READ: SSL v3.1 Handshake, length = 24
Plaintext after DECRYPTION: len = 24
*** HelloRequest (empty)
%% Client cached [Session-1, SSL_RSA_WITH_RC4_128_SHA]
%% Try resuming [Session-1, SSL_RSA_WITH_RC4_128_SHA] from port 3535
*** ClientHello, v3.1
RandomCookie: GMT: 1131988975 bytes = { 45, 113, 241, 212, 81, 255, 244, 169, 74, 41, 160, 227, 197, 210, 155, 211, 47, 237, 18, 179, 238, 47, 28, 86, 30, 253, 157, 253 }
Session ID: {208, 18, 243, 174, 216, 156, 80, 201, 121, 136, 63, 162, 31, 196, 186, 95, 193, 143, 238, 172, 173, 79, 64, 219, 17, 149, 14, 138, 53, 95, 18, 96}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17, 0, 2, 0, 1, 0, 24, 0, 26, 0, 27, 0, 23, 0, 25 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 105
Plaintext before ENCRYPTION: len = 125
main, WRITE: SSL v3.1 Handshake, length = 125
main, READ: SSL v3.1 Handshake, length = 94
Plaintext after DECRYPTION: len = 94
*** ServerHello, v3.1
RandomCookie: GMT: 1131991620 bytes = { 205, 194, 212, 113, 37, 213, 41, 13, 60, 142, 135, 68, 17, 78, 227, 251, 176, 211, 133, 203, 153, 173, 153, 195, 93, 7, 87, 123 }
Session ID: {108, 85, 45, 208, 104, 124, 209, 24, 247, 113, 156, 134, 28, 154, 75, 198, 64, 181, 167, 9, 149, 223, 162, 21, 225, 32, 168, 31, 190, 48, 241, 195}
Cipher Suite: { 0, 5 }
Compression Method: 0
%% Created: [Session-2, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
main, READ: SSL v3.1 Handshake, length = 3154
Plaintext after DECRYPTION: len = 3154
*** Certificate chain
stop on trusted cert: [
Version: V1
Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: [MD5withRSA]
Signature:
[read] MD5 and SHA1 hashes: len = 3134
main, READ: SSL v3.1 Handshake, length = 479
Plaintext after DECRYPTION: len = 479
*** CertificateRequest
Cert Types: RSA, DSS,
Cert Authorities:
[read] MD5 and SHA1 hashes: len = 455
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret: { 3, 1, 19, 223, 230, 65, 59, 210, 10, 69, 239, 178, 185, 5, 52, 57, 44, 160, 163, 239, 85, 64, 173, 16, 132, 234, 33, 228, 0, 8, 134, 52, 20, 190, 196, 15, 205, 35, 169, 39, 14, 160, 143, 74, 210, 74, 43, 181 }
[write] MD5 and SHA1 hashes: len = 141
Plaintext before ENCRYPTION: len = 161
main, WRITE: SSL v3.1 Handshake, length = 161
SESSION KEYGEN:
PreMaster Secret:
.CONNECTION KEYGEN:
Client Nonce:
Server Nonce:
Master Secret:
Client MAC write Secret:
Server MAC write Secret:
Client write key:
Server write key:
0000: FE 94 DF 4C 1A 9F FA CE 0C E9 A6 DB 31 53 E5 FD ...L........1S..
... no IV for cipher
Plaintext before ENCRYPTION: len = 21
0000: 01 0D 16 E6 49 18 36 AF E1 52 9C 2F 72 EE CA DF ....I.6..R./r...
0010: 41 71 68 30 06 Aqh0.
main, WRITE: SSL v3.1 Change Cipher Spec, length = 21
*** Finished, v3.1
verify_data: { 243, 49, 247, 150, 113, 86, 182, 125, 244, 163, 245, 243 }
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C F3 31 F7 96 71 56 B6 7D F4 A3 F5 F3 .....1..qV......
Plaintext before ENCRYPTION: len = 36
0000: 14 00 00 0C F3 31 F7 96 71 56 B6 7D F4 A3 F5 F3 .....1..qV......
0010: 1A 7C 8F D9 51 CB 6F 47 2A 7C 90 81 20 EE 97 64 ....Q.oG*... ..d
0020: FF 47 35 CA .G5.
main, WRITE: SSL v3.1 Handshake, length = 36
main, SEND SSL v3.1 ALERT: warning, description = close_notify
Plaintext before ENCRYPTION: len = 22
0000: 01 00 F0 F4 AC 3C B2 DE 95 98 0E B4 ED B1 24 3B .....<........$;
0010: 54 6C 8B DC F3 1F Tl....
main, WRITE: SSL v3.1 Alert, length = 22
java.net.SocketException: Connection aborted by peer: socket write error
void java.net.SocketOutputStream.socketWrite(java.io.FileDescriptor, byte[], int, int)
native code
void java.net.SocketOutputStream.write(byte[], int, int)
SocketOutputStream.java:96
void com.sun.net.ssl.internal.ssl.OutputRecord.a(java.io.OutputStream)
void com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(com.sun.net.ssl.internal.ssl.OutputRecord)
void com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush()
void com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(com.sun.net.ssl.internal.ssl.HandshakeMessage$Finished)
void com.sun.net.ssl.internal.ssl.ClientHandshaker.c()
void com.sun.net.ssl.internal.ssl.ClientHandshaker.a(com.sun.net.ssl.internal.ssl.SunJSSE_o)
void com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(byte, int)
void com.sun.net.ssl.internal.ssl.Handshaker.process_record(com.sun.net.ssl.internal.ssl.InputRecord)
void com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(com.sun.net.ssl.internal.ssl.InputRecord, boolean)
void com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(com.sun.net.ssl.internal.ssl.InputRecord)
int com.sun.net.ssl.internal.ssl.AppInputStream.read(byte[], int, int)
int java.io.InputStream.read(byte[])
InputStream.java:91
int java.io.InputStreamReader.fill(char[], int, int)
InputStreamReader.java:173
int java.io.InputStreamReader.read(char[], int, int)
InputStreamReader.java:249
void java.io.BufferedReader.fill()
BufferedReader.java:139
java.lang.String java.io.BufferedReader.readLine(boolean)
BufferedReader.java:299
java.lang.String java.io.BufferedReader.readLine()
BufferedReader.java:362
void Teste3.main(java.lang.String[])
Teste3.java:109
Exception in thread main
Debugger disconnected from local process.
Process exited with exit code 1.
One more thing if if make the same thing via browser (https://mymachine.mydomain.pt/pvtn?someparameter=somevalue) and works fine too (obviously i pre installed the client certificate in the browser and choose the certificate when the pop up show up)
It seems like the handshaking fails when i send data to /pvtn...
Regards,
Paulo.I amhaving the another problem very similar, I am struggling with client authentication with IIS 5.0, and receiving the 'Remote Host closed the connection' error.
Is there any help me in this. I truly apprecaite it
Thanks -
Urgent : problems in authenticating the client
Hi every one,
Im new to SSL and have a problem in authenticating the client with the server. when i disable
((SSLServerSocket)serversocket).setNeedClientAuth(true);
both the server and client work fine and i get the required output.
if i use -Djavax.net.ssl.truststore=trustStoreName and -Djavax.net.ssl.keyStore=keystoreName in the command line for the client then it works but i want to do it without the commandline options
I tried to debug the clients ssl handshake where it seams that if i dont mention the truststore and keystore in the command line it wont take the ones mentioned in the code.
If anyone has a solution for this or any idea can you please help me out im stuck on it for about a week now. Thanks in advance.
uzi
Message was edited by:
Deo_Zone
Message was edited by:
Deo_ZoneHi...
i'm new to ssl connection....i implement the code for ssl connection through java program...i use the following code
String keystore = "<java_home>/jre/lib/security/cacerts";
System.setProperty("javax.net.ssl.trustStore",keystore);
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.SECURITY_PRINCIPAL,adminName);
env.put(Context.SECURITY_CREDENTIALS,adminPassword);
env.put(Context.SECURITY_PROTOCOL,"ssl");
String ldapURL = "ldaps://mydc.speedrock.com:636";
env.put(Context.PROVIDER_URL,ldapURL);
DirContext ctx = new InitialLdapContext(env,null);
i use this code in my web application and using server tomcat 5.5 server...
Steps:
1. Started my tomcat server
2. attempt to change ActiveDirectory user password.
At this time i'm not importing AD server certificate into cacerts file..
In this situation it throws exception.
3. now i import the valid certificate into cacerts file using keytool command
keytool -import -alias xyzADCert -keystore <javahome>/jre/lib/security/cacerts -keypass changeit -storepass changeit -noprompt -file <java_home>/jre/lib/security/ca.cer;
when i run this command from console, import the certificate successfully....
4. now again attempts to change password...
In this situation it gives same previous exception....
But, when i restart the tomcat server and attempts change password, its working fine...
The same thing happens in case of delete certificate...
Steps:
1.Start the tomcat server
2. import valid certificate using keytool command
keytool -import -alias xyzADCert -keystore <javahome>/jre/lib/security/cacerts -keypass changeit -storepass changeit -noprompt -file <java_home>/jre/lib/security/ca.cer;
3. Try to change password....working fine
4. delete the certificate using keytool command
keytool -delete -alias xyzADCert -keystore <javahome>/jre/lib/security/cacerts -keypass changeit -storepass changeit
when i run this command certificate deleted from cacerts file....
for confirmation, once again i run this command...it gives alias does not exit message.
