How create the Certificate Autority (CA) Oracle9iAS

Please,
How create the Certificate Autority (CA), get the root certificate and import in Oracle Wallet Manager, in Oracle 9iAS 9.0.3?
Thanks,
Augusto Goncalves de Sousa

Get openssl.
http://www.openssl.org/
The default certificate generated by openssl and added to Oracle Wallets will work with the IE6 and Netscape7. But it will fail if you want to setup ssl between webcache and ohs. You need to remove the v3_req and v3_ca stuff in openssl.cnf.
Ken

Similar Messages

How create the SMQ2 error through program ?

Hi all,
How create the SMQ2 error through program ?
Any idea ... plsease share.
Regards,
Srikanth

Hi juturusrikanth ,
which one is the SMQ2 error?
[FAQ's, intros and memorable discussions in the ABAP General Forum|FAQ's, intros and memorable discussions in the ABAP General Forum;
[How to post code in SCN, and some things NOT to do...|How to post code in SCN, and some things NOT to do...;
Regards
Clemens

How to create the Certificate Store

Dear Friends:
I am a newbie to Crypto..
I want to know whether Java supports development of a Certificate Store.
Mail me the source code.
[email protected]
Regards
Ritesh

There's an example of how to create a keystore and truststore here:
http://www.esus.com/javaindex/j2se/jdk1.2/javasecurity/jsse/jsseclientserver.html
Cheers,
Joris

How create the link in webdynpro java???

Hi Experts,
i want to create a webdynpro application where i need to create a link, on action that link it should call the another url.
On action URL i will call the KM documents..
Can anyone tell me how to achieve that ??
Regards,
Mahesh

In below code using display image from KM via WDJ String path=""; IPrivateKmUploadCompView.IKM_uploadElement ele=null; ele=wdContext.nodeKM_upload().createAndAddKM_uploadElement(); path="/documents/KMimage.jpg"; IUser sapUser = wdClientUser.getSAPUser(); com.sapportals.portal.security.usermanagement.IUser ep5User = WPUMFactory.getUserFactory().getEP5User(sapUser); //Getting the Resource......... IResourceContext resourseContext = new ResourceContext(ep5User); IResourceFactory resourseFactory = ResourceFactory.getInstance(); RID pathRIDimg = RID.getRID(path); com.sapportals.wcm.repository.IResource resourceimg = resourseFactory.getResource(pathRIDimg, resourseContext); //Reading the image file...... BufferedInputStream bufIn = new BufferedInputStream(resourceimg.getContent().getInputStream()); IWDCachedWebResource cachedWebResource = null; cachedWebResource = WDWebResource.getWebResource(bufIn, WDWebResourceType.JPG_IMAGE); cachedWebResource.getUrl(WDFileDownloadBehaviour.ALLOW_SAVE.ordinal()) ; //sent image to resource context wdContext.currentContextElement().setDownload(cachedWebResource);

Exit some virus how create the wall to update 10.4.2

hello i have a problem with my g4, i can't update to 10.4.2

More information would be very helpful.
Exactly what kind of G4 Mac do you have?
What version of OS X are you currently running?
What have you tried so far?
What error messages are you getting?
What version of Tiger DVD are you using?
Your say "some virus" and "the wall" is most confusing, please explain.
Allan

Creating a certificate for 802.1x wireless access....

I know this is a complicated issue. We are trying to setup 802.1x access to our corporate WiFi using computer identity with certificates.
The video provided by apple here: http://www.apple.com/education/resources/information-technology.html#authenticat ion_on_mac at the 3:04 mark the instructors talk about importing a computer identity certificate into the key chain but doesn't mention how it's generted in the first place.
This is where we are stuck.
When we think about generating the proper certificate and click on Configure under Authenticition with TLS checked we get the following:
No Certificates Found...
We are using a Microsoft Windows Server 2008 Certificate Authority server as our in house certificate server.
Any help would be greatly appreciated. Thanks in advance!
-Paul

step 1a create Wirelesscert.mobleconfig with the following changing the defaults to match your needs
The "Certtemplate key" must match the name of the Cert template on the server.
You can use the same machine cert template as the PCs. use UUID are done in the next step
CertServer Key use http or https depending on you cert server config
Generic config file sortof :
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <dict>
        <key>PayloadContent</key>
        <array>
            <dict>
                <key>CertServer</key>
                <string>https://Server.domain.name/certsrv</string>
                <key>CertTemplate</key>
                <string>Your_Computer_template_name</string>
                <key>PayloadDisplayName</key>
                <string>Enter_your_name_fort_the_policy</string>
                <key>PayloadIdentifier</key>
                <string>Create_payload_ident</string>
                <key>PayloadType</key>
                <string>com.apple.ADCertificate.managed</string>
                <key>PayloadUUID</key>
                <string>Change-me-to-a-new-UUID</string>
                <key>PayloadVersion</key>
                <integer>1</integer>
                <key>deleted</key>
                <false/>
            </dict>
        </array>
        <key>PayloadDescription</key>
        <string>Enter_Description_here</string>
        <key>PayloadDisplayName</key>
        <string>Enter_Display_name</string>
        <key>PayloadIdentifier</key>
        <string>Enter_paylode_name</string>
        <key>PayloadOrganization</key>
        <string>Enter_paylode_orgname</string>
        <key>PayloadRemovalDisallowed</key>
        <false/>
        <key>PayloadType</key>
        <string>SystemConfiguration</string>
        <key>PayloadUUID</key>
        <string>Change-me-to-a-new-UUID</string>
        <key>PayloadVersion</key>
        <integer>1</integer>
    </dict>
    </plist>
Step 1b. Create two UUID on the mac command shell past into the file replace Change-me-to-a-new-UUID with two different UUIDs
the command is "uuidgen" You must run uuidgen once for each number. Paste the resulting numbers into Wirelesscert.mobleconfig
This must be done for every computer you install the policy on so that they are Unique to that computer.
Do these steps in a local machine admin account not logged into the domain
step 2. In Lion 7.2 (only) Turn off the Cert checking to prevent a endless loop (a known bug should be fixed in a update)
   a. open Key Chain Access
   b. Click on Keychain Acess in the apple tool bar
   c. Select Preferences
   d. Select the Certificates Tab
   f. Turn off OCSP and CRL   ( this can be turned back on after you get the Cert from ad)
Step 3 Connect using safari to you Microsoft AD certificate server and trust the locally self signed Cert
Step 4 copy Cert in key chain from user to system
Step 5 open a shell for steps 6 and 7
Step 6 type Sudo kinit -k (machinenamelowercase)$    ! the dollarsign is appended to the computer name
Step 7 type klist -l   ! verify that a ticket in kerberos is listed under the machine name
Step 8 double click on the file Wirelesscert.mobleconfig to import the profile and create the Certificate
Step 9 Verify in the Key Chain that you have a system Certificate
In the network wireless click on the Join the ssid
Mode is EAP-TLS
Identity X509 Certificate (the one just created)
Username: host/(Your_Macs_Fully_qualified_name)
I hope this helps now I now have a Cert from ad on the machine and I think when it expires the plugin will renew.
Read the Original document this is based on at http://support.apple.com/kb/HT4784
I just need to figure out how to set a policy that uses the Cert on the machine
Message was edited by: daveBoxElderSD

