Web Service over HTTPS

Similar Messages

• ORA-28868 error when calling Web service over HTTPS from PL/SQL utl_http

  I am getting error message ORA-28868 error when calling Web service over HTTPS from PL/SQL utl_http PL/SQL package,
  when browsed through some of the messages they point to setting Oracle Wallet Manager.
  I am trying to connect
  Any idea on how to resolve this issue ?
  your input is appreciated.
  Thanks
  Ravi

  Duplicate post ... please ignore.

• Error calling external web service over HTTPS

  Hi everyone
  I'm trying to call an external web service over HTTPS, and continually get the following error:
  com.sap.engine.services.webservices.espbase.wsdl.exceptions.WSDLException: Peer sent alert: Alert Fatal: handshake failure
  I haven't tried doing this before, so not quite sure where to start. I have a client certificate that must be used to access the remote web service, and I think the problem is associating the client cert with the web service call.
  Has anyone else tried this before? Any suggestions of where to look?
  I've had a brief look at Key Storage in NWA, but it's not something I'm familiar with - so not sure if it's even the right place to be looking.
  Some help on this would be great!
  Thanks
  Stuart

  Thanks Aleksandar
  Here's the output from the trace. Unfortunately the SAP forums don't allow attachments, so it may be difficult to read. Please let me know if you see anything that may help.
  Thanks
  Stuart
  Time Severity User Thread Location Message
  09:18:23:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:23:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@fa1b67
  09:18:24:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:24:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@4c8af
  09:18:24:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:24:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@b6981b
  09:18:25:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:25:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
  09:18:25:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:25:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
  09:18:26:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:26:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
  09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider [com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider] 'nonProxyHosts' are configured '10.|127.|192.168.*'.
  09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider [com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider] 'nonProxyHosts' default value is '10.|127.|192.168.*'.
  09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider Loadin mapping file from location :[c:/mapping.txt]
  09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider Additional file for CTS configuration can not be found [c:\mapping.txt (The system cannot find the file specified)].
  09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider >>>>>>>>> ERROR: Could not find mapping for service QName=vipSoapInterfaceService, class=class com.verisign._2006._08.vipservice.VipSoapInterfaceService
  09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider: Creating client instance with WSDL URL [https://pilot-vipservices-auth.verisign.com:443/prov/soap/val/soap] (vipSoapInterfaceService) <com.verisign._2006._08.vipservice.VipSoapInterfaceService>
  09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider: Using SAP JAX-WS Implemetation to create service delegate.
  09:18:26:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:26:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@5586b0
  09:18:26:687 Path Administrator HTTP Worker [0] ~s.espbase.wsdl.exceptions.WSDLException Exception : Peer sent alert: Alert Fatal: handshake failure
  java.lang.Exception
  at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1230)
  at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:147)
  at com.sap.exception.BaseException.<init>(BaseException.java:89)
  at com.sap.engine.services.webservices.espbase.wsdl.exceptions.WSDLException.<init>(WSDLException.java:34)
  at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.loadDOMDocument(WSDLLoader.java:140)
  at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:91)
  at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:80)
  at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.loadWSDLDefinitions(SAPServiceDelegate.java:201)
  at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.initWSDL(SAPServiceDelegate.java:159)
  at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.<init>(SAPServiceDelegate.java:113)
  at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createDelegate(CTSProvider.java:170)
  at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createServiceDelegate(CTSProvider.java:151)
  at javax.xml.ws.Service.<init>(Service.java:57)
  at com.verisign._2006._08.vipservice.VipSoapInterfaceService.<init>(VipSoapInterfaceService.java:41)
  at JEE_jsp_result_6740550_1225116575421_1225116585468._jspService(JEE_jsp_result_6740550_1225116575421_1225116585468.java:64)
  at com.sap.engine.services.servlets_jsp.lib.jspruntime.JspBase.service(JspBase.java:102)
  at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
  at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:433)
  at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:240)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
  at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
  at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
  at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
  at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
  at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
  at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
  at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
  at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
  Caused by: org.w3c.www.protocol.http.HttpException: Peer sent alert: Alert Fatal: handshake failure
  iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure
  at iaik.security.ssl.r.f(Unknown Source)
  at iaik.security.ssl.x.b(Unknown Source)
  at iaik.security.ssl.x.a(Unknown Source)
  at iaik.security.ssl.r.d(Unknown Source)
  at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
  at iaik.security.ssl.SSLTransport.getOutputStream(Unknown Source)
  at iaik.security.ssl.SSLSocket.getOutputStream(Unknown Source)
  at org.w3c.www.protocol.http.g.markUsed(Unknown Source)
  at org.w3c.www.protocol.http.HttpBasicServer.getConnection(Unknown Source)
  at org.w3c.www.protocol.http.HttpBasicServer.runRequest(Unknown Source)
  at org.w3c.www.protocol.http.HttpManager.runRequest(Unknown Source)
  at org.w3c.www.protocol.http.HttpURLConnection.connect(Unknown Source)
  at org.w3c.www.protocol.http.HttpURLConnection.a(Unknown Source)
  at org.w3c.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
  at java.net.URL.openStream(URL.java:1007)
  at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:201)
  at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:263)
  at com.sap.engine.lib.xml.parser.Parser.parse_DTDValidation(Parser.java:282)
  at com.sap.engine.lib.xml.parser.Parser.parse(Parser.java:293)
  at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:101)
  at com.sap.engine.lib.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:127)
  at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:146)
  at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.loadDOMDocument(WSDLLoader.java:132)
  at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:91)
  at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:80)
  at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.loadWSDLDefinitions(SAPServiceDelegate.java:201)
  at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.initWSDL(SAPServiceDelegate.java:159)
  at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.<init>(SAPServiceDelegate.java:113)
  at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createDelegate(CTSProvider.java:170)
  at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createServiceDelegate(CTSProvider.java:151)
  at javax.xml.ws.Service.<init>(Service.java:57)
  at com.verisign._2006._08.vipservice.VipSoapInterfaceService.<init>(VipSoapInterfaceService.java:41)
  at JEE_jsp_result_6740550_1225116575421_1225116585468._jspService(JEE_jsp_result_6740550_1225116575421_1225116585468.java:64)
  at com.sap.engine.services.servlets_jsp.lib.jspruntime.JspBase.service(JspBase.java:102)
  at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
  at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:433)
  at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:240)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
  at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
  at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
  at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
  at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
  at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
  at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
  at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
  at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
  at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
  at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
  at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
  09:18:27:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:27:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@20ba3c
  09:18:27:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:27:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
  09:18:28:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:28:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@26e3bf
  09:18:28:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:28:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
  09:18:29:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:29:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@f827f6
  09:18:29:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:29:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@a8646a
  09:18:30:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:30:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
  09:18:30:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:30:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@c449f1
  09:18:31:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
  09:18:31:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
  09:18:31:593 Info Administrator HTTP Worker [3] System.out SessionImpl::getContext():[ B E G I N ].timerId=15
  09:18:31:593 Info Administrator HTTP Worker [3] System.out SessionImpl::getContext():[ E N D ].timerId=[id:#15, elapsed: 0 ms.]