5. Now, i re attempts to change password with out restaring tomcat server...
instead of throwing exception like "simple bind failed", password updated in server for user.
6. But, when i restart the tomcat server, it gives the exception like "simple bind failed" when i try to change password.
my target is with out restarting server ..do change password successfully when i import the certificate and throw exception when i delete the certificate from cacerts file...
please give me some help... -
Problems with HTTP Client Authentication in jdev 10.1.2.17.84.
Hi,
I've told HTTP Client Authentication doesn't work in jdev 10.1.2.17.84. I need users to be authenticated using a certificate so I'm trying several workarounds but none seems to be valid. Any help?
Thanks.
Luis Serrano.been there done that.. ive decompiled the oc4j code, debuged down to the core... its big waste of my time... :(
my advice to you is to leave it.. if you do not plan to use oracle ldap sso or xml provider you can do nothing... your hands are tied... they hardcoded everything and if you want more than classic "username & password" custom login module you will have to change oc4j...
there is no point to make a custom loginmodule which utilize a client certificate because oracle JAZN do not suport that type of login module!
just implement a login filter and manage authentication and authorization yourself... just like steve muench did in his java store demo - he didnt use JAZN... :)
anyway current approach do not allow you to leverage JAAS in ADF model layer so why bother to have that in the view/controller layer anyway...
and if i understood correctly oracle plans big changes in this area in the next jdeveloper release, and they alredy said that custom login modules would be depreciated in the next releases... -
Java Client AUthentication to IIS 5 server throwing no IV for Cipher error
I have trying to do Java client authentication. Got the Certificate from CA and loaded it in server. When I run the JavaClient program I get the
error no IV for Cipher.
I am using JDK 1.5.0_06 and JSSE 1.0.3_03.
Any help is greatly appreciated.
Thanks
Here is the debug report
trustStore is: C:\JTEST\cacerts
trustStore type is : JKS
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=devclient.test.com, OU=Mycompany, O=Second Data Corporation., L=San Francisco, ST=California, C=US
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Algorithm: RSA; Serial number: 0x5b0bf
Valid from Thu Feb 16 06:23:37 PST 2006 until Sat Feb 17 06:23:37 PST 2007
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 17:19:54 PDT 1999 until Tue Jun 25 17:19:54 PDT 2019
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000bf
Valid from Wed May 17 07:01:00 PDT 2000 until Sat May 17 16:59:00 PDT 2025
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x374ad243
Valid from Tue May 25 09:09:40 PDT 1999 until Sat May 25 09:39:40 PDT 2019
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000b9
Valid from Fri May 12 11:46:00 PDT 2000 until Mon May 12 16:59:00 PDT 2025
adding as trusted cert:
Subject: CN=devclient.paymap.com, OU=First Data Corp, O=Paymap Inc, L=San Francisco, ST=California, C=USA
Issuer: CN=Thawte Test CA Root, OU=TEST TEST TEST, O=Thawte Certification, ST=FOR TESTING PURPOSES ONLY, C=ZA
Algorithm: RSA; Serial number: 0xe2501de73ac37428
Valid from Mon Feb 20 15:51:25 PST 2006 until Mon Mar 13 15:51:25 PST 2006
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
Valid from Thu Sep 30 17:00:00 PDT 1999 until Wed Jul 16 16:59:59 PDT 2036
adding as trusted cert:
Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 10:39:16 PDT 2004 until Thu Jun 29 10:39:16 PDT 2034
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 16:00:00 PST 1995 until Thu Dec 31 15:59:59 PST 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x70bae41d10d92934b638ca7b03ccbabf
Valid from Sun Jan 28 16:00:00 PST 1996 until Tue Aug 01 16:59:59 PDT 2028
adding as trusted cert:
Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Algorithm: RSA; Serial number: 0x3770cfb5
Valid from Wed Jun 23 05:14:45 PDT 1999 until Sun Jun 23 05:14:45 PDT 2019
adding as trusted cert:
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Algorithm: RSA; Serial number: 0x35def4cf
Valid from Sat Aug 22 09:41:51 PDT 1998 until Wed Aug 22 09:41:51 PDT 2018
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 16:00:00 PST 1995 until Thu Dec 31 15:59:59 PST 2020
adding as trusted cert:
Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x4
Valid from Sun Jun 20 21:00:00 PDT 1999 until Sat Jun 20 21:00:00 PDT 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 16:00:00 PST 1995 until Thu Dec 31 15:59:59 PST 2020
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 07:50:00 PDT 1998 until Wed Aug 14 16:59:00 PDT 2013
adding as trusted cert:
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xcdba7f56f0dfe4bc54fe22acb372aa55
Valid from Sun Jan 28 16:00:00 PST 1996 until Tue Aug 01 16:59:59 PDT 2028
adding as trusted cert:
Subject: CN=GTE CyberTrust Root, O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root, O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1a3
Valid from Fri Feb 23 15:01:00 PST 1996 until Thu Feb 23 15:59:00 PST 2006
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389b113c
Valid from Fri Feb 04 09:20:00 PST 2000 until Tue Feb 04 09:50:00 PST 2020
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
Valid from Sun May 17 17:00:00 PDT 1998 until Tue Aug 01 16:59:59 PDT 2028
adding as trusted cert:
Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 17:00:00 PDT 1996 until Thu Dec 31 15:59:59 PST 2020
adding as trusted cert:
Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Algorithm: RSA; Serial number: 0x2ad667e4e45fe5e576f3c98195eddc0
Valid from Tue Nov 08 16:00:00 PST 1994 until Thu Jan 07 15:59:59 PST 2010
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x380391ee
Valid from Tue Oct 12 12:24:30 PDT 1999 until Sat Oct 12 12:54:30 PDT 2019
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389ef6e4
Valid from Mon Feb 07 08:16:40 PST 2000 until Fri Feb 07 08:46:40 PST 2020
adding as trusted cert:
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x2d1bfc4a178da391ebe7fff58b45be0b
Valid from Sun Jan 28 16:00:00 PST 1996 until Tue Aug 01 16:59:59 PDT 2028
adding as trusted cert:
Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
Valid from Thu Sep 30 17:00:00 PDT 1999 until Wed Jul 16 16:59:59 PDT 2036
adding as trusted cert:
Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1a5
Valid from Wed Aug 12 17:29:00 PDT 1998 until Mon Aug 13 16:59:00 PDT 2018
adding as trusted cert:
Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 17:00:00 PDT 1996 until Thu Dec 31 15:59:59 PST 2020
adding as trusted cert:
Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x23456
Valid from Mon May 20 21:00:00 PDT 2002 until Fri May 20 21:00:00 PDT 2022
adding as trusted cert:
Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x3863b966
Valid from Fri Dec 24 09:50:51 PST 1999 until Tue Dec 24 10:20:51 PST 2019
adding as trusted cert:
Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Sun Jun 20 21:00:00 PDT 1999 until Sat Jun 20 21:00:00 PDT 2020
adding as trusted cert:
Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 10:06:20 PDT 2004 until Thu Jun 29 10:06:20 PDT 2034
adding as trusted cert:
Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
Valid from Thu Sep 30 17:00:00 PDT 1999 until Wed Jul 16 16:59:59 PDT 2036
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
Valid from Sun May 17 17:00:00 PDT 1998 until Tue Aug 01 16:59:59 PDT 2028
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
Valid from Sun May 17 17:00:00 PDT 1998 until Tue Aug 01 16:59:59 PDT 2028
trigger seeding of SecureRandom
done seeding SecureRandom
main, setSoTimeout(50000) called
TIMEOUT=50000
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1123703368 bytes = { 11, 7, 242, 147, 134, 10, 57, 192, 137, 131, 191, 249, 253, 146, 232, 223, 146, 195, 53, 255, 121, 236, 182, 158, 191, 94, 156, 190 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 873
*** ServerHello, TLSv1
RandomCookie: GMT: 1123703296 bytes = { 123, 165, 102, 102, 169, 196, 229, 241, 3, 49, 81, 239, 83, 155, 209, 243, 236, 229, 18, 193, 228, 104, 27, 152, 232, 193, 173, 11 }
Session ID: {147, 24, 0, 0, 22, 29, 124, 158, 177, 166, 96, 36, 217, 32, 191, 41, 36, 217, 54, 244, 11, 56, 214, 139, 133, 140, 38, 132, 157, 77, 87, 77}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=www.just-in-time-eft-paymap.com, OU=Paymap, O=First Data Corporation., L=San Francisco, ST=California, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 115897801846480906504507305240934762652258285705294305856746227593079520228602278416768070978663757452626836382370415992468189745643687252249588163510925353035555192020212360325664657305599855674966873189987712512397233103225326014387972568754281141553272745093478026229567341632738641376167448499163118598699
public exponent: 65537
Validity: [From: Mon Sep 12 11:37:51 PDT 2005,
To: Sun Nov 12 11:37:51 PST 2006]
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
SerialNumber: [ 057aa7]
Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: FC 76 D2 8C C3 DE 0D 8F EA 32 26 60 83 C9 8B 9C .v.......2&`....
0010: C6 E6 BB 57 ...W
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 48 E6 68 F9 2B D2 B2 95 D7 47 D8 23 20 10 4F 33 H.h.+....G.# .O3
0010: 98 90 9F D4 ....
[3]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.geotrust.com/crls/secureca.crl]
[4]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2]]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [SHA1withRSA]
Signature:
0000: 44 D7 B0 69 BF B0 AA 4D 5A 17 70 9C 37 BA 61 A2 D..i...MZ.p.7.a.