Want to create a certificate inline - i.e. not command line

Hi
How do you create a certificate inline (without using keytool)? Any links, examples?
Thanks

If (and only if) you can send the JDK file "tools.jar" with your app, you can create the certificate using exactly the same arguments as the keytool command. Just instantiate the Keytool class that`s present in tools.jar. You need to use reflection to instantiate an object of the class because the constructor is private.
If you can send the Bouncycastle provider with your app, you can try using Bouncycastle http://www.bouncycastle.org ). Sign the Bouncycastle mailing list as well.

About the validNotAfter value of the certificate SAPLogonTicketKeypair-cert

I am configuring the SSO between the Enterprise Portal (NW04s based) and ECC 6.0 integrated ITS. During the SSO configuration we can specify a "valid to" date for the SAPLogonTicketKeypair. It will be stored in the certificate as the validNotAfter value.
As I can see in the Key and Certificate Generation screen, SAP only uses two digits to represent the year in the "valid to" field (e.g. 7/18/07 11:06AM). If I set the "valid to" date to 7/18/50, after creating the certificate, we can see that the validNotAfter date becomes 7/18/1950! If I set it to 7/18/49, then it will be 7/18/2049.
Yes, we can set four digits (e.g. 7/18/2099) for the field "valid to" when creating the logon ticket key pair. And the certificate will be created with validNotAfter time with 2099. But actually, if I import the certificate to ECC system via transaction STRUSTSSO2, the SSO does not work.
I did some test with the value of the "valid to", and verified the SSO between Portal and ECC integrated ITS. Here are the results:
Valid To: 7/18/28
SSO result: successful
Valid To: 7/18/2099
SSO result: failed
Valid To: 12/31/49
SSO result: failed
Valid To: 7/18/28 (I set the date/time back to the same with the first test in order to confirm that the SSO is still working)
SSO result: successful
My question is that what's the last date for the validNotAfter value in the SAPLogonTicketKeypair certificate which supports the SSO? According to my test results, it should be a date between 2028 and 2049.

I have got the answer for my question. SAP Note 550742 and 499386 mentioned the year. Self-signed certificates are generated with longer validity periods (up to the year 2038).

How crate the G/L account

Dear frinds
Please guide how create the g/l account.
thanks
venkat

Hi,
To create gl account first you have to create chart of account at OB13
Second you have to create account groups at OBD4
Third go to FS00 to create what ever the gl account you want
Hope this is clear, if yes assign points
Regards,
Sankar

Creating Digital certificates for SOAP Receiver Adapter

Hi
In Visual Admin...> if we go to the "key storage" and try to create the certificates, we have the options of
selecting the below algorithms.
RSA-512,1024
DH -512,1024
DSA-512,1024
But SOAP Receiver Adapter supports only the below encryption algorithms.
3DES
DES
RC2-40
RC2-64
RC2-128
Still if I try to use any of the RSA, DH, DSA algorithms to create the certificates in visual admin and if I
use the same certificate in SOAP Receiver adapter, I am getting the below error in sxmb_moni
com.sap.aii.af.ra.ms.api.DeliveryException: Unsupported keysize or algorithm parameters.
Could you plz advise, is there any provision in XI to create the certificates using the algorithmS 3DES, DES, RC2 ? or We got to import the certificates from third-party which supports 3DES, DES and RC2 ??
Regards
kumar