• BAD_CERTIFICATE error calling a web service over SSL in ALSB 2.6

  We have a business service on an ALSB 2.6 server (running on WL 9.2.1) that connects to a web service over SSL. When we try to run it, we get the following exception:
  <Sep 17, 2009 7:49:17 AM PDT> <Error> <ALSB Kernel> <BEA-380001> <Exception on TransportManagerImpl.sendMessageToService, com.bea.
  wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  com.bea.wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at com.bea.wli.sb.transports.TransportException.newInstance(TransportException.java:146)
  at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOu
  tboundMessageContext.java:310)
  at com.bea.wli.sb.transports.http.HttpsTransportProvider.sendMessageAsync(HttpsTransportProvider.java:435)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  Truncated. see log file for complete stacktrace
  javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
  at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
  at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
  at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
  Truncated. see log file for complete stacktrace
  This exception only occurs when hitting the web service through the bus. I have written a standalone Java application that posts to the web service and it works fine. I ran the application on the server where the ALSB is running using the same jdk (1.5.0_06 - the version that ships with 9.2.1) and the same cacerts file so I know it's not a problem with the certificate not being trusted. I have tried updating the cacerts file to the latest one distributed with JRE 1.6 and it still doesn't work.
  After 8 hours of troubleshooting, I'm out of ideas. Does anyone have any suggestiosn?
  Thanks.
  Matt
  Edited by: user6946981 on Sep 17, 2009 7:58 AM

  Are you sure that your standalone application is using the same keystore (eg. cacert)? Default WebLogic configuration uses different keystore (demo).
  I saw BAD_CERTIFICATE error only once and the cause was in keytool that somehow corrupted certificate during import. Deleting and importing certificate again helped me, but I doubt you have the same problem as your standalone application works.
  Another idea ... Is hostname varification used? I know that the error message would look different if this was the cause, but try to add this parameter to your weblogic startup script: -Dweblogic.security.SSL.ignoreHostnameVerification=true
  Last but not least, there is difference between your standalone application and ALSB runtime as WebLogic uses Certicom SSL provider. If you don't find the reason, contact Oracle support. Maybe they can help you to tweak Certicom provider in some way.

• How to invoke a web service using https

  Hi,
  I have a few security related questions surrounding BPEL process manager.
  1. Does the BPEL engine have the capability to invoke a web service using https (HTTP over SSL)? Does it automatically do that if partner link URI starts with https:// ?
  2. If not, what needs to be done to enable accessing a https based web service?
  3. I need to write a web service that accepts a message and updates certain information in the database. The web service will be deployed in an OC4J instance in Oracle App Server. We want to allow the web service to be accessed from BPEL only by users registered in the database. What is the recommended way to pass username and password to a webservice if service is invoked from BPEL process manager? Note that specifying username/password in bpel.xml is not an option.
  Thanks,
  Pranav

  1. Does the BPEL engine have the capability to invoke a web service using https (HTTP over SSL)? Does it automatically do that if partner link URI starts with https:// ?
  We currently don't have support for HTTP over SSl. We are working on it to include this functionality in near future.
  2. If not, what needs to be done to enable accessing a https based web service?
  I am not sure it is possible with current product offering. I will confirm it after discussing with our concerned development group. There is some work going to integrate with Oblix security mechanism [recently acquired by Oracle].
  3. I need to write a web service that accepts a message and updates certain information in the database. The web service will be deployed in an OC4J instance in Oracle App Server. We want to allow the web service to be accessed from BPEL only by users registered in the database. What is the recommended way to pass username and password to a webservice if service is invoked from BPEL process manager? Note that specifying username/password in bpel.xml is not an option.
  This will be easier to do if we can use Oblix along with BPEL PM. Could you please let us know more about your application so that we can provide you the customized solution till it's part of the product. You can send this query to [email protected] so that our product management team can give you more detailed roadmap regarding this.
  HTH.
  Thanks,
  Rakesh

• Web Service over SSL exception

  Hi,
  Using NetBeans 6.5 (updated), I have created a web service like this:
  package test.webservice;
  import javax.jws.WebMethod;
  import javax.jws.WebParam;
  import javax.jws.WebService;
  import javax.ejb.Stateless;
  @WebService()
  @Stateless()
  public class TestWebService {
      @WebMethod(operationName = "testOperation")
      public String testOperation(@WebParam(name = "firstParameter") String firstParameter) {
          //TODO write your implementation code here:
          return "This method has executed " + (firstParameter == null ? "no strings attached." : firstParameter);
  }I've deployed and tested it on a local Glassfish server. Some additional information:
  - Sun GlassFish Enterprise Server v2.1 (9.1.1) (build b60e-fcs)
  - jdk1.6.0_13
  It worked fine when accessing it through 'http://localhost:8080/TestWebServiceService/TestWebService?Tester', however, when accessing it through the SSL port (using this link: 'https://localhost:8181/TestWebServiceService/TestWebService?Tester'), it has produced an exception with the following stack trace:
  Exceptions details : null
  java.lang.NullPointerException at java.io.File.(File.java:222) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.initializePort(WebServiceTesterServlet.java:524) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.doGet(WebServiceTesterServlet.java:184) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.invoke(WebServiceTesterServlet.java:119) at com.sun.enterprise.webservice.EjbWebServiceServlet.service(EjbWebServiceServlet.java:142) at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) at com.sun.enterprise.web.AdHocContextValve.invoke(AdHocContextValve.java:114) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:87) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:222) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1096) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:166) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1096) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:288) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:647) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:579) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:831) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341) at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.process(SSLReadTask.java:440) at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.doTask(SSLReadTask.java:228) at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265) at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
  Question 1: Why isn't the tester working when using the SSL port? A reason or a bug (possibly fixed in later releases)?
  Question 2: Will the Web Service itself also not work when invoked through the SSL port? Is it possible to invoke a simple web service over the simple SSL port?
  Question 3: When accessing the WSDL description through the SSL port it produces a blank (empty) response - a blank page. Why so?
  Thank you very much in advance!
  Best regards
  Matej

  Hello,
  I used this example, when I made my experiments with SSL and Glassfish (GF):
  http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
  If you have problems with GF I suggest to post a message here:
  http://forums.java.net/jive/forum.jspa?forumID=56
  e.g. here is one thread:
  http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
  Miro.

