MX 2004 issues
I am a novice flash user. I am still using MX 2004 ver. 7.0.
I thought I could continue using this older version since I don't
use it very often. I recently purchased a CUSTOMIZABLE XML IMAGE
GALLERY off of Flash Den. I made sure I picked one that could be
opened with MX 2004. However, I can not open it. When I try, I get
a message that says the file can not be opened because it contains
"screens." I am needing to change the file width and height. My
question is: Is there a way around this or do I need to upgrade?
And if I upgrade to the latest version will I be able to open all
my older files?
The error message reads:
"Unable to open document with this version of Flash because
it contains screens."
I have tried looking for the flash 7.01 and 7.2 updates but I
can't find them on the adobe web site any more.
Do I have to bite the bullet and upgrade?
Similar Messages
-
Accessing BW in netweaver 2004s issue
Accessing BW in netweaver 2004s issue
Hi
I logged into Sap (sneak preview installed locally) via client 001 ( in order to work on BW) & user= SAP*
When I try to create a new class with transaction se24
I get the following message "No changes for user SAP* allowed"
Can anyone help me on this issue ?
How can extend right to that user in order not to be blocked.
Thanks in adance
KadigaHi Kadiga,
You can post in the SAP NetWeaver2004s Ramp-Up forum of BI. Here is the link:
/community [original link is broken]
Bye
Dinesh -
FLV in SWF in Director MX 2004 Issue
I did a search, but couldn't find a response to this issue.
I have SWF running in a sprite in Director MX 2004. The SWF
includes an FLVPlayer component with a "SteelExternalPlayMute.swf"
skin and links to an external FLV. (Flash files are version 8. All
resources are in the same folder.) The visibility of the FLV Player
is set to "false" in SWF and I have a button in the SWF to set the
visible to "true" and play the FLV. This all works correctly in the
SWF and when I "PLAY" the Director movie in production, but the FLV
won't appear and "PLAY" in the Director Published EXE, but WILL do
so if I pull the ""SteelExternalPlayMute.swf" out of the folder.
Something in the Flash component skin isn't working in the
Director EXE because the Actionscript to play the FLV does work
when the skin is removed from the folder. Even the visibility
script works fine and the video plays.
Any ideas on how to fix this issue? Does anyone have
experience with this issue? Is it simply an incorrect SWF import
setting or resource?
Thanks.Hi,
You said swfs are Flash 8. Did you also set them to
Actionscript 2? If it's
Actionscript 3, that may be the problem. You may be
interested in looking at the
Flash Video templates I have at:
http://www.deansdirectortutorials.com/FlashVideo/
regards
Dean
Director Next Roadmap Survey
http://www.deansdirectortutorials.com/survey/DirectorRoadmap/
Director Lecturer / Consultant / Director Enthusiast
http://www.deansdirectortutorials.com/
http://www.multimediacreative.com.au
email: [email protected] -
Upgraded to Tiger (10.4.4), and tried to use Dreamweaver MX 2004 (7.0.4, IIRC). Dreamweaver di it's re-registration, then opened, seemingly fine. But soon as I try to do anything it crashes.
Had to boot back into 10.3.9 Panther to work in Dreamweaver yesterday. Didn't see any issues on Adobe's site.
Is this as simple as re-installing Dreamweaver? Or as expen$ive as buying the new version???
Thanks,
Larry W.I noticed day one in 10.4 that DWMX 2004 wasn't working right. I stalls a lot, doesn't always open, crashes, and more . . .
I called, the then owner, Macromedia (scared to H*ll what Adobe is going to do to it!) and they said that there were issues that would be worked out. As far as I have seen they haven't done anything and unless they mean that Apple would fix what's wrong in the OS that is conflicting or a fix via a new release from Adobe, I'm not sure what they meant by "it would be worked out".
Either way, in 10.4.x DW is not happy.
G4 FW800 Mac OS X (10.4.5) Totally Stuffed/Max'd Out with lots of great toys. -
IMovie 5, Quicktime 7.5.5 and PowerPoint 2004 issues
Hi,
I have a movie I've created in iMovie HD (currently MPEG-4 format) and wish to insert it into a PowerPoint presentation, created in PowerPoint 2004. I have QuickTime 7.5.5 and OSX 10.4.11.
If I export the iMovie movie as a QuickTime MPEG4 file (.mov) it will play fine in quicktime but when I import it into PowerPoint (Insert --> Movie --> From file) it displays a message on the slide saying "QuickTime and an MPEG-4 video decoder are required to display this picture", although the movie plays fine. Similarly, if I open it in QuickTime it'll play fine but if I copy a still frame from QuickTime and paste it into Photoshop I get the same message as PowerPoint.
How can I overcome this issue? I've tried exporting as AVI for PowerPoint, but the quality is beyond unacceptable, despite the movie playing fine.
Thanks for the help!Hi,
I have a movie I've created in iMovie HD (currently MPEG-4 format) and wish to insert it into a PowerPoint presentation, created in PowerPoint 2004. I have QuickTime 7.5.5 and OSX 10.4.11.
If I export the iMovie movie as a QuickTime MPEG4 file (.mov) it will play fine in quicktime but when I import it into PowerPoint (Insert --> Movie --> From file) it displays a message on the slide saying "QuickTime and an MPEG-4 video decoder are required to display this picture", although the movie plays fine. Similarly, if I open it in QuickTime it'll play fine but if I copy a still frame from QuickTime and paste it into Photoshop I get the same message as PowerPoint.
How can I overcome this issue? I've tried exporting as AVI for PowerPoint, but the quality is beyond unacceptable, despite the movie playing fine.
Thanks for the help! -
Microsoft Entourage 2004 issues with MacBook Pro's??
Hi all,
I only post this question, cause I have three macbook pro's at my company having the same issue, and all the other intel based macs, behaving fine.
We have been experiencing very unstable behavior with Microsoft Entourage specifically on MacBook Pros. One users loses the ability to click on anything within Entourage, until he reboots his machine. Another couple of users ran into similar issue with not being able to open entourage without error messages. Is their something specifically in the Macbook Pros that cause Entourage to run bad in the Rosetta engine? My Black Macbook works fine with Office and so does our Intel iMacs. Any ideas why these issues revolve around Macbook Pros specifically? Any other users having problems?Hi all,
I only post this question, cause I have three macbook
pro's at my company having the same issue, and all
the other intel based macs, behaving fine.
We have been experiencing very unstable behavior with
Microsoft Entourage specifically on MacBook Pros.
One users loses the ability to click on anything
within Entourage, until he reboots his machine.
Another couple of users ran into similar issue with
not being able to open entourage without error
messages. Is their something specifically in the
Macbook Pros that cause Entourage to run bad in the
Rosetta engine? My Black Macbook works fine with
Office and so does our Intel iMacs. Any ideas why
these issues revolve around Macbook Pros
specifically? Any other users having problems?
I have seen strange behavior as well on not my MBP but my Mac Pro...
I have applied all updates.
William -
We get this error message when attempting to save to a
network drive or locally.
"An error occurred while attempting to write to a file."
Any advice?Hello mate, unfourtanately i dont have a solution to your
problem, what i do have is a problem of my own.
Am working on MX, and when i export my document as a movie
some of the buttons stop working and also
some items just dissapear.
I have tried reloading the actions but it still dont work.
Any ideas?? -
This is a Flash 8 vs. Flash MX 2004 issue...
Anyone else noticing a difference saving files over a network
from Flash 8. I have never had a problem with Flash MX 2004 saving
over a network, but now saving a 14 MB flash file to a Mac OS X
Server is taking up to 2 minutes over AFP!! Server is a Sawtooth G4
running Jaguar Server 10.2.8 - long in the tooth I know!
An odd thing about this is that my first save will take 15
seconds, my second about 2 minutes, the third around 15 seconds,
the fourth around 2 minutes and so on... A "Save as" will take
about 40 seconds consistently.
That is:
0:15 - 1st save
2:00 - 2nd save
0:15 - 3rd save
1:56 - 4th save
Again that is using AFP, but even using SMB I notice this
alternate short/long save time. Using SMB a "Save as" takes 16
seconds on the same 14 MB file. Then the first save will take 3
seconds and the second about 13 seconds, the third save will take 3
seconds the fourth save will take 14 seconds etc...
Now this looks like a good case for using SMB over AFP (but
that is a topic for another forum). However, it is clearly a Flash
8 vs. Flash MX 2004 issue. When I go back to using Flash MX 2004
saves pretty consistently take about 2-3 seconds and "Save As"
takes about 10 seconds. This is using AFP or SMB (SMB is a bit
faster).
I called Macromedia (Adobe) support for help and their only
answer is that "saving over a network is not reccommended or
supported" (neither is this documented, even though some of their
tutorial examples use network workflows). I told them that Flash MX
2004 (and previous) NEVER gave me this problem which has apparently
been introduced with Flash 8 Professional.
Anyone else have this issue?
Thanks
Jflyyou should search this forum the past 2 days - been a few
more posts about working/saving to a
network and losing entire flas - it is never recommended -
with any type of program.
--> **Adobe Certified Expert**
--> www.mudbubble.com
--> www.keyframer.com
ALabama1959 wrote:
> This is a Flash 8 vs. Flash MX 2004 issue...
>
> Anyone else noticing a difference saving files over a
network from Flash 8. I
> have never had a problem with Flash MX 2004 saving over
a network, but now
> saving a 14 MB flash file to a Mac OS X Server is taking
up to 2 minutes over
> AFP!! Server is a Sawtooth G4 running Jaguar Server
10.2.8 - long in the tooth
> I know!
>
> An odd thing about this is that my first save will take
15 seconds, my second
> about 2 minutes, the third around 15 seconds, the fourth
around 2 minutes and
> so on... A "Save as" will take about 40 seconds
consistently.
>
> That is:
> 0:15 - 1st save
> 2:00 - 2nd save
> 0:15 - 3rd save
> 1:56 - 4th save
>
> Again that is using AFP, but even using SMB I notice
this alternate short/long
> save time. Using SMB a "Save as" takes 16 seconds on the
same 14 MB file. Then
> the first save will take 3 seconds and the second about
13 seconds, the third
> save will take 3 seconds the fourth save will take 14
seconds etc...
>
> Now this looks like a good case for using SMB over AFP
(but that is a topic
> for another forum). However, it is clearly a Flash 8 vs.
Flash MX 2004 issue.
> When I go back to using Flash MX 2004 saves pretty
consistently take about 2-3
> seconds and "Save As" takes about 10 seconds. This is
using AFP or SMB (SMB is
> a bit faster).
>
> I called Macromedia (Adobe) support for help and their
only answer is that
> "saving over a network is not reccommended or supported"
(neither is this
> documented, even though some of their tutorial examples
use network workflows).
> I told them that Flash MX 2004 (and previous) NEVER gave
me this problem which
> has apparently been introduced with Flash 8
Professional.
>
> Anyone else have this issue?
>
> Thanks
>
> Jfly
>
> -
To our customers,
Consider applying for the 2004 Application Development Trends Innovator
Awards. A project using Kodo JDO may be an ideal candidate for winning this
award.
Here is the description from ADT:
The Innovator Awards are presented annually by Application Development
Trends to IT development managers and teams charged with undertaking a
software development effort that was approved by management to solve a
pressing business problem. To receive your application, please go to
http://adtmag.com/downloads/2004ADTInnovator.pdf. Applications may be
submitted until November 14, 2003. Winners will be profiled in the April
2004 issue of ADT.
Neelan Choksi
SolarMetric Inc.
[email protected]
202-595-2064 x1331
http://www.solarmetric.com
Vote for Kodo JDO as Best Java Data Access Tool, Best Database Tool or
Driver, and Best Persistence Architecture,
at the Java Developers Journal 2003 Readers' Choice Awards. The ballot is
online at http://www.sys-con.com/java/readerschoice2003/vote.cfm.If you have Acrobat, not Reader, you can make small edits to text with the "Select tool".
I've had the same problem with sending PDFs for editorial approval, as the person with the final say can't (all of a sudden) select text.
The main problem is that there is a setting in the Edit menu under Preferences | General (this is from using Acrobat version 9, I'm not sure about version 8 or 6, you'll have to look) and it is a check box labeled "Make hand tool select text & images". If that is checked, then it is enabled and you can select and make edits.
Your other problem is that OCR only takes a scanned image and creates selectable text from the image (the Optical Characters part of OCR) of the words. Some people don't know you can have a PDF of an image which has no selectable text but is all type and words, as it is all pixels (image). It is the difference between a MS-Word document (text) and a Photoshop document (pixels).
There might be other factors but the above are the most common. -
Cacerts verisign certificate expires Jan 08 2004
Two Verisign Certificates in the jdk 1.4 keystore 'jdk1.41/jre/lib/security/cacerts' expire on Thu Jan 08 2004.
They are stored with alias 'verisignclass2ca' and 'verisignclass3ca'.
A Weblogic Server Message looks like this:
<Dec 16, 2003 5:39:13 PM CET> <Notice> <WebLogicServer> <BEA-000298> <Certificate expires in 22 days: [
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@3e
Validity: [From: Mon Jan 29 01:00:00 CET 1996,
To: Thu Jan 08 00:59:59 CET 2004]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
SerialNumber: [ e49efdf3 3ae80ecf a5113e19 a4240232]
Algorithm: [MD2withRSA]
Signature:
0000: 61 70 EC 2F 3F 9E FD 2B E6 68 54 21 B0 67 79 08 ap./?..+.hT!.gy.
0010: 0C 20 96 31 8A 0D 7A BE B6 26 DF 79 2C 22 69 49 . .1..z..&.y,"iI
0020: 36 E3 97 77 62 61 A2 32 D7 7A 54 21 36 BA 02 C9 6..wba.2.zT!6...
0030: 34 E7 25 DA 44 35 B0 D2 5C 80 5D B3 94 F8 F9 AC 4.%.D5..\.].....
0040: EE A4 60 75 2A 1F 95 49 23 B1 4A 7C F4 B3 47 72 ..`u*..I#.J...Gr
0050: 21 5B 7E 97 AB 54 AC 62 E7 5D EC AE 9B D2 C9 B2 ![...T.b.]......
0060: 24 FB 82 AD E9 67 15 4B BA AA A6 F0 97 A0 F6 B0 $....g.K........
0070: 97 57 00 C8 0C 3C 09 A0 82 04 BA 41 DA F7 99 A4 .W...<.....A....
]>
Does anybody know,
what that means for ssl ?
Is there a Patch or a new cacerts file for download ?
Thanks a lot.
EdeI would assume that there are not that many certificates still
being used that use those CA certs for their CA.
As you probably noticed, there are a bunch of newer Verisign
CA certs in that trust store (cacerts). The newer CA certs are
probably the ones being used by certificates that are currently
in use.
I suppose you have to ship the older CA certs until they become
invalid. I doubt that Verisign issued any certificates with those
old CA anytime recently.
-Steve -
Help with getting Web Start working with two-way SSL
I have successfully transferred data (myclient.jnlp) utilizing web browsers (IE and Mozilla) from my web server (which is set up for two-way SSL "CLIENT-CERT" required) after using the browser's utility to "import" my client-side cert (in .p12 format).
After the browser connects and downloads the "myclient.jnlp" contents and places it in a temporary file, it then kicks off the javaws process with the temporary file as a parameter. The first thing javaws does is utilize the codebase and href values (found in the temporary file) to make a "GET" call to the server for the "myclient.jnlp" file (again).
However, this fails (with a SSL handshake error) since javaws uses a different keystore than IE - the server does not receive the client-side cert. I have imported the root CA and the client cert (in .pem format) into the $JAVA_HOME/jre/lib/security/cacerts file using the keytool command but alas my server still indicates a lack of a client-side cert.
Has anyone else tried this and got it working?Hi Richard,
Indeed it appears that the 1.5 version will have more built-in capability for client certs. It has the look of the IE browser import capability. Unfortunately, I am stuck with having to utilize 1.4.2 for the time being. Since I have posted my original message I have found more information but have yet to get it all working. The truststore in javaws 1.4.2 does have a default (the 1.4.2 jre's cacert file - stragely enough not the same one that gets updated when you import the root CA! - but this has been noted in many other threads). The javaws keystore does not have a default and I have tried, to no avail yet, to utilize some command line parameters, see http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#Customization - to get my client cert "available" and recognized by javaws.
With the help of some debug flags here is the output on my javaws "output" log - all seems to go well up to the point of the client's Certificate chain (which appears to be empty), after the ServerHelloDone :
trustStore is: C:\j2sdk1.4.2_04\jre\lib\security\cacerts
trustStore type is : jks
init truststore
adding as trusted cert:
snipped all the regular trusted certs, left my root CA as proof it is recognized...
adding as trusted cert:
Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
Algorithm: RSA; Serial number: 0x0
Valid from Wed May 26 16:38:59 EDT 2004 until Fri Jun 25 16:38:59 EDT 2004
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1070211537 bytes = { 205, 211, 129, 234, 88, 129, 152, 176, 223, 180, 161, 138, 246, 183, 181, 89, 61, 252, 63, 35, 21, 34, 253, 32, 254, 124, 38, 198 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 40 CA 22 D1 CD D3 81 EA 58 81 ...E..@.".....X.
0010: 98 B0 DF B4 A1 8A F6 B7 B5 59 3D FC 3F 23 15 22 .........Y=.?#."