0010: 57 B4 34 85 6D 59 1F 82 72 34 9B 92 7D BD DF 27 W.4.mY..r4.....'
0020: CE 97 E3 CA AE 23 5D 85 3C 1A C6 19 D1 49 C2 3F .....#].<....I.?
0030: C6 E2 7E 97 8D 63 94 1E 04 AC 9F 5F 37 08 2A 96 .....c....._7.*.
0040: 1A 47 D1 9D 69 0C 71 6A F3 74 1C FF 7D 20 E1 CA .G..i.qj.t... ..
0050: 75 D0 45 84 2E 11 3C DD D4 73 25 38 76 27 E0 73 u.E...<..s%8v'.s
0060: 70 AC 70 0F A5 E3 5B 9D 7E 0E AB 6A 79 07 18 38 p.p...[....jy..8
0070: 5B A1 63 A2 89 8C 96 A1 50 36 4C D2 C6 D5 27 25 [.c.....P6L...'%
Found trusted certificate:
Version: V3
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 135786214035069526348186531221551781468391756233528066061569654028671100866720352830303278016129003918213826297308054231261658522889438712013757624116391437358730449661353175673177742307421061340003741057138887918110217006515773038453829253517076741780039735595086881329494037450587568122088113584549069375417
public exponent: 65537
Validity: [From: Sat Aug 22 09:41:51 PDT 1998,
To: Wed Aug 22 09:41:51 PDT 2018]
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
SerialNumber: [ 35def4cf]
Certificate Extensions: 7
[1]: ObjectId: 1.2.840.113533.7.65.0 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 0D 30 0B 1B 05 56 33 2E 30 63 03 02 06 C0 ..0...V3.0c....
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 48 E6 68 F9 2B D2 B2 95 D7 47 D8 23 20 10 4F 33 H.h.+....G.# .O3
0010: 98 90 9F D4 ....
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 48 E6 68 F9 2B D2 B2 95 D7 47 D8 23 20 10 4F 33 H.h.+....G.# .O3
0010: 98 90 9F D4 ....
[4]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[CN=CRL1, OU=Equifax Secure Certificate Authority, O=Equifax, C=US]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.16 Criticality=false
PrivateKeyUsage: [
To: Wed Aug 22 09:41:51 PDT 2018]
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 58 CE 29 EA FC F7 DE B5 CE 02 B9 17 B5 85 D1 B9 X.).............
0010: E3 E0 95 CC 25 31 0D 00 A6 92 6E 7F B6 92 63 9E ....%1....n...c.
0020: 50 95 D1 9A 6F E4 11 DE 63 85 6E 98 EE A8 FF 5A P...o...c.n....Z
0030: C8 D3 55 B2 66 71 57 DE C0 21 EB 3D 2A A7 23 49 ..U.fqW..!.=*.#I
0040: 01 04 86 42 7B FC EE 7F A2 16 52 B5 67 67 D3 40 ...B......R.gg.@
0050: DB 3B 26 58 B2 28 77 3D AE 14 77 61 D6 FA 2A 66 .;&X.(w=..wa..*f
0060: 27 A0 0D FA A7 73 5C EA 70 F1 94 21 65 44 5F FA '....s\.p..!eD_.
0070: FC EF 29 68 A9 A2 87 79 EF 79 EF 4F AC 07 77 38 ..)h...y.y.O..w8
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
Random Secret: { 3, 1, 82, 2, 69, 241, 210, 36, 175, 168, 76, 86, 170, 3, 158, 52, 89, 146, 84, 210, 223, 113, 212, 231, 129, 100, 177, 125, 116, 31, 97, 233, 150, 162, 161, 51, 168, 189, 14, 47, 83, 27, 67, 252, 172, 191, 102, 39 }
main, WRITE: TLSv1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 52 02 45 F1 D2 24 AF A8 4C 56 AA 03 9E 34 ..R.E..$..LV...4
0010: 59 92 54 D2 DF 71 D4 E7 81 64 B1 7D 74 1F 61 E9 Y.T..q...d..t.a.
0020: 96 A2 A1 33 A8 BD 0E 2F 53 1B 43 FC AC BF 66 27 ...3.../S.C...f'
CONNECTION KEYGEN:
Client Nonce:
0000: 43 FA 5A 48 0B 07 F2 93 86 0A 39 C0 89 83 BF F9 C.ZH......9.....
0010: FD 92 E8 DF 92 C3 35 FF 79 EC B6 9E BF 5E 9C BE ......5.y....^..
Server Nonce:
0000: 43 FA 5A 00 7B A5 66 66 A9 C4 E5 F1 03 31 51 EF C.Z...ff.....1Q.
0010: 53 9B D1 F3 EC E5 12 C1 E4 68 1B 98 E8 C1 AD 0B S........h......
Master Secret:
0000: 10 47 C2 16 13 58 4B 50 D3 D6 34 05 C8 C9 11 29 .G...XKP..4....)
0010: AD 90 0D 8F 9B BD C8 C1 FC CD BC 26 ED FB 26 84 ...........&..&.
0020: 04 0B 94 BC D2 4D 7D 71 E0 1E 08 10 59 38 B5 4E .....M.q....Y8.N
Client MAC write Secret:
0000: A5 66 C1 48 0E F1 18 2B 2B 7A F7 9B A4 6C D7 FA .f.H...++z...l..
Server MAC write Secret:
0000: 3B F5 04 FA AC 9C D7 ED 2E E7 36 44 80 FF 11 E2 ;.........6D....
Client write key:
0000: 7B 9F 56 A1 FC 3D BD 31 25 27 91 BB D0 66 66 0B ..V..=.1%'...ff.
Server write key:
0000: 2B 45 E2 19 E8 C8 61 5B 84 B8 94 76 A1 B4 9C 6E +E....a[...v...n
... no IV for cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 110, 253, 95, 109, 150, 89, 93, 140, 108, 186, 172, 188 }
main, WRITE: TLSv1 Handshake, length = 32
main, READ: TLSv1 Change Cipher Spec, length = 1
main, READ: TLSv1 Handshake, length = 32
*** Finished
verify_data: { 70, 219, 18, 202, 105, 203, 83, 220, 151, 174, 102, 125 }
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
main, setSoTimeout(50000) called
main, WRITE: TLSv1 Application Data, length = 96
main, setSoTimeout(50000) called
main, READ: TLSv1 Handshake, length = 20
*** HelloRequest (empty)
%% Client cached [Session-1, SSL_RSA_WITH_RC4_128_MD5]
%% Try resuming [Session-1, SSL_RSA_WITH_RC4_128_MD5] from port 1130
*** ClientHello, TLSv1
RandomCookie: GMT: 1123703368 bytes = { 242, 6, 117, 127, 243, 197, 134, 82, 139, 54, 241, 243, 132, 22, 63, 136, 4, 180, 225, 8, 159, 55, 182, 105, 133, 226, 213, 167 }
Session ID: {147, 24, 0, 0, 22, 29, 124, 158, 177, 166, 96, 36, 217, 32, 191, 41, 36, 217, 54, 244, 11, 56, 214, 139, 133, 140, 38, 132, 157, 77, 87, 77}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 121
main, READ: TLSv1 Handshake, length = 11432
*** ServerHello, TLSv1
RandomCookie: GMT: 1123703296 bytes = { 168, 158, 224, 186, 230, 77, 9, 24, 237, 106, 203, 158, 176, 252, 249, 167, 73, 173, 69, 178, 115, 34, 96, 179, 191, 230, 178, 160 }
Session ID: {3, 27, 0, 0, 51, 252, 181, 131, 214, 28, 220, 247, 154, 175, 51, 237, 76, 111, 88, 78, 28, 105, 106, 114, 42, 51, 53, 144, 178, 93, 245, 127}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=www.just-in-time-eft-paymap.com, OU=Paymap, O=First Data Corporation., L=San Francisco, ST=California, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 115897801846480906504507305240934762652258285705294305856746227593079520228602278416768070978663757452626836382370415992468189745643687252249588163510925353035555192020212360325664657305599855674966873189987712512397233103225326014387972568754281141553272745093478026229567341632738641376167448499163118598699
public exponent: 65537
Validity: [From: Mon Sep 12 11:37:51 PDT 2005,
To: Sun Nov 12 11:37:51 PST 2006]
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
SerialNumber: [ 057aa7]
Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: FC 76 D2 8C C3 DE 0D 8F EA 32 26 60 83 C9 8B 9C .v.......2&`....
0010: C6 E6 BB 57 ...W
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 48 E6 68 F9 2B D2 B2 95 D7 47 D8 23 20 10 4F 33 H.h.+....G.# .O3
0010: 98 90 9F D4 ....
[3]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.geotrust.com/crls/secureca.crl]
[4]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2]]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [SHA1withRSA]
Signature:
0000: 44 D7 B0 69 BF B0 AA 4D 5A 17 70 9C 37 BA 61 A2 D..i...MZ.p.7.a.
0010: 57 B4 34 85 6D 59 1F 82 72 34 9B 92 7D BD DF 27 W.4.mY..r4.....'
0020: CE 97 E3 CA AE 23 5D 85 3C 1A C6 19 D1 49 C2 3F .....#].<....I.?
0030: C6 E2 7E 97 8D 63 94 1E 04 AC 9F 5F 37 08 2A 96 .....c....._7.*.
0040: 1A 47 D1 9D 69 0C 71 6A F3 74 1C FF 7D 20 E1 CA .G..i.qj.t... ..