• Web Service over SSL failing in BEA Workshop

  I have deployed a web service on weblogic 9.2
  I have enabled one-way ssl on it. got a trial ssl certificate from verisign. installed them on the keystore/truststore on the server as well as the jre (cacerts and jssecacerts truststores) being used by the client. the client is on different machine than the server.
  i have developed the service through 'bea weblogic workshop 9.2' now when i try to test the service through the 'web services explorer' within bea weblogic workshop i receive the following error:
  IWAB0135E An unexpected error has occurred.
  IOException
  sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  on server:
  <Jul 13, 2009 6:45:44 PM EDT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from yunus.l1id.local - 10.10.2.72. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.>
  if i try to access the web service (over ssl) through the browser (ie/firefox), it works fine. i have generated a proxy class to access this web service through the same bea workshop and that works fine too. certificates are identified and all. i also created a small .net (c#) application that calls this secure web service over ssl from another machine and it works fine too!
  of course non-secure url for the web service is working fine in every case.
  what can be the reason for this failing only in 'web services explorer' in bea workshop?
  cross posted at: http://www.coderanch.com/t/453879/Web-Services/java/Web-Service-over-SSL-failing
  thanks.

  Hello,
  I used this example, when I made my experiments with SSL and Glassfish (GF):
  http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
  If you have problems with GF I suggest to post a message here:
  http://forums.java.net/jive/forum.jspa?forumID=56
  e.g. here is one thread:
  http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
  Miro.

• Webservice + secured jms (Web Service over the JMS trans).

  Apologize since this post is in the webservice forum as well but since it is related to jms as well i put it here as well.
  I have a web service that is using JMS (@WLJmsTransport Web Service over the JMS transport)
  and everything seems to be ok BUt i do not know how to use this if the JMS is secured .
  By Adding security on JMS queue what other things i need to do in order for the webservice to access the queue ?
  (where i specify the credentials ?)
  @WebService(serviceName = "ASyncService", targetNamespace = "http://axyz.org/notification/v1", endpointInterface = "
  axyz.notification.ASyncPort")
  @WLJmsTransport(contextPath = "notify", serviceUri = "async_event", portName = "ASyncServicePort", queue = "events", connectionFactory = "cnfct_receiver")
  Thank you !

  The annotation you gave is for accessing the webservice but in this case it seems the webservice has to access a secured jms
  However having your response lead me to @RunAs which solved my problem.
  Very hard to find this information.
  Thank you very much for your answer !
  Nice blog as well !
  Edited by: user630775 on Jan 28, 2010 2:02 AM

• Web service client behind a proxy server connecting to web service over SSL

  Hi Friends,
  A web service is exposed by an external system over SSL. We are behind a proxy server and are trying to get connected to web service over SSL. <p>
  We are getting the following error on the test browser of workshop<p><p>
  External Service Failure: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters.<p><p>
  the whole trace is <p>
  <p>JDIProxy attached
  <Sep 24, 2005 9:27:25 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl:salesExpertServiceControl; Method=creditcheckcontr
  ol.SalesExpertServiceControl.doCreditVerification(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
  Code:javax.net.ssl.SSLHandshakeException
  String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
  Detail:
  END SERVICE FAULT>
  <Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl; Method=creditcheckcontrol.CreditCheck.testCreditC
  heck(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
  Code:javax.net.ssl.SSLHandshakeException
  String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
  Detail:
  END SERVICE FAULT [ServiceException]>
  <Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=top-level; Method=processes.CreditCheck_wf.$__clientRequest(); Fai
  lure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled process exception [ServiceException]>
  <Sep 24, 2005 9:27:26 AM EDT> <Error> <WLW> <000000> <Failure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled pr
  ocess exception [ServiceException]><p>
  I am not able to make out what could be possibly wrong. Please let me know if you guys have any ideas about how to resolve it.
  Thanks
  Sridhar

  did you resolve this problem. I am looking at the same issue. If you did I would really appreciate your response.
  Thanks.

• Any OOB Web Service or HTTP adapter in OIM for Recon?

  Is there any OOB, Web Service or HTTP adapter available in OIM using which, User account data can be reconciled from a SOA service?

  Ya web service is available. You can go through Design Console Guide chapter 12 for more. If you need any help for that just let me know.
  Depends on the OIM Installation, you have to run the following commans:
  For windows-
  OIM_HOME_Dir\setup\spml_AppServerName.cmd appserver_admin_password oim_db_user_password
  For unix:
  OIM_HOME_Dir/setup/spml_AppServerName.sh appserver_admin_password oim_db_user_password
  These are for non-clustered environment.
  If you want to create your won WS, then
  Create a dummy RO in OIM and your favorite java web service package (i.e. Apache Axis2) and create a small server app (i.e follow the example in the quick start (qs) guide in Axis2). Deploy the server side app on any app server that you happen to have handy (or follow the instructions Axis2 qs guide). Deploy the client side as provisioning process for your dummy object.
  Edited by: Struggler

• UCM 11g web services with HTTP authentication

  Is it possible to setup UCM 11g web services with HTTP authentication?
  I did setup UCM 11g web services using OWSM policies and are working well.
  But my development team wants to consume web services with only HTTP authentication (simple user name and password), do not want to use Keystore files and encryption.
  Please help me guys.
  Thank you in advance

  Hi ,
  If you are looking to use the WSDL to execute ucm services then use SoapUI IDE on development , there it requires only the http authentication method .
  Let me know if this is the actual requirement which you were looking for or if I have missed the point .
  I use this to quickly test WSDL and verify if the service being invoked is actually correct or not .
  Thanks,
  Srinath
  Edited by: Srinath Menon on Apr 26, 2013 11:32 AM

• SSL Certificate necessary for web Service with HTTPS encoding?

  Hi experts,
  I wanna create a Web Service with HTTPS. Now when I create an endpoint in Transaction SOAMANAGER, I use "Transport Guarantee Type" HTTPS. I'm a little bit confused, becuase at "Authentication Method I have different options which I don't understand.
  At Authentication Method, there are some check boxes.
  Whats the difference between HTTP Authentication and Message Authentication?
  (Why) can I use User ID/Password as Authentication Method with HTTPS? I think I need X.509 SSL Client Certificate.
  What is a Logon Ticket?
  Is there a good Documentation in the web, who explains the meaning of the different options and when to use which option?
  Thanks and regards,
  Sebastian

  Hi,
  >>>WSDL in Integration Directoryb but that WSDL containt a like staring with the HTTP instead of HTTPS! My question is how to generate a wsdl file with an HTTPS url tot he web service,
  you don't use the URL from ID - you need to create one yourself and put it there in the generator
  Regards,
  Michal Krawczyk