can't wait further so closing the thread

HTTPS Client not sending the certificate chain

Hi,
I have HTTPS java programme with client authendication.
When the server request for the certificate from the client, the client is not sending the certificate chain, the server says Thread-1, handling exception: javax.net.ssl.SSLHandshakeException: null cert chain
In the client I an setting the keystore properties properly
Below is the ssl trace from the server and the client.
The trace clearly says that the client has loded its certificate from the key store.
One thing I noticed is the validity period of the client certificate is different in client and the server.
I am not sure why it is different. I followed the steps properly to create the certificate.
Can anyone help me to resolve this
==========================Server Trace==========================
SecureServer version 1.0
found key for : server
chain [0] = [
Version: V1
Subject: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffd8e
Validity: [From: Sun Oct 08 12:36:57 GMT+04:00 2006,
               To: Sat Jan 06 12:36:57 GMT+04:00 2007]
Issuer: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
SerialNumber: [    4528b8a9]
Algorithm: [MD5withRSA]
Signature:
0000: 54 CC 61 97 1A 69 6C 1F 4B 53 1B 7C 54 B3 65 A9 T.a..il.KS..T.e.
0010: 15 C6 1A C0 1B BD FC E5 15 ED 57 F7 29 E7 5E 34 ..........W.).^4
0020: 3F D3 9C 40 4E D8 0B AC 79 5B 01 64 4E DD D2 FE [email protected][.dN...
0030: 57 6A 02 1E 8F C7 00 11 77 0F C8 20 06 0E DB 78 Wj......w.. ...x
0040: E3 45 57 9B 7D A4 95 0C 20 85 B8 A4 87 D8 AE 29 .EW..... ......)
0050: 69 B5 CC DC A1 B4 32 8C 6F 77 F0 9A A8 12 27 C6 i.....2.ow....'.
0060: 96 98 E9 EB AC 74 6E 39 2C D4 1B 1C A1 4B 81 C8 .....tn9,....K..
0070: 0B B9 CD 0A 18 DC 01 74 5D 99 4E 14 7A 2C 37 1E .......t].N.z,7.
trustStore is: d:\babu\ssltest\sscerts\jsseclient1
trustStore type is : jks
init truststore
adding as trusted cert: [
Version: V1
Subject: OU=For VeriSign authorized testing only. No assurances (C)VS1997, OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD., O="VeriSign, Inc"
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@166
Validity: [From: Sun Jun 07 04:00:00 GMT+04:00 1998,
               To: Tue Jun 07 03:59:59 GMT+04:00 2011]
Issuer: OU=For VeriSign authorized testing only. No assurances (C)VS1997, OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD., O="VeriSign, Inc"
SerialNumber: [    32f057e7 153096f5 1fb86e5b 5a49104b]
Algorithm: [SHA1withRSA]
Signature:
0000: A6 96 37 75 1C FD 95 95 40 E0 C9 53 25 8D E7 12 [email protected]%...
0010: AC 44 51 10 AC F2 BA 98 4D 72 EF 0B 75 2D 51 19 .DQ.....Mr..u-Q.
0020: 11 C9 47 E2 2F 96 67 61 0F 36 1D CA E7 C7 23 48 ..G./.ga.6....#H
0030: 46 97 63 C4 32 AE FF 7B 5A 65 64 50 CA 67 F7 14 F.c.2...ZedP.g..
adding as trusted cert: [
Version: V3
Subject: CN=ebms, OU=ebg, O=emirates, L=dubai, ST=emirates, C=AE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffff956
Validity: [From: Mon Oct 09 04:00:00 GMT+04:00 2006,
               To: Tue Oct 24 03:59:59 GMT+04:00 2006]
Issuer: OU=For VeriSign authorized testing only. No assurances (C)VS1997, OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD., O="VeriSign, Inc"
SerialNumber: [    5f2e369d 92ccf119 5d9a0371 c2f19ba4]
Certificate Extensions: 6
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 28 30 26 30 24 06 08 2B 06 01 05 05 07 30 01 .(0&0$..+.....0.
0010: 86 18 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 76 65 ..http://ocsp.ve
0020: 72 69 73 69 67 6E 2E 63 6F 6D risign.com
[2]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 35 30 33 30 31 A0 2F A0 2D 86 2B 68 74 74 70 .50301./.-.+http
0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
0020: 63 6F 6D 2F 52 53 41 53 65 63 75 72 65 53 65 72 com/RSASecureSer
0030: 76 65 72 2E 63 72 6C ver.crl
[3]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2]]
[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 56 30 15 16 0E 56 65   72 69 53 69 67 6E 2C 20 0V0...VeriSign,
0010: 49 6E 63 2E 30 03 02 01   01 1A 3D 56 65 72 69 53 Inc.0.....=VeriS
0020: 69 67 6E 27 73 20 43 50   53 20 69 6E 63 6F 72 70 ign's CPS incorp
0030: 2E 20 62 79 20 72 65 66   65 72 65 6E 63 65 20 6C . by reference l
0040: 69 61 62 2E 20 6C 74 64   2E 20 28 63 29 39 37 20 iab. ltd. (c)97
0050: 56 65 72 69 53 69 67 6E                            VeriSign
], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve
0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 43 50 53 risign.com/CPS
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
[6]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: 9D FC BF B3 A3 5D 94 B8 44 32 23 A5 B4 C2 BD 01 .....]..D2#.....
0010: 90 54 CE 0F 23 1A 08 9D F3 E2 55 9A 4B C9 FE 3E .T..#.....U.K..>
0020: F8 AD 45 DF 84 53 52 87 00 FA 66 2D 35 3F 48 53 ..E..SR...f-5?HS
0030: 4A D5 77 0F FB E4 20 1B E5 4F 19 60 F9 EC 79 FF J.w... ..O.`..y.
trigger seeding of SecureRandom
done seeding SecureRandom
SecureServer is listening on port 443.
matching alias: server