0050: 75 D0 45 84 2E 11 3C DD D4 73 25 38 76 27 E0 73 u.E...<..s%8v'.s
0060: 70 AC 70 0F A5 E3 5B 9D 7E 0E AB 6A 79 07 18 38 p.p...[....jy..8
0070: 5B A1 63 A2 89 8C 96 A1 50 36 4C D2 C6 D5 27 25 [.c.....P6L...'%
Found trusted certificate:
Version: V3
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 135786214035069526348186531221551781468391756233528066061569654028671100866720352830303278016129003918213826297308054231261658522889438712013757624116391437358730449661353175673177742307421061340003741057138887918110217006515773038453829253517076741780039735595086881329494037450587568122088113584549069375417
public exponent: 65537
Validity: [From: Sat Aug 22 09:41:51 PDT 1998,
To: Wed Aug 22 09:41:51 PDT 2018]
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
SerialNumber: [ 35def4cf]
Certificate Extensions: 7
[1]: ObjectId: 1.2.840.113533.7.65.0 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 0D 30 0B 1B 05 56 33 2E 30 63 03 02 06 C0 ..0...V3.0c....
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 48 E6 68 F9 2B D2 B2 95 D7 47 D8 23 20 10 4F 33 H.h.+....G.# .O3
0010: 98 90 9F D4 ....
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 48 E6 68 F9 2B D2 B2 95 D7 47 D8 23 20 10 4F 33 H.h.+....G.# .O3
0010: 98 90 9F D4 ....
[4]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[CN=CRL1, OU=Equifax Secure Certificate Authority, O=Equifax, C=US]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.16 Criticality=false
PrivateKeyUsage: [
To: Wed Aug 22 09:41:51 PDT 2018]
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 58 CE 29 EA FC F7 DE B5 CE 02 B9 17 B5 85 D1 B9 X.).............
0010: E3 E0 95 CC 25 31 0D 00 A6 92 6E 7F B6 92 63 9E ....%1....n...c.
0020: 50 95 D1 9A 6F E4 11 DE 63 85 6E 98 EE A8 FF 5A P...o...c.n....Z
0030: C8 D3 55 B2 66 71 57 DE C0 21 EB 3D 2A A7 23 49 ..U.fqW..!.=*.#I
0040: 01 04 86 42 7B FC EE 7F A2 16 52 B5 67 67 D3 40 ...B......R.gg.@
0050: DB 3B 26 58 B2 28 77 3D AE 14 77 61 D6 FA 2A 66 .;&X.(w=..wa..*f
0060: 27 A0 0D FA A7 73 5C EA 70 F1 94 21 65 44 5F FA '....s\.p..!eD_.
0070: FC EF 29 68 A9 A2 87 79 EF 79 EF 4F AC 07 77 38 ..)h...y.y.O..w8
*** CertificateRequest
Cert Types: RSA,
Cert Authorities:
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<CN=Sonera Class1 CA, O=Sonera, C=FI>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 4 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<CN=Staat der Nederlanden Root CA, O=Staat der Nederlanden, C=NL>
<CN=VeriSign Class 3I have the same problem. I�m turning crazy working with certificates in mutual athetication!!!
If someone has the solution to this problem, send a repy or at [email protected]
Thanks in advance -
Certificates issued by communications server for client authentication
Hi,
we ran into problem with those certificates, that are being issued by the lync server itself. In our enteprise we have CX600 and CX3000 phones, and i know that certificate authentication is required for the phones to work (both for registrar and webservice).
However, now that users have lync installed, they have their communications server certificate assigned as well. The problem is when a user needs to sign a document with the certificate from our private CA, for most of the users, word or excel suggests to
use a certificate issued by communications server, not our ent CA. Maybe there is a way for LYNC to trust private enteprise CA and not give out its own certificates and STILL use certificate authentication?
Thanks!Facing almost the same issue, Lync (server) issues ClientAuth certs from "Communication Server", (btw
is not trusted of course), and in turns forces users to make a selection of which VPN cert to use when dialing in, instead of only one ClientAuth cert installed, they now have 2 ClientAuth certs installed, which our internal CA's should care about and NOT
the Lync (server).
Don’t get how an MS product of this caliber can be built without proper PKI integration, how can it NOT utilize internally issued certs for client authentication???
Not the first though, SCCM and OSD is another example....
However, are you saying that Lync communication can’t be used without certificate authentication,
without the user being spammed with credential prompts?
Trying to get clarification on this… -
Client authentication not working
Hi all,
I am using Apache's HTTPClient to connect with a server running https. The server is the latest stable Tomcat (version 4.1.27). If I set clientAuth="false" in the Tomcat configuration, everything is working fine. I am able to comunicate with the server, since the server's certificate is in the trusted store. If I want to authenticate myself (by setting clientAuth="true") it doesn't work. It seems that the application I have written doesn't send the client's certificate.
Here's the code:
HttpClient httpclient = new HttpClient();
Protocol myhttps =
new Protocol(
"https",
new StrictSSLProtocolSocketFactory(false),
8443);
httpclient.getHostConfiguration().setHost("rigel", 8443, myhttps);
GetMethod httpget = new GetMethod("/");
httpclient.executeMethod(httpget);
If I turn on all sorts of debugging this is what I get:
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Java version: 1.4.0_02
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Java vendor: Sun Microsystems Inc.
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Java class path: f:\myhome\projects\NextiraOne\class;f:\myhome\projects\NextiraOne\lib\commons-httpclient-2.0-rc1.jar;f:\myhome\projects\NextiraOne\lib\log4j-1.2.6.jar;f:\myhome\projects\NextiraOne\lib\commons-logging.jar;f:\myhome\projects\NextiraOne\lib\commons-logging-api.jar;f:\myhome\projects\NextiraOne\lib\com.ibm.mq.jar;f:\myhome\projects\NextiraOne\lib\xmlparserv2new.jar;f:\myhome\projects\NextiraOne\lib\connector.jar
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Operating system name: Windows 2000
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Operating system architecture: x86
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Operating system version: 5.0
2003/10/08 14:54:27:078 CEST [DEBUG] HttpClient - -SUN 1.2: SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
2003/10/08 14:54:27:078 CEST [DEBUG] HttpClient - -SunJSSE 1.4002: Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
2003/10/08 14:54:27:078 CEST [DEBUG] HttpClient - -SunRsaSign 1.0: SUN's provider for RSA signatures
2003/10/08 14:54:27:078 CEST [DEBUG] HttpClient - -SunJCE 1.4: SunJCE Provider (implements DES, Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
2003/10/08 14:54:27:088 CEST [DEBUG] HttpClient - -SunJGSS 1.0: Sun (Kerberos v5)
2003/10/08 14:54:27:188 CEST [DEBUG] HttpConnection - -HttpConnection.setSoTimeout(0)
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: f:\client.keystore
trustStore type is : jks
init truststore
adding private entry as trusted cert: [
Version: V1
Subject: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@8fd984
Validity: [From: Wed Oct 08 13:48:24 CEST 2003,
To: Tue Jan 06 12:48:24 CET 2004]
Issuer: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
SerialNumber: [ 3f83f988 ]
Algorithm: [MD5withRSA]
Signature:
0000: 04 24 63 44 43 26 CA 79 BC 0B 96 2D 27 1A 40 DA .$cDC&.y...-'.@.
0010: E0 92 FE D6 57 F8 4C C4 C6 97 F7 13 24 4B 30 F9 ....W.L.....$K0.
0020: E7 C3 06 2B A3 67 FD 70 E1 A5 8E E7 16 3D 59 16 ...+.g.p.....=Y.
0030: DB 7B 73 AC 30 B1 43 C1 F2 96 DD 8F 52 0E 61 1F ..s.0.C.....R.a.
0040: 0E 23 0F 88 8E 1A 6F 24 54 B9 87 4C 2C A1 97 78 .#....o$T..L,..x
0050: FD 80 6A A1 F8 65 C3 CE 39 F4 AA A6 6C 3C 7A 98 ..j..e..9...l<z.
0060: 86 4E 5B 6A 2D 7F BC 89 E8 36 29 54 22 0A 3F C7 .N[j-....6)T".?.
0070: B3 83 4E 47 36 F1 C9 09 25 E7 9C D6 11 10 3B 3C ..NG6...%.....;<
adding as trusted cert: [
Version: V1
Subject: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@f99ff5
Validity: [From: Wed Oct 08 11:56:42 CEST 2003,
To: Tue Jan 06 10:56:42 CET 2004]
Issuer: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
SerialNumber: [ 3f83df5a ]
Algorithm: [MD5withRSA]
Signature:
0000: E0 21 80 C9 4C 8C BC FC 48 B3 36 6A 0B E1 C1 94 .!..L...H.6j....
0010: 79 E1 E7 6B 27 B0 71 7D CF 17 A6 B9 E6 71 D6 85 y..k'.q......q..
0020: 6F 9F EB 66 73 4B CB A2 C1 A2 7F F3 38 A1 A7 8B o..fsK......8...
0030: 92 F0 82 1F 4A A4 E9 F5 8C 64 0B 7E 86 61 C0 D5 ....J....d...a..
0040: 74 60 7D D3 B0 11 3F 77 B9 D8 EC 7D 17 22 D8 7C t`....?w....."..
0050: 77 42 CB C1 24 CC 26 5E CF 8A 20 7D 77 44 D4 29 wB..$.&^.. .wD.)
0060: DF 59 D1 17 CE D2 51 59 BC 53 35 B0 EB CE 51 CE .Y....QY.S5...Q.