• Calling a WebSphere Web Service over a Destination

  Hi there,
  we have installed SAP CE 7.1 SP3 on machine1 and created a destination to another SAP server, called machine2, which we use as web space and save our WSDLs, e.g. machine2:50000/wsdl/MyService.wsdl.
  MyService is a small dummy service created with WebSphere Service and works fine. It does not need any security details! This service runs on machine3 and its endpoint is machine3:9060/MyServiceWeb/services/MyServiceSOAP.
  So I tried to invoke this service in the WSNavigator on machine1 by entering directly the url. This works.
  But if I select the service over the logical destination and then try to invoke it, I get the following error message:
  RemoteException: Invalid Response code (404). Server <http://machine2:50000/MyServiceWeb/services/MyServiceSOAP> returned message <Not Found>.
  But the correct result is returned, too.
  The definition of the destination is as following:
  Type: WSDL
  Name: MyService
  URL: http://machine2:50000/wsdl/MyService.wsdl
  System: Java
  System Name:
  Host Name:
  Also a HTTP Authentication is entered with User ID/Password (Basic).
  Another interesting point is that I found this error in the log file:
  com.sap.engine.services.wssec.srt.protocols.AbstractSecurityProtocol # Authentication method is sapsp:HTTPBasic, but no user or password is specified.
  But I can swear that this input is entered. The provided user has administrative rights for machine2.
  I hope you can help me!
  Thanks,
  Felix

  Hi Anthony,
  If you are using a proper ssl certificate signed by one of the ssl certificate vendors, whose CAs are in the java root keystore, you donot need to do anything special.
  However, if you are using a test ssl certificate generated within your organization, you would have to add it to the keystore of the JRE which runs the BPEL engine, otherwise you would usually get an error similar to "java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target". More information on adding the custom certificate to a JRE root keystore can be found in this article.
  Hope this helps,
  Shanmu.
  http://www.prshanmu.com/articles

• Error while invoking web service over SSL

  While making a SSL Connections to web service i am getting the below mentioned error in spite of configuring the certificate provided by the client onto WLS.
  I tried adding the certificate to the default DemoTrust and DemoIdentity Keystores. The error still persisted.
  I also tried importing the certificate(into cacerts keystore) as Java Standard Trust as well as tried pointing it to the custom keystores. None of it worked :(
  Could somebody please give a solution to resolve this error ASAP.
  The error is:
  Message:exception occured, due to org.apache.axis2.AxisFault: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  org.apache.axis2.AxisFault: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
       at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:83)
       at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:84)
       at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
       at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
       at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
       at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
       at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
       at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
       at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
       at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:542)
       at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199)
       at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:76)
       at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:400)
       at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:225)
       at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
       at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
       at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
       at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
       at com.intel.services.warrantyservice.Get_Warranty_Details_OutServiceStub.get_Warranty_Details_Out(Get_Warranty_Details_OutServiceStub.java:184)
       at com.intel.www.PortalServices.PortalServicesSOAPImpl.getWarrantyDetails(PortalServicesSOAPImpl.java:1865)
       at com.intel.www.PortalServices.PortalServicesSOAPSkeleton.getWarrantyDetails(PortalServicesSOAPSkeleton.java:213)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:397)
       at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:186)
       at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:323)
       at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
       at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
       at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
       at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
       at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
       at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
       at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3590)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Caused by: javax.xml.stream.XMLStreamException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at weblogic.xml.stax.XMLWriterBase.flush(XMLWriterBase.java:504)
       at org.apache.axiom.om.impl.MTOMXMLStreamWriter.flush(MTOMXMLStreamWriter.java:168)
       at org.apache.axis2.databinding.utils.writer.MTOMAwareXMLSerializer.flush(MTOMAwareXMLSerializer.java:79)
       at org.apache.axis2.databinding.ADBDataSource.serialize(ADBDataSource.java:94)
       at org.apache.axiom.om.impl.llom.OMSourcedElementImpl.internalSerializeAndConsume(OMSourcedElementImpl.java:738)
       at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:966)
       at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerializeAndConsume(OMElementImpl.java:995)
       at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.serializeInternally(SOAPEnvelopeImpl.java:254)
       at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.internalSerialize(SOAPEnvelopeImpl.java:242)
       at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerializeAndConsume(OMElementImpl.java:995)
       at org.apache.axiom.om.impl.llom.OMNodeImpl.serializeAndConsume(OMNodeImpl.java:486)
       at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:79)
       ... 48 more
  Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
       at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
       at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
       at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
       at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
       at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
       at org.apache.commons.httpclient.ChunkedOutputStream.flush(ChunkedOutputStream.java:191)
       at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
       at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
       at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
       at java.io.BufferedWriter.flush(BufferedWriter.java:236)
       at weblogic.xml.stax.XMLWriterBase.flush(XMLWriterBase.java:502)
       ... 59 more
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
       at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
       at sun.security.validator.Validator.validate(Validator.java:218)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
       at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
       ... 74 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
       at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
       at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
       at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
       ... 80 more

  Which version/platform are you using?
  The thing you need to consider here is that the JDev proxy settings do not affect the BPEL server.
  So if the BPEL server cannot connect to your webservice, it will not be because of any Jdev setting.
  Check the proxy settings on your BPEL server (on 10.1.2 developer install it will be in obsetenv.bat, on 10.1.3 it will be a commandline property of the JVM - see AS Control administration page for the JVM)