Accepted connection to ebms.uae.ebg.com (172.16.178.62) on port 3379.
----------1-1-1-----
[read] MD5 and SHA1 hashes: len = 3
0000: 01 03 01 ...
[read] MD5 and SHA1 hashes: len = 74
0000: 00 24 00 00 00 20 00 00 04 01 00 80 00 00 05 00 .$... ..........
0010: 00 0A 07 00 C0 00 00 13 00 00 09 06 00 40 00 00 .............@..
0020: 12 00 00 03 02 00 80 00 00 11 45 29 F4 B8 D5 0B ..........E)....
0030: F1 F5 52 D2 E4 FF 50 FA 04 49 E7 50 46 AA 2D A7 ..R...P..I.PF.-.
0040: 29 47 67 95 15 48 97 75 97 2C )Gg..H.u.,
Thread-1, READ: SSL v2, contentType = Handshake, translated length = 59
*** ClientHello, TLSv1
RandomCookie: GMT: 1160311736 bytes = { 213, 11, 241, 245, 82, 210, 228, 255, 80, 250, 4, 73, 231, 80, 70, 170, 45, 167, 41, 71, 103, 149, 21, 72, 151, 117, 151, 44 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
*** ServerHello, TLSv1
RandomCookie: GMT: 1160311736 bytes = { 227, 31, 215, 114, 116, 219, 59, 159, 156, 232, 234, 78, 209, 15, 134, 102, 46, 207, 102, 33, 202, 146, 164, 74, 99, 27, 76, 229 }
Session ID: {69, 41, 244, 184, 75, 140, 3, 113, 8, 43, 97, 188, 121, 254, 105, 189, 119, 89, 132, 185, 240, 133, 165, 13, 109, 244, 91, 98, 210, 139, 161, 214}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Cipher suite: SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V1
Subject: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffd8e
Validity: [From: Sun Oct 08 12:36:57 GMT+04:00 2006,
               To: Sat Jan 06 12:36:57 GMT+04:00 2007]
Issuer: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
SerialNumber: [    4528b8a9]
Algorithm: [MD5withRSA]
Signature:
0000: 54 CC 61 97 1A 69 6C 1F 4B 53 1B 7C 54 B3 65 A9 T.a..il.KS..T.e.
0010: 15 C6 1A C0 1B BD FC E5 15 ED 57 F7 29 E7 5E 34 ..........W.).^4
0020: 3F D3 9C 40 4E D8 0B AC 79 5B 01 64 4E DD D2 FE [email protected][.dN...
0030: 57 6A 02 1E 8F C7 00 11 77 0F C8 20 06 0E DB 78 Wj......w.. ...x
0040: E3 45 57 9B 7D A4 95 0C 20 85 B8 A4 87 D8 AE 29 .EW..... ......)
0050: 69 B5 CC DC A1 B4 32 8C 6F 77 F0 9A A8 12 27 C6 i.....2.ow....'.
0060: 96 98 E9 EB AC 74 6E 39 2C D4 1B 1C A1 4B 81 C8 .....tn9,....K..
0070: 0B B9 CD 0A 18 DC 01 74 5D 99 4E 14 7A 2C 37 1E .......t].N.z,7.
*** CertificateRequest
Cert Types: RSA, DSS,
Cert Authorities:
<CN=ebms, OU=ebg, O=emirates, L=dubai, ST=emirates, C=AE>
<OU=For VeriSign authorized testing only. No assurances (C)VS1997, OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD., O="VeriSign, Inc">
*** ServerHelloDone
[write] MD5 and SHA1 hashes: len = 912
0000: 02 00 00 46 03 01 45 29 F4 B8 E3 1F D7 72 74 DB ...F..E).....rt.
0010: 3B 9F 9C E8 EA 4E D1 0F 86 66 2E CF 66 21 CA 92 ;....N...f..f!..
0020: A4 4A 63 1B 4C E5 20 45 29 F4 B8 4B 8C 03 71 08 .Jc.L. E)..K..q.
0030: 2B 61 BC 79 FE 69 BD 77 59 84 B9 F0 85 A5 0D 6D +a.y.i.wY......m
0040: F4 5B 62 D2 8B A1 D6 00 04 00 0B 00 02 18 00 02 .[b.............
0050: 15 00 02 12 30 82 02 0E 30 82 01 77 02 04 45 28 ....0...0..w..E(
0060: B8 A9 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 ..0...*.H.......
0070: 00 30 4E 31 0B 30 09 06 03 55 04 06 13 02 61 65 .0N1.0...U....ae
0080: 31 0A 30 08 06 03 55 04 08 13 01 61 31 0A 30 08 1.0...U....a1.0.
0090: 06 03 55 04 07 13 01 61 31 0A 30 08 06 03 55 04 ..U....a1.0...U.
00A0: 0A 13 01 61 31 0A 30 08 06 03 55 04 0B 13 01 61 ...a1.0...U....a
00B0: 31 0F 30 0D 06 03 55 04 03 13 06 69 74 6E 35 34 1.0...U....itn54
00C0: 37 30 1E 17 0D 30 36 31 30 30 38 30 38 33 36 35 70...06100808365
00D0: 37 5A 17 0D 30 37 30 31 30 36 30 38 33 36 35 37 7Z..070106083657
00E0: 5A 30 4E 31 0B 30 09 06 03 55 04 06 13 02 61 65 Z0N1.0...U....ae
00F0: 31 0A 30 08 06 03 55 04 08 13 01 61 31 0A 30 08 1.0...U....a1.0.
0100: 06 03 55 04 07 13 01 61 31 0A 30 08 06 03 55 04 ..U....a1.0...U.
0110: 0A 13 01 61 31 0A 30 08 06 03 55 04 0B 13 01 61 ...a1.0...U....a
0120: 31 0F 30 0D 06 03 55 04 03 13 06 69 74 6E 35 34 1.0...U....itn54
0130: 37 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 70..0...*.H.....
0140: 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 9C 86 .......0........
0150: FA C2 EC 96 1B 02 01 27 08 D2 70 4D 3B AE D0 38 .......'..pM;..8
0160: 15 97 E9 1D 94 D2 BE A1 2A 54 39 F8 2E AF 71 4C ........*T9...qL
0170: FD 9A 71 BF 8A 1E 92 9F 3A 07 DA E9 5E 49 2C C6 ..q.....:...^I,.
0180: 7D FD AA 1F C6 13 39 38 BC 16 34 04 FE E8 6B 4C ......98..4...kL
0190: EA E9 BA 29 58 9E 6C 61 B8 1F B8 29 6F 83 5D 44 ...)X.la...)o.]D
01A0: 7B 47 E5 BC 8E 2E D0 C1 E0 6F 73 15 E2 03 A8 49 .G.......os....I
01B0: C9 42 39 87 0B 70 A0 80 0D 11 98 76 AE 2B B6 A3 .B9..p.....v.+..
01C0: 5A BA 5D 3B BF C0 90 86 F6 E3 AB 9B A0 49 02 03 Z.];.........I..
01D0: 01 00 01 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 ...0...*.H......
01E0: 05 00 03 81 81 00 54 CC 61 97 1A 69 6C 1F 4B 53 ......T.a..il.KS
01F0: 1B 7C 54 B3 65 A9 15 C6 1A C0 1B BD FC E5 15 ED ..T.e...........
0200: 57 F7 29 E7 5E 34 3F D3 9C 40 4E D8 0B AC 79 5B W.).^[email protected][
0210: 01 64 4E DD D2 FE 57 6A 02 1E 8F C7 00 11 77 0F .dN...Wj......w.
0220: C8 20 06 0E DB 78 E3 45 57 9B 7D A4 95 0C 20 85 . ...x.EW..... .