0020: FD 20 FE 7C 26 C6 00 00 1E 00 04 00 05 00 2F 00 . ..&........./.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
Thread-3, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 40 CA 22 D1 CD D3 81 EA 58 81 98 B0 DF B4 ..@.".....X.....
0050: A1 8A F6 B7 B5 59 3D FC 3F 23 15 22 FD 20 FE 7C .....Y=.?#.". ..
0060: 26 C6 &.
Thread-3, WRITE: SSLv2 client hello message, length = 98
Thread-3, READ: TLSv1 Handshake, length = 58
*** ServerHello, TLSv1
RandomCookie: GMT: 1070211539 bytes = { 81, 106, 82, 45, 233, 226, 89, 6, 38, 240, 71, 122, 90, 226, 255, 207, 9, 102, 205, 127, 223, 211, 4, 84, 79, 16, 101, 89 }
Session ID: {34, 167, 132, 174, 141, 4, 57, 197, 190, 207, 105, 117, 241, 9, 97, 81}
Cipher Suite: SSL_RSA_WITH_DES_CBC_SHA
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_DES_CBC_SHA]
** SSL_RSA_WITH_DES_CBC_SHA
[read] MD5 and SHA1 hashes: len = 58
0000: 02 00 00 36 03 01 40 CA 22 D3 51 6A 52 2D E9 E2 ...6..@.".QjR-..
0010: 59 06 26 F0 47 7A 5A E2 FF CF 09 66 CD 7F DF D3 Y.&.GzZ....f....
0020: 04 54 4F 10 65 59 10 22 A7 84 AE 8D 04 39 C5 BE .TO.eY.".....9..
0030: CF 69 75 F1 09 61 51 00 09 00 .iu..aQ...
Thread-3, READ: TLSv1 Handshake, length = 607
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
e2bd8de9 598e0735 2bed2057 3800c83d 348550e2 93a017c7 9845f35f cd7b4ada
6ef0c70f 7a033e69 a97ccd15 46f0d1c8 7a0ae909 ddb76f5b cd8029e6 3a6a4965
Validity: [From: Wed May 26 16:38:59 EDT 2004,
To: Fri Jun 25 16:38:59 EDT 2004]
Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
SerialNumber: [ 00]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
0010: 88 76 14 DA .v..
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
0010: 88 76 14 DA .v..
[CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US]
SerialNumber: [ 00]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 29 CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D )..H../.J.s.q.X.
0010: 9E 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD ..D....<........
0020: C4 FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 ..R..re....ba5..
0030: AE FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 ..........w..j..
Found trusted certificate:
Version: V3
Subject: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
e2bd8de9 598e0735 2bed2057 3800c83d 348550e2 93a017c7 9845f35f cd7b4ada
6ef0c70f 7a033e69 a97ccd15 46f0d1c8 7a0ae909 ddb76f5b cd8029e6 3a6a4965
Validity: [From: Wed May 26 16:38:59 EDT 2004,
To: Fri Jun 25 16:38:59 EDT 2004]
Issuer: CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US
SerialNumber: [ 00]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
0010: 88 76 14 DA .v..
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 3F A7 DF 1F FA 90 1F 98 4F BA 42 9F 21 7D B4 C4 ?.......O.B.!...
0010: 88 76 14 DA .v..
[CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US]
SerialNumber: [ 00]
[3]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 29 CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D )..H../.J.s.q.X.
0010: 9E 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD ..D....<........
0020: C4 FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 ..R..re....ba5..
0030: AE FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 ..........w..j..
[read] MD5 and SHA1 hashes: len = 607
0000: 0B 00 02 5B 00 02 58 00 02 55 30 82 02 51 30 82 ...[..X..U0..Q0.
0010: 01 FB A0 03 02 01 02 02 01 00 30 0D 06 09 2A 86 ..........0...*.
0020: 48 86 F7 0D 01 01 05 05 00 30 57 31 0B 30 09 06 H........0W1.0..
0030: 03 55 04 06 13 02 55 53 31 11 30 0F 06 03 55 04 .U....US1.0...U.
0040: 08 13 08 56 69 72 67 69 6E 69 61 31 10 30 0E 06 ...Virginia1.0..
0050: 03 55 04 07 13 07 46 61 69 72 66 61 78 31 11 30 .U....Fairfax1.0
0060: 0F 06 03 55 04 0A 13 08 5A 6F 72 6B 2E 6F 72 67 ...U....Zork.org
0070: 31 10 30 0E 06 03 55 04 03 13 07 52 6F 6F 74 20 1.0...U....Root
0080: 43 41 30 1E 17 0D 30 34 30 35 32 36 32 30 33 38 CA0...0405262038
0090: 35 39 5A 17 0D 30 34 30 36 32 35 32 30 33 38 35 59Z..04062520385
00A0: 39 5A 30 57 31 0B 30 09 06 03 55 04 06 13 02 55 9Z0W1.0...U....U
00B0: 53 31 11 30 0F 06 03 55 04 08 13 08 56 69 72 67 S1.0...U....Virg
00C0: 69 6E 69 61 31 10 30 0E 06 03 55 04 07 13 07 46 inia1.0...U....F
00D0: 61 69 72 66 61 78 31 11 30 0F 06 03 55 04 0A 13 airfax1.0...U...
00E0: 08 5A 6F 72 6B 2E 6F 72 67 31 10 30 0E 06 03 55 .Zork.org1.0...U
00F0: 04 03 13 07 52 6F 6F 74 20 43 41 30 5C 30 0D 06 ....Root CA0\0..
0100: 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 4B 00 30 .*.H.........K.0
0110: 48 02 41 00 E2 BD 8D E9 59 8E 07 35 2B ED 20 57 H.A.....Y..5+. W
0120: 38 00 C8 3D 34 85 50 E2 93 A0 17 C7 98 45 F3 5F 8..=4.P......E._
0130: CD 7B 4A DA 6E F0 C7 0F 7A 03 3E 69 A9 7C CD 15 ..J.n...z.>i....
0140: 46 F0 D1 C8 7A 0A E9 09 DD B7 6F 5B CD 80 29 E6 F...z.....o[..).
0150: 3A 6A 49 65 02 03 01 00 01 A3 81 B1 30 81 AE 30 :jIe........0..0
0160: 0C 06 03 55 1D 13 04 05 30 03 01 01 FF 30 1D 06 ...U....0....0..
0170: 03 55 1D 0E 04 16 04 14 3F A7 DF 1F FA 90 1F 98 .U......?.......
0180: 4F BA 42 9F 21 7D B4 C4 88 76 14 DA 30 7F 06 03 O.B.!....v..0...
0190: 55 1D 23 04 78 30 76 80 14 3F A7 DF 1F FA 90 1F U.#.x0v..?......
01A0: 98 4F BA 42 9F 21 7D B4 C4 88 76 14 DA A1 5B A4 .O.B.!....v...[.
01B0: 59 30 57 31 0B 30 09 06 03 55 04 06 13 02 55 53 Y0W1.0...U....US
01C0: 31 11 30 0F 06 03 55 04 08 13 08 56 69 72 67 69 1.0...U....Virgi
01D0: 6E 69 61 31 10 30 0E 06 03 55 04 07 13 07 46 61 nia1.0...U....Fa
01E0: 69 72 66 61 78 31 11 30 0F 06 03 55 04 0A 13 08 irfax1.0...U....
01F0: 5A 6F 72 6B 2E 6F 72 67 31 10 30 0E 06 03 55 04 Zork.org1.0...U.
0200: 03 13 07 52 6F 6F 74 20 43 41 82 01 00 30 0D 06 ...Root CA...0..
0210: 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 41 00 29 .*.H.........A.)
0220: CB D0 48 E2 89 2F 8D 4A A6 73 11 71 EB 58 9D 9E ..H../.J.s.q.X..
0230: 0C 44 1F 87 C2 A3 3C C0 E7 9A E3 C4 BC A7 DD C4 .D....<.........
0240: FC 52 F1 A9 72 65 14 99 C1 A7 62 61 35 91 D8 AE .R..re....ba5...
0250: FF FB FF 82 D8 1C EE 03 02 77 03 19 6A B0 06 .........w..j..
Thread-3, READ: TLSv1 Handshake, length = 220
*** CertificateRequest
Cert Types: RSA, DSS, Ephemeral DH (RSA sig),
Cert Authorities:
<CN=Root CA, O=Zork.org, L=Fairfax, ST=Virginia, C=US>
<CN=Server CA, OU=Server Division, O=Zork.org, L=Fairfax, ST=Virginia, C=US>
[read] MD5 and SHA1 hashes: len = 220
0000: 0D 00 00 D8 03 01 02 05 00 D2 00 59 30 57 31 0B ...........Y0W1.
0010: 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0F 06 0...U....US1.0..
0020: 03 55 04 08 13 08 56 69 72 67 69 6E 69 61 31 10 .U....Virginia1.
0030: 30 0E 06 03 55 04 07 13 07 46 61 69 72 66 61 78 0...U....Fairfax
0040: 31 11 30 0F 06 03 55 04 0A 13 08 5A 6F 72 6B 2E 1.0...U....Zork.
0050: 6F 72 67 31 10 30 0E 06 03 55 04 03 13 07 52 6F org1.0...U....Ro
0060: 6F 74 20 43 41 00 75 30 73 31 0B 30 09 06 03 55 ot CA.u0s1.0...U
0070: 04 06 13 02 55 53 31 11 30 0F 06 03 55 04 08 13 ....US1.0...U...
0080: 08 56 69 72 67 69 6E 69 61 31 10 30 0E 06 03 55 .Virginia1.0...U
0090: 04 07 13 07 46 61 69 72 66 61 78 31 11 30 0F 06 ....Fairfax1.0..
00A0: 03 55 04 0A 13 08 5A 6F 72 6B 2E 6F 72 67 31 18 .U....Zork.org1.
00B0: 30 16 06 03 55 04 0B 13 0F 53 65 72 76 65 72 20 0...U....Server
00C0: 44 69 76 69 73 69 6F 6E 31 12 30 10 06 03 55 04 Division1.0...U.
00D0: 03 13 09 53 65 72 76 65 72 20 43 41 ...Server CA
Thread-3, READ: TLSv1 Handshake, length = 4
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/PKCS1Padding
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
Random Secret: { 3, 1, 175, 38, 47, 77, 131, 125, 209, 147, 174, 228, 183, 99, 34, 2, 100, 186, 77, 47, 65, 233, 82, 133, 183, 113, 8, 193, 51, 241, 167, 105, 4, 187, 57, 130, 161, 11, 178, 11, 134, 84, 96, 106, 203, 11, 195, 51 }
[write] MD5 and SHA1 hashes: len = 77
0000: 0B 00 00 03 00 00 00 10 00 00 42 00 40 39 9F EC ..........B.@9..
0010: 5F 92 FA 3D 5E 3D 0C 19 10 72 DA BE B6 14 76 62 _..=^=...r....vb
0020: AE 39 75 0B 74 10 C7 B1 42 D7 A1 22 C0 0E B8 A2 .9u.t...B.."....
0030: 22 80 73 20 36 A2 FD BB F9 3E F4 F0 91 CE 95 F8 ".s 6....>......
0040: 05 D7 22 FC 2C CF 1B AB 19 82 03 D2 F5 ..".,........
Thread-3, WRITE: TLSv1 Handshake, length = 77
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 AF 26 2F 4D 83 7D D1 93 AE E4 B7 63 22 02 ...&/M.......c".
0010: 64 BA 4D 2F 41 E9 52 85 B7 71 08 C1 33 F1 A7 69 d.M/A.R..q..3..i
0020: 04 BB 39 82 A1 0B B2 0B 86 54 60 6A CB 0B C3 33 ..9......T`j...3
CONNECTION KEYGEN:
Client Nonce:
0000: 40 CA 22 D1 CD D3 81 EA 58 81 98 B0 DF B4 A1 8A @.".....X.......
0010: F6 B7 B5 59 3D FC 3F 23 15 22 FD 20 FE 7C 26 C6 ...Y=.?#.". ..&.
Server Nonce:
0000: 40 CA 22 D3 51 6A 52 2D E9 E2 59 06 26 F0 47 7A @.".QjR-..Y.&.Gz
0010: 5A E2 FF CF 09 66 CD 7F DF D3 04 54 4F 10 65 59 Z....f.....TO.eY
Master Secret:
0000: 67 B9 58 74 69 18 0B 2E 00 EB AC 9B 77 15 B4 65 g.Xti.......w..e
0010: 61 A1 AC D0 F1 D5 4C CA 0E 51 FC 58 A0 11 B7 87 a.....L..Q.X....
0020: EC 72 26 D0 83 18 27 49 8F B6 32 FF E3 89 1D E4 .r&...'I..2.....
Client MAC write Secret:
0000: D5 96 AB F7 1E 46 5F 46 8A E9 3E DF A0 5E 32 5E .....F_F..>..^2^
0010: 00 FB B8 D8 ....
Server MAC write Secret:
0000: E6 7D 8E F5 6A 4C 94 4C D6 2A 3A 4D FC C1 94 A3 ....jL.L.*:M....
0010: C5 6C 5F B6 .l_.
Client write key:
0000: 18 1D 51 8C 74 6D 18 57 ..Q.tm.W
Server write key:
0000: 0D 4E 7A F1 5A D6 5F 5B .Nz.Z._[
Client write IV:
0000: 4C BB 4D FA 4F EB CB 4E L.M.O..N
Server write IV:
0000: B7 6A CA E9 66 7D 25 88 .j..f.%.
Thread-3, WRITE: TLSv1 Change Cipher Spec, length = 1
JsseJCE: Using JSSE internal implementation for cipher DES/CBC/NoPadding
*** Finished
verify_data: { 20, 20, 38, 13, 43, 235, 102, 72, 75, 212, 21, 21 }
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 14 14 26 0D 2B EB 66 48 4B D4 15 15 ......&.+.fHK...
Padded plaintext before ENCRYPTION: len = 40
0000: 14 00 00 0C 14 14 26 0D 2B EB 66 48 4B D4 15 15 ......&.+.fHK...
0010: 90 9C E9 09 F4 48 96 A6 8F AA 04 DF E9 36 72 F0 .....H.......6r.
0020: 42 F0 60 78 03 03 03 03 B.`x....
Thread-3, WRITE: TLSv1 Handshake, length = 40
Thread-3, READ: TLSv1 Alert, length = 2
Thread-3, RECV TLSv1 ALERT: fatal, handshake_failure
Thread-3, called closeSocket()
Thread-3, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Finalizer, called close()
Finalizer, called closeInternal(true)
So I'll toil away trying to get *right* combination of settings - please let me know if you have any ideas! FYI here are the command line settings I am using for the keystore:
-Djavax.net.ssl.keyStore=c:\myClientIdKeyStore -Djavax.net.ssl.keyStoreType=jks -Djavax.net.ssl.keyStorePassword=myClientIdKeyStorePass
Thanks,
Paul -
Client authentication not working
Hi all,
I am using Apache's HTTPClient to connect with a server running https. The server is the latest stable Tomcat (version 4.1.27). If I set clientAuth="false" in the Tomcat configuration, everything is working fine. I am able to comunicate with the server, since the server's certificate is in the trusted store. If I want to authenticate myself (by setting clientAuth="true") it doesn't work. It seems that the application I have written doesn't send the client's certificate.
Here's the code:
HttpClient httpclient = new HttpClient();
Protocol myhttps =
new Protocol(
"https",
new StrictSSLProtocolSocketFactory(false),
8443);
httpclient.getHostConfiguration().setHost("rigel", 8443, myhttps);
GetMethod httpget = new GetMethod("/");
httpclient.executeMethod(httpget);
If I turn on all sorts of debugging this is what I get:
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Java version: 1.4.0_02
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Java vendor: Sun Microsystems Inc.
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Java class path: f:\myhome\projects\NextiraOne\class;f:\myhome\projects\NextiraOne\lib\commons-httpclient-2.0-rc1.jar;f:\myhome\projects\NextiraOne\lib\log4j-1.2.6.jar;f:\myhome\projects\NextiraOne\lib\commons-logging.jar;f:\myhome\projects\NextiraOne\lib\commons-logging-api.jar;f:\myhome\projects\NextiraOne\lib\com.ibm.mq.jar;f:\myhome\projects\NextiraOne\lib\xmlparserv2new.jar;f:\myhome\projects\NextiraOne\lib\connector.jar
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Operating system name: Windows 2000
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Operating system architecture: x86
2003/10/08 14:54:26:898 CEST [DEBUG] HttpClient - -Operating system version: 5.0
2003/10/08 14:54:27:078 CEST [DEBUG] HttpClient - -SUN 1.2: SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
2003/10/08 14:54:27:078 CEST [DEBUG] HttpClient - -SunJSSE 1.4002: Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
2003/10/08 14:54:27:078 CEST [DEBUG] HttpClient - -SunRsaSign 1.0: SUN's provider for RSA signatures
2003/10/08 14:54:27:078 CEST [DEBUG] HttpClient - -SunJCE 1.4: SunJCE Provider (implements DES, Triple DES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
2003/10/08 14:54:27:088 CEST [DEBUG] HttpClient - -SunJGSS 1.0: Sun (Kerberos v5)
2003/10/08 14:54:27:188 CEST [DEBUG] HttpConnection - -HttpConnection.setSoTimeout(0)
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: f:\client.keystore
trustStore type is : jks
init truststore
adding private entry as trusted cert: [
Version: V1
Subject: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@8fd984
Validity: [From: Wed Oct 08 13:48:24 CEST 2003,
To: Tue Jan 06 12:48:24 CET 2004]
Issuer: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
SerialNumber: [ 3f83f988 ]
Algorithm: [MD5withRSA]
Signature:
0000: 04 24 63 44 43 26 CA 79 BC 0B 96 2D 27 1A 40 DA .$cDC&.y...-'.@.