• Problema with web services over ssl

  I'm trying to consume a web service that require ssql. i enabled ssl debug, but i can't understand what's wrong. :-(
  keyStore is :
  keyStore type is : jks
  keyStore provider is :
  init keystore
  init keymanager of type SunX509
  trustStore is: C:\Arquivos de programas\Java\jdk1.6.0_06\jre\lib\security\cacerts
  trustStore type is : jks
  trustStore provider is :
  init truststore
  adding as trusted cert:
  Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
  Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
  Algorithm: RSA; Serial number: 0x20000000000d678b79405
  Valid from Tue Sep 01 09:00:00 GMT-03:00 1998 until Tue Jan 28 09:00:00 GMT-03:00 2014
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x0
  Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x1
  Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
  Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
  Algorithm: RSA; Serial number: 0x1
  Valid from Tue May 30 07:44:50 GMT-03:00 2000 until Sat May 30 07:44:50 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
  Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
  Algorithm: RSA; Serial number: 0x1
  Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
  Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
  Algorithm: RSA; Serial number: 0x10a
  Valid from Wed Feb 14 14:58:31 GMT-03:00 2007 until Mon Feb 13 14:58:31 GMT-03:00 2012
  adding as trusted cert:
  Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Algorithm: RSA; Serial number: 0x1a5
  Valid from Wed Aug 12 21:29:00 GMT-03:00 1998 until Mon Aug 13 20:59:00 GMT-03:00 2018
  adding as trusted cert:
  Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
  Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
  Algorithm: RSA; Serial number: 0x20000b9
  Valid from Fri May 12 15:46:00 GMT-03:00 2000 until Mon May 12 20:59:00 GMT-03:00 2025
  adding as trusted cert:
  Subject: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
  Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
  Algorithm: RSA; Serial number: 0x389ef6e4
  Valid from Mon Feb 07 13:16:40 GMT-03:00 2000 until Fri Feb 07 13:46:40 GMT-03:00 2020
  adding as trusted cert:
  Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x70bae41d10d92934b638ca7b03ccbabf
  Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
  Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
  adding as trusted cert:
  Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
  Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
  Algorithm: RSA; Serial number: 0x20000bf
  Valid from Wed May 17 11:01:00 GMT-03:00 2000 until Sat May 17 20:59:00 GMT-03:00 2025
  adding as trusted cert:
  Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
  Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
  Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510
  Valid from Thu Mar 23 11:10:23 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
  adding as trusted cert:
  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
  Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x2d1bfc4a178da391ebe7fff58b45be0b
  Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
  Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
  Algorithm: RSA; Serial number: 0x374ad243
  Valid from Tue May 25 13:09:40 GMT-03:00 1999 until Sat May 25 13:39:40 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
  Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
  Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606
  Valid from Wed Mar 22 12:54:28 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x1
  Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
  Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
  Algorithm: RSA; Serial number: 0x380391ee
  Valid from Tue Oct 12 16:24:30 GMT-03:00 1999 until Sat Oct 12 16:54:30 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
  Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
  adding as trusted cert:
  Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
  Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
  Algorithm: RSA; Serial number: 0x1
  Valid from Fri Jun 25 21:19:54 GMT-03:00 1999 until Tue Jun 25 21:19:54 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
  Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
  Algorithm: RSA; Serial number: 0x1
  Valid from Tue May 30 07:38:31 GMT-03:00 2000 until Sat May 30 07:38:31 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a
  Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
  adding as trusted cert:
  Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
  Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
  Algorithm: RSA; Serial number: 0x1
  Valid from Tue May 30 07:48:38 GMT-03:00 2000 until Sat May 30 07:48:38 GMT-03:00 2020
  adding as trusted cert:
  Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
  Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
  Algorithm: RSA; Serial number: 0x35def4cf
  Valid from Sat Aug 22 13:41:51 GMT-03:00 1998 until Wed Aug 22 13:41:51 GMT-03:00 2018
  adding as trusted cert:
  Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
  Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
  Algorithm: RSA; Serial number: 0x0
  Valid from Tue Jun 29 14:39:16 GMT-03:00 2004 until Thu Jun 29 14:39:16 GMT-03:00 2034
  adding as trusted cert:
  Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
  Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
  Algorithm: RSA; Serial number: 0x4
  Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
  Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
  adding as trusted cert:
  Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
  Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
  Algorithm: RSA; Serial number: 0x1
  Valid from Wed Dec 31 21:00:00 GMT-03:00 2003 until Sun Dec 31 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
  Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039
  Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
  adding as trusted cert:
  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
  Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
  Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
  Algorithm: RSA; Serial number: 0x3770cfb5
  Valid from Wed Jun 23 09:14:45 GMT-03:00 1999 until Sun Jun 23 09:14:45 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
  Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
  Algorithm: RSA; Serial number: 0x400000000010f8626e60d
  Valid from Fri Dec 15 05:00:00 GMT-03:00 2006 until Wed Dec 15 05:00:00 GMT-03:00 2021
  adding as trusted cert:
  Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
  Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
  Algorithm: RSA; Serial number: 0x389b113c
  Valid from Fri Feb 04 14:20:00 GMT-03:00 2000 until Tue Feb 04 14:50:00 GMT-03:00 2020
  adding as trusted cert:
  Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
  Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
  Algorithm: RSA; Serial number: 0x2ad667e4e45fe5e576f3c98195eddc0
  Valid from Tue Nov 08 21:00:00 GMT-03:00 1994 until Thu Jan 07 20:59:59 GMT-03:00 2010
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x0
  Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x0
  Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
  Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
  Algorithm: RSA; Serial number: 0x23456
  Valid from Tue May 21 01:00:00 GMT-03:00 2002 until Sat May 21 01:00:00 GMT-03:00 2022
  adding as trusted cert:
  Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0xcdba7f56f0dfe4bc54fe22acb372aa55
  Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: CN=Sonera Class1 CA, O=Sonera, C=FI
  Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI
  Algorithm: RSA; Serial number: 0x24
  Valid from Fri Apr 06 07:49:13 GMT-03:00 2001 until Tue Apr 06 07:49:13 GMT-03:00 2021
  adding as trusted cert:
  Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
  Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
  Algorithm: RSA; Serial number: 0x0
  Valid from Tue Jun 29 14:06:20 GMT-03:00 2004 until Thu Jun 29 14:06:20 GMT-03:00 2034
  adding as trusted cert:
  Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
  Valid from Fri Jul 09 15:10:42 GMT-03:00 1999 until Tue Jul 09 15:19:22 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989
  Valid from Fri Jul 09 14:28:50 GMT-03:00 1999 until Tue Jul 09 14:36:58 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
  Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
  Algorithm: RSA; Serial number: 0x1
  Valid from Tue May 28 03:00:00 GMT-03:00 2002 until Thu Nov 19 17:43:00 GMT-03:00 2037
  adding as trusted cert:
  Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
  Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
  adding as trusted cert:
  Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
  Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
  Algorithm: RSA; Serial number: 0x3863b966
  Valid from Fri Dec 24 14:50:51 GMT-03:00 1999 until Tue Dec 24 15:20:51 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Algorithm: RSA; Serial number: 0x1b6
  Valid from Fri Aug 14 11:50:00 GMT-03:00 1998 until Wed Aug 14 20:59:00 GMT-03:00 2013
  adding as trusted cert:
  Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
  Valid from Fri Jul 09 15:31:20 GMT-03:00 1999 until Tue Jul 09 15:40:36 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
  Valid from Thu Jun 24 15:57:21 GMT-03:00 1999 until Mon Jun 24 16:06:30 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
  Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
  Algorithm: RSA; Serial number: 0x1d
  Valid from Fri Apr 06 04:29:40 GMT-03:00 2001 until Tue Apr 06 04:29:40 GMT-03:00 2021
  adding as trusted cert:
  Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
  Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
  Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
  Valid from Thu Jan 12 11:38:43 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
  trigger seeding of SecureRandom
  done seeding SecureRandom
  %% No cached client session
  *** ClientHello, TLSv1
  RandomCookie: GMT: 1213102186 bytes = { 150, 70, 222, 91, 1, 159, 135, 122, 245, 66, 221, 50, 113, 8, 128, 154, 68, 232, 127, 215, 140, 215, 148, 147, 58, 93, 236, 23 }
  Session ID: {}
  Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
  Compression Methods: { 0 }
  main, WRITE: TLSv1 Handshake, length = 73
  main, WRITE: SSLv2 client hello message, length = 98
  main, READ: TLSv1 Handshake, length = 10761
  *** ServerHello, TLSv1
  RandomCookie: GMT: 1213102414 bytes = { 186, 36, 22, 99, 140, 117, 31, 5, 231, 216, 148, 205, 190, 127, 202, 37, 111, 176, 39, 77, 137, 208, 110, 239, 167, 210, 211, 160 }
  Session ID: {72, 78, 121, 78, 23, 96, 172, 97, 143, 196, 65, 95, 90, 198, 182, 217, 85, 189, 237, 255, 214, 174, 250, 18, 138, 100, 13, 130, 185, 47, 30, 194}
  Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
  Compression Method: 0
  %% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
  ** SSL_RSA_WITH_RC4_128_MD5
  *** Certificate chain
  chain [0] = [
  Version: V3
  Subject: CN=homolog.sefaz.go.gov.br, OU=Equipamento A1, OU=SEFAZ, OU=Autoridade Certificadora SERPROACF, O=ICP-Brasil, C=BR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: Sun RSA public key, 1024 bits
  modulus: 121822830792857140980544413730208327423965418338836769494531514391506636002202311770038004646445375567736723855328246700773881808368957013969090425291780159678803518407365187798936095103086486699406270894225547100200566740997780387564247231686362223169873014182514927324634241630443664842180597672619260289963
  public exponent: 65537
  Validity: [From: Mon Aug 20 15:22:15 GMT-03:00 2007,
                 To: Tue Aug 19 15:22:15 GMT-03:00 2008]
  Issuer: CN=Autoridade Certificadora do SERPRO Final v1, OU=CSPB-1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
  SerialNumber: [    32303037 30383230 31373434 35343032]
  Certificate Extensions: 7
  [1]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  KeyIdentifier [