0070: 79 F7 D2 53 CE FD 2F 9A FD 1A A8 E3 3C 58 AF EB y..S../.....<X..
init context
trigger seeding of SecureRandom
done seeding SecureRandom
2003/10/08 14:54:32:456 CEST [DEBUG] HttpMethodBase - -Execute loop try 1
2003/10/08 14:54:32:466 CEST [DEBUG] wire - ->> "GET / HTTP/1.1[\r][\n]"
2003/10/08 14:54:32:466 CEST [DEBUG] HttpMethodBase - -Adding Host request header
2003/10/08 14:54:32:476 CEST [DEBUG] wire - ->> "User-Agent: Jakarta Commons-HttpClient/2.0rc1[\r][\n]"
2003/10/08 14:54:32:476 CEST [DEBUG] wire - ->> "Host: rigel[\r][\n]"
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1048840456 bytes = { 43, 4, 244, 103, 54, 110, 99, 128, 162, 132, 22, 2, 197, 112, 91, 105, 4, 133, 249, 114, 142, 122, 44, 203, 156, 188, 132, 100 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 3F 84 09 08 2B 04 F4 67 36 6E ...7..?...+..g6n
0010: 63 80 A2 84 16 02 C5 70 5B 69 04 85 F9 72 8E 7A c......p[i...r.z
0020: 2C CB 9C BC 84 64 00 00 10 00 05 00 04 00 09 00 ,....d..........
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 3F 84 09 .............?..
0030: 08 2B 04 F4 67 36 6E 63 80 A2 84 16 02 C5 70 5B .+..g6nc......p[
0040: 69 04 85 F9 72 8E 7A 2C CB 9C BC 84 64 i...r.z,....d
main, WRITE: SSL v2, contentType = 22, translated length = 16310
main, READ: SSL v3.1 Handshake, length = 2275
*** ServerHello, v3.1
RandomCookie: GMT: 1048840456 bytes = { 2, 207, 237, 54, 101, 119, 116, 33, 59, 54, 56, 111, 170, 110, 92, 129, 178, 67, 124, 46, 187, 153, 247, 27, 216, 197, 21, 232 }
Session ID: {63, 132, 9, 8, 85, 66, 130, 20, 34, 100, 122, 131, 137, 133, 143, 214, 43, 232, 151, 61, 12, 216, 23, 84, 58, 241, 194, 116, 67, 44, 43, 44}
Cipher Suite: { 0, 5 }
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 3F 84 09 08 02 CF ED 36 65 77 ...F..?......6ew
0010: 74 21 3B 36 38 6F AA 6E 5C 81 B2 43 7C 2E BB 99 t!;68o.n\..C....
0020: F7 1B D8 C5 15 E8 20 3F 84 09 08 55 42 82 14 22 ...... ?...UB.."
0030: 64 7A 83 89 85 8F D6 2B E8 97 3D 0C D8 17 54 3A dz.....+..=...T:
0040: F1 C2 74 43 2C 2B 2C 00 05 00 ..tC,+,...
*** Certificate chain
chain [0] = [
Version: V1
Subject: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@b2a2d8
Validity: [From: Wed Oct 08 11:56:42 CEST 2003,
To: Tue Jan 06 10:56:42 CET 2004]
Issuer: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
SerialNumber: [ 3f83df5a ]
Algorithm: [MD5withRSA]
Signature:
0000: E0 21 80 C9 4C 8C BC FC 48 B3 36 6A 0B E1 C1 94 .!..L...H.6j....
0010: 79 E1 E7 6B 27 B0 71 7D CF 17 A6 B9 E6 71 D6 85 y..k'.q......q..
0020: 6F 9F EB 66 73 4B CB A2 C1 A2 7F F3 38 A1 A7 8B o..fsK......8...
0030: 92 F0 82 1F 4A A4 E9 F5 8C 64 0B 7E 86 61 C0 D5 ....J....d...a..
0040: 74 60 7D D3 B0 11 3F 77 B9 D8 EC 7D 17 22 D8 7C t`....?w....."..
0050: 77 42 CB C1 24 CC 26 5E CF 8A 20 7D 77 44 D4 29 wB..$.&^.. .wD.)
0060: DF 59 D1 17 CE D2 51 59 BC 53 35 B0 EB CE 51 CE .Y....QY.S5...Q.
0070: 79 F7 D2 53 CE FD 2F 9A FD 1A A8 E3 3C 58 AF EB y..S../.....<X..
stop on trusted cert: [
Version: V1
Subject: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@b2a2d8
Validity: [From: Wed Oct 08 11:56:42 CEST 2003,
To: Tue Jan 06 10:56:42 CET 2004]
Issuer: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
SerialNumber: [ 3f83df5a ]
Algorithm: [MD5withRSA]
Signature:
0000: E0 21 80 C9 4C 8C BC FC 48 B3 36 6A 0B E1 C1 94 .!..L...H.6j....
0010: 79 E1 E7 6B 27 B0 71 7D CF 17 A6 B9 E6 71 D6 85 y..k'.q......q..
0020: 6F 9F EB 66 73 4B CB A2 C1 A2 7F F3 38 A1 A7 8B o..fsK......8...
0030: 92 F0 82 1F 4A A4 E9 F5 8C 64 0B 7E 86 61 C0 D5 ....J....d...a..
0040: 74 60 7D D3 B0 11 3F 77 B9 D8 EC 7D 17 22 D8 7C t`....?w....."..
0050: 77 42 CB C1 24 CC 26 5E CF 8A 20 7D 77 44 D4 29 wB..$.&^.. .wD.)
0060: DF 59 D1 17 CE D2 51 59 BC 53 35 B0 EB CE 51 CE .Y....QY.S5...Q.
0070: 79 F7 D2 53 CE FD 2F 9A FD 1A A8 E3 3C 58 AF EB y..S../.....<X..
[read] MD5 and SHA1 hashes: len = 552
0000: 0B 00 02 24 00 02 21 00 02 1E 30 82 02 1A 30 82 ...$..!...0...0.
0010: 01 83 02 04 3F 83 DF 5A 30 0D 06 09 2A 86 48 86 ....?..Z0...*.H.
0020: F7 0D 01 01 04 05 00 30 54 31 0B 30 09 06 03 55 .......0T1.0...U
0030: 04 06 13 02 42 45 31 0C 30 0A 06 03 55 04 08 13 ....BE1.0...U...
0040: 03 4F 56 4C 31 0C 30 0A 06 03 55 04 07 13 03 4D .OVL1.0...U....M
0050: 45 52 31 0B 30 09 06 03 55 04 0A 13 02 44 43 31 ER1.0...U....DC1
0060: 0C 30 0A 06 03 55 04 0B 13 03 45 43 53 31 0E 30 .0...U....ECS1.0
0070: 0C 06 03 55 04 03 13 05 72 69 67 65 6C 30 1E 17 ...U....rigel0..
0080: 0D 30 33 31 30 30 38 30 39 35 36 34 32 5A 17 0D .031008095642Z..
0090: 30 34 30 31 30 36 30 39 35 36 34 32 5A 30 54 31 040106095642Z0T1
00A0: 0B 30 09 06 03 55 04 06 13 02 42 45 31 0C 30 0A .0...U....BE1.0.
00B0: 06 03 55 04 08 13 03 4F 56 4C 31 0C 30 0A 06 03 ..U....OVL1.0...
00C0: 55 04 07 13 03 4D 45 52 31 0B 30 09 06 03 55 04 U....MER1.0...U.
00D0: 0A 13 02 44 43 31 0C 30 0A 06 03 55 04 0B 13 03 ...DC1.0...U....
00E0: 45 43 53 31 0E 30 0C 06 03 55 04 03 13 05 72 69 ECS1.0...U....ri
00F0: 67 65 6C 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D gel0..0...*.H...
0100: 01 01 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 .........0......
0110: F0 8B 5A 91 87 97 AB 55 2A 6A AA 96 1F CF 77 D7 ..Z....U*j....w.
0120: 73 C2 23 4D 78 51 CF 6E 3F 10 46 C5 DA D7 9D 75 s.#MxQ.n?.F....u
0130: 77 3A 94 4A 07 5B D6 38 82 18 AE 71 6A 76 F9 6F w:.J.[.8...qjv.o
0140: 58 19 9D 2F 97 EE 4E 38 0E 3F E1 B2 5D 2D C1 1A X../..N8.?..]-..
0150: 0E F2 08 B2 D6 FF 0A 5E FC BD 57 73 C1 F0 09 C3 .......^..Ws....
0160: 8E E4 20 C2 CC 96 E3 DE 24 2C 76 DD 9C BA F3 D2 .. .....$,v.....
0170: 14 FC 94 86 C6 A3 6D 90 02 6B 5C 6E C7 94 0A 44 ......m..k\n...D
0180: A2 64 F6 A2 31 16 1E AC 97 36 17 84 7E 60 EC 2B .d..1....6...`.+
0190: 02 03 01 00 01 30 0D 06 09 2A 86 48 86 F7 0D 01 .....0...*.H....
01A0: 01 04 05 00 03 81 81 00 E0 21 80 C9 4C 8C BC FC .........!..L...
01B0: 48 B3 36 6A 0B E1 C1 94 79 E1 E7 6B 27 B0 71 7D H.6j....y..k'.q.
01C0: CF 17 A6 B9 E6 71 D6 85 6F 9F EB 66 73 4B CB A2 .....q..o..fsK..
01D0: C1 A2 7F F3 38 A1 A7 8B 92 F0 82 1F 4A A4 E9 F5 ....8.......J...