0010: E0 92 FE D6 57 F8 4C C4 C6 97 F7 13 24 4B 30 F9 ....W.L.....$K0.
0020: E7 C3 06 2B A3 67 FD 70 E1 A5 8E E7 16 3D 59 16 ...+.g.p.....=Y.
0030: DB 7B 73 AC 30 B1 43 C1 F2 96 DD 8F 52 0E 61 1F ..s.0.C.....R.a.
0040: 0E 23 0F 88 8E 1A 6F 24 54 B9 87 4C 2C A1 97 78 .#....o$T..L,..x
0050: FD 80 6A A1 F8 65 C3 CE 39 F4 AA A6 6C 3C 7A 98 ..j..e..9...l<z.
0060: 86 4E 5B 6A 2D 7F BC 89 E8 36 29 54 22 0A 3F C7 .N[j-....6)T".?.
0070: B3 83 4E 47 36 F1 C9 09 25 E7 9C D6 11 10 3B 3C ..NG6...%.....;<
adding as trusted cert: [
Version: V1
Subject: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@f99ff5
Validity: [From: Wed Oct 08 11:56:42 CEST 2003,
To: Tue Jan 06 10:56:42 CET 2004]
Issuer: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
SerialNumber: [ 3f83df5a ]
Algorithm: [MD5withRSA]
Signature:
0000: E0 21 80 C9 4C 8C BC FC 48 B3 36 6A 0B E1 C1 94 .!..L...H.6j....
0010: 79 E1 E7 6B 27 B0 71 7D CF 17 A6 B9 E6 71 D6 85 y..k'.q......q..
0020: 6F 9F EB 66 73 4B CB A2 C1 A2 7F F3 38 A1 A7 8B o..fsK......8...
0030: 92 F0 82 1F 4A A4 E9 F5 8C 64 0B 7E 86 61 C0 D5 ....J....d...a..
0040: 74 60 7D D3 B0 11 3F 77 B9 D8 EC 7D 17 22 D8 7C t`....?w....."..
0050: 77 42 CB C1 24 CC 26 5E CF 8A 20 7D 77 44 D4 29 wB..$.&^.. .wD.)
0060: DF 59 D1 17 CE D2 51 59 BC 53 35 B0 EB CE 51 CE .Y....QY.S5...Q.
0070: 79 F7 D2 53 CE FD 2F 9A FD 1A A8 E3 3C 58 AF EB y..S../.....<X..
init context
trigger seeding of SecureRandom
done seeding SecureRandom
2003/10/08 14:54:32:456 CEST [DEBUG] HttpMethodBase - -Execute loop try 1
2003/10/08 14:54:32:466 CEST [DEBUG] wire - ->> "GET / HTTP/1.1[\r][\n]"
2003/10/08 14:54:32:466 CEST [DEBUG] HttpMethodBase - -Adding Host request header
2003/10/08 14:54:32:476 CEST [DEBUG] wire - ->> "User-Agent: Jakarta Commons-HttpClient/2.0rc1[\r][\n]"
2003/10/08 14:54:32:476 CEST [DEBUG] wire - ->> "Host: rigel[\r][\n]"
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1048840456 bytes = { 43, 4, 244, 103, 54, 110, 99, 128, 162, 132, 22, 2, 197, 112, 91, 105, 4, 133, 249, 114, 142, 122, 44, 203, 156, 188, 132, 100 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 3F 84 09 08 2B 04 F4 67 36 6E ...7..?...+..g6n
0010: 63 80 A2 84 16 02 C5 70 5B 69 04 85 F9 72 8E 7A c......p[i...r.z
0020: 2C CB 9C BC 84 64 00 00 10 00 05 00 04 00 09 00 ,....d..........
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 3F 84 09 .............?..
0030: 08 2B 04 F4 67 36 6E 63 80 A2 84 16 02 C5 70 5B .+..g6nc......p[
0040: 69 04 85 F9 72 8E 7A 2C CB 9C BC 84 64 i...r.z,....d
main, WRITE: SSL v2, contentType = 22, translated length = 16310
main, READ: SSL v3.1 Handshake, length = 2275
*** ServerHello, v3.1
RandomCookie: GMT: 1048840456 bytes = { 2, 207, 237, 54, 101, 119, 116, 33, 59, 54, 56, 111, 170, 110, 92, 129, 178, 67, 124, 46, 187, 153, 247, 27, 216, 197, 21, 232 }
Session ID: {63, 132, 9, 8, 85, 66, 130, 20, 34, 100, 122, 131, 137, 133, 143, 214, 43, 232, 151, 61, 12, 216, 23, 84, 58, 241, 194, 116, 67, 44, 43, 44}
Cipher Suite: { 0, 5 }
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 3F 84 09 08 02 CF ED 36 65 77 ...F..?......6ew
0010: 74 21 3B 36 38 6F AA 6E 5C 81 B2 43 7C 2E BB 99 t!;68o.n\..C....
0020: F7 1B D8 C5 15 E8 20 3F 84 09 08 55 42 82 14 22 ...... ?...UB.."
0030: 64 7A 83 89 85 8F D6 2B E8 97 3D 0C D8 17 54 3A dz.....+..=...T:
0040: F1 C2 74 43 2C 2B 2C 00 05 00 ..tC,+,...
*** Certificate chain
chain [0] = [
Version: V1
Subject: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@b2a2d8
Validity: [From: Wed Oct 08 11:56:42 CEST 2003,
To: Tue Jan 06 10:56:42 CET 2004]
Issuer: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
SerialNumber: [ 3f83df5a ]
Algorithm: [MD5withRSA]
Signature:
0000: E0 21 80 C9 4C 8C BC FC 48 B3 36 6A 0B E1 C1 94 .!..L...H.6j....
0010: 79 E1 E7 6B 27 B0 71 7D CF 17 A6 B9 E6 71 D6 85 y..k'.q......q..
0020: 6F 9F EB 66 73 4B CB A2 C1 A2 7F F3 38 A1 A7 8B o..fsK......8...
0030: 92 F0 82 1F 4A A4 E9 F5 8C 64 0B 7E 86 61 C0 D5 ....J....d...a..
0040: 74 60 7D D3 B0 11 3F 77 B9 D8 EC 7D 17 22 D8 7C t`....?w....."..
0050: 77 42 CB C1 24 CC 26 5E CF 8A 20 7D 77 44 D4 29 wB..$.&^.. .wD.)
0060: DF 59 D1 17 CE D2 51 59 BC 53 35 B0 EB CE 51 CE .Y....QY.S5...Q.
0070: 79 F7 D2 53 CE FD 2F 9A FD 1A A8 E3 3C 58 AF EB y..S../.....<X..
stop on trusted cert: [
Version: V1
Subject: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@b2a2d8
Validity: [From: Wed Oct 08 11:56:42 CEST 2003,
To: Tue Jan 06 10:56:42 CET 2004]
Issuer: CN=rigel, OU=ECS, O=DC, L=MER, ST=OVL, C=BE
SerialNumber: [ 3f83df5a ]
Algorithm: [MD5withRSA]
Signature:
0000: E0 21 80 C9 4C 8C BC FC 48 B3 36 6A 0B E1 C1 94 .!..L...H.6j....
0010: 79 E1 E7 6B 27 B0 71 7D CF 17 A6 B9 E6 71 D6 85 y..k'.q......q..
0020: 6F 9F EB 66 73 4B CB A2 C1 A2 7F F3 38 A1 A7 8B o..fsK......8...
0030: 92 F0 82 1F 4A A4 E9 F5 8C 64 0B 7E 86 61 C0 D5 ....J....d...a..
0040: 74 60 7D D3 B0 11 3F 77 B9 D8 EC 7D 17 22 D8 7C t`....?w....."..
0050: 77 42 CB C1 24 CC 26 5E CF 8A 20 7D 77 44 D4 29 wB..$.&^.. .wD.)
0060: DF 59 D1 17 CE D2 51 59 BC 53 35 B0 EB CE 51 CE .Y....QY.S5...Q.
0070: 79 F7 D2 53 CE FD 2F 9A FD 1A A8 E3 3C 58 AF EB y..S../.....<X..
[read] MD5 and SHA1 hashes: len = 552
0000: 0B 00 02 24 00 02 21 00 02 1E 30 82 02 1A 30 82 ...$..!...0...0.
0010: 01 83 02 04 3F 83 DF 5A 30 0D 06 09 2A 86 48 86 ....?..Z0...*.H.
0020: F7 0D 01 01 04 05 00 30 54 31 0B 30 09 06 03 55 .......0T1.0...U
0030: 04 06 13 02 42 45 31 0C 30 0A 06 03 55 04 08 13 ....BE1.0...U...
0040: 03 4F 56 4C 31 0C 30 0A 06 03 55 04 07 13 03 4D .OVL1.0...U....M
0050: 45 52 31 0B 30 09 06 03 55 04 0A 13 02 44 43 31 ER1.0...U....DC1
0060: 0C 30 0A 06 03 55 04 0B 13 03 45 43 53 31 0E 30 .0...U....ECS1.0
0070: 0C 06 03 55 04 03 13 05 72 69 67 65 6C 30 1E 17 ...U....rigel0..
0080: 0D 30 33 31 30 30 38 30 39 35 36 34 32 5A 17 0D .031008095642Z..
0090: 30 34 30 31 30 36 30 39 35 36 34 32 5A 30 54 31 040106095642Z0T1
00A0: 0B 30 09 06 03 55 04 06 13 02 42 45 31 0C 30 0A .0...U....BE1.0.
00B0: 06 03 55 04 08 13 03 4F 56 4C 31 0C 30 0A 06 03 ..U....OVL1.0...
00C0: 55 04 07 13 03 4D 45 52 31 0B 30 09 06 03 55 04 U....MER1.0...U.
00D0: 0A 13 02 44 43 31 0C 30 0A 06 03 55 04 0B 13 03 ...DC1.0...U....
00E0: 45 43 53 31 0E 30 0C 06 03 55 04 03 13 05 72 69 ECS1.0...U....ri
00F0: 67 65 6C 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D gel0..0...*.H...
0100: 01 01 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 .........0......
0110: F0 8B 5A 91 87 97 AB 55 2A 6A AA 96 1F CF 77 D7 ..Z....U*j....w.
0120: 73 C2 23 4D 78 51 CF 6E 3F 10 46 C5 DA D7 9D 75 s.#MxQ.n?.F....u
0130: 77 3A 94 4A 07 5B D6 38 82 18 AE 71 6A 76 F9 6F w:.J.[.8...qjv.o
0140: 58 19 9D 2F 97 EE 4E 38 0E 3F E1 B2 5D 2D C1 1A X../..N8.?..]-..
0150: 0E F2 08 B2 D6 FF 0A 5E FC BD 57 73 C1 F0 09 C3 .......^..Ws....
0160: 8E E4 20 C2 CC 96 E3 DE 24 2C 76 DD 9C BA F3 D2 .. .....$,v.....
0170: 14 FC 94 86 C6 A3 6D 90 02 6B 5C 6E C7 94 0A 44 ......m..k\n...D
0180: A2 64 F6 A2 31 16 1E AC 97 36 17 84 7E 60 EC 2B .d..1....6...`.+
0190: 02 03 01 00 01 30 0D 06 09 2A 86 48 86 F7 0D 01 .....0...*.H....
01A0: 01 04 05 00 03 81 81 00 E0 21 80 C9 4C 8C BC FC .........!..L...
01B0: 48 B3 36 6A 0B E1 C1 94 79 E1 E7 6B 27 B0 71 7D H.6j....y..k'.q.
01C0: CF 17 A6 B9 E6 71 D6 85 6F 9F EB 66 73 4B CB A2 .....q..o..fsK..
01D0: C1 A2 7F F3 38 A1 A7 8B 92 F0 82 1F 4A A4 E9 F5 ....8.......J...
01E0: 8C 64 0B 7E 86 61 C0 D5 74 60 7D D3 B0 11 3F 77 .d...a..t`....?w
01F0: B9 D8 EC 7D 17 22 D8 7C 77 42 CB C1 24 CC 26 5E ....."..wB..$.&^
0200: CF 8A 20 7D 77 44 D4 29 DF 59 D1 17 CE D2 51 59 .. .wD.).Y....QY
0210: BC 53 35 B0 EB CE 51 CE 79 F7 D2 53 CE FD 2F 9A .S5...Q.y..S../.
0220: FD 1A A8 E3 3C 58 AF EB ....<X..
*** CertificateRequest
Cert Types: DSS, RSA,
Cert Authorities:
<OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
<OU=Class 4 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<CN=kws, OU=Delaware, O=Delaware, L=BE, ST=BE, C=BE>
<OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA>
[read] MD5 and SHA1 hashes: len = 1645
0000: 0D 00 06 69 02 02 01 06 64 00 61 30 5F 31 0B 30 ...i....d.a0_1.0
0010: 09 06 03 55 04 06 13 02 55 53 31 17 30 15 06 03 ...U....US1.0...
0020: 55 04 0A 13 0E 56 65 72 69 53 69 67 6E 2C 20 49 U....VeriSign, I
0030: 6E 63 2E 31 37 30 35 06 03 55 04 0B 13 2E 43 6C nc.1705..U....Cl
0040: 61 73 73 20 33 20 50 75 62 6C 69 63 20 50 72 69 ass 3 Public Pri
0050: 6D 61 72 79 20 43 65 72 74 69 66 69 63 61 74 69 mary Certificati
0060: 6F 6E 20 41 75 74 68 6F 72 69 74 79 00 D1 30 81 on Authority..0.
0070: CE 31 0B 30 09 06 03 55 04 06 13 02 5A 41 31 15 .1.0...U....ZA1.
0080: 30 13 06 03 55 04 08 13 0C 57 65 73 74 65 72 6E 0...U....Western
0090: 20 43 61 70 65 31 12 30 10 06 03 55 04 07 13 09 Cape1.0...U....
00A0: 43 61 70 65 20 54 6F 77 6E 31 1D 30 1B 06 03 55 Cape Town1.0...U
00B0: 04 0A 13 14 54 68 61 77 74 65 20 43 6F 6E 73 75 ....Thawte Consu
00C0: 6C 74 69 6E 67 20 63 63 31 28 30 26 06 03 55 04 lting cc1(0&..U.
00D0: 0B 13 1F 43 65 72 74 69 66 69 63 61 74 69 6F 6E ...Certification
00E0: 20 53 65 72 76 69 63 65 73 20 44 69 76 69 73 69 Services Divisi
00F0: 6F 6E 31 21 30 1F 06 03 55 04 03 13 18 54 68 61 on1!0...U....Tha
0100: 77 74 65 20 50 72 65 6D 69 75 6D 20 53 65 72 76 wte Premium Serv
0110: 65 72 20 43 41 31 28 30 26 06 09 2A 86 48 86 F7 er CA1(0&..*.H..
0120: 0D 01 09 01 16 19 70 72 65 6D 69 75 6D 2D 73 65 ......premium-se
0130: 72 76 65 72 40 74 68 61 77 74 65 2E 63 6F 6D 00 [email protected].
0140: CE 30 81 CB 31 0B 30 09 06 03 55 04 06 13 02 5A .0..1.0...U....Z
0150: 41 31 15 30 13 06 03 55 04 08 13 0C 57 65 73 74 A1.0...U....West
0160: 65 72 6E 20 43 61 70 65 31 12 30 10 06 03 55 04 ern Cape1.0...U.
0170: 07 13 09 43 61 70 65 20 54 6F 77 6E 31 1A 30 18 ...Cape Town1.0.
0180: 06 03 55 04 0A 13 11 54 68 61 77 74 65 20 43 6F ..U....Thawte Co
0190: 6E 73 75 6C 74 69 6E 67 31 28 30 26 06 03 55 04 nsulting1(0&..U.
01A0: 0B 13 1F 43 65 72 74 69 66 69 63 61 74 69 6F 6E ...Certification
01B0: 20 53 65 72 76 69 63 65 73 20 44 69 76 69 73 69 Services Divisi
01C0: 6F 6E 31 21 30 1F 06 03 55 04 03 13 18 54 68 61 on1!0...U....Tha
01D0: 77 74 65 20 50 65 72 73 6F 6E 61 6C 20 42 61 73 wte Personal Bas
01E0: 69 63 20 43 41 31 28 30 26 06 09 2A 86 48 86 F7 ic CA1(0&..*.H..
01F0: 0D 01 09 01 16 19 70 65 72 73 6F 6E 61 6C 2D 62 ......personal-b
0200: 61 73 69 63 40 74 68 61 77 74 65 2E 63 6F 6D 00 [email protected].
0210: 61 30 5F 31 0B 30 09 06 03 55 04 06 13 02 55 53 a0_1.0...U....US
0220: 31 20 30 1E 06 03 55 04 0A 13 17 52 53 41 20 44 1 0...U....RSA D
0230: 61 74 61 20 53 65 63 75 72 69 74 79 2C 20 49 6E ata Security, In
0240: 63 2E 31 2E 30 2C 06 03 55 04 0B 13 25 53 65 63 c.1.0,..U...%Sec
0250: 75 72 65 20 53 65 72 76 65 72 20 43 65 72 74 69 ure Server Certi
0260: 66 69 63 61 74 69 6F 6E 20 41 75 74 68 6F 72 69 fication Authori
0270: 74 79 00 61 30 5F 31 0B 30 09 06 03 55 04 06 13 ty.a0_1.0...U...