0230: B8 A4 87 D8 AE 29 69 B5 CC DC A1 B4 32 8C 6F 77 .....)i.....2.ow
0240: F0 9A A8 12 27 C6 96 98 E9 EB AC 74 6E 39 2C D4 ....'......tn9,.
0250: 1B 1C A1 4B 81 C8 0B B9 CD 0A 18 DC 01 74 5D 99 ...K.........t].
0260: 4E 14 7A 2C 37 1E 0D 00 01 22 02 01 02 01 1D 00 N.z,7...."......
0270: 6D 30 6B 31 0B 30 09 06 03 55 04 06 13 02 41 45 m0k1.0...U....AE
0280: 31 11 30 0F 06 03 55 04 08 13 08 65 6D 69 72 61 1.0...U....emira
0290: 74 65 73 31 0E 30 0C 06 03 55 04 07 14 05 64 75 tes1.0...U....du
02A0: 62 61 69 31 11 30 0F 06 03 55 04 0A 14 08 65 6D bai1.0...U....em
02B0: 69 72 61 74 65 73 31 15 30 13 06 03 55 04 0B 14 irates1.0...U...
02C0: 0C 65 6D 69 72 61 74 65 73 62 61 6E 6B 31 0F 30 .ebg1.0
02D0: 0D 06 03 55 04 03 14 06 69 74 6E 35 34 37 00 AC ...U....ebms..
02E0: 30 81 A9 31 16 30 14 06 03 55 04 0A 13 0D 56 65 0..1.0...U....Ve
02F0: 72 69 53 69 67 6E 2C 20 49 6E 63 31 47 30 45 06 riSign, Inc1G0E.
0300: 03 55 04 0B 13 3E 77 77 77 2E 76 65 72 69 73 69 .U...>www.verisi
0310: 67 6E 2E 63 6F 6D 2F 72 65 70 6F 73 69 74 6F 72 gn.com/repositor
0320: 79 2F 54 65 73 74 43 50 53 20 49 6E 63 6F 72 70 y/TestCPS Incorp
0330: 2E 20 42 79 20 52 65 66 2E 20 4C 69 61 62 2E 20 . By Ref. Liab.
0340: 4C 54 44 2E 31 46 30 44 06 03 55 04 0B 13 3D 46 LTD.1F0D..U...=F
0350: 6F 72 20 56 65 72 69 53 69 67 6E 20 61 75 74 68 or VeriSign auth
0360: 6F 72 69 7A 65 64 20 74 65 73 74 69 6E 67 20 6F orized testing o
0370: 6E 6C 79 2E 20 4E 6F 20 61 73 73 75 72 61 6E 63 nly. No assuranc
0380: 65 73 20 28 43 29 56 53 31 39 39 37 0E 00 00 00 es (C)VS1997....
Thread-1, WRITE: TLSv1 Handshake, length = 912
Thread-1, READ: TLSv1 Handshake, length = 141
*** Certificate chain
Thread-1, SEND TLSv1 ALERT: fatal, description = bad_certificate
Thread-1, WRITE: TLSv1 Alert, length = 2
Thread-1, called closeSocket()
Thread-1, handling exception: javax.net.ssl.SSLHandshakeException: null cert chain
IOException occurred when processing request.
Thread-1, called close()
Thread-1, called closeInternal(true)
==========================Client Trace==========================
--->>>--------
keyStore is : d:\babu\ssltest\sscerts\clientpk1
keyStore type is : jks
init keystore
init keymanager of type SunX509
found key for : client
chain [0] = [
Version: V1
Subject: CN=ebms, OU=ebg, O=emirates, L=dubai, ST=emirates, C=AE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffff956
Validity: [From: Mon Oct 09 09:44:01 GMT+04:00 2006,
               To: Sun Jan 07 09:44:01 GMT+04:00 2007]
Issuer: CN=ebms, OU=ebg, O=emirates, L=dubai, ST=emirates, C=AE
SerialNumber: [    4529e1a1]
Algorithm: [MD5withRSA]
Signature:
0000: 20 C7 89 9C 04 64 E8 62 AD D2 64 DD 0A E4 2A A1 ....d.b..d...*.
0010: B6 9A B5 06 DC 3E F8 AA BE B5 8A 12 B5 75 91 EC .....>.......u..
0020: 33 77 12 27 85 15 14 15 52 B3 7F 4B 03 18 B5 E0 3w.'....R..K....
0030: 31 E4 0C A7 0A E1 52 3E 9F D1 58 B7 F2 CC F2 DD 1.....R>..X.....
0040: D4 61 D6 C8 12 39 60 4D C9 FB DC 01 0C 0D FC 98 .a...9`M........
0050: C6 AD A6 56 3E 05 1B 4E 20 1B 93 77 16 67 0E D1 ...V>..N ..w.g..
0060: E0 A1 B6 7F CA 13 53 F2 53 92 14 63 9A 82 01 AE ......S.S..c....
0070: 83 B2 FD FC 2E 29 22 F9 E7 18 DB 6A 14 73 83 E3 .....)"....j.s..
trustStore is: d:\babu\ssltest\sscerts\jsseserver
trustStore type is : jks
init truststore
adding as trusted cert: [
Version: V1
Subject: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffd8e
Validity: [From: Sun Oct 08 12:36:57 GMT+04:00 2006,
               To: Sat Jan 06 12:36:57 GMT+04:00 2007]
Issuer: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
SerialNumber: [    4528b8a9]
Algorithm: [MD5withRSA]
Signature:
0000: 54 CC 61 97 1A 69 6C 1F 4B 53 1B 7C 54 B3 65 A9 T.a..il.KS..T.e.
0010: 15 C6 1A C0 1B BD FC E5 15 ED 57 F7 29 E7 5E 34 ..........W.).^4
0020: 3F D3 9C 40 4E D8 0B AC 79 5B 01 64 4E DD D2 FE [email protected][.dN...
0030: 57 6A 02 1E 8F C7 00 11 77 0F C8 20 06 0E DB 78 Wj......w.. ...x
0040: E3 45 57 9B 7D A4 95 0C 20 85 B8 A4 87 D8 AE 29 .EW..... ......)
0050: 69 B5 CC DC A1 B4 32 8C 6F 77 F0 9A A8 12 27 C6 i.....2.ow....'.
0060: 96 98 E9 EB AC 74 6E 39 2C D4 1B 1C A1 4B 81 C8 .....tn9,....K..
0070: 0B B9 CD 0A 18 DC 01 74 5D 99 4E 14 7A 2C 37 1E .......t].N.z,7.
init context
trigger seeding of SecureRandom
done seeding SecureRandom
---<<<--------
THE HEADERS
---111--------
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1160311736 bytes = { 213, 11, 241, 245, 82, 210, 228, 255, 80, 250, 4, 73, 231, 80, 70, 170, 45, 167, 41, 71, 103, 149, 21, 72, 151, 117, 151, 44 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 45 29 F4 B8 D5 0B F1 F5 52 D2 ...7..E)......R.
0010: E4 FF 50 FA 04 49 E7 50 46 AA 2D A7 29 47 67 95 ..P..I.PF.-.)Gg.
0020: 15 48 97 75 97 2C 00 00 10 00 04 00 05 00 0A 00 .H.u.,..........
0030: 13 00 09 00 12 00 03 00 11 01 00 ...........
main, WRITE: TLSv1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 04 01 00 80 00 ....$... .......
0010: 00 05 00 00 0A 07 00 C0 00 00 13 00 00 09 06 00 ................
0020: 40 00 00 12 00 00 03 02 00 80 00 00 11 45 29 F4 @............E).