01E0: 8C 64 0B 7E 86 61 C0 D5 74 60 7D D3 B0 11 3F 77 .d...a..t`....?w
01F0: B9 D8 EC 7D 17 22 D8 7C 77 42 CB C1 24 CC 26 5E ....."..wB..$.&^
0200: CF 8A 20 7D 77 44 D4 29 DF 59 D1 17 CE D2 51 59 .. .wD.).Y....QY
0210: BC 53 35 B0 EB CE 51 CE 79 F7 D2 53 CE FD 2F 9A .S5...Q.y..S../.
0220: FD 1A A8 E3 3C 58 AF EB ....<X..
*** CertificateRequest
Cert Types: DSS, RSA,
Cert Authorities:
<OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
<OU=Class 4 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<CN=kws, OU=Delaware, O=Delaware, L=BE, ST=BE, C=BE>
<OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
[read] MD5 and SHA1 hashes: len = 1645
0000: 0D 00 06 69 02 02 01 06 64 00 61 30 5F 31 0B 30 ...i....d.a0_1.0
0010: 09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03 ...U....US1.0...
0020: 55 04 0A 13 0E 56 65 72 69 53 69 67 6E 2C 20 49 U....VeriSign, I
0030: 6E 63 2E 31 37 30 35 06 03 55 04 0B 13 2E 43 6C nc.1705..U....Cl
0040: 61 73 73 20 33 20 50 75 62 6C 69 63 20 50 72 69 ass 3 Public Pri
0050: 6D 61 72 79 20 43 65 72 74 69 66 69 63 61 74 69 mary Certificati
0060: 6F 6E 20 41 75 74 68 6F 72 69 74 79 00 D1 30 81 on Authority..0.
0070: CE 31 0B 30 09 06 03 55 04 06 13 02 5A 41 31 15 .1.0...U....ZA1.
0080: 30 13 06 03 55 04 08 13 0C 57 65 73 74 65 72 6E 0...U....Western
0090: 20 43 61 70 65 31 12 30 10 06 03 55 04 07 13 09 Cape1.0...U....
00A0: 43 61 70 65 20 54 6F 77 6E 31 1D 30 1B 06 03 55 Cape Town1.0...U
00B0: 04 0A 13 14 54 68 61 77 74 65 20 43 6F 6E 73 75 ....Thawte Consu
00C0: 6C 74 69 6E 67 20 63 63 31 28 30 26 06 03 55 04 lting cc1(0&..U.
00D0: 0B 13 1F 43 65 72 74 69 66 69 63 61 74 69 6F 6E ...Certification
00E0: 20 53 65 72 76 69 63 65 73 20 44 69 76 69 73 69 Services Divisi
00F0: 6F 6E 31 21 30 1F 06 03 55 04 03 13 18 54 68 61 on1!0...U....Tha
0100: 77 74 65 20 50 72 65 6D 69 75 6D 20 53 65 72 76 wte Premium Serv
0110: 65 72 20 43 41 31 28 30 26 06 09 2A 86 48 86 F7 er CA1(0&..*.H..
0120: 0D 01 09 01 16 19 70 72 65 6D 69 75 6D 2D 73 65 ......premium-se
0130: 72 76 65 72 40 74 68 61 77 74 65 2E 63 6F 6D 00 [email protected].
0140: CE 30 81 CB 31 0B 30 09 06 03 55 04 06 13 02 5A .0..1.0...U....Z
0150: 41 31 15 30 13 06 03 55 04 08 13 0C 57 65 73 74 A1.0...U....West
0160: 65 72 6E 20 43 61 70 65 31 12 30 10 06 03 55 04 ern Cape1.0...U.
0170: 07 13 09 43 61 70 65 20 54 6F 77 6E 31 1A 30 18 ...Cape Town1.0.
0180: 06 03 55 04 0A 13 11 54 68 61 77 74 65 20 43 6F ..U....Thawte Co
0190: 6E 73 75 6C 74 69 6E 67 31 28 30 26 06 03 55 04 nsulting1(0&..U.
01A0: 0B 13 1F 43 65 72 74 69 66 69 63 61 74 69 6F 6E ...Certification
01B0: 20 53 65 72 76 69 63 65 73 20 44 69 76 69 73 69 Services Divisi
01C0: 6F 6E 31 21 30 1F 06 03 55 04 03 13 18 54 68 61 on1!0...U....Tha
01D0: 77 74 65 20 50 65 72 73 6F 6E 61 6C 20 42 61 73 wte Personal Bas
01E0: 69 63 20 43 41 31 28 30 26 06 09 2A 86 48 86 F7 ic CA1(0&..*.H..
01F0: 0D 01 09 01 16 19 70 65 72 73 6F 6E 61 6C 2D 62 ......personal-b
0200: 61 73 69 63 40 74 68 61 77 74 65 2E 63 6F 6D 00 [email protected].
0210: 61 30 5F 31 0B 30 09 06 03 55 04 06 13 02 55 53 a0_1.0...U....US
0220: 31 20 30 1E 06 03 55 04 0A 13 17 52 53 41 20 44 1 0...U....RSA D
0230: 61 74 61 20 53 65 63 75 72 69 74 79 2C 20 49 6E ata Security, In
0240: 63 2E 31 2E 30 2C 06 03 55 04 0B 13 25 53 65 63 c.1.0,..U...%Sec
0250: 75 72 65 20 53 65 72 76 65 72 20 43 65 72 74 69 ure Server Certi
0260: 66 69 63 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 fication Authori
0270: 74 79 00 61 30 5F 31 0B 30 09 06 03 55 04 06 13 ty.a0_1.0...U...
0280: 02 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 65 .US1.0...U....Ve
0290: 72 69 53 69 67 6E 2C 20 49 6E 63 2E 31 37 30 35 riSign, Inc.1705
02A0: 06 03 55 04 0B 13 2E 43 6C 61 73 73 20 34 20 50 ..U....Class 4 P
02B0: 75 62 6C 69 63 20 50 72 69 6D 61 72 79 20 43 65 ublic Primary Ce
02C0: 72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 68 rtification Auth
02D0: 6F 72 69 74 79 00 61 30 5F 31 0B 30 09 06 03 55 ority.a0_1.0...U
02E0: 04 06 13 02 55 53 31 17 30 15 06 03 55 04 0A 13 ....US1.0...U...
02F0: 0E 56 65 72 69 53 69 67 6E 2C 20 49 6E 63 2E 31 .VeriSign, Inc.1
0300: 37 30 35 06 03 55 04 0B 13 2E 43 6C 61 73 73 20 705..U....Class
0310: 31 20 50 75 62 6C 69 63 20 50 72 69 6D 61 72 79 1 Public Primary
0320: 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 41 Certification A
0330: 75 74 68 6F 72 69 74 79 00 D2 30 81 CF 31 0B 30 uthority..0..1.0
0340: 09 06 03 55 04 06 13 02 5A 41 31 15 30 13 06 03 ...U....ZA1.0...
0350: 55 04 08 13 0C 57 65 73 74 65 72 6E 20 43 61 70 U....Western Cap
0360: 65 31 12 30 10 06 03 55 04 07 13 09 43 61 70 65 e1.0...U....Cape
0370: 20 54 6F 77 6E 31 1A 30 18 06 03 55 04 0A 13 11 Town1.0...U....
0380: 54 68 61 77 74 65 20 43 6F 6E 73 75 6C 74 69 6E Thawte Consultin
0390: 67 31 28 30 26 06 03 55 04 0B 13 1F 43 65 72 74 g1(0&..U....Cert
03A0: 69 66 69 63 61 74 69 6F 6E 20 53 65 72 76 69 63 ification Servic
03B0: 65 73 20 44 69 76 69 73 69 6F 6E 31 23 30 21 06 es Division1#0!.
03C0: 03 55 04 03 13 1A 54 68 61 77 74 65 20 50 65 72 .U....Thawte Per
03D0: 73 6F 6E 61 6C 20 50 72 65 6D 69 75 6D 20 43 41 sonal Premium CA
03E0: 31 2A 30 28 06 09 2A 86 48 86 F7 0D 01 09 01 16 1*0(..*.H.......
03F0: 1B 70 65 72 73 6F 6E 61 6C 2D 70 72 65 6D 69 75 .personal-premiu
0400: 6D 40 74 68 61 77 74 65 2E 63 6F 6D 00 D4 30 81 [email protected].
0410: D1 31 0B 30 09 06 03 55 04 06 13 02 5A 41 31 15 .1.0...U....ZA1.
0420: 30 13 06 03 55 04 08 13 0C 57 65 73 74 65 72 6E 0...U....Western
0430: 20 43 61 70 65 31 12 30 10 06 03 55 04 07 13 09 Cape1.0...U....
0440: 43 61 70 65 20 54 6F 77 6E 31 1A 30 18 06 03 55 Cape Town1.0...U
0450: 04 0A 13 11 54 68 61 77 74 65 20 43 6F 6E 73 75 ....Thawte Consu
0460: 6C 74 69 6E 67 31 28 30 26 06 03 55 04 0B 13 1F lting1(0&..U....
0470: 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 53 65 Certification Se
0480: 72 76 69 63 65 73 20 44 69 76 69 73 69 6F 6E 31 rvices Division1
0490: 24 30 22 06 03 55 04 03 13 1B 54 68 61 77 74 65 $0"..U....Thawte
04A0: 20 50 65 72 73 6F 6E 61 6C 20 46 72 65 65 6D 61 Personal Freema
04B0: 69 6C 20 43 41 31 2B 30 29 06 09 2A 86 48 86 F7 il CA1+0)..*.H..