0280: 02 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 65 .US1.0...U....Ve
0290: 72 69 53 69 67 6E 2C 20 49 6E 63 2E 31 37 30 35 riSign, Inc.1705
02A0: 06 03 55 04 0B 13 2E 43 6C 61 73 73 20 34 20 50 ..U....Class 4 P
02B0: 75 62 6C 69 63 20 50 72 69 6D 61 72 79 20 43 65 ublic Primary Ce
02C0: 72 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 68 rtification Auth
02D0: 6F 72 69 74 79 00 61 30 5F 31 0B 30 09 06 03 55 ority.a0_1.0...U
02E0: 04 06 13 02 55 53 31 17 30 15 06 03 55 04 0A 13 ....US1.0...U...
02F0: 0E 56 65 72 69 53 69 67 6E 2C 20 49 6E 63 2E 31 .VeriSign, Inc.1
0300: 37 30 35 06 03 55 04 0B 13 2E 43 6C 61 73 73 20 705..U....Class
0310: 31 20 50 75 62 6C 69 63 20 50 72 69 6D 61 72 79 1 Public Primary
0320: 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 41 Certification A
0330: 75 74 68 6F 72 69 74 79 00 D2 30 81 CF 31 0B 30 uthority..0..1.0
0340: 09 06 03 55 04 06 13 02 5A 41 31 15 30 13 06 03 ...U....ZA1.0...
0350: 55 04 08 13 0C 57 65 73 74 65 72 6E 20 43 61 70 U....Western Cap
0360: 65 31 12 30 10 06 03 55 04 07 13 09 43 61 70 65 e1.0...U....Cape
0370: 20 54 6F 77 6E 31 1A 30 18 06 03 55 04 0A 13 11 Town1.0...U....
0380: 54 68 61 77 74 65 20 43 6F 6E 73 75 6C 74 69 6E Thawte Consultin
0390: 67 31 28 30 26 06 03 55 04 0B 13 1F 43 65 72 74 g1(0&..U....Cert
03A0: 69 66 69 63 61 74 69 6F 6E 20 53 65 72 76 69 63 ification Servic
03B0: 65 73 20 44 69 76 69 73 69 6F 6E 31 23 30 21 06 es Division1#0!.
03C0: 03 55 04 03 13 1A 54 68 61 77 74 65 20 50 65 72 .U....Thawte Per
03D0: 73 6F 6E 61 6C 20 50 72 65 6D 69 75 6D 20 43 41 sonal Premium CA
03E0: 31 2A 30 28 06 09 2A 86 48 86 F7 0D 01 09 01 16 1*0(..*.H.......
03F0: 1B 70 65 72 73 6F 6E 61 6C 2D 70 72 65 6D 69 75 .personal-premiu
0400: 6D 40 74 68 61 77 74 65 2E 63 6F 6D 00 D4 30 81 [email protected].
0410: D1 31 0B 30 09 06 03 55 04 06 13 02 5A 41 31 15 .1.0...U....ZA1.
0420: 30 13 06 03 55 04 08 13 0C 57 65 73 74 65 72 6E 0...U....Western
0430: 20 43 61 70 65 31 12 30 10 06 03 55 04 07 13 09 Cape1.0...U....
0440: 43 61 70 65 20 54 6F 77 6E 31 1A 30 18 06 03 55 Cape Town1.0...U
0450: 04 0A 13 11 54 68 61 77 74 65 20 43 6F 6E 73 75 ....Thawte Consu
0460: 6C 74 69 6E 67 31 28 30 26 06 03 55 04 0B 13 1F lting1(0&..U....
0470: 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 53 65 Certification Se
0480: 72 76 69 63 65 73 20 44 69 76 69 73 69 6F 6E 31 rvices Division1
0490: 24 30 22 06 03 55 04 03 13 1B 54 68 61 77 74 65 $0"..U....Thawte
04A0: 20 50 65 72 73 6F 6E 61 6C 20 46 72 65 65 6D 61 Personal Freema
04B0: 69 6C 20 43 41 31 2B 30 29 06 09 2A 86 48 86 F7 il CA1+0)..*.H..
04C0: 0D 01 09 01 16 1C 70 65 72 73 6F 6E 61 6C 2D 66 ......personal-f
04D0: 72 65 65 6D 61 69 6C 40 74 68 61 77 74 65 2E 63 [email protected]
04E0: 6F 6D 00 5D 30 5B 31 0B 30 09 06 03 55 04 06 13 om.]0[1.0...U...
04F0: 02 42 45 31 0B 30 09 06 03 55 04 08 13 02 42 45 .BE1.0...U....BE
0500: 31 0B 30 09 06 03 55 04 07 13 02 42 45 31 11 30 1.0...U....BE1.0
0510: 0F 06 03 55 04 0A 13 08 44 65 6C 61 77 61 72 65 ...U....Delaware
0520: 31 11 30 0F 06 03 55 04 0B 13 08 44 65 6C 61 77 1.0...U....Delaw
0530: 61 72 65 31 0C 30 0A 06 03 55 04 03 13 03 6B 77 are1.0...U....kw
0540: 73 00 61 30 5F 31 0B 30 09 06 03 55 04 06 13 02 s.a0_1.0...U....
0550: 55 53 31 17 30 15 06 03 55 04 0A 13 0E 56 65 72 US1.0...U....Ver
0560: 69 53 69 67 6E 2C 20 49 6E 63 2E 31 37 30 35 06 iSign, Inc.1705.
0570: 03 55 04 0B 13 2E 43 6C 61 73 73 20 32 20 50 75 .U....Class 2 Pu
0580: 62 6C 69 63 20 50 72 69 6D 61 72 79 20 43 65 72 blic Primary Cer
0590: 74 69 66 69 63 61 74 69 6F 6E 20 41 75 74 68 6F tification Autho
05A0: 72 69 74 79 00 C7 30 81 C4 31 0B 30 09 06 03 55 rity..0..1.0...U
05B0: 04 06 13 02 5A 41 31 15 30 13 06 03 55 04 08 13 ....ZA1.0...U...
05C0: 0C 57 65 73 74 65 72 6E 20 43 61 70 65 31 12 30 .Western Cape1.0
05D0: 10 06 03 55 04 07 13 09 43 61 70 65 20 54 6F 77 ...U....Cape Tow
05E0: 6E 31 1D 30 1B 06 03 55 04 0A 13 14 54 68 61 77 n1.0...U....Thaw
05F0: 74 65 20 43 6F 6E 73 75 6C 74 69 6E 67 20 63 63 te Consulting cc
0600: 31 28 30 26 06 03 55 04 0B 13 1F 43 65 72 74 69 1(0&..U....Certi
0610: 66 69 63 61 74 69 6F 6E 20 53 65 72 76 69 63 65 fication Service
0620: 73 20 44 69 76 69 73 69 6F 6E 31 19 30 17 06 03 s Division1.0...
0630: 55 04 03 13 10 54 68 61 77 74 65 20 53 65 72 76 U....Thawte Serv
0640: 65 72 20 43 41 31 26 30 24 06 09 2A 86 48 86 F7 er CA1&0$..*.H..
0650: 0D 01 09 01 16 17 73 65 72 76 65 72 2D 63 65 72 ......server-cer
0660: 74 73 40 74 68 61 77 74 65 2E 63 6F 6D [email protected]
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/PKCS1Padding
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret: { 3, 1, 183, 52, 32, 171, 15, 252, 104, 26, 122, 4, 33, 152, 207, 169, 53, 3, 54, 92, 207, 235, 108, 124, 43, 137, 189, 40, 155, 244, 16, 195, 171, 111, 45, 24, 118, 251, 161, 5, 255, 221, 102, 77, 136, 92, 253, 146 }
[write] MD5 and SHA1 hashes: len = 141
0000: 0B 00 00 03 00 00 00 10 00 00 82 00 80 E7 73 AF ..............s.
0010: 77 3C B9 37 C3 23 58 BB 44 7E B0 E1 EE D1 6F 37 w<.7.#X.D.....o7
0020: E9 C2 CB CD 5B 36 80 61 76 69 28 FA 66 E5 19 31 ....[6.avi(.f..1
0030: AF C5 CE 1D D0 B1 C0 A3 31 D4 2E 1A DB 1E CC 21 ........1......!
0040: 7F B9 9F 8C 6A B8 4C 43 50 78 95 CF 51 E3 9E 97 ....j.LCPx..Q...
0050: BF 07 DC 25 DE 56 D7 A5 7C D7 7D 5C D4 47 16 5D ...%.V.....\.G.]
0060: 54 FC FE 6C D8 C7 17 AB 18 A0 EE 31 B6 38 10 29 T..l.......1.8.)
0070: C4 D6 75 5B DB 1F B2 2B 20 28 40 C5 96 E4 E3 7A ..u[...+ (@....z
0080: 5C D6 85 C3 03 05 F5 38 FE 34 72 EF 3F \......8.4r.?
main, WRITE: SSL v3.1 Handshake, length = 141
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 B7 34 20 AB 0F FC 68 1A 7A 04 21 98 CF A9 ...4 ...h.z.!...
0010: 35 03 36 5C CF EB 6C 7C 2B 89 BD 28 9B F4 10 C3 5.6\..l.+..(....
0020: AB 6F 2D 18 76 FB A1 05 FF DD 66 4D 88 5C FD 92 .o-.v.....fM.\..
CONNECTION KEYGEN:
Client Nonce:
0000: 3F 84 09 08 2B 04 F4 67 36 6E 63 80 A2 84 16 02 ?...+..g6nc.....
0010: C5 70 5B 69 04 85 F9 72 8E 7A 2C CB 9C BC 84 64 .p[i...r.z,....d
Server Nonce:
0000: 3F 84 09 08 02 CF ED 36 65 77 74 21 3B 36 38 6F ?......6ewt!;68o
0010: AA 6E 5C 81 B2 43 7C 2E BB 99 F7 1B D8 C5 15 E8 .n\..C..........
Master Secret:
0000: 92 AB 4A D6 D4 F1 35 46 3D F8 20 64 7D 0D 1D 3C ..J...5F=. d...<
0010: 6D 12 61 D7 B6 21 1D F9 9E F2 A3 1E C8 72 16 48 m.a..!.......r.H
0020: 7E EB ED BD 71 66 89 36 8D A4 AA 30 A7 B6 F9 E3 ....qf.6...0....
Client MAC write Secret:
0000: FB B5 C5 28 A0 EF A9 2C 6F 6E 9A 8E 46 21 F8 5D ...(...,on..F!.]
0010: 21 3A F3 5A !:.Z
Server MAC write Secret:
0000: AC B4 8C 0C 19 E9 70 87 86 2C 88 19 74 96 CB 86 ......p..,..t...
0010: E1 57 28 D0 .W(.
Client write key:
0000: 67 8C 40 8A 0E F6 66 02 AA 57 A9 46 3E 4C 2B 0B [email protected]>L+.
Server write key:
0000: 39 79 50 0C 26 2A 0C 06 34 57 9F D0 ED 9E 76 1A 9yP.&*..4W....v.
... no IV for cipher
main, WRITE: SSL v3.1 Change Cipher Spec, length = 1
JsseJCE: Using JSSE internal implementation for cipher RC4
*** Finished, v3.1
verify_data: { 2, 131, 239, 184, 3, 52, 180, 31, 246, 47, 142, 241 }
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 02 83 EF B8 03 34 B4 1F F6 2F 8E F1 .........4.../..
Plaintext before ENCRYPTION: len = 36
0000: 14 00 00 0C 02 83 EF B8 03 34 B4 1F F6 2F 8E F1 .........4.../..
0010: E8 92 3D 1E 0C A5 0A B2 E3 71 7A E9 02 41 91 20 ..=......qz..A.
0020: 30 86 A2 47 0..G
main, WRITE: SSL v3.1 Handshake, length = 36
waiting for close_notify or alert: state 1
Exception while waiting for close java.net.SocketException: Software caused connection abort: JVM_recv in socket input stream read
main, SEND SSL v3.1 ALERT: warning, description = close_notify
Plaintext before ENCRYPTION: len = 22
0000: 01 00 BD 94 A3 63 BB DA 73 4F 7A 85 4B 79 25 76 .....c..sOz.Ky%v
0010: 8B 08 0F FF CE FC ......
main, WRITE: SSL v3.1 Alert, length = 22
java.net.SocketException: Software caused connection abort: JVM_recv in socket input stream read
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:116)
at com.sun.net.ssl.internal.ssl.InputRecord.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(DashoA6275)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.g(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA6275)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA6275)
at org.apache.commons.httpclient.HttpConnection$WrappedOutputStream.write(HttpConnection.java:1344)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:69)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127)
at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:779)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2179)
at org.apache.commons.httpclient.HttpMethodBase.processRequest(HttpMethodBase.java:2534)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1047)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:638)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:500)
at kws.testing.out.HTTPClient.main(HTTPClient.java:60)
Exception in thread "main"
Does someone have an idea on how to get client authentication (without password) work?
regards,
Kenneth... no IV for cipher
This line is in my debug and the debug posted in the original message.
Am having the same problem of accessing a page with a Client Side Cert that uses a password. I get debug that has the "no IV for cipher" message. It does not throw
an exception, but gets a 403 from server.
Does anyone know? Will a Client Side Cert with a Symmetric Key work in Java APIs?
I load the .pfx cert into a Java KeyStore and send this to Apache HTTPClient. -
Help - untrusted server cert chain again !!!
Hi,
I dont understand what's wrong, I have a cert file(pnew.p12) which can be used talking to secure server via browser with no problem(do it means it been signed by my CA already?).
then I try to do it in JSSE.
First, I export to Base64 cer format file called mycert.cer.
then, I create truststore use:
keytool -import -alias mycert -keystore mytrust -storepass 111111 -trustcacerts
Then, In my code, I read this truststore and key file from original cer file(pnew.p12)
-------- my test.java code ----------
KeyManagerFactory kmf;
TrustManagerFactory tmf;
KeyStore ts;
char[] passphrase = "111111".toCharArray();
char[] passphrase1 = "222222".toCharArray();
ctx = SSLContext.getInstance("TLS");
kmf = KeyManagerFactory.getInstance("SunX509");
tmf = TrustManagerFactory.getInstance("SunX509");
ts = KeyStore.getInstance("JKS");
KeyStore ks=KeyStore.getInstance("PKCS12");
ts.load(new FileInputStream("mytrust"), passphrase);
ks.load(new FileInputStream("pnew.p12"), passphrase1);
tmf.init(ts);
kmf.init(ks, passphrase1);
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
factory = ctx.getSocketFactory();
I know steps which be used to talk to server as follow:
1. Client hello
2. Server hello
3. Certificate (Optional)
4. Certificate request (Optional)
5. Server key exchange (Optional)
6. Server hello done
7. Certificate (Optional)
8. Client key exchange
9. Certificate verify (Optional)
10. Change cipher spec
11. Finished
12. Change cipher spec
13. Finished
14. Encrypted data
I also know what's this error means, but I still cant figure out how to fix it(it is no system clock problem). can someone give me some ideas? or do I need to require any cert from guy who hosting secure server?
C:\jdk1.4\demo\jsse\sockets\client>java -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -Djavax.net.debug=ssl test adding as trusted cert: [
Version: V1
Subject: OID.2.5.4.5=14 + CN=EIS secure-Test2 + [email protected], DNQ=TRL Demo Customer, C=AU
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@31c260
Validity: [From: Mon Jan 01 11:00:00 EST 2001,
To: Thu Jan 01 10:59:59 EST 2004]
Issuer: OU=Prototype Research CA, O=secure Research Laboratories, C=AU
SerialNumber: [ 260e]
Algorithm: [MD5withRSA]
Signature:
0000: 24 3F 01 69 AB 6B 9A B8 CD 92 AA 8A FF 11 7F 9D $?.i.k..........
0010: 0F 5E 20 3A 43 8C 58 F9 8C 14 28 00 FE 2A 52 95 .^ :C.X...(..*R.
0020: 86 62 3A 5D 6D 17 60 DF 67 4A 6D 83 8C EF 8E 12 .b:]m.`.gJm.....
0030: D0 84 68 03 AC C1 41 28 4F 0A E6 CA 02 38 DF E1 ..h...A(O....8..
0040: 6C 96 8E C0 74 65 F7 07 DA 57 5C 79 53 FF 23 AA l...te...W\yS.#.
0050: D3 E3 1F E7 D8 C8 92 5D B2 3B FC 30 EE 26 6A B8 .......].;.0.&j.
found key for : eis secure-test2's secure research laboratories id
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 993449488 bytes = { 225, 246, 212, 140, 222, 64, 204, 172, 19, 68, 80, 74, 158, 218, 215, 169, 231, 97, 88, 0, 198, 89, 193, 202, 247, 137, 137, 130 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 3B 37 D6 10 E1 F6 D4 8C DE 40 ...7..;7.......@
0010: CC AC 13 44 50 4A 9E DA D7 A9 E7 61 58 00 C6 59 ...DPJ.....aX..Y
0020: C1 CA F7 89 89 82 00 00 10 00 05 00 04 00 09 00 ................
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 3B 37 D6 .............;7.