0030: B8 D5 0B F1 F5 52 D2 E4 FF 50 FA 04 49 E7 50 46 .....R...P..I.PF
0040: AA 2D A7 29 47 67 95 15 48 97 75 97 2C .-.)Gg..H.u.,
main, WRITE: SSLv2 client hello message, length = 77
main, READ: TLSv1 Handshake, length = 912
*** ServerHello, TLSv1
RandomCookie: GMT: 1160311736 bytes = { 227, 31, 215, 114, 116, 219, 59, 159, 156, 232, 234, 78, 209, 15, 134, 102, 46, 207, 102, 33, 202, 146, 164, 74, 99, 27, 76, 229 }
Session ID: {69, 41, 244, 184, 75, 140, 3, 113, 8, 43, 97, 188, 121, 254, 105, 189, 119, 89, 132, 185, 240, 133, 165, 13, 109, 244, 91, 98, 210, 139, 161, 214}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 45 29 F4 B8 E3 1F D7 72 74 DB ...F..E).....rt.
0010: 3B 9F 9C E8 EA 4E D1 0F 86 66 2E CF 66 21 CA 92 ;....N...f..f!..
0020: A4 4A 63 1B 4C E5 20 45 29 F4 B8 4B 8C 03 71 08 .Jc.L. E)..K..q.
0030: 2B 61 BC 79 FE 69 BD 77 59 84 B9 F0 85 A5 0D 6D +a.y.i.wY......m
0040: F4 5B 62 D2 8B A1 D6 00 04 00 .[b.......
*** Certificate chain
chain [0] = [
Version: V1
Subject: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffd8e
Validity: [From: Sun Oct 08 12:36:57 GMT+04:00 2006,
               To: Sat Jan 06 12:36:57 GMT+04:00 2007]
Issuer: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
SerialNumber: [    4528b8a9]
Algorithm: [MD5withRSA]
Signature:
0000: 54 CC 61 97 1A 69 6C 1F 4B 53 1B 7C 54 B3 65 A9 T.a..il.KS..T.e.
0010: 15 C6 1A C0 1B BD FC E5 15 ED 57 F7 29 E7 5E 34 ..........W.).^4
0020: 3F D3 9C 40 4E D8 0B AC 79 5B 01 64 4E DD D2 FE [email protected][.dN...
0030: 57 6A 02 1E 8F C7 00 11 77 0F C8 20 06 0E DB 78 Wj......w.. ...x
0040: E3 45 57 9B 7D A4 95 0C 20 85 B8 A4 87 D8 AE 29 .EW..... ......)
0050: 69 B5 CC DC A1 B4 32 8C 6F 77 F0 9A A8 12 27 C6 i.....2.ow....'.
0060: 96 98 E9 EB AC 74 6E 39 2C D4 1B 1C A1 4B 81 C8 .....tn9,....K..
0070: 0B B9 CD 0A 18 DC 01 74 5D 99 4E 14 7A 2C 37 1E .......t].N.z,7.
stop on trusted cert: [
Version: V1
Subject: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@fffffd8e
Validity: [From: Sun Oct 08 12:36:57 GMT+04:00 2006,
               To: Sat Jan 06 12:36:57 GMT+04:00 2007]
Issuer: CN=ebms, OU=a, O=a, L=a, ST=a, C=ae
SerialNumber: [    4528b8a9]
Algorithm: [MD5withRSA]
Signature:
0000: 54 CC 61 97 1A 69 6C 1F 4B 53 1B 7C 54 B3 65 A9 T.a..il.KS..T.e.
0010: 15 C6 1A C0 1B BD FC E5 15 ED 57 F7 29 E7 5E 34 ..........W.).^4
0020: 3F D3 9C 40 4E D8 0B AC 79 5B 01 64 4E DD D2 FE [email protected][.dN...
0030: 57 6A 02 1E 8F C7 00 11 77 0F C8 20 06 0E DB 78 Wj......w.. ...x
0040: E3 45 57 9B 7D A4 95 0C 20 85 B8 A4 87 D8 AE 29 .EW..... ......)
0050: 69 B5 CC DC A1 B4 32 8C 6F 77 F0 9A A8 12 27 C6 i.....2.ow....'.
0060: 96 98 E9 EB AC 74 6E 39 2C D4 1B 1C A1 4B 81 C8 .....tn9,....K..
0070: 0B B9 CD 0A 18 DC 01 74 5D 99 4E 14 7A 2C 37 1E .......t].N.z,7.
[read] MD5 and SHA1 hashes: len = 540
0000: 0B 00 02 18 00 02 15 00 02 12 30 82 02 0E 30 82 ..........0...0.
0010: 01 77 02 04 45 28 B8 A9 30 0D 06 09 2A 86 48 86 .w..E(..0...*.H.
0020: F7 0D 01 01 04 05 00 30 4E 31 0B 30 09 06 03 55 .......0N1.0...U
0030: 04 06 13 02 61 65 31 0A 30 08 06 03 55 04 08 13 ....ae1.0...U...
0040: 01 61 31 0A 30 08 06 03 55 04 07 13 01 61 31 0A .a1.0...U....a1.
0050: 30 08 06 03 55 04 0A 13 01 61 31 0A 30 08 06 03 0...U....a1.0...
0060: 55 04 0B 13 01 61 31 0F 30 0D 06 03 55 04 03 13 U....a1.0...U...
0070: 06 69 74 6E 35 34 37 30 1E 17 0D 30 36 31 30 30 .ebms0...06100
0080: 38 30 38 33 36 35 37 5A 17 0D 30 37 30 31 30 36 8083657Z..070106
0090: 30 38 33 36 35 37 5A 30 4E 31 0B 30 09 06 03 55 083657Z0N1.0...U
00A0: 04 06 13 02 61 65 31 0A 30 08 06 03 55 04 08 13 ....ae1.0...U...
00B0: 01 61 31 0A 30 08 06 03 55 04 07 13 01 61 31 0A .a1.0...U....a1.
00C0: 30 08 06 03 55 04 0A 13 01 61 31 0A 30 08 06 03 0...U....a1.0...
00D0: 55 04 0B 13 01 61 31 0F 30 0D 06 03 55 04 03 13 U....a1.0...U...
00E0: 06 69 74 6E 35 34 37 30 81 9F 30 0D 06 09 2A 86 .ebms0..0...*.
00F0: 48 86 F7 0D 01 01 01 05 00 03 81 8D 00 30 81 89 H............0..
0100: 02 81 81 00 9C 86 FA C2 EC 96 1B 02 01 27 08 D2 .............'..
0110: 70 4D 3B AE D0 38 15 97 E9 1D 94 D2 BE A1 2A 54 pM;..8........*T
0120: 39 F8 2E AF 71 4C FD 9A 71 BF 8A 1E 92 9F 3A 07 9...qL..q.....:.
0130: DA E9 5E 49 2C C6 7D FD AA 1F C6 13 39 38 BC 16 ..^I,.......98..
0140: 34 04 FE E8 6B 4C EA E9 BA 29 58 9E 6C 61 B8 1F 4...kL...)X.la..
0150: B8 29 6F 83 5D 44 7B 47 E5 BC 8E 2E D0 C1 E0 6F .)o.]D.G.......o
0160: 73 15 E2 03 A8 49 C9 42 39 87 0B 70 A0 80 0D 11 s....I.B9..p....
0170: 98 76 AE 2B B6 A3 5A BA 5D 3B BF C0 90 86 F6 E3 .v.+..Z.];......
0180: AB 9B A0 49 02 03 01 00 01 30 0D 06 09 2A 86 48 ...I.....0...*.H
0190: 86 F7 0D 01 01 04 05 00 03 81 81 00 54 CC 61 97 ............T.a.
01A0: 1A 69 6C 1F 4B 53 1B 7C 54 B3 65 A9 15 C6 1A C0 .il.KS..T.e.....
01B0: 1B BD FC E5 15 ED 57 F7 29 E7 5E 34 3F D3 9C 40 ......W.).^4?..@
01C0: 4E D8 0B AC 79 5B 01 64 4E DD D2 FE 57 6A 02 1E N...y[.dN...Wj..
01D0: 8F C7 00 11 77 0F C8 20 06 0E DB 78 E3 45 57 9B ....w.. ...x.EW.
01E0: 7D A4 95 0C 20 85 B8 A4 87 D8 AE 29 69 B5 CC DC .... ......)i...
01F0: A1 B4 32 8C 6F 77 F0 9A A8 12 27 C6 96 98 E9 EB ..2.ow....'.....