  0000: 32 38 96 C7 EE 44 64 E9 9A AA 15 5D E0 08 B4 8D 28...Dd....]....
  0010: 89 47 51 A2 .GQ.
  [2]: ObjectId: 2.5.29.31 Criticality=false
  CRLDistributionPoints [
  [DistributionPoint:
  [URIName: http://ccd.serpro.gov.br/lcr/serproacfv1.crl]
  [3]: ObjectId: 2.5.29.17 Criticality=false
  SubjectAlternativeName [
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.4
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.2
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.3
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.7
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.8
  RFC822Name: [email protected]
  [4]: ObjectId: 2.5.29.37 Criticality=true
  ExtendedKeyUsages [
  serverAuth
  clientAuth
  [5]: ObjectId: 2.5.29.32 Criticality=false
  CertificatePolicies [
  [CertificatePolicyId: [2.16.76.1.2.1.16]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 39 68 74 74 70 73 3A   2F 2F 63 63 64 2E 73 65  .9https://ccd.se
  0010: 72 70 72 6F 2E 67 6F 76   2E 62 72 2F 73 65 72 70  rpro.gov.br/serp
  0020: 72 6F 61 63 66 2F 64 6F   63 73 2F 64 70 63 73 65  roacf/docs/dpcse
  0030: 72 70 72 6F 61 63 66 2E   70 64 66                 rproacf.pdf
  [6]: ObjectId: 2.5.29.15 Criticality=true
  KeyUsage [
  DigitalSignature
  Non_repudiation
  Key_Encipherment
  [7]: ObjectId: 2.5.29.19 Criticality=true
  BasicConstraints:[
  CA:false
  PathLen:2147483647
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 5B 3B 86 9B 76 9A 9E 5A 21 53 38 A2 38 F8 53 00 [;..v..Z!S8.8.S.
  0010: DA 12 46 B4 18 77 7E 12 8F A8 BE 36 DC C8 FB 50 ..F..w.....6...P
  0020: 75 AA 4B 53 62 68 8A 5E 89 BB A5 96 54 75 4B DE u.KSbh.^....TuK.
  0030: A5 C8 B8 85 5F 37 D5 A9 AC 9D 06 9E 31 B3 E0 E7 ...._7......1...
  0040: BF AC B5 87 9F 24 AB 9D B5 C1 20 6B 63 B4 77 7E .....$.... kc.w.
  0050: 83 1D 59 2F 81 B7 3D 02 45 D3 26 C4 A8 09 6E 3A ..Y/..=.E.&...n:
  0060: 16 A3 0B 35 EE 06 4E 98 20 BD B3 92 90 50 C1 ED ...5..N. ....P..
  0070: 2D 00 66 2D D0 C7 7D 7A 54 2B 1F 7D 68 11 C9 D8 -.f-...zT+..h...
  0080: D4 45 5A 7D C4 C3 55 E6 0F 6D A1 5C D4 69 AC 04 .EZ...U..m.\.i..
  0090: DB 0F FC 02 DF 63 17 17 A2 DD 9D 3E C6 6A 1E F2 .....c.....>.j..
  00A0: 9B 6B 27 48 B2 52 75 8A B1 8B 6B 05 0D 7A 83 7E .k'H.Ru...k..z..
  00B0: 3B 4D 5F 13 4D 69 7D 98 BF D0 29 86 43 01 1F F0 ;M_.Mi....).C...
  00C0: DD D9 4D 41 D2 27 82 B3 D6 48 3B A6 CA 7B 18 21 ..MA.'...H;....!
  00D0: E0 8A D0 07 EF 1F 4F 6D DA 74 BC AC 64 99 9C 80 ......Om.t..d...
  00E0: FD EC 89 22 AE 18 D3 1A 1B C8 D4 D8 EC 69 80 99 ...".........i..
  00F0: 43 5B 91 1C E3 28 5F 4C 51 71 F4 4D 85 01 71 E7 C[...(_LQq.M..q.
  chain [1] = [
  Version: V3
  Subject: CN=Autoridade Certificadora do SERPRO Final v1, OU=CSPB-1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: Sun RSA public key, 2048 bits
  modulus: 23659367425961339986383814473655435770305076360336120846402324294010759604691167341796796450718297422937486485989173997689009435615853573479123246742093161509679795253583183150516996100507241385700603597169864442790237544440295928051568067762067963906038465181975829517141032706152589802921982785603244093509126659971216775796468681697846064212891335993008177024582806600140619329189802486109058177503824508848203446928569492107040513868017002818333597993397664228505910643929070063949422917116775478325433437537593716368812763202859366097841062831999053298446527212103412654663554371896386629504450969081314886684871
  public exponent: 58865
  Validity: [From: Mon Apr 04 13:26:59 GMT-03:00 2005,
                 To: Mon Oct 24 20:59:00 GMT-03:00 2011]
  Issuer: CN=Autoridade Certificadora do SERPRO v1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
  SerialNumber: [    32303035 30343034 31353530 35363030 3031]
  Certificate Extensions: 6
  [1]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: 32 38 96 C7 EE 44 64 E9 9A AA 15 5D E0 08 B4 8D 28...Dd....]....
  0010: 89 47 51 A2 .GQ.
  [2]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  KeyIdentifier [
  0000: E2 8B 15 41 DB 75 39 29 BC 1C 54 7B FB 51 3F 14 ...A.u9)..T..Q?.
  0010: 09 12 F2 B4 ....
  [3]: ObjectId: 2.5.29.31 Criticality=false
  CRLDistributionPoints [
  [DistributionPoint:
  [URIName: http://ccd.serpro.gov.br/lcr/acserpro.crl]
  [4]: ObjectId: 2.5.29.32 Criticality=false
  CertificatePolicies [
  [CertificatePolicyId: [2.16.76.1.2.1.16]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 37 68 74 74 70 73 3A   2F 2F 63 63 64 2E 73 65  .7https://ccd.se
  0010: 72 70 72 6F 2E 67 6F 76   2E 62 72 2F 61 63 73 65  rpro.gov.br/acse
  0020: 72 70 72 6F 2F 64 6F 63   73 2F 64 70 63 61 63 73  rpro/docs/dpcacs
  0030: 65 72 70 72 6F 2E 70 64   66                       erpro.pdf
  [CertificatePolicyId: [2.16.76.1.2.3.13]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 37 68 74 74 70 73 3A   2F 2F 63 63 64 2E 73 65  .7https://ccd.se
  0010: 72 70 72 6F 2E 67 6F 76   2E 62 72 2F 61 63 73 65  rpro.gov.br/acse
  0020: 72 70 72 6F 2F 64 6F 63   73 2F 64 70 63 61 63 73  rpro/docs/dpcacs
  0030: 65 72 70 72 6F 2E 70 64   66                       erpro.pdf
  [CertificatePolicyId: [2.16.76.1.2.1.17]
  [PolicyQualifierInfo: [
    qualifierID: 1.3.6.1.5.5.7.2.1
    qualifier: 0000: 16 37 68 74 74 70 73 3A   2F 2F 63 63 64 2E 73 65  .7https://ccd.se
  0010: 72 70 72 6F 2E 67 6F 76   2E 62 72 2F 61 63 73 65  rpro.gov.br/acse
  0020: 72 70 72 6F 2F 64 6F 63   73 2F 64 70 63 61 63 73  rpro/docs/dpcacs
  0030: 65 72 70 72 6F 2E 70 64   66                       erpro.pdf
  [5]: ObjectId: 2.5.29.15 Criticality=true
  KeyUsage [
  Key_CertSign
  Crl_Sign
  [6]: ObjectId: 2.5.29.19 Criticality=true
  BasicConstraints:[
  CA:true
  PathLen:0
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 20 D5 4E 17 91 54 10 D5 3C 8C A0 3F F3 5D 23 FB .N..T..<..?.]#.
  0010: 03 83 C8 92 59 13 58 E1 DA 37 3E B6 85 00 F2 F5 ....Y.X..7>.....
  0020: C2 5E 27 DE C6 DD 30 F1 F8 8D CB DF E0 79 42 52 .^'...0......yBR
  0030: E8 8A 9C C0 39 40 67 E2 32 19 05 0F C3 8A 62 7C [email protected].
  0040: 44 D8 AB 1C 02 90 BF 4A 0D 85 89 D9 28 3C 19 6A D......