0030: 10 E1 F6 D4 8C DE 40 CC AC 13 44 50 4A 9E DA D7 [email protected]...
0040: A9 E7 61 58 00 C6 59 C1 CA F7 89 89 82 ..aX..Y......
main, WRITE: SSL v2, contentType = 22, translated length = 16310
main, READ: SSL v3.0 Handshake, length = 3032
*** ServerHello, v3.0
RandomCookie: GMT: -1000857547 bytes = { 206, 49, 99, 167, 24, 34, 141, 105, 218, 92, 156, 73, 140, 60, 97, 32, 107, 172, 35, 105, 10, 147, 126, 37, 232, 221, 67, 208 }
Session ID: {1, 79, 211, 81, 55, 204, 160, 210, 64, 200, 49, 173, 91, 16, 107, 40, 145, 101, 201, 32, 79, 56, 236, 96, 11, 122, 223, 205, 2, 137, 193, 165}
Cipher Suite: { 0, 4 }
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 00 C4 58 20 35 CE 31 63 A7 18 22 ...F...X 5.1c.."
0010: 8D 69 DA 5C 9C 49 8C 3C 61 20 6B AC 23 69 0A 93 .i.\.I.<a k.#i..
0020: 7E 25 E8 DD 43 D0 20 01 4F D3 51 37 CC A0 D2 40 .%..C. .O.Q7...@
0030: C8 31 AD 5B 10 6B 28 91 65 C9 20 4F 38 EC 60 0B .1.[.k(.e. O8.`.
0040: 7A DF CD 02 89 C1 A5 00 04 00 z.........
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=pocketnews.secure.com, OU=OnAir, O=secure, L=Sydney, ST=NSW, C=AU
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@38e059
Validity: [From: Fri Aug 18 10:00:00 EST 2000,
To: Sun Aug 19 09:59:59 EST 2001]
Issuer: OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign, OU=VeriSign International Server CA - Class 3, OU="VeriSign, Inc.", O=VeriSign Trust Network
SerialNumber: [ 6a2bcc17 0d6f8a04 1c49aa2d 84464c3e ]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.5.29.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 82 02 16 30 82 02 12 30 82 02 0E 30 82 02 0A ....0...0...0...
0010: 06 0B 60 86 48 01 86 F8 45 01 07 01 01 30 82 01 ..`.H...E....0..
0020: F9 16 82 01 A7 54 68 69 73 20 63 65 72 74 69 66 .....This certif
0030: 69 63 61 74 65 20 69 6E 63 6F 72 70 6F 72 61 74 icate incorporat
0040: 65 73 20 62 79 20 72 65 66 65 72 65 6E 63 65 2C es by reference,
0050: 20 61 6E 64 20 69 74 73 20 75 73 65 20 69 73 20 and its use is
0060: 73 74 72 69 63 74 6C 79 20 73 75 62 6A 65 63 74 strictly subject
0070: 20 74 6F 2C 20 74 68 65 20 56 65 72 69 53 69 67 to, the VeriSig
0080: 6E 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 n Certification
0090: 50 72 61 63 74 69 63 65 20 53 74 61 74 65 6D 65 Practice Stateme
00A0: 6E 74 20 28 43 50 53 29 2C 20 61 76 61 69 6C 61 nt (CPS), availa
00B0: 62 6C 65 20 61 74 3A 20 68 74 74 70 73 3A 2F 2F ble at: https://
00C0: 77 77 77 2E 76 65 72 69 73 69 67 6E 2E 63 6F 6D www.verisign.com
00D0: 2F 43 50 53 3B 20 62 79 20 45 2D 6D 61 69 6C 20 /CPS; by E-mail
00E0: 61 74 20 43 50 53 2D 72 65 71 75 65 73 74 73 40 at CPS-requests@
00F0: 76 65 72 69 73 69 67 6E 2E 63 6F 6D 3B 20 6F 72 verisign.com; or
0100: 20 62 79 20 6D 61 69 6C 20 61 74 20 56 65 72 69 by mail at Veri
0110: 53 69 67 6E 2C 20 49 6E 63 2E 2C 20 32 35 39 33 Sign, Inc., 2593
0120: 20 43 6F 61 73 74 20 41 76 65 2E 2C 20 4D 6F 75 Coast Ave., Mou
0130: 6E 74 61 69 6E 20 56 69 65 77 2C 20 43 41 20 39 ntain View, CA 9
0140: 34 30 34 33 20 55 53 41 20 54 65 6C 2E 20 2B 31 4043 USA Tel. +1
0150: 20 28 34 31 35 29 20 39 36 31 2D 38 38 33 30 20 (415) 961-8830
0160: 43 6F 70 79 72 69 67 68 74 20 28 63 29 20 31 39 Copyright (c) 19
0170: 39 36 20 56 65 72 69 53 69 67 6E 2C 20 49 6E 63 96 VeriSign, Inc
0180: 2E 20 20 41 6C 6C 20 52 69 67 68 74 73 20 52 65 . All Rights Re
0190: 73 65 72 76 65 64 2E 20 43 45 52 54 41 49 4E 20 served. CERTAIN
01A0: 57 41 52 52 41 4E 54 49 45 53 20 44 49 53 43 4C WARRANTIES DISCL
01B0: 41 49 4D 45 44 20 61 6E 64 20 4C 49 41 42 49 4C AIMED and LIABIL
01C0: 49 54 59 20 4C 49 4D 49 54 45 44 2E A0 0E 06 0C ITY LIMITED.....
01D0: 60 86 48 01 86 F8 45 01 07 01 01 01 A1 0E 06 0C `.H...E.........
01E0: 60 86 48 01 86 F8 45 01 07 01 01 02 30 2C 30 2A `.H...E.....0,0*
01F0: 16 28 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 .(https://www.ve
0200: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 65 70 6F 73 risign.com/repos
0210: 69 74 6F 72 79 2F 43 50 53 20 itory/CPS
[3]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[2.16.840.1.113730.4.1]]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [MD5withRSA]
Signature:
0000: CF EE E8 78 F8 75 6A 6F F9 B0 7C B9 33 F2 D0 8C ...x.ujo....3...
0010: 5D 88 B7 A8 42 89 87 D9 76 50 9B 0C E3 9C 05 2A ]...B...vP.....*
0020: 6D 0E 25 7A 5F 2D 07 EE AF 1F 73 05 93 BF EE 65 m.%z_-....s....e
0030: D7 E7 97 CD EA EE 6D 11 EF 0C 48 67 18 A4 B0 03 ......m...Hg....
0040: F4 A3 1B 2E EA 14 9C 56 5A 98 BF 2F AD 4B 50 4A .......VZ../.KPJ
0050: 21 8E 0F DA 4A DE 4E 82 53 FB BF F2 B8 D4 AD 2A !...J.N.S......*
0060: B8 DC C1 9B 2C A9 96 66 12 D9 5A 97 AB 3D 1C 5C ....,..f..Z..=.\
0070: 24 25 1C 0A 2E 08 F6 0A 26 E0 7E D5 36 76 00 90 $%......&...6v..
chain [1] = [
Version: V3
Subject: OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign, OU=VeriSign International Server CA - Class 3, OU="VeriSign, Inc.", O=VeriSign Trust Network
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@15c083
Validity: [From: Thu Apr 17 10:00:00 EST 1997,
To: Thu Jan 08 10:59:59 EST 2004]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
SerialNumber: [ 236c971e 2bc60d0b f97460de f108c3c3 ]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
[2]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 ..https://www.ve
0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 43 50 53 risign.com/CPS
], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 D9 30 15 16 0E 56 65 72 69 53 69 67 6E 2C 0..0...VeriSign,
0010: 20 49 6E 63 2E 30 03 02 01 01 1A 81 BF 56 65 72 Inc.0.......Ver
0020: 69 53 69 67 6E 27 73 20 43 65 72 74 69 66 69 63 iSign's Certific
0030: 61 74 69 6F 6E 20 50 72 61 63 74 69 63 65 20 53 ation Practice S
0040: 74 61 74 65 6D 65 6E 74 2C 20 77 77 77 2E 76 65 tatement, www.ve
0050: 72 69 73 69 67 6E 2E 63 6F 6D 2F 43 50 53 2C 20 risign.com/CPS,
0060: 67 6F 76 65 72 6E 73 20 74 68 69 73 20 63 65 72 governs this cer
0070: 74 69 66 69 63 61 74 65 20 26 20 69 73 20 69 6E tificate & is in
0080: 63 6F 72 70 6F 72 61 74 65 64 20 62 79 20 72 65 corporated by re
0090: 66 65 72 65 6E 63 65 20 68 65 72 65 69 6E 2E 20 ference herein.
00A0: 53 4F 4D 45 20 57 41 52 52 41 4E 54 49 45 53 20 SOME WARRANTIES
00B0: 44 49 53 43 4C 41 49 4D 45 44 20 26 20 4C 49 41 DISCLAIMED & LIA
00C0: 42 49 4C 49 54 59 20 4C 54 44 2E 20 28 63 29 31 BILITY LTD. (c)1
00D0: 39 39 37 20 56 65 72 69 53 69 67 6E 997 VeriSign
[3]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[2.16.840.1.113733.1.8.1, 2.16.840.1.113730.4.1]]
[4]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
[5]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:0
Algorithm: [MD2withRSA]
Signature:
0000: B8 8C 98 C3 2B 48 F5 72 CD 68 0D 1A B3 74 63 BB ....+H.r.h...tc.
0010: B1 58 B6 98 45 22 EC 11 8D C7 4E 33 8B 62 5A 21 .X..E"....N3.bZ!
0020: 24 6C 9A C0 42 B4 45 A9 3A FB 67 F0 91 BE 18 1F $l..B.E.:.g.....
0030: D5 48 19 93 6B 8D CB 37 4B 86 E6 7D 9B FD 8C 78 .H..k..7K......x
0040: 99 FF 83 C2 FC D9 55 06 9E 31 66 46 7D 1B 78 60 ......U..1fF..x`
0050: F4 55 D4 6C 55 C8 69 62 70 7C 4D B6 89 06 05 9B .U.lU.ibp.M.....
0060: C8 43 8E CC 0C 28 D5 D1 8C CD 46 50 E3 31 96 66 .C...(....FP.1.f
0070: 92 11 24 1E 4A 5B 4B 66 5E 65 55 1E 5F 37 9A AE ..$.J[Kf^eU._7..
chain [2] = [
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@2d9c06
Validity: [From: Mon Jan 29 11:00:00 EST 1996,
To: Sat Jan 01 10:59:59 EST 2000]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
SerialNumber: [ 02a10000 01]
Algorithm: [MD2withRSA]
Signature:
0000: 75 66 6C 3E D1 CD 81 DB B5 F8 2F 36 51 B6 F7 42 ufl>....../6Q..B
0010: BC CD 42 AF DC 0E FA 15 6C F8 67 93 57 3A EB B6 ..B.....l.g.W:..
0020: 92 E8 B6 01 CA 8C B7 8E 43 B4 49 65 F9 3E EE BD ........C.Ie.>..
0030: 75 46 2E C9 FC 25 5D A8 C7 2F 8B 9B 8F 68 CF B4 uF...%]../...h..
0040: 9C 97 18 C0 4D EF 1F D9 AF 82 B3 E6 64 B8 84 5C ....M.......d..\
0050: 8A 9A 07 52 43 61 FB 74 9E 5B 3A 36 FC 4C B2 FC ...RCa.t.[:6.L..
0060: 1A 3F 15 2E A5 5B 3C 1B 90 EC 88 29 E4 59 16 F9 .?...[<....).Y..
0070: CE 07 AD EC E9 DD DA D2 31 8A 4F D6 D8 EF 17 8D ........1.O.....
out of date cert: [
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@2d9c06
Validity: [From: Mon Jan 29 11:00:00 EST 1996,
To: Sat Jan 01 10:59:59 EST 2000]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
SerialNumber: [ 02a10000 01]
Algorithm: [MD2withRSA]
Signature:
0000: 75 66 6C 3E D1 CD 81 DB B5 F8 2F 36 51 B6 F7 42 ufl>....../6Q..B
0010: BC CD 42 AF DC 0E FA 15 6C F8 67 93 57 3A EB B6 ..B.....l.g.W:..
0020: 92 E8 B6 01 CA 8C B7 8E 43 B4 49 65 F9 3E EE BD ........C.Ie.>..
0030: 75 46 2E C9 FC 25 5D A8 C7 2F 8B 9B 8F 68 CF B4 uF...%]../...h..
0040: 9C 97 18 C0 4D EF 1F D9 AF 82 B3 E6 64 B8 84 5C ....M.......d..\
0050: 8A 9A 07 52 43 61 FB 74 9E 5B 3A 36 FC 4C B2 FC ...RCa.t.[:6.L..
0060: 1A 3F 15 2E A5 5B 3C 1B 90 EC 88 29 E4 59 16 F9 .?...[<....).Y..
0070: CE 07 AD EC E9 DD DA D2 31 8A 4F D6 D8 EF 17 8D ........1.O.....
main, SEND SSL v3.0 ALERT: fatal, description = certificate_unknown
main, WRITE: SSL v3.0 Alert, length = 2
javax.net.ssl.SSLHandshakeException: untrusted server cert chain
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-120198])
at java.io.OutputStream.write(OutputStream.java:61)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-V1.2-120198])
at test.main(test.java:82)Hi david,
I am also having the same problem. Below is my debug message. If possible pl. tell me what you did to fix the problem.
Debug.
*** ClientHello, v3.1
[write] MD5 and SHA1 hashes: len = 47
0000: 01 00 00 2B 03 01 3B 6F 8A 74 C3 88 A3 70 1F F6 ...+..;o.t...p..
0010: 86 9F F7 50 66 12 1C BF 9A 0D 5F ED 20 F4 07 52 ...Pf....._. ..R
0020: 17 A7 6A 1B 10 8C 00 00 04 00 03 00 11 01 00 ..j............
[write] MD5 and SHA1 hashes: len = 50
0000: 01 03 01 00 09 00 00 00 20 00 00 03 02 00 80 00 ........ .......
0010: 00 11 3B 6F 8A 74 C3 88 A3 70 1F F6 86 9F F7 50 ..;o.t...p.....P
0020: 66 12 1C BF 9A 0D 5F ED 20 F4 07 52 17 A7 6A 1B f....._. ..R..j.
0030: 10 8C ..
*** ServerHello, v3.0
** SSL_RSA_EXPORT_WITH_RC4_40_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 00 3B 70 1F 94 E6 2C 62 7F 14 9E ...F..;p...,b...
0010: C2 AE 2A B9 56 DE 49 B7 6D 1F 24 45 38 45 5F DA ..*.V.I.m.$E8E_.
0020: AE CB C5 7F 05 9F 20 3B 70 1F 94 E3 5E E5 BC 17 ...... ;p...^...
0030: 18 7D FE CE B3 9D F6 37 27 05 9D 3F 8C D2 82 16 .......7'..?....
0040: 6F 3C 55 84 9E 9A A5 00 03 00 o<U.......
*** Certificate chain
[read] MD5 and SHA1 hashes: len = 1021
0000: 0B 00 03 F9 00 03 F6 00 01 F8 30 82 01 F4 30 82 ..........0...0.
0010: 01 9E 02 01 00 30 0D 06 09 2A 86 48 86 F7 0D 01 .....0...*.H....
0020: 01 04 05 00 30 81 84 31 0B 30 09 06 03 55 04 06 ....0..1.0...U..
0030: 13 02 49 4E 31 0B 30 09 06 03 55 04 08 13 02 54 ..IN1.0...U....T
0040: 4E 31 10 30 0E 06 03 55 04 07 13 07 43 48 45 4E N1.0...U....CHEN
0050: 4E 41 49 31 0D 30 0B 06 03 55 04 0A 13 04 41 32 NAI1.0...U....A2
0060: 57 49 31 0C 30 0A 06 03 55 04 0B 13 03 44 45 56 WI1.0...U....DEV
0070: 31 0D 30 0B 06 03 55 04 03 13 04 41 32 57 49 31 1.0...U....A2WI1
0080: 2A 30 28 06 09 2A 86 48 86 F7 0D 01 09 01 16 1B *0(..*.H........
0090: 61 64 6D 69 6E 69 73 74 72 61 74 6F 72 40 61 69 administrator@ai
00A0: 72 32 77 65 62 2E 63 6F 2E 69 6E 30 1E 17 0D 30 r2web.co.in0...0
00B0: 31 30 33 30 38 32 33 31 32 32 37 5A 17 0D 30 32 10308231227Z..02
00C0: 30 33 30 38 32 33 31 32 32 37 5A 30 81 84 31 0B 0308231227Z0..1.
00D0: 30 09 06 03 55 04 06 13 02 49 4E 31 0B 30 09 06 0...U....IN1.0..
00E0: 03 55 04 08 13 02 54 4E 31 10 30 0E 06 03 55 04 .U....TN1.0...U.
00F0: 07 13 07 43 48 45 4E 4E 41 49 31 0D 30 0B 06 03 ...CHENNAI1.0...
0100: 55 04 0A 13 04 41 32 57 49 31 0C 30 0A 06 03 55 U....A2WI1.0...U
0110: 04 0B 13 03 44 45 56 31 0D 30 0B 06 03 55 04 03 ....DEV1.0...U..
0120: 13 04 41 32 57 49 31 2A 30 28 06 09 2A 86 48 86 ..A2WI1*0(..*.H.