0200: AC 74 6E 39 2C D4 1B 1C A1 4B 81 C8 0B B9 CD 0A .tn9,....K......
0210: 18 DC 01 74 5D 99 4E 14 7A 2C 37 1E ...t].N.z,7.
*** CertificateRequest
Cert Types: RSA, DSS,
Cert Authorities:
<CN=ebms, OU=ebg, O=emirates, L=dubai, ST=emirates, C=AE>
<OU=For VeriSign authorized testing only. No assurances (C)VS1997, OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD., O="VeriSign, Inc">
[read] MD5 and SHA1 hashes: len = 294
0000: 0D 00 01 22 02 01 02 01 1D 00 6D 30 6B 31 0B 30 ..."......m0k1.0
0010: 09 06 03 55 04 06 13 02 41 45 31 11 30 0F 06 03 ...U....AE1.0...
0020: 55 04 08 13 08 65 6D 69 72 61 74 65 73 31 0E 30 U....emirates1.0
0030: 0C 06 03 55 04 07 14 05 64 75 62 61 69 31 11 30 ...U....dubai1.0
0040: 0F 06 03 55 04 0A 14 08 65 6D 69 72 61 74 65 73 ...U....emirates
0050: 31 15 30 13 06 03 55 04 0B 14 0C 65 6D 69 72 61 1.0...U....emira
0060: 74 65 73 62 61 6E 6B 31 0F 30 0D 06 03 55 04 03 tesbank1.0...U..
0070: 14 06 69 74 6E 35 34 37 00 AC 30 81 A9 31 16 30 ..ebms..0..1.0
0080: 14 06 03 55 04 0A 13 0D 56 65 72 69 53 69 67 6E ...U....VeriSign
0090: 2C 20 49 6E 63 31 47 30 45 06 03 55 04 0B 13 3E , Inc1G0E..U...>
00A0: 77 77 77 2E 76 65 72 69 73 69 67 6E 2E 63 6F 6D www.verisign.com
00B0: 2F 72 65 70 6F 73 69 74 6F 72 79 2F 54 65 73 74 /repository/Test
00C0: 43 50 53 20 49 6E 63 6F 72 70 2E 20 42 79 20 52 CPS Incorp. By R
00D0: 65 66 2E 20 4C 69 61 62 2E 20 4C 54 44 2E 31 46 ef. Liab. LTD.1F
00E0: 30 44 06 03 55 04 0B 13 3D 46 6F 72 20 56 65 72 0D..U...=For Ver
00F0: 69 53 69 67 6E 20 61 75 74 68 6F 72 69 7A 65 64 iSign authorized
0100: 20 74 65 73 74 69 6E 67 20 6F 6E 6C 79 2E 20 4E testing only. N
0110: 6F 20 61 73 73 75 72 61 6E 63 65 73 20 28 43 29 o assurances (C)
0120: 56 53 31 39 39 37 VS1997
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/PKCS1Padding
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
Random Secret: { 3, 1, 145, 198, 68, 101, 78, 79, 139, 241, 6, 243, 13, 208, 161, 242, 0, 185, 46, 87, 212, 79, 239, 132, 145, 14, 13, 134, 115, 250, 44, 44, 112, 33, 173, 105, 52, 186, 160, 119, 55, 202, 205, 212, 136, 92, 7, 120 }
[write] MD5 and SHA1 hashes: len = 141
0000: 0B 00 00 03 00 00 00 10 00 00 82 00 80 3A 83 FA .............:..
0010: 1E B3 43 52 3B B5 B9 A5 9D 2D 30 5E 71 34 DF 45 ..CR;....-0^q4.E
0020: 99 99 2D 9A 4A 42 54 3D 47 D8 94 22 BC F3 92 0D ..-.JBT=G.."....
0030: 23 AA 95 B5 75 EA B2 2B 8B DD DA 91 AA 94 24 4B #...u..+......$K
0040: 56 34 C8 3C 1D 2D 15 63 CF 03 FF 65 6C DF B9 00 V4.<.-.c...el...
0050: C3 5E BF 72 F4 70 64 45 D8 5B 58 E2 DF D6 12 1B .^.r.pdE.[X.....
0060: BE A3 71 E9 1C 49 BB 7E C0 4A 1F CA 1F F5 63 23 ..q..I...J....c#
0070: 0D 40 0D C6 3B FE 03 E9 DE 2E E5 09 1F 72 D7 6B .@..;........r.k
0080: D6 ED 5E 99 B0 A8 A0 D3 D2 73 F0 A0 8E ..^......s...
main, WRITE: TLSv1 Handshake, length = 141
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 91 C6 44 65 4E 4F 8B F1 06 F3 0D D0 A1 F2 ....DeNO........
0010: 00 B9 2E 57 D4 4F EF 84 91 0E 0D 86 73 FA 2C 2C ...W.O......s.,,
0020: 70 21 AD 69 34 BA A0 77 37 CA CD D4 88 5C 07 78 p!.i4..w7....\.x
CONNECTION KEYGEN:
Client Nonce:
0000: 45 29 F4 B8 D5 0B F1 F5 52 D2 E4 FF 50 FA 04 49 E)......R...P..I
0010: E7 50 46 AA 2D A7 29 47 67 95 15 48 97 75 97 2C .PF.-.)Gg..H.u.,
Server Nonce:
0000: 45 29 F4 B8 E3 1F D7 72 74 DB 3B 9F 9C E8 EA 4E E).....rt.;....N
0010: D1 0F 86 66 2E CF 66 21 CA 92 A4 4A 63 1B 4C E5 ...f..f!...Jc.L.
Master Secret:
0000: 3A 36 9A CA 6F 82 0B 32 17 28 04 CD 33 B4 5D BF :6..o..2.(..3.].
0010: 5F 87 23 71 6B 49 2D 0E 59 DE 2C EA 8E B3 43 C8 _.#qkI-.Y.,...C.
0020: 5D 3B 3B 4C B7 B9 AB 4E EA A3 E6 CE 54 40 FB 2D ];;[email protected]
Client MAC write Secret:
0000: C3 72 45 7B 93 DE 55 FF 0A 8C 9E 91 43 48 6E E4 .rE...U.....CHn.
Server MAC write Secret:
0000: E2 05 07 CB 3F 2D 95 41 EF 69 3F 09 6D CB 81 EE ....?-.A.i?.m...
Client write key:
0000: EE 7E EE 7D D8 5F 46 CD 88 15 9E F6 C7 EC 05 5F ....._F........_
Server write key:
0000: 43 DE B1 D2 FA 54 F0 E6 CA EC E8 1E 6C AD 77 EC C....T......l.w.
... no IV for cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
JsseJCE: Using JSSE internal implementation for cipher RC4
*** Finished
verify_data: { 196, 3, 24, 202, 107, 99, 158, 203, 62, 203, 204, 35 }
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C C4 03 18 CA 6B 63 9E CB 3E CB CC 23 ........kc..>..#
Plaintext before ENCRYPTION: len = 32
0000: 14 00 00 0C C4 03 18 CA 6B 63 9E CB 3E CB CC 23 ........kc..>..#
0010: 22 2A 55 36 5F 75 DB D4 CF 19 6F 40 93 AF B8 3B "*U6_u....o@...;
main, WRITE: TLSv1 Handshake, length = 32
waiting for close_notify or alert: state 1
Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
main, SEND TLSv1 ALERT: fatal, description = unexpected_message
Plaintext before ENCRYPTION: len = 18
0000: 02 0A 3E CA 24 9F 8F 40 B8 65 A6 44 5D 7E 0B B5 ..>[email protected]]...
0010: A9 C7 ..
main, WRITE: TLSv1 Alert, length = 18
Exception sending alert: java.net.SocketException: Software caused connection abort: socket write error
main, called closeSocket()
---000--------