04C0: 0D 01 09 01 16 1C 70 65 72 73 6F 6E 61 6C 2D 66 ......personal-f
04D0: 72 65 65 6D 61 69 6C 40 74 68 61 77 74 65 2E 63 [email protected]
04E0: 6F 6D 00 5D 30 5B 31 0B 30 09 06 03 55 04 06 13 om.]0[1.0...U...
04F0: 02 42 45 31 0B 30 09 06 03 55 04 08 13 02 42 45 .BE1.0...U....BE
0500: 31 0B 30 09 06 03 55 04 07 13 02 42 45 31 11 30 1.0...U....BE1.0
0510: 0F 06 03 55 04 0A 13 08 44 65 6C 61 77 61 72 65 ...U....Delaware
0520: 31 11 30 0F 06 03 55 04 0B 13 08 44 65 6C 61 77 1.0...U....Delaw
0530: 61 72 65 31 0C 30 0A 06 03 55 04 03 13 03 6B 77 are1.0...U....kw
0540: 73 00 61 30 5F 31 0B 30 09 06 03 55 04 06 13 02 s.a0_1.0...U....
0550: 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 65 72 US1.0...U....Ver
0560: 69 53 69 67 6E 2C 20 49 6E 63 2E 31 37 30 35 06 iSign, Inc.1705.
0570: 03 55 04 0B 13 2E 43 6C 61 73 73 20 32 20 50 75 .U....Class 2 Pu
0580: 62 6C 69 63 20 50 72 69 6D 61 72 79 20 43 65 72 blic Primary Cer
0590: 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 68 6F tification Autho
05A0: 72 69 74 79 00 C7 30 81 C4 31 0B 30 09 06 03 55 rity..0..1.0...U
05B0: 04 06 13 02 5A 41 31 15 30 13 06 03 55 04 08 13 ....ZA1.0...U...
05C0: 0C 57 65 73 74 65 72 6E 20 43 61 70 65 31 12 30 .Western Cape1.0
05D0: 10 06 03 55 04 07 13 09 43 61 70 65 20 54 6F 77 ...U....Cape Tow
05E0: 6E 31 1D 30 1B 06 03 55 04 0A 13 14 54 68 61 77 n1.0...U....Thaw
05F0: 74 65 20 43 6F 6E 73 75 6C 74 69 6E 67 20 63 63 te Consulting cc
0600: 31 28 30 26 06 03 55 04 0B 13 1F 43 65 72 74 69 1(0&..U....Certi
0610: 66 69 63 61 74 69 6F 6E 20 53 65 72 76 69 63 65 fication Service
0620: 73 20 44 69 76 69 73 69 6F 6E 31 19 30 17 06 03 s Division1.0...
0630: 55 04 03 13 10 54 68 61 77 74 65 20 53 65 72 76 U....Thawte Serv
0640: 65 72 20 43 41 31 26 30 24 06 09 2A 86 48 86 F7 er CA1&0$..*.H..
0650: 0D 01 09 01 16 17 73 65 72 76 65 72 2D 63 65 72 ......server-cer
0660: 74 73 40 74 68 61 77 74 65 2E 63 6F 6D [email protected]
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/PKCS1Padding
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret: { 3, 1, 183, 52, 32, 171, 15, 252, 104, 26, 122, 4, 33, 152, 207, 169, 53, 3, 54, 92, 207, 235, 108, 124, 43, 137, 189, 40, 155, 244, 16, 195, 171, 111, 45, 24, 118, 251, 161, 5, 255, 221, 102, 77, 136, 92, 253, 146 }
[write] MD5 and SHA1 hashes: len = 141
0000: 0B 00 00 03 00 00 00 10 00 00 82 00 80 E7 73 AF ..............s.
0010: 77 3C B9 37 C3 23 58 BB 44 7E B0 E1 EE D1 6F 37 w<.7.#X.D.....o7
0020: E9 C2 CB CD 5B 36 80 61 76 69 28 FA 66 E5 19 31 ....[6.avi(.f..1
0030: AF C5 CE 1D D0 B1 C0 A3 31 D4 2E 1A DB 1E CC 21 ........1......!
0040: 7F B9 9F 8C 6A B8 4C 43 50 78 95 CF 51 E3 9E 97 ....j.LCPx..Q...
0050: BF 07 DC 25 DE 56 D7 A5 7C D7 7D 5C D4 47 16 5D ...%.V.....\.G.]
0060: 54 FC FE 6C D8 C7 17 AB 18 A0 EE 31 B6 38 10 29 T..l.......1.8.)
0070: C4 D6 75 5B DB 1F B2 2B 20 28 40 C5 96 E4 E3 7A ..u[...+ (@....z
0080: 5C D6 85 C3 03 05 F5 38 FE 34 72 EF 3F \......8.4r.?
main, WRITE: SSL v3.1 Handshake, length = 141
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 B7 34 20 AB 0F FC 68 1A 7A 04 21 98 CF A9 ...4 ...h.z.!...
0010: 35 03 36 5C CF EB 6C 7C 2B 89 BD 28 9B F4 10 C3 5.6\..l.+..(....
0020: AB 6F 2D 18 76 FB A1 05 FF DD 66 4D 88 5C FD 92 .o-.v.....fM.\..
CONNECTION KEYGEN:
Client Nonce:
0000: 3F 84 09 08 2B 04 F4 67 36 6E 63 80 A2 84 16 02 ?...+..g6nc.....
0010: C5 70 5B 69 04 85 F9 72 8E 7A 2C CB 9C BC 84 64 .p[i...r.z,....d
Server Nonce:
0000: 3F 84 09 08 02 CF ED 36 65 77 74 21 3B 36 38 6F ?......6ewt!;68o
0010: AA 6E 5C 81 B2 43 7C 2E BB 99 F7 1B D8 C5 15 E8 .n\..C..........
Master Secret:
0000: 92 AB 4A D6 D4 F1 35 46 3D F8 20 64 7D 0D 1D 3C ..J...5F=. d...<
0010: 6D 12 61 D7 B6 21 1D F9 9E F2 A3 1E C8 72 16 48 m.a..!.......r.H
0020: 7E EB ED BD 71 66 89 36 8D A4 AA 30 A7 B6 F9 E3 ....qf.6...0....
Client MAC write Secret:
0000: FB B5 C5 28 A0 EF A9 2C 6F 6E 9A 8E 46 21 F8 5D ...(...,on..F!.]
0010: 21 3A F3 5A !:.Z
Server MAC write Secret:
0000: AC B4 8C 0C 19 E9 70 87 86 2C 88 19 74 96 CB 86 ......p..,..t...
0010: E1 57 28 D0 .W(.
Client write key:
0000: 67 8C 40 8A 0E F6 66 02 AA 57 A9 46 3E 4C 2B 0B [email protected]>L+.
Server write key:
0000: 39 79 50 0C 26 2A 0C 06 34 57 9F D0 ED 9E 76 1A 9yP.&*..4W....v.
... no IV for cipher
main, WRITE: SSL v3.1 Change Cipher Spec, length = 1
JsseJCE: Using JSSE internal implementation for cipher RC4
*** Finished, v3.1
verify_data: { 2, 131, 239, 184, 3, 52, 180, 31, 246, 47, 142, 241 }
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 02 83 EF B8 03 34 B4 1F F6 2F 8E F1 .........4.../..
Plaintext before ENCRYPTION: len = 36
0000: 14 00 00 0C 02 83 EF B8 03 34 B4 1F F6 2F 8E F1 .........4.../..
0010: E8 92 3D 1E 0C A5 0A B2 E3 71 7A E9 02 41 91 20 ..=......qz..A.
0020: 30 86 A2 47 0..G
main, WRITE: SSL v3.1 Handshake, length = 36
waiting for close_notify or alert: state 1
Exception while waiting for close java.net.SocketException: Software caused connection abort: JVM_recv in socket input stream read
main, SEND SSL v3.1 ALERT: warning, description = close_notify
Plaintext before ENCRYPTION: len = 22
0000: 01 00 BD 94 A3 63 BB DA 73 4F 7A 85 4B 79 25 76 .....c..sOz.Ky%v
0010: 8B 08 0F FF CE FC ......
main, WRITE: SSL v3.1 Alert, length = 22
java.net.SocketException: Software caused connection abort: JVM_recv in socket input stream read
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:116)
at com.sun.net.ssl.internal.ssl.InputRecord.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(DashoA6275)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.g(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(HttpConnection.java:1344)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:69)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127)
at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:779)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2179)
at org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBase.java:2534)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1047)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:638)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:500)
at kws.testing.out.HTTPClient.main(HTTPClient.java:60)
Exception in thread "main"
Does someone have an idea on how to get client authentication (without password) work?
regards,
Kenneth... no IV for cipher
This line is in my debug and the debug posted in the original message.
Am having the same problem of accessing a page with a Client Side Cert that uses a password. I get debug that has the "no IV for cipher" message. It does not throw
an exception, but gets a 403 from server.
Does anyone know? Will a Client Side Cert with a Symmetric Key work in Java APIs?
I load the .pfx cert into a Java KeyStore and send this to Apache HTTPClient. -
SOAP Receiver Adapter problem (client certificate required)
My Scenario is similar to described in https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/3721. [original link is broken] [original link is broken] [original link is broken] I have two PI servers running on one machine. I am trying to post message HTTPS with Client authentication via SOAP adapter from one PI system to SOAP adapter of other PI server. I have done the following configuration.