0130: F7 0D 01 09 01 16 1B 61 64 6D 69 6E 69 73 74 72 .......administr
0140: 61 74 6F 72 40 61 69 72 32 77 65 62 2E 63 6F 2E [email protected].
0150: 69 6E 30 5C 30 0D 06 09 2A 86 48 86 F7 0D 01 01 in0\0...*.H.....
0160: 01 05 00 03 4B 00 30 48 02 41 00 D6 44 43 83 68 ....K.0H.A..DC.h
0170: 77 B8 8B 05 FC 06 16 50 51 D7 66 91 7E 2C 13 FE w......PQ.f..,..
0180: 18 F4 64 9A 81 9F B2 EA CE 11 21 7F 4B B6 0B 41 ..d.......!.K..A
0190: 31 CE C1 90 5C 24 90 F8 A5 B8 9D 00 A8 81 59 17 1...\$........Y.
01A0: D4 CB 32 FC 43 DB D8 7A 06 6C 43 02 03 01 00 01 ..2.C..z.lC.....
01B0: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 00 03 0...*.H.........
01C0: 41 00 A3 FF F8 4B 49 B0 77 4E F8 8E 9D A1 99 58 A....KI.wN.....X
01D0: 65 3E 39 E4 7D BD 33 67 47 62 7B CE EC 9D 2B FB e>9...3gGb....+.
01E0: 59 F6 8D C6 BE 75 9F FE 17 C6 EB A8 77 36 40 F9 Y....u......w6@.
01F0: 49 19 8B 83 60 CE 43 73 90 0D BA 2A 30 98 93 EF I...`.Cs...*0...
0200: FF 6F 00 01 F8 30 82 01 F4 30 82 01 9E 02 01 00 .o...0...0......
0210: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 00 30 0...*.H........0
0220: 81 84 31 0B 30 09 06 03 55 04 06 13 02 49 4E 31 ..1.0...U....IN1
0230: 0B 30 09 06 03 55 04 08 13 02 54 4E 31 10 30 0E .0...U....TN1.0.
0240: 06 03 55 04 07 13 07 43 48 45 4E 4E 41 49 31 0D ..U....CHENNAI1.
0250: 30 0B 06 03 55 04 0A 13 04 41 32 57 49 31 0C 30 0...U....A2WI1.0
0260: 0A 06 03 55 04 0B 13 03 44 45 56 31 0D 30 0B 06 ...U....DEV1.0..
0270: 03 55 04 03 13 04 41 32 57 49 31 2A 30 28 06 09 .U....A2WI1*0(..
0280: 2A 86 48 86 F7 0D 01 09 01 16 1B 61 64 6D 69 6E *.H........admin
0290: 69 73 74 72 61 74 6F 72 40 61 69 72 32 77 65 62 istrator@air2web
02A0: 2E 63 6F 2E 69 6E 30 1E 17 0D 30 31 30 33 30 38 .co.in0...010308
02B0: 32 33 31 32 32 37 5A 17 0D 30 32 30 33 30 38 32 231227Z..0203082
02C0: 33 31 32 32 37 5A 30 81 84 31 0B 30 09 06 03 55 31227Z0..1.0...U
02D0: 04 06 13 02 49 4E 31 0B 30 09 06 03 55 04 08 13 ....IN1.0...U...
02E0: 02 54 4E 31 10 30 0E 06 03 55 04 07 13 07 43 48 .TN1.0...U....CH
02F0: 45 4E 4E 41 49 31 0D 30 0B 06 03 55 04 0A 13 04 ENNAI1.0...U....
0300: 41 32 57 49 31 0C 30 0A 06 03 55 04 0B 13 03 44 A2WI1.0...U....D
0310: 45 56 31 0D 30 0B 06 03 55 04 03 13 04 41 32 57 EV1.0...U....A2W
0320: 49 31 2A 30 28 06 09 2A 86 48 86 F7 0D 01 09 01 I1*0(..*.H......
0330: 16 1B 61 64 6D 69 6E 69 73 74 72 61 74 6F 72 40 ..administrator@
0340: 61 69 72 32 77 65 62 2E 63 6F 2E 69 6E 30 5C 30 air2web.co.in0\0
0350: 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 4B ...*.H.........K
0360: 00 30 48 02 41 00 D6 44 43 83 68 77 B8 8B 05 FC .0H.A..DC.hw....
0370: 06 16 50 51 D7 66 91 7E 2C 13 FE 18 F4 64 9A 81 ..PQ.f..,....d..
0380: 9F B2 EA CE 11 21 7F 4B B6 0B 41 31 CE C1 90 5C .....!.K..A1...\
0390: 24 90 F8 A5 B8 9D 00 A8 81 59 17 D4 CB 32 FC 43 $........Y...2.C
03A0: DB D8 7A 06 6C 43 02 03 01 00 01 30 0D 06 09 2A ..z.lC.....0...*
03B0: 86 48 86 F7 0D 01 01 04 05 00 03 41 00 A3 FF F8 .H.........A....
03C0: 4B 49 B0 77 4E F8 8E 9D A1 99 58 65 3E 39 E4 7D KI.wN.....Xe>9..
03D0: BD 33 67 47 62 7B CE EC 9D 2B FB 59 F6 8D C6 BE .3gGb....+.Y....
03E0: 75 9F FE 17 C6 EB A8 77 36 40 F9 49 19 8B 83 60 [email protected]...`
03F0: CE 43 73 90 0D BA 2A 30 98 93 EF FF 6F .Cs...*0....o
[read] MD5 and SHA1 hashes: len = 145
0000: 0D 00 00 8D 01 01 00 89 00 87 30 81 84 31 0B 30 ..........0..1.0
0010: 09 06 03 55 04 06 13 02 49 4E 31 0B 30 09 06 03 ...U....IN1.0...
0020: 55 04 08 13 02 54 4E 31 10 30 0E 06 03 55 04 07 U....TN1.0...U..
0030: 13 07 43 48 45 4E 4E 41 49 31 0D 30 0B 06 03 55 ..CHENNAI1.0...U
0040: 04 0A 13 04 41 32 57 49 31 0C 30 0A 06 03 55 04 ....A2WI1.0...U.
0050: 0B 13 03 44 45 56 31 0D 30 0B 06 03 55 04 03 13 ...DEV1.0...U...
0060: 04 41 32 57 49 31 2A 30 28 06 09 2A 86 48 86 F7 .A2WI1*0(..*.H..
0070: 0D 01 09 01 16 1B 61 64 6D 69 6E 69 73 74 72 61 ......administra
0080: 74 6F 72 40 61 69 72 32 77 65 62 2E 63 6F 2E 69 [email protected]
0090: 6E n
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
main, SEND SSL v3.0 ALERT: warning, description = no_certificate
*** ClientKeyExchange, RSA PreMasterSecret, v3.0
[write] MD5 and SHA1 hashes: len = 68
0000: 10 00 00 40 0C C4 88 95 C5 C9 2F 46 EF B9 EF EA ...@....../F....
0010: AB C5 46 E2 38 4F 4A CA 19 D8 08 8D 36 70 2B 7D ..F.8OJ.....6p+.
0020: 7F 8E 05 71 29 57 69 7B B2 6E 0C ED 61 03 DB 41 ...q)Wi..n..a..A
0030: F1 1A F0 94 AC F0 23 C8 E4 15 60 E2 47 14 A9 3E ......#...`.G..>
0040: 73 14 D3 C8 s...
main, WRITE: SSL v3.0 Change Cipher Spec, length = 1
*** Finished, v3.0
[write] MD5 and SHA1 hashes: len = 40
0000: 14 00 00 24 EC 0F 78 6D 4E 96 70 8D AB 0E 2F 6F ...$..xmN.p.../o
0010: 24 59 2F AF E4 66 9B DE 65 2C 23 E0 2E B5 DB 15 $Y/..f..e,#.....
0020: B8 9B 30 A6 E4 B8 4F 7F ..0...O.
*** Finished, v3.0
[read] MD5 and SHA1 hashes: len = 40
0000: 14 00 00 24 98 0E E7 1C 54 D8 BE B3 3D 23 4C 65 ...$....T...=#Le
0010: E9 B2 24 81 F6 F0 63 92 EB 92 8C 50 64 94 1F 04 ..$...c....Pd...
0020: 7D 27 25 C4 19 F1 C8 A7 .'%.....
main, RECV SSLv3 ALERT: warning, close_notify
main, SEND SSL v3.0 ALERT: warning, description = close_notify -
JSSE 1.0.2 : Unsupported keyword OID.2.5.4.5 (id-at-serialNumber)
Hi,
I am encountering the following exception when opening an SSL connection to an
HTTPS web server (running apache + mod_ssl ) :
java.io.IOException: unsupported keyword OID.2.5.4.5
at com.sun.net.ssl.internal.ssl.AVA.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.RDN.<init>([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.X500Name.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.X500Name.<init>([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect([DashoPro-V
1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream([Das
hoPro-V1.2-120198])
at [...]The web server's X.509 V3 certificate was acquired from Certinomis (a
french company - www.certinomis.com), and I have imported its root CA and
intermediate CA into my client JVM's keystore using keytool.
After a short investigation, it looks like it is a bug of JSSE 1.0.2
implementation which doesn't recognize the Object Id 2.5.4.5 which
according to the following page, is a standard X.500 attribute :
http://www.alvestrand.no/objectid/2.5.4.5.html
Here is an excerpt of this page :
2.5.4.5 - id-at-serialNumber
OID value: 2.5.4.5
OID description: The Serial Number attribute type specifies an identifier, the
serial number of a device.
An attribute value for Serial Number is a printable string.
serialNumber ATTRIBUTE ::= {
WITH SYNTAX PrintableString (SIZE (1..ub-serialNumber))
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
ID id-at-serialNumber
}The very same code works when accessing web sites using Verisign certificates
which do not contain such a 2.5.4.5 OID in the certificate subject, so it may
well be dued to a malformation of the Certinomis certificate.
Any help appreciated,
Patrick DECAT.
Following is the trace printed out when running the JVM with
-Djavax.net.debug=all (binary blocks replaced by [...]) :
C:\java\jdk1.3.1\bin\javaw -classpath
C:\Development\HttpsReader\classes;
C:\java\jsse1.0.2\lib\jsse.jar;C:\java\jsse1.0.2\lib\jnet.jar;
C:\java\jsse1.0.2\lib\jcert.jar;C:\java\jdk1.3.1\jre\lib\i18n.jar;
C:\java\jdk1.3.1\jre\lib\jaws.jar;C:\java\jdk1.3.1\jre\lib\rt.jar;
C:\java\jdk1.3.1\jre\lib\sunrsasign.jar;C:\java\jdk1.3.1\lib\dt.jar;
C:\java\jdk1.3.1\lib\tools.jar
-Djavax.net.debug=all HttpsReader
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: C:\java\jdk1.3.1\jre\lib\security\jssecacerts
trustStore type is : jks
init truststore
adding as trusted cert: [
Version: V3
Subject: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@19681b
Validity: [From: Thu Nov 09 01:00:00 CET 2000,
To: Fri Nov 09 01:00:00 CET 2012]
Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
SerialNumber: [ 30303030 39373337 35373338 36303030 ]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[2]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
adding as trusted cert: [
Version: V3
Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@bc49d
Validity: [From: Wed Nov 29 01:00:00 CET 2000,
To: Mon Nov 29 01:00:00 CET 2004]
Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
SerialNumber: [ 30303030 39373534 38383434 39303030 ]
Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 993394508 bytes = { 24, 22, 81, 16, 235, 187, 118, 86, 45,
138, 98, 195,
155, 110, 203, 166, 77, 227, 57, 128, 191, 247, 109, 154, 243, 212, 78, 25 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 59
0000: [...]
AWT-EventQueue-0, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: [...]
AWT-EventQueue-0, WRITE: SSL v2, contentType = 22, translated length = 16310
AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie: GMT: 993394166 bytes = { 7, 124, 93, 170, 159, 46, 253, 150, 76,
123, 239,
155, 27, 14, 132, 20, 203, 83, 219, 221, 217, 201, 21, 212, 79, 18, 122, 73 }
Session ID: {179, 250, 40, 17, 25, 73, 235, 228, 229, 141, 93, 207, 137, 204, 71,
144, 235,
210, 99, 135, 15, 169, 170, 141, 156, 3, 58, 135, 178, 196, 112, 222}
Cipher Suite: { 0, 5 }
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: [...]
AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 1088
*** Certificate chain
chain [0] = [
Version: V3
Subject: OID.2.5.4.5=10052821, OU=Certificat Mercatis,
[email protected], CN=xxxxxx.xxxxxxxx.com, OU=FC,
O=XXXXXXXXX-XXXXXXXXX, L=Paris, ST=Paris, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@4a0115
Validity: [From: Fri Mar 23 11:54:32 CET 2001,
To: Sun Mar 24 11:54:32 CET 2002]
Issuer: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
SerialNumber: [ 39383533 34313237 32353633 ]
Certificate Extensions: 8
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
S/MIME
Object Signing
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[3]: ObjectId: 2.5.29.32 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[4]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
[5]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[6]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: [email protected]]]
[7]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
[8]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
add missing root cert: [
Version: V3
Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@bc49d
Validity: [From: Wed Nov 29 01:00:00 CET 2000,
To: Mon Nov 29 01:00:00 CET 2004]
Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
SerialNumber: [ 30303030 39373534 38383434 39303030 ]
Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
stop on trusted cert: [
Version: V3
Subject: CN=CertiNomis Classe 2, O=CertiNomis, C=FR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@bc49d
Validity: [From: Wed Nov 29 01:00:00 CET 2000,
To: Mon Nov 29 01:00:00 CET 2004]
Issuer: CN=CertiNomis, OU=AC Racine - Root CA, O=CertiNomis, C=FR
SerialNumber: [ 30303030 39373534 38383434 39303030 ]
Certificate Extensions: 6
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: [...]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: [...]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: [...]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: [...]
[read] MD5 and SHA1 hashes: len = 1088
0000: [...]
AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 4
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: [...]
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret: { 3, 1, 94, 206, 199, 220, 80, 40, 86, 42, 59, 54, 23, 92, 139,
128, 16, 86, 141, 241, 78, 190, 245, 233, 179, 240, 248, 239, 144, 179, 120,
41, 52, 117, 74, 230, 249, 185, 175, 141, 182, 0, 207, 81, 217, 66, 216, 69 }
[write] MD5 and SHA1 hashes: len = 134
0000: [...]
AWT-EventQueue-0, WRITE: SSL v3.1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: [...]
CONNECTION KEYGEN:
Client Nonce:
0000: [...]
Server Nonce:
0000: [...]
Master Secret:
0000: [...]
Client MAC write Secret:
0000: [...]
Server MAC write Secret:
0000: [...]
Client write key:
0000: [...]
Server write key:
0000: [...]
... no IV for cipher
AWT-EventQueue-0, WRITE: SSL v3.1 Change Cipher Spec, length = 1
*** Finished, v3.1
verify_data: { 48, 119, 230, 86, 67, 207, 57, 59, 18, 222, 4, 107 }
[write] MD5 and SHA1 hashes: len = 16
0000: [...]
Plaintext before ENCRYPTION: len = 36
0000: [...]
AWT-EventQueue-0, WRITE: SSL v3.1 Handshake, length = 36
AWT-EventQueue-0, READ: SSL v3.1 Change Cipher Spec, length = 1
AWT-EventQueue-0, READ: SSL v3.1 Handshake, length = 36
Plaintext after DECRYPTION: len = 36
0000: [...]
*** Finished, v3.1
verify_data: { 238, 82, 186, 214, 115, 130, 241, 249, 113, 52, 93, 58 }
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
[read] MD5 and SHA1 hashes: len = 16
0000: [...]
Finalizer, SEND SSL v3.1 ALERT: warning, description = close_notify
Plaintext before ENCRYPTION: len = 22
0000: [...]
Finalizer, WRITE: SSL v3.1 Alert, length = 22Just to keep this thread updated, here is some information I got from Sun's support :
"They have closed this as a duplicate of the other bug[The bug was already identified internally].
The fix for it has been put into build # 71 of merlin (1.4).
I don't yet know whether that build is (or will be) early enough to be part of merlin-beta2 (second public beta).
In any case, the problem has been fixed. It's just a matter of when it will
appear in a publicly-available form." -
RECV SSLv3 ALERT: fatal, handshake_failure / URGENT
Hi,
Iam using JSSE to connect an Apache webserver. Some times I get an error from the server saying handshake failed. Appreciate if anyone can help resolve the same. Attaching the JSSE debug log and also the code.
JSSE Version : 1.0.3_03
JDK : 1.3.1
********** Code **********
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
System.setProperty("https.proxyHost", host);
System.setProperty("https.proxyPort", port);
System.setProperty("javax.net.ssl.keyStore", keyDBPath);
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
System.setProperty("javax.net.ssl.keyStorePassword", keyDBPass);
System.setProperty("javax.net.ssl.trustStore", trustDBPath);
System.setProperty("javax.net.ssl.trustStorePassword",trustDBPass);
url_in = new URL("https:\\....");
************************** JSSE debug Log ****************************
keyStore is : /ebp/eaifiles/sft/security/keydb/20050531000000000049.key
keyStore type is : PKCS12
init keystore
init keymanager of type SunX509
found key for : cn=db-ebillstest1,o=deutsche bank,c=sg,ou=db-ebills,[email protected],l=singapore
chain [0] = [
Version: V3
Subject: CN=db-eBillsTest1, O=Deutsche Bank, C=SG, OU=db-eBills, [email protected], L=Singapore
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@350e24
Validity: [From: Tue May 31 00:00:00 GMT 2005,
To: Wed May 31 00:00:00 GMT 2006]
Issuer: CN=dbeBills-RootV4.3.1
SerialNumber: [ 31343930 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Algorithm: [SHA1withRSA]
Signature:
0000: 2F 2E AE 75 36 97 53 7A B3 B9 AF 2A 2C DD 51 85 /..u6.Sz...*,.Q.