Here are the steps I am perfoming to create the certificates. Can anyone please validate the steps...
//Create private key
keytool -genkey -keystore clientpk1 -keyalg rsa -alias client -storepass password -keypass password
//Create CSR
keytool -certreq -alias client -file client.csr -keypass password -keystore clientpk1 -storepass password
//Received client-ca.cer and root certificate from verisign
//Import signed certificate to client keystore
keytool -import -keystore clientpk1 -keyalg RSA -import -trustcacerts -file client-ca.cer
//Import signed certificate and the root certificate to keystore(server thruststore)
keytool -import -keystore jsseclient1 -alias client -file getcacert.cer
keytool -import -keystore jsseclient1 -alias client -file client-ca.cer
Thanks in advance,
Babu

I created a signature ID and customized the signature; however, when I go to sign it only shows the name layout or graphic image? How do I go back to using the certificate?

Dear Forum
I was using Adobe version XI and the signature feature disappeared from the menu. Now I downloaded Acrobat Reader DC. Using the menu and instructions I created a signature ID and customized the signature; however, when I go to sign a document it only shows the name layout or graphic image? How do I go back to using the certificate that I created?
Any help would be greatly appreciated.
Regards
Carlos

Firefox works fine on Windows 2000 SP4 for me.
Any chance you have a dial-up connection that uses a web accelerator to speed the loading of content?

How do I use the Certificate Assistant to set up secure email for clients

I was at first thrilled to find the Certificate Assistant, and now I'm frustrated. I need to have secure, encrypted email for my psychotherapy clients. I thought that if I created my own certificate authority and then issued certificates to my clients, I would be fine. But I can't get this to work. I set up my own authority, but when I try to get a certificate (using a different email account) I can't get it to work. For example, I go to the website created on mac.com and click the "download an invitation" button and then click the download, which opens the Assistant. I fill out the form, but I get an error saying I haven't configured an email account. How do I "configure" an email account? I mean, I use this account all the time; what more configuration does it need?
Second question. Will anybody with a Windows machine be able to use that webpage? Seems like it's a mac only program, so what good is it in the real world?
I know I could try to do this with Thawte or whatever, but asking my clients to get trusted so I can use encryption is unreasonable. If not having my own authority (if I could get THAT to work) is there any other way? Are there any good things to read about this? With the federal HIPAA privacy requirements, there are lots of doctors wrestling with this question.

If you are referring to your "iCloud account", then simply tap "settings / iCloud" - delete the account you are currently logged in with, and add the correct one.
iCloud Set up - http://www.apple.com/ca/icloud/setup/.

How do I create a certificate to remove signature field issues?

I would like to start using digital signatures for some internal documents. We are a small site with about 20 PC users (3 of them Apple).
We can create PDFs with signature fields but every time we sign the document, when somebody needs to sign again (for approval of the first sign), then a constant message "file has been modified since it was signed" and also "at least one signature has problems......"
The way I created the forms is by adding form fields and then "Extend features in Adobe Reader" as only the 3 Apple devices have Professional version of Acrobat.
What is the correct way to do this? I think I need to create a Trusted certificate, of course for the size of our site I don't want to have external solutions, especially because it is for internal purposes only.
Any help would be appreciated.
Thanks.

How the signing certificates that you use for all signatures were procured? Were they created by a reputable Certificate Authority (CA) or are they self-signed certificates that you can create in Acrobat and other apps?
If they are self-signed certificates then you need to explicitly trust each of them on each Acrobat/Reader installation. You can use (Acrobat XI/Reader XI) to do that:
1. Right-click on the signature, select "Show Signature Properties...->Show Signer's certificate".
2. In the left pane shows the signer's certificate. Select it.
3. Select "Trust" tab on top and in this tab "Add to Trusted Certificates". Again for self-signed certificates you need to do that on each Acrobat/Reader installation.
If you got your signing certificates from a Certificate Authority #2 above shows the certificate chain. Select that top-most certificate in the chain and add trust for it as in #3. Chances are that all your certificates were issued by the same CA. In this case you need to add trust to only this one certificate on each Acrobat/Reader installation.
You can use Export/Import Security Settings feature in Acrobat to make this process easier. This feature was discussed at length in several discussions on this forum <Re: Small Business Digital Signature Set-up>. Search for "Export/Import Security Settings" for more info.

How to create a certificate using keytool / terminal?

I have problems with creating certificates using the terminal. I use the instructions below and typed in all the required information. When it asks me to type "yes" and confirm, the whole process just starts from the beginning over and over and I have to type in the same things. What do I do wrong? How do I confirm the information I typed in?
I am trying to create a certificate to sign apps for GooglePlay and Amazon. I am using DPS Professional.
Thanks for help!
Instructions:
(Mac OS) Create a certificate file using Keytool
Open Terminal, which is located in the Applications > Utilities folder.
Type (or paste) the following line (replace “myname.key.p12” with the actual name of your certificate):
1
keytool -genkey -v -keystore myname.key.p12 -alias alias_name -keyalg RSA -keysize 2048 -storetype pkcs12 -validity 10000
Specifying “10000” sets the expiration date after 22 October 2033.
Enter and reenter a password. Until the Viewer Builder supports the creation of custom Android apps, it's necessary to share this password with Adobe. Create a password that you can share.
Follow the prompts to specify the certificate information.
When prompted to confirm choices, enter yes, and then press Return to use the same password.
A certificate is created in your prompt location, such as your user name folder. Copy this certificate file to a known location. Write down the password as well.

It could be access/rights issue. Enable root user and try again.

How create the Certificate Autority (CA) Oracle9iAS

Similar Messages

Maybe you are looking for