PI Server AXD - (Client) - Receiver SOAP adapter
PI Server AXQ - (Server) - Sender SOAP Adapter.
Steps in AXD
1. I have created a certificate of AXD in the service_ssl view of key storage.
2. I have imported the AXQ public certificate in to AXD in the TrustedCAs of Key storage
Steps in AXQ
1. I have created a certificate of AXQ in the service_ssl view of key storage.
2. I have imported the AXD public certificate in to AXQ in the TrustedCAs of Key storage.
3. I have created a user in AXQ and assigned the certificate of AXD under usermangement in Security provider to this user.
4. I have added the AXD certificate under Client Authentication tab with require client certificate option checked in the SSL Provider.
5. I have assigned the user created in AXQ in the step above to the Sender Agreement.
Now when I post message from AXD with Configure Client Authentication checked (Here I have selected the certificate of AXD and view as service_ssl) I am getting the following error.
Exception caught by adapter framework: SOAP: response message contains an error XIServer/UNKNOWN/ADAPTER.JAVA_EXCEPTION - java.security.AccessControlException: client certificate required at com.sap.aii.af.mp.soap.ejb.XISOAPAdapterBean.process(XISOAPAdapterBean.java:884) at com.sap.aii.af.mp.module.ModuleLocalLocalObjectImpl0_3
Any pointer to solve this problem is highly appreciated.
Thanks
AbinashHi Hemant,
I have couple of questions. Why do we need to import certificate for SOAP WS-Security and from where I can get it?
As far as my scenario goes I am not using message level security.
Secondly what do you mean by TRUSTED/WebServiceSecurity? I don't see any such view inside the Key Storage. I can see a view named just WebServiceSecuity though.
Also I don't have a decentralized adapter installation rather I have two separate PI instances having their own central adapter engine.
Abinash -
RMI security with client authentication
Hy,
I'm trying to set a secure RMI application using JSSE and SSL.
I have succeeded in writing an application with client and server authentication using both an RMISSLServerSocketFactory and RMISSLClientSocketFactory and passing those factories to the server while exporting the remote object.
The problem is I had to set both server public and private keys and client public and private keys in the custom Socket Factories. This implies that those keys are on the server disk which is problematic for the client private key.
Is there a way of giving the client private key only when the Client want to contact the server and not when exporting the remote object?
(I tried to do that using -Djava.net.ssl.keyStore and -Djava.net.ssl.trustStore properties but it doesn't seem to work).
Thank you for your helpEven when I haven't wrote RMI over SSL code, I've done that using standard SSL client authentication between a client and a server.
In that context, I got the SSLSocketFactory by using a SSLContext initialized with the proper TrustManager and KeyManager classes.
But I guess you can start by specifying from the command line the system properties related to keystores and truststores:
-Djavax.net.ssl.keyStore=<your keystore pathname>
-Djavax.net.ssl.keyStorePassword=<your keystore password>
-Djavax.net.ssl.trustStore=<your truststore pathname>
-Djavax.net.ssl.trustStorePassword=<your truststore password>
You can also see the RMISSLClientSocketFactory and RMISSLServerSocketFactory provided in the /samples/rmi folder of the JSSE 1.0.3_01 distribution.
The client factory version uses the default socket factory provided by JSSE, so it can be configured from the properties above.
Hope this helps. -
HTTPS With Client Authentication
Hi,
I've created a simple Web Service in PI 7.11 SP 4 when trying to connect to the Web Service from Soap UI I get the following error:
java.security.AccessControlException: client certificate required
In the the transaction scim the following can be seen:
[Thr 5061] <<- SapSSLSessionInit()==SAP_O_K
[Thr 5061] in: args = "role=2 (SERVER), auth_type=1 (ASK_CLIENT_CERT)"
[Thr 5061] out: sssl_hdl = 1117534b0
[Thr 5061] <<- SapSSLSetSessionCredHdl(sssl_hdl=1117534b0)==SAP_O_K
[Thr 5061] in: sssl_hdl = 1117534b0
[Thr 5061] in: cred_hdl = 116cfc110
[Thr 5061] NiIBlockMode: set blockmode for hdl 271 TRUE
[Thr 5061] SSL NI-sock: local=XX.XX.XX.XX:50001 peer=XX.XX.XX.XX:2310
[Thr 5061] <<- SapSSLSetNiHdl(sssl_hdl=1117534b0, ni_hdl=271)==SAP_O_K
[Thr 5061] <<- SapSSLSessionStart(sssl_hdl=1117534b0)==SAP_O_K
[Thr 5061] status = "resumed SSL session, NO client cert"
The fault is not at the Soap UI end as I've fired the request at a Tomcat server and confirmed that a certificate is sent when requested.
Sender Communication Channel,
Transport Protocol: HTTP,
Message Protocol: Soap 1.1,
Adapter Engine: Central Adepter Engine,
HTTPS with Client Authentication,
Keep Headers
Any ideas?
Kind regards,
JohnHi Peter,
If memory serves we did not find a solution to this problem. I think, and a quick check of the configuration suggests I'm right, that we're handling the HTTPS connection on an IIS box and passing it through to a non encrypted HTTP sender on PI.
It may be that Soap UI is not configured correctly, however when I was getting the 'client certificate required', as mentioned in the original post, I'd confirmed that soap UI was correctly configured by connecting to an alternative Web Service. I also used Wireshark to see whether or not a certificate was being requested, or sent. It's invaluable if you're using Soap UI.
All the best,
John -
Client Authentication certificate not working in ADFS3.0
Hi,
I am currently working on integrating ADFS 3.o for Single Sign On to some 3rd party services along with PKI solution. The basic requirement is that I should be able to choose client authentication certificate as an authentication method in ADFS and then
federate user credentials to 3rd party trust for single-sign-on.
I had done this successfully with ADFS 2.0 and that setup is working fine. I have the setup as ADFS 3.0 client authentication method enabled. When I open browser to logon, the ADFS 3.0 page displays a message as "Select a certificate that you want to
use for authentication. If you cancel the operation, please close your browser and try again." but the certificates are not displayed for selection.
The certificates are valid and have valid chaining to CA. Could someone help me resolve this issue?
Thanks!
-Chinmaya KarveI am also having this problem where the certificate dialog (Windows Security is usually the title) is never prompted to the user. I tried it on several computers which are all part of the domain. The same computers can also login on another ADFS, so I have
working certificates.
I just get a page where a text says I should select a certificate but I never get the dialog to do so.
Any updates on this issue? -
SOAP Adapter - HTTPS w/ client authentication -SSL termination @ dispatcher
Hi,
We have a SOAP client sending SOAP message over SSL to PI. We are using client cert for authentication, but terminating SSL at web dispatcher. In this scenario, i) do we need to configure security for XISOAPADAPTER in Visual admin on PI and ii) do we need to set HTTPS with client authentication security option in SOAp Sender communication channel?
My understanding is that since we are terminatinating SSL at web dispatcher (Server authentication happens between third-party gateway and our gateway and when web dispatcher terminates SSL, client cert for auth is passed via httpheader to PI where it is mapped to UME user with sufficient authorizations) we don't need to set the XISOAPADAPTER security (if it is end-to-end ssl we would i guess set up in V. Admin>Security provider service>clientcertloginmodule for XISOAPADAPTER) and we don't need to set the sender channel as https with client authentication ( it should just be http in SOAP sender channel).
Is my understanding correct? I will really appreciate any clues?
Thanks,
SaurabhHi saurabh
follow these links to SAP note
these will be helpful for you
Note 856597 - FAQ: XI 3.0 / PI 7.0 / PI 7.1 SOAP Adapter
https://websmp102.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=856597&_NLANG=E
Note 856599 - FAQ: XI 3.0 / PI 7.0 / PI 7.1 Mail Adapter
https://websmp102.sap-ag.de/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=856599&_NLANG=E
Note 870845 - XI 3.0 SOAP adapter SSL client certificate problem
https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=916664&nlang=EN&smpsrv=https%3a%2f%2fwebsmp102%2esap-ag%2ede
https://websmp130.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=870845&nlang=EN&smpsrv=https%3a%2f%2fwebsmp102%2esap-ag%2ede
regards
Sandeep
If helpful kindly reward points
Maybe you are looking for
-
Can't Get Push to Work on New iPhone
I just replaced by Gen1 iPhone with a 3GS. Everything went easy as can be, except for one thing - none of the apps that had Push Notifications enabled and working on my old iPhone are working on my new iPhone. In general prefs I have Push enabled glo
-
Missing support for new datatypes added in 9i and 10g
Oracle has added a few useful datatypes in the last releases of the database, but ``forgot'' to add them into both the web and Java versions of the Oracle Enterprise Manager (oemapp console and Oracle Enterprise Manager 10g Database Control). These d
-
How do i open my adobe phooshop elements 13
I HAVE DOWNLOADED THE PHOTOSHOP ELEMENTS 13 BUT I CANT FIND WHERE TO USE THE PRODUCT ON MY COMPUTER
-
DW CC keeps auto deleting lines of code!
Been using Dreamweaver CC with no probs for a few weeks but for some strange reason its developed a weird fault where when you highlight code it deletes the code. Sometimes you highlight some code and press refresh and the code disappears. Sometimes
-
Doing something wrong making JScrollPane transparent
I'm trying to make a transparent JScrollPane that contains a JTextArea. here's what I'm doing [wrong] : // this all takes place in a class that extends JPanel JTextArea taskOutput = new JTextArea(5, 20); taskOutput.setPreferredSi