0010: BB C3 2C CB A6 86 DB 15 71 B4 FC D5 A8 F3 2D BA ..,.....q.....-.
0020: EB 0A 36 87 25 C3 34 FB 96 61 0F D4 96 C2 AF B4 ..6.%.4..a......
0030: 3F EA B7 FF 2A AE AB AF 78 FF 3F F3 D5 44 01 34 ?...*...x.?..D.4
0040: 5B F7 44 E4 03 3C 4C 3B FD 68 8F FC AA 3A 2F 01 [.D..<L;.h...:/.
0050: 3C F0 7B AA 4F 97 69 95 31 EC 21 7B B3 A6 BB 83 <...O.i.1.!.....
0060: 08 9C 2B 3C 1B F2 3D 05 0A 73 D8 3F 5E 26 51 9A ..+<..=..s.?^&Q.
0070: F6 01 95 23 D1 99 79 56 1E 1F 17 06 E4 AC 44 50 ...#..yV......DP
chain [1] = [
Version: V3
Subject: CN=dbeBills-RootV4.3.1
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@251bb9
Validity: [From: Fri Nov 05 00:00:00 GMT 2004,
To: Wed Nov 04 00:00:00 GMT 2009]
Issuer: CN=dbeBills-RootV4.3.1
SerialNumber: [ 31343734 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Algorithm: [SHA1withRSA]
Signature:
0000: B9 F3 DE F4 DB ED C0 E0 F8 C6 82 50 CC 5E 73 DB ...........P.^s.
0010: 75 61 04 3F 04 DB 52 7B 00 F3 06 DD C0 DD 92 5E ua.?..R........^
0020: E6 2E 4D 99 21 EA 94 56 11 91 B7 45 C7 85 30 B1 ..M.!..V...E..0.
0030: 8B 2F 19 9D AF DD A8 92 65 4C D7 37 69 D6 E2 A3 ./......eL.7i...
0040: 75 2E 54 97 8E F2 3E 10 C7 0A FE 78 36 CD DA EA u.T...>....x6...
0050: 2E D0 C1 4B 09 AB DE 3B 03 34 44 44 C7 A4 69 34 ...K...;.4DD..i4
0060: B1 96 78 D0 E7 BB 21 23 7B 5D D3 5C 43 F4 24 96 ..x...!#.].\C.$.
0070: 4F 09 76 8C C1 8C 98 CA 9F 84 50 BF AE 47 C3 B7 O.v.......P..G..
trustStore is: /ebp/eaifiles/sft/security/trustdb/sfttrustdb.db
trustStore type is : jks
init truststore
adding as trusted cert: [
Version: V3
Subject: CN=BIZBILL, [email protected]
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@2e2d61
Validity: [From: Tue Apr 20 16:00:00 GMT 2004,
To: Fri Dec 31 16:00:00 GMT 2004]
Issuer: CN=Root
SerialNumber: [ 31323732 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Algorithm: [SHA1withRSA]
Signature:
0000: AF 63 B6 B5 F7 0D 21 79 42 51 8C 5F 5A 16 44 9E .c....!yBQ._Z.D.
0010: 4F 8F 62 7C C3 55 5A F5 74 27 49 BF 87 B0 45 DA O.b..UZ.t'I...E.
0020: 4E 1D C1 D5 2E 0A 62 FC 87 12 55 AB B7 4E 62 9E N.....b...U..Nb.
0030: 27 55 A7 24 33 CE 34 47 B0 04 55 66 00 9E B2 74 'U.$3.4G..Uf...t
0040: 40 10 7C F3 86 4B 3E 4E 00 B6 5D 8E F9 F7 3D 18 @....K>N..]...=.
0050: 61 12 9F 18 F9 B1 58 61 CF 2C 12 74 D5 2E 9D 5C a.....Xa.,.t...\
0060: C3 91 C6 44 9D AB 73 EE 2B 70 88 CD A7 40 84 A8 ...D..s.+p...@..
0070: E6 2F FD 31 87 F3 0E 61 4A 07 25 B4 F8 71 AE 47 ./.1...aJ.%..q.G
adding as trusted cert: [
Version: V3
Subject: CN=ft.dbebills-sit-uat.db.com, OU=APHO, O=Deutsche Bank, L=Singapore, ST=Singapore, C=SG
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@66ee0e
Validity: [From: Wed Apr 21 09:38:05 GMT 2004,
To: Thu Apr 21 09:38:05 GMT 2005]
Issuer: CN=Certificate Manager-Ecommerce, OU=CIT GTO, O=Deutsche Bank, L=SG, ST=SG, C=SG
SerialNumber: [ 3c]
Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A7 00 B9 D1 4C 3A 35 C2 FB 82 29 75 C4 23 19 95 ....L:5...)u.#..
0010: D8 50 AE 80 .P..
[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
SSL CA
S/MIME CA
Object Signing CA]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 82 84 16 07 FF 03 73 F6 34 BB 0F A7 35 A3 88 78 ......s.4...5..x
0010: F5 60 CE 73 .`.s
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_CertSign
Crl_Sign
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [MD5withRSA]
Signature:
0000: 61 EE 9E FE 32 9D 2A F4 A7 E8 ED 1B 35 25 21 5D a...2.*.....5%!]
0010: 17 65 A4 C8 F0 7D 26 45 C1 39 06 D9 DA 7C D0 9D .e....&E.9......
0020: DC E9 F3 D7 75 4B A7 85 87 C1 A6 01 53 CB 1C 2F ....uK......S../
0030: 09 61 12 55 16 4A A2 7B BD C4 DB F8 DB 21 42 2B .a.U.J.......!B+
0040: 9B CE EB 3C E0 73 4C 77 6F 79 0F 25 5C 43 67 DB ...<.sLwoy.%\Cg.
0050: D5 B2 89 8F 99 12 DA 85 59 0A 66 83 CE 6B AF 51 ........Y.f..k.Q
0060: 75 EB 27 49 B7 38 C8 64 22 8A 5F F0 38 E5 AA D3 u.'I.8.d"._.8...
0070: 12 7A 21 0E 6B 3E 0D B6 3D D9 53 48 4F E3 6C CD .z!.k>..=.SHO.l.
0080: EB 3B 25 63 8A 2F 06 60 19 5A D1 62 44 4E 38 A2 .;%c./.`.Z.bDN8.
0090: B4 ED CA 85 E2 DA B5 95 53 74 72 1D B4 26 CC 0D ........Str..&..
00A0: 03 15 E7 83 B6 18 77 23 E8 0F 1D 35 8A 0C 7B 1C ......w#...5....
00B0: 92 1D AE CD A1 87 04 6E 97 7B 17 9F 93 52 DB 3E .......n.....R.>
00C0: 94 B5 14 C0 FB CF 0B B0 CC 9A B5 10 75 70 2E 92 ............up..
00D0: 08 9C 9B 59 E8 ED 19 09 F7 EB CB E1 F7 08 37 6A ...Y..........7j
00E0: B6 5F 50 38 99 C5 FE 64 45 67 DA 41 E0 38 7D F1 ._P8...dEg.A.8..
00F0: D5 A8 12 21 11 4C E3 1D C2 3B 40 C4 D4 8A A7 3E ...!.L...;@....>
adding as trusted cert: [
Version: V3
Subject: [email protected], CN=tcdss.trustcenter.de, O=TC TrustCenter AG, L=Hamburg, ST=Hamburg, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@16ef23
Validity: [From: Tue Mar 15 09:05:07 GMT 2005,
To: Mon May 01 09:05:07 GMT 2006]
Issuer: [email protected], OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
SerialNumber: [ 9f510000 000230e0 cfc2ad69 44a4]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.16.840.1.113730.1.8 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 31 16 2F 68 74 74 70 3A 2F 2F 77 77 77 2E 74 .1./http://www.t
0010: 72 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 rustcenter.de/gu
0020: 69 64 65 6C 69 6E 65 73 2F 69 6E 64 65 78 2E 68 idelines/index.h
0030: 74 6D 6C tml
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
[4]: ObjectId: 2.16.840.1.113730.1.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 43 16 41 68 74 74 70 73 3A 2F 2F 6E 72 75 2E .C.Ahttps://nru.
0010: 74 63 63 6C 61 73 73 32 2E 74 72 75 73 74 63 65 tcclass2.trustce
0020: 6E 74 65 72 2E 64 65 2F 39 46 35 31 30 30 30 30 nter.de/9F510000
0030: 30 30 30 32 33 30 45 30 43 46 43 32 41 44 36 39 000230E0CFC2AD69
0040: 34 34 41 34 3F 44A4?
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: CB A6 03 8B BA F8 75 64 90 07 F3 29 8F E1 6C C2 ......ud...)..l.
0010: 1F 81 A4 28 16 6B EB 19 D6 82 AD 39 6E 92 F6 D2 ...(.k.....9n...
0020: 7E BD EA 55 37 F0 5A 03 A2 5E 31 3A 61 8B 70 C8 ...U7.Z..^1:a.p.
0030: 3B 91 BA 5A CE 27 51 C2 EA B0 1B 55 A4 18 4B DF ;..Z.'Q....U..K.
0040: FF 3D FE ED 91 73 8C C0 9F 92 93 C7 CD 66 30 F4 .=...s.......f0.
0050: E2 FB F5 06 05 9F BA 5B 81 24 2F 18 52 CE 53 A6 .......[.$/.R.S.
0060: 21 0B 63 D4 AE B3 FD E6 9C C2 EE 74 53 E6 E2 5E !.c........tS..^
0070: 8C 2A 0C 77 AB E9 F9 95 76 4C E8 B6 63 A3 CB 89 .*.w....vL..c...
adding as trusted cert: [
Version: V3
Subject: CN=Venkat, OU=EBPP, O=Deutsche Bank, L=SIngapore, ST=Singapore, C=SG
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@2df2c7
Validity: [From: Fri Mar 04 09:30:03 GMT 2005,
To: Sat Mar 04 09:30:03 GMT 2006]
Issuer: CN=Certificate Manager, OU=PCB, O=Deutsche Bank AG, L=Singapore, ST=Singapore, C=SG
SerialNumber: [ 08]
Certificate Extensions: 3
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 89 A4 2E 72 47 B7 E8 52 5A 4F 2D 56 5F A0 1E 87 ...rG..RZO-V_...
0010: 43 E2 AA 2E C...
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [MD5withRSA]
Signature:
0000: DA F2 FA 04 B2 C6 E3 87 5C 32 B8 41 5A 74 CB 9E ........\2.AZt..
0010: B5 6F 85 01 55 A8 3F 0C EB 52 68 EC C0 4B 6D 0B .o..U.?..Rh..Km.
0020: 04 30 86 24 74 A2 CF DF 7F 20 06 3F 8E AD C3 6E .0.$t.... .?...n
0030: 76 01 97 F7 A3 A6 2D 51 4D D4 17 4D 74 78 13 C3 v.....-QM..Mtx..
adding as trusted cert: [
Version: V3
Subject: CN=www.ppg.com, OU=Terms of use at www.verisign.com/rpa (c)00, OU=PPG Industries, O=PPG Industries Inc., L=Pittsburgh, ST=Pennsylvania, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@1df480
Validity: [From: Wed Oct 01 00:00:00 GMT 2003,
To: Tue Oct 26 23:59:59 GMT 2004]
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
SerialNumber: [ 7a070d62 d01d5e6f 878eb52e f981c2ea ]
Certificate Extensions: 7
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 28 30 26 30 24 06 08 2B 06 01 05 05 07 30 01 .(0&0$..+.....0.
0010: 86 18 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 76 65 ..http://ocsp.ve
0020: 72 69 73 69 67 6E 2E 63 6F 6D risign.com
[2]: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 5F 30 5D A1 5B A0 59 30 57 30 55 16 09 69 6D ._0].[.Y0W0U..im
0010: 61 67 65 2F 67 69 66 30 21 30 1F 30 07 06 05 2B age/gif0!0.0...+
0020: 0E 03 02 1A 04 14 AE 6C A8 E1 70 62 68 65 FB 55 .......l..pbhe.U
0030: 49 82 B5 82 32 5B 90 91 42 B7 30 25 16 23 68 74 I...2[..B.0%.#ht
0040: 74 70 3A 2F 2F 6C 6F 67 6F 2E 76 65 72 69 73 69 tp://logo.verisi
0050: 67 6E 2E 63 6F 6D 2F 76 73 6C 6F 67 6F 2E 67 69 gn.com/vslogo.gi
0060: 66 f
[3]: ObjectId: 2.5.29.32 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 3D 30 3B 30 39 06 0B 60 86 48 01 86 F8 45 01 .=0;09..`.H...E.
0010: 07 17 03 30 2A 30 28 06 08 2B 06 01 05 05 07 02 ...0*0(..+......
0020: 01 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 ...https://www.v
0030: 65 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 erisign.com/rpa
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 35 30 33 30 31 A0 2F A0 2D 86 2B 68 74 74 70 .50301./.-.+http
0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
0020: 63 6F 6D 2F 52 53 41 53 65 63 75 72 65 53 65 72 com/RSASecureSer
0030: 76 65 72 2E 63 72 6C ver.crl
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
[6]: ObjectId: 2.5.29.37 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 16 30 14 06 08 2B 06 01 05 05 07 03 01 06 08 ..0...+.........
0010: 2B 06 01 05 05 07 03 02 +.......
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: 3F DC 1E E4 DE 9A EE 95 D9 07 CE AF FA AA 54 10 ?.............T.
0010: 6C 56 BA A3 49 98 E4 C8 30 8D 24 E8 19 22 16 92 lV..I...0.$.."..
0020: 9D E8 B8 FE BB 8E 24 6E 9D AD B4 97 B3 1B 04 50 ......$n.......P
0030: 96 63 45 A9 03 DE 41 B8 77 22 EC 73 B4 C7 0E 55 .cE...A.w".s...U
0040: 77 9A 81 2B 2B 57 A9 D9 CE 83 57 27 69 D9 62 6A w..++W....W'i.bj
0050: CF A4 82 75 A8 1E AC 0B DD 98 4A E5 4E 99 5F A4 ...u......J.N._.
0060: F2 E3 4F 62 48 FE 1B 1A 6A B2 54 77 CD D0 9B 20 ..ObH...j.Tw...
0070: A1 4E A5 F5 BE 38 78 1B 7C 7E 41 1F F1 .N...8x...A..
adding as trusted cert: [
Version: V3
Subject: CN=ft.dbebills-sit-uat.db.com, OU=Deutsche Bank, O=APHO, L=Singapore, ST=Singapore, C=SG
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@1f08ca
Validity: [From: Wed Apr 06 06:11:49 GMT 2005,
To: Thu Apr 06 06:11:49 GMT 2006]
Issuer: CN=Certificate Manager, OU=PCB, O=Deutsche Bank AG, L=Singapore, ST=Singapore, C=SG
SerialNumber: [ 14]
Certificate Extensions: 3
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 89 A4 2E 72 47 B7 E8 52 5A 4F 2D 56 5F A0 1E 87 ...rG..RZO-V_...
0010: 43 E2 AA 2E C...
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
Algorithm: [MD5withRSA]
Signature:
0000: 02 B6 98 37 77 89 D0 FE BD FC 73 35 5F 86 C3 47 ...7w.....s5_..G
0010: D2 60 F7 7F D8 26 BE 69 0E C6 C2 16 60 B8 25 C2 .`...&.i....`.%.
0020: 6A ED 49 09 30 52 5C A4 37 7E DE 9C 27 AE 32 F8 j.I.0R\.7...'.2.
0030: B6 6F 13 88 1C B7 4D 21 09 74 F4 50 01 16 67 83 .o....M!.t.P..g.
adding as trusted cert: [
Version: V1
Subject: [email protected], CN=194.45.147.44, OU=EBILLS, O=CSC PLOENZKE, L=WIESBADEN, ST=HESSEN, C=DE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@2f4fde
Validity: [From: Mon May 23 14:19:25 GMT 2005,
To: Thu May 18 14:19:25 GMT 2006]
Issuer: [email protected], CN=194.45.147.44, OU=EBILLS, O=CSC PLOENZKE, L=WIESBADEN, ST=HESSEN, C=DE
SerialNumber: [ 0 ]
Algorithm: [MD5withRSA]
Signature:
0000: 83 20 EE 98 23 F0 0B BA 6F FF 99 66 EE 74 00 0A . ..#...o..f.t..
0010: CA 13 F5 66 80 2D 86 68 08 8F 8D 7D CE 7D 4A 50 ...f.-.h......JP
0020: 76 E7 54 68 23 31 07 9B EC D2 B6 B2 4C FF DA 9E v.Th#1......L...
0030: CD BB 6A F0 5A 6A 67 37 D9 D8 29 9E 9E B0 AF DE ..j.Zjg7..).....
0040: AC A4 22 3D 72 A0 DB 98 48 C9 A1 26 32 8B 1B C1 .."=r...H..&2...
0050: 34 BE 53 52 4D 5A 3C E9 6C 03 02 79 1B C7 F0 2E 4.SRMZ<.l..y....
0060: 9E 2D C8 15 1E 4E CB 46 60 70 6B 9A 12 80 5C 77 .-...N.F`pk...\w
0070: C7 DC DF FA D4 95 F9 48 52 DC 64 E4 35 50 22 F6 .......HR.d.5P".
adding as trusted cert: [
Version: V3
Subject: CN=BILL, [email protected]
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@249c54
Validity: [From: Mon Apr 26 16:00:00 GMT 2004,
To: Thu Mar 31 16:00:00 GMT 2005]
Issuer: CN=Root
SerialNumber: [ 31323936 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Algorithm: [SHA1withRSA]
Signature:
0000: 43 3F F3 73 DC F0 F9 CC 42 C1 84 D0 EF D9 DA E7 C?.s....B.......
0010: AC D8 ED 33 0F 1F B7 F9 33 44 DC FB E8 3D B4 DE ...3....3D...=..
0020: EA 0D 06 CC D4 05 D9 CB FF 38 FC 66 83 59 C0 A9 .........8.f.Y..
0030: 9F 86 5F 7E EB 84 89 97 13 9D E8 57 FD 79 97 9C .._........W.y..
0040: 77 81 8C 74 CD E8 3B 57 29 F1 40 FA 94 5D F8 A4 w..t..;W).@..]..
0050: E6 91 19 B7 6E 4D A0 11 BE 64 2E A7 EF 43 BE 8B ....nM...d...C..
0060: 0A DB 08 AE B2 00 4F 4B C7 56 BE 64 D6 B9 59 1C ......OK.V.d..Y.
0070: 76 CE B9 60 B6 8D 9C D7 26 A6 2D D5 FD 20 0E 0F v..`....&.-.. ..
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1103321439 bytes = { 177, 1, 40, 203, 34, 64, 115, 231, 49, 198, 131, 41, 39, 61, 235, 196, 246, 250, 218, 72, 237, 195, 238, 146, 75, 131, 215, 17 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 42 C3 59 5F B1 01 28 CB 22 40 ...7..B.Y_..(."@
0010: 73 E7 31 C6 83 29 27 3D EB C4 F6 FA DA 48 ED C3 s.1..)'=.....H..
0020: EE 92 4B 83 D7 11 00 00 10 00 05 00 04 00 09 00 ..K.............
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
Flux Job /SUB/HERPPROC/0:206, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 42 C3 59 .............B.Y
0030: 5F B1 01 28 CB 22 40 73 E7 31 C6 83 29 27 3D EB _..(."@s.1..)'=.
0040: C4 F6 FA DA 48 ED C3 EE 92 4B 83 D7 11 ....H....K...
Flux Job /SUB/HERPPROC/0:206, WRITE: SSL v2, contentType = 22, translated length = 16310
Flux Job /SUB/HERPPROC/0:206, READ: SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie: GMT: 1103321645 bytes = { 64, 165, 150, 119, 79, 50, 213, 1, 63, 55, 101, 74, 132, 53, 176, 86, 103, 56, 226, 190, 45, 64, 217, 133, 36, 224, 165, 173 }
Session ID: {86, 92, 205, 118, 98, 208, 225, 182, 250, 233, 193, 34, 73, 46, 179, 174, 69, 225, 219, 44, 6, 87, 176, 78, 32, 130, 113, 140, 189, 107, 157, 122}
Cipher Suite: { 0, 5 }
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 42 C3 5A 2D 40 A5 96 77 4F 32 [email protected]
0010: D5 01 3F 37 65 4A 84 35 B0 56 67 38 E2 BE 2D 40 ..?7eJ.5.Vg8..-@
0020: D9 85 24 E0 A5 AD 20 56 5C CD 76 62 D0 E1 B6 FA ..$... V\.vb....
0030: E9 C1 22 49 2E B3 AE 45 E1 DB 2C 06 57 B0 4E 20 .."I...E..,.W.N
0040: 82 71 8C BD 6B 9D 7A 00 05 00 .q..k.z...
Flux Job /SUB/HERPPROC/0:206, READ: SSL v3.1 Handshake, length = 1805
*** Certificate chain
chain [0] = [
Version: V3
Subject: [email protected], CN=tcdss.trustcenter.de, O=TC TrustCenter AG, L=Hamburg, ST=Hamburg, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@12dab2
Validity: [From: Tue Mar 15 09:05:07 GMT 2005,
To: Mon May 01 09:05:07 GMT 2006]
Issuer: [email protected], OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
SerialNumber: [ 9f510000 000230e0 cfc2ad69 44a4]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.16.840.1.113730.1.8 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 31 16 2F 68 74 74 70 3A 2F 2F 77 77 77 2E 74 .1./http://www.t
0010: 72 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 rustcenter.de/gu
0020: 69 64 65 6C 69 6E 65 73 2F 69 6E 64 65 78 2E 68 idelines/index.h
0030: 74 6D 6C tml
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
[4]: ObjectId: 2.16.840.1.113730.1.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 43 16 41 68 74 74 70 73 3A 2F 2F 6E 72 75 2E .C.Ahttps://nru.
0010: 74 63 63 6C 61 73 73 32 2E 74 72 75 73 74 63 65 tcclass2.trustce
0020: 6E 74 65 72 2E 64 65 2F 39 46 35 31 30 30 30 30 nter.de/9F510000
0030: 30 30 30 32 33 30 45 30 43 46 43 32 41 44 36 39 000230E0CFC2AD69
0040: 34 34 41 34 3F 44A4?
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: CB A6 03 8B BA F8 75 64 90 07 F3 29 8F E1 6C C2 ......ud...)..l.
0010: 1F 81 A4 28 16 6B EB 19 D6 82 AD 39 6E 92 F6 D2 ...(.k.....9n...
0020: 7E BD EA 55 37 F0 5A 03 A2 5E 31 3A 61 8B 70 C8 ...U7.Z..^1:a.p.
0030: 3B 91 BA 5A CE 27 51 C2 EA B0 1B 55 A4 18 4B DF ;..Z.'Q....U..K.
0040: FF 3D FE ED 91 73 8C C0 9F 92 93 C7 CD 66 30 F4 .=...s.......f0.
0050: E2 FB F5 06 05 9F BA 5B 81 24 2F 18 52 CE 53 A6 .......[.$/.R.S.
0060: 21 0B 63 D4 AE B3 FD E6 9C C2 EE 74 53 E6 E2 5E !.c........tS..^
0070: 8C 2A 0C 77 AB E9 F9 95 76 4C E8 B6 63 A3 CB 89 .*.w....vL..c...
chain [1] = [
Version: V3
Subject: [email protected], OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@53e355
Validity: [From: Mon Mar 09 11:59:59 GMT 1998,
To: Sat Jan 01 11:59:59 GMT 2011]
Issuer: [email protected], OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
SerialNumber: [ 03ea]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[2]: ObjectId: 2.16.840.1.113730.1.8 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 26 16 24 68 74 74 70 3A 2F 2F 77 77 77 2E 74 .&.$http://www.t
0010: 72 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 rustcenter.de/gu
0020: 69 64 65 6C 69 6E 65 73 idelines
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
Algorithm: [MD5withRSA]
Signature:
0000: 84 52 FB 28 DF FF 1F 75 01 BC 01 BE 04 56 97 6A .R.(...u.....V.j
0010: 74 42 24 31 83 F9 46 B1 06 8A 89 CF 96 2C 33 BF tB$1..F......,3.
0020: 8C B5 5F 7A 72 A1 85 06 CE 86 F8 05 8E E8 F9 25 .._zr..........%
0030: CA DA 83 8C 06 AC EB 36 6D 85 91 34 04 36 F4 42 .......6m..4.6.B
0040: F0 F8 79 2E 0A 48 5C AB CC 51 4F 78 76 A0 D9 AC ..y..H\..QOxv...
0050: 19 BD 2A D1 69 04 28 91 CA 36 10 27 80 57 5B D2 ..*.i.(..6.'.W[.
0060: 5C F5 C2 5B AB 64 81 63 74 51 F4 97 BF CD 12 28 \..[.d.ctQ.....(
0070: F7 4D 66 7F A7 F0 1C 01 26 78 B2 66 47 70 51 64 .Mf.....&x.fGpQd
updated/found trusted cert: [
Version: V3
Subject: [email protected], CN=tcdss.trustcenter.de, O=TC TrustCenter AG, L=Hamburg, ST=Hamburg, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@12dab2
Validity: [From: Tue Mar 15 09:05:07 GMT 2005,
To: Mon May 01 09:05:07 GMT 2006]
Issuer: [email protected], OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
SerialNumber: [ 9f510000 000230e0 cfc2ad69 44a4]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
[2]: ObjectId: 2.16.840.1.113730.1.8 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 31 16 2F 68 74 74 70 3A 2F 2F 77 77 77 2E 74 .1./http://www.t
0010: 72 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 rustcenter.de/gu
0020: 69 64 65 6C 69 6E 65 73 2F 69 6E 64 65 78 2E 68 idelines/index.h
0030: 74 6D 6C tml
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
[4]: ObjectId: 2.16.840.1.113730.1.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 43 16 41 68 74 74 70 73 3A 2F 2F 6E 72 75 2E .C.Ahttps://nru.
0010: 74 63 63 6C 61 73 73 32 2E 74 72 75 73 74 63 65 tcclass2.trustce
0020: 6E 74 65 72 2E 64 65 2F 39 46 35 31 30 30 30 30 nter.de/9F510000
0030: 30 30 30 32 33 30 45 30 43 46 43 32 41 44 36 39 000230E0CFC2AD69
0040: 34 34 41 34 3F 44A4?
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: CB A6 03 8B BA F8 75 64 90 07 F3 29 8F E1 6C C2 ......ud...)..l.
0010: 1F 81 A4 28 16 6B EB 19 D6 82 AD 39 6E 92 F6 D2 ...(.k.....9n...
0020: 7E BD EA 55 37 F0 5A 03 A2 5E 31 3A 61 8B 70 C8 ...U7.Z..^1:a.p.
0030: 3B 91 BA 5A CE 27 51 C2 EA B0 1B 55 A4 18 4B DF ;..Z.'Q....U..K.
0040: FF 3D FE ED 91 73 8C C0 9F 92 93 C7 CD 66 30 F4 .=...s.......f0.
0050: E2 FB F5 06 05 9F BA 5B 81 24 2F 18 52 CE 53 A6 .......[.$/.R.S.
0060: 21 0B 63 D4 AE B3 FD E6 9C C2 EE 74 53 E6 E2 5E !.c........tS..^
0070: 8C 2A 0C 77 AB E9 F9 95 76 4C E8 B6 63 A3 CB 89 .*.w....vL..c...
[read] MD5 and SHA1 hashes: len = 1805
0000: 0B 00 07 09 00 07 06 00 03 A0 30 82 03 9C 30 82 ..........0...0.
0010: 03 05 A0 03 02 01 02 02 0F 00 9F 51 00 00 00 02 ...........Q....
0020: 30 E0 CF C2 AD 69 44 A4 30 0D 06 09 2A 86 48 86 0....iD.0...*.H.
0030: F7 0D 01 01 05 05 00 30 81 BC 31 0B 30 09 06 03 .......0..1.0...
0040: 55 04 06 13 02 44 45 31 10 30 0E 06 03 55 04 08 U....DE1.0...U..
0050: 13 07 48 61 6D 62 75 72 67 31 10 30 0E 06 03 55 ..Hamburg1.0...U
0060: 04 07 13 07 48 61 6D 62 75 72 67 31 3A 30 38 06 ....Hamburg1:08.
0070: 03 55 04 0A 13 31 54 43 20 54 72 75 73 74 43 65 .U...1TC TrustCe
0080: 6E 74 65 72 20 66 6F 72 20 53 65 63 75 72 69 74 nter for Securit
0090: 79 20 69 6E 20 44 61 74 61 20 4E 65 74 77 6F 72 y in Data Networ
00A0: 6B 73 20 47 6D 62 48 31 22 30 20 06 03 55 04 0B ks GmbH1"0 ..U..
00B0: 13 19 54 43 20 54 72 75 73 74 43 65 6E 74 65 72 ..TC TrustCenter
00C0: 20 43 6C 61 73 73 20 32 20 43 41 31 29 30 27 06 Class 2 CA1)0'.
00D0: 09 2A 86 48 86 F7 0D 01 09 01 16 1A 63 65 72 74 .*.H........cert
00E0: 69 66 69 63 61 74 65 40 74 72 75 73 74 63 65 6E ificate@trustcen
00F0: 74 65 72 2E 64 65 30 1E 17 0D 30 35 30 33 31 35 ter.de0...050315
0100: 30 39 30 35 30 37 5A 17 0D 30 36 30 35 30 31 30 090507Z..0605010
0110: 39 30 35 30 37 5A 30 81 93 31 0B 30 09 06 03 55 90507Z0..1.0...U
0120: 04 06 13 02 44 45 31 10 30 0E 06 03 55 04 08 13 ....DE1.0...U...
0130: 07 48 61 6D 62 75 72 67 31 10 30 0E 06 03 55 04 .Hamburg1.0...U.
0140: 07 13 07 48 61 6D 62 75 72 67 31 1A 30 18 06 03 ...Hamburg1.0...
0150: 55 04 0A 13 11 54 43 20 54 72 75 73 74 43 65 6E U....TC TrustCen
0160: 74 65 72 20 41 47 31 1D 30 1B 06 03 55 04 03 13 ter AG1.0...U...
0170: 14 74 63 64 73 73 2E 74 72 75 73 74 63 65 6E 74 .tcdss.trustcent
0180: 65 72 2E 64 65 31 25 30 23 06 09 2A 86 48 86 F7 er.de1%0#..*.H..
0190: 0D 01 09 01 16 16 74 63 61 64 6D 69 6E 40 74 72 ......tcadmin@tr
01A0: 75 73 74 63 65 6E 74 65 72 2E 64 65 30 81 9F 30 ustcenter.de0..0
01B0: 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 81 ...*.H..........
01C0: 8D 00 30 81 89 02 81 81 00 AF 9E 59 FD 3F 23 29 ..0........Y.?#)
01D0: 01 E0 B9 C8 88 E1 A5 5C 63 14 3D ED 21 20 04 27 .......\c.=.! .'
01E0: A5 EE 3B B2 F1 E8 4F 4B 3B 4C 74 BE 8C 29 7A 41 ..;...OK;Lt..)zA
01F0: 89 FD A3 98 48 BF 8C 7B 72 9A 5B 7B 20 06 37 56 ....H...r.[. .7V
0200: 08 04 E3 8D 57 6D 02 3A 94 78 84 71 11 A7 26 56 ....Wm.:.x.q..&V
0210: 55 71 9D 55 E4 1C 54 2A 5A 2A 22 7A 23 A4 B4 F1 Uq.U..T*Z*"z#...
0220: 04 EC 18 D1 B8 EA D8 CF 24 97 C4 91 81 75 68 38 ........$....uh8
0230: 7C 63 3B BF 74 64 17 8D 28 7F F5 14 B8 7B 65 5F .c;.td..(.....e_
0240: 8A 51 E8 72 ED 1C 77 39 27 02 03 01 00 01 A3 81 .Q.r..w9'.......
0250: C6 30 81 C3 30 0C 06 03 55 1D 13 01 01 FF 04 02 .0..0...U.......
0260: 30 00 30 0E 06 03 55 1D 0F 01 01 FF 04 04 03 02 0.0...U.........
0270: 05 E0 30 3E 06 09 60 86 48 01 86 F8 42 01 08 04 ..0>..`.H...B...
0280: 31 16 2F 68 74 74 70 3A 2F 2F 77 77 77 2E 74 72 1./http://www.tr
0290: 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 69 ustcenter.de/gui
02A0: 64 65 6C 69 6E 65 73 2F 69 6E 64 65 78 2E 68 74 delines/index.ht
02B0: 6D 6C 30 11 06 09 60 86 48 01 86 F8 42 01 01 04 ml0...`.H...B...
02C0: 04 03 02 06 40 30 50 06 09 60 86 48the debug output mess you posted, does not make much sense as we don't have the picture about the running env. Run your code with one server thread and post the relative log again.
before posint that in a proper way, check your settings for timeout and cachesize of the underlying SSLSessionContext and see if that will help you produce better mesaures matching your response times etc.
Maybe you are looking for
-
Hi, reports 10g - html output Just wondering if there are any tricks to meet this requirement: I have a report layout where each section of the report needs a header which is white text color on a grey background I've tried with a rectangle with fill
-
What is a ARP cache and how do I clear this cache?
Each time I try to repair my internet connection it states, "unable to complete the repair because it was unable to clear the ARP cache. I do not know or am unable to find in any help file where or what this cache is. Assistance with this would be ap
-
After one year and one month of ownership my Ipod mini stopped working: There is No sound. But if I put it on the Itrip adapter it is working...It seems that the jack is not recognizing the headphone anymore. Didnt't dropt it I have: 1) Reseted my Ip
-
Loading images / data in sequence - tilelist
Hello! Is there a way to load first the first image then the next one.. and so on.. in the tilelist? As far as i can see, the images are loaded altogether. (Images are from the XML) thanks in advance!
-
hi, i have the macromedia flash professional 8, and i'm building a web site in flash. Although i have some questions: 1- I want to put a counter, a mp3 player and a mailing list code that is in HTML code how can i do it? example of the code of the co