  i get a new certificate and now i'm getting the following error:
  run:
  keyStore is : D:\NFe\FiboNFe\Codigo\binarios\Certificados\00647154000250.p12
  keyStore type is : PKCS12
  keyStore provider is :
  init keystore
  init keymanager of type SunX509
  found key for : ac sefazgo - zema cia de petroleo ltda
  chain [0] = [
  Version: V3
  Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: Sun RSA public key, 1024 bits
  modulus: 156165028103689130512128042499152839841454193332056593988973957180679312477722424100906759434445855868490108915782950316422470489371768181578031249674215052225925638629814529894401995141383245975637710610778796528775386241354343792138837300923183596668288077189084522054268656963846045071234921096231142045503
  public exponent: 65537
  Validity: [From: Wed Feb 14 14:58:31 GMT-03:00 2007,
                 To: Mon Feb 13 14:58:31 GMT-03:00 2012]
  Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
  SerialNumber: [    010a]
  Certificate Extensions: 8
  [1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
  Extension unknown: DER encoded OCTET string =
  0000: 04 34 16 32 43 65 72 74 69 66 69 63 61 64 6F 20 .4.2Certificado
  0010: 63 6C 69 65 6E 74 65 20 70 61 72 61 20 5A 45 4D cliente para ZEM
  0020: 41 20 43 49 41 20 44 45 20 50 45 54 52 4F 4C 45 A CIA DE PETROLE
  0030: 4F 20 4C 54 44 41 O LTDA
  [2]: ObjectId: 2.5.29.14 Criticality=false
  SubjectKeyIdentifier [
  KeyIdentifier [
  0000: 98 9E 12 CE 90 93 05 1A D5 22 DA 37 86 DE FA DF .........".7....
  0010: 82 DA 3D 76 ..=v
  [3]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
  NetscapeCertType [
  SSL client
  S/MIME
  Object Signing
  [4]: ObjectId: 2.5.29.35 Criticality=false
  AuthorityKeyIdentifier [
  [CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR]
  SerialNumber: [    fddca941 482ec9a8]
  [5]: ObjectId: 2.5.29.17 Criticality=false
  SubjectAlternativeName [
  RFC822Name: [email protected]
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.4
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.2
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.3
  Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.7
  [6]: ObjectId: 2.5.29.31 Criticality=false
  CRLDistributionPoints [
  [DistributionPoint:
  [URIName: http://homolog.sefaz.go.gov.br/acsefazgo/acsefazgo.crl]
  [7]: ObjectId: 2.5.29.15 Criticality=false
  KeyUsage [
  DigitalSignature
  Non_repudiation
  Key_Encipherment
  [8]: ObjectId: 2.5.29.19 Criticality=false
  BasicConstraints:[
  CA:false
  PathLen: undefined
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 5D C2 B6 D0 46 C7 62 75 0B C9 4B 33 6C DC C9 59 ]...F.bu..K3l..Y
  0010: 5E 2C C0 DB 5E 4A 1D 92 E7 07 D6 57 A8 42 F3 9C ^,..^J.....W.B..
  0020: 20 73 06 2F 85 C3 7F D7 4B 9C 37 01 78 CE F5 D6 s./....K.7.x...
  0030: 0A 4E 73 E3 97 D4 91 AB E5 36 FD E1 72 0A 52 81 .Ns......6..r.R.
  0040: E4 7C 71 C9 ED 3B 07 CF 5F 92 23 6E BD D1 41 B4 ..q..;.._.#n..A.
  0050: 0E 63 98 34 30 58 45 BC F2 8B 79 CC 42 35 C4 9E .c.40XE...y.B5..
  0060: 11 60 4A 4D 18 E8 5C 5D E0 DE 00 62 92 3E 5C 3A .`JM..\]...b.>\:
  0070: F8 1B 22 F3 25 0D F1 44 19 0F 4D 39 AB 28 2A D9 ..".%..D..M9.(*.
  chain [1] = [
  Version: V1
  Subject: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
  Key: Sun RSA public key, 1024 bits
  modulus: 127802546146235830576140179493601283095940595321418162651326663347027489542570383903029994774550120601063051515739969496712154341918329211265045381248247800442115925457899222625312701264189136966705127659226917208209098405021110477504756857490937404558470512168426299183317779894163270945711882621802732846421
  public exponent: 65537
  Validity: [From: Mon Feb 12 21:49:13 GMT-03:00 2007,
                 To: Thu Feb 09 21:49:13 GMT-03:00 2017]
  Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
  SerialNumber: [    fddca941 482ec9a8]
  Algorithm: [SHA1withRSA]
  Signature:
  0000: 9C FC A1 04 AC D5 EB E6 27 EC B3 F8 5F 77 96 C6 ........'..._w..
  0010: 3D 65 8D C7 83 C4 3E 17 E3 AF D2 8C 66 48 C0 38 =e....>.....fH.8
  0020: 12 41 41 18 58 92 91 6D 64 E1 8C B5 5A 3C 18 5B .AA.X..md...Z<.[
  0030: E6 42 79 97 1B 50 4D 7B 49 C5 55 95 7B 73 EC 42 .By..PM.I.U..s.B
  0040: A5 BE E5 A7 4A 2A 00 59 0C B3 0D B9 23 F6 D5 70 ....J*.Y....#..p
  0050: 1B 9A 2B 75 97 46 25 EF 1C 7C 57 41 43 7B 37 53 ..+u.F%...WAC.7S
  0060: E3 D7 BF 04 AE EA 83 26 B7 AF D2 8D 50 4B 04 60 .......&....PK.`
  0070: 3A CE 5A A6 4B 0E 27 BA A6 7D 49 02 34 CD EB F6 :.Z.K.'...I.4...
  trustStore is: C:\Arquivos de programas\Java\jdk1.6.0_06\jre\lib\security\cacerts
  trustStore type is : jks
  trustStore provider is :
  init truststore
  adding as trusted cert:
  Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
  Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
  Algorithm: RSA; Serial number: 0x20000000000d678b79405
  Valid from Tue Sep 01 09:00:00 GMT-03:00 1998 until Tue Jan 28 09:00:00 GMT-03:00 2014
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x0
  Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x1
  Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
  Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
  Algorithm: RSA; Serial number: 0x1
  Valid from Tue May 30 07:44:50 GMT-03:00 2000 until Sat May 30 07:44:50 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
  Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
  Algorithm: RSA; Serial number: 0x1
  Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
  Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
  Algorithm: RSA; Serial number: 0x10a
  Valid from Wed Feb 14 14:58:31 GMT-03:00 2007 until Mon Feb 13 14:58:31 GMT-03:00 2012
  adding as trusted cert:
  Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Algorithm: RSA; Serial number: 0x1a5
  Valid from Wed Aug 12 21:29:00 GMT-03:00 1998 until Mon Aug 13 20:59:00 GMT-03:00 2018
  adding as trusted cert:
  Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
  Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
  Algorithm: RSA; Serial number: 0x20000b9
  Valid from Fri May 12 15:46:00 GMT-03:00 2000 until Mon May 12 20:59:00 GMT-03:00 2025
  adding as trusted cert:
  Subject: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
  Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
  Algorithm: RSA; Serial number: 0x389ef6e4
  Valid from Mon Feb 07 13:16:40 GMT-03:00 2000 until Fri Feb 07 13:46:40 GMT-03:00 2020
  adding as trusted cert:
  Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x70bae41d10d92934b638ca7b03ccbabf
  Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
  Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
  adding as trusted cert:
  Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
  Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
  Algorithm: RSA; Serial number: 0x20000bf
  Valid from Wed May 17 11:01:00 GMT-03:00 2000 until Sat May 17 20:59:00 GMT-03:00 2025
  adding as trusted cert:
  Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
  Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
  Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510
  Valid from Thu Mar 23 11:10:23 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
  adding as trusted cert:
  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
  Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x2d1bfc4a178da391ebe7fff58b45be0b
  Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
  Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
  Algorithm: RSA; Serial number: 0x374ad243
  Valid from Tue May 25 13:09:40 GMT-03:00 1999 until Sat May 25 13:39:40 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
  Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
  Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606
  Valid from Wed Mar 22 12:54:28 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x1
  Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
  Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
  Algorithm: RSA; Serial number: 0x380391ee
  Valid from Tue Oct 12 16:24:30 GMT-03:00 1999 until Sat Oct 12 16:54:30 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
  Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
  adding as trusted cert:
  Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
  Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
  Algorithm: RSA; Serial number: 0x1
  Valid from Fri Jun 25 21:19:54 GMT-03:00 1999 until Tue Jun 25 21:19:54 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
  Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
  Algorithm: RSA; Serial number: 0x1
  Valid from Tue May 30 07:38:31 GMT-03:00 2000 until Sat May 30 07:38:31 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a
  Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
  adding as trusted cert:
  Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
  Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
  Algorithm: RSA; Serial number: 0x1
  Valid from Tue May 30 07:48:38 GMT-03:00 2000 until Sat May 30 07:48:38 GMT-03:00 2020
  adding as trusted cert:
  Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
  Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
  Algorithm: RSA; Serial number: 0x35def4cf
  Valid from Sat Aug 22 13:41:51 GMT-03:00 1998 until Wed Aug 22 13:41:51 GMT-03:00 2018
  adding as trusted cert:
  Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
  Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
  Algorithm: RSA; Serial number: 0x0
  Valid from Tue Jun 29 14:39:16 GMT-03:00 2004 until Thu Jun 29 14:39:16 GMT-03:00 2034
  adding as trusted cert:
  Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
  Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
  Algorithm: RSA; Serial number: 0x4
  Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
  Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
  adding as trusted cert:
  Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
  Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
  Algorithm: RSA; Serial number: 0x1
  Valid from Wed Dec 31 21:00:00 GMT-03:00 2003 until Sun Dec 31 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
  Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
  Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039
  Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
  adding as trusted cert:
  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
  Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
  Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
  Algorithm: RSA; Serial number: 0x3770cfb5
  Valid from Wed Jun 23 09:14:45 GMT-03:00 1999 until Sun Jun 23 09:14:45 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
  Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
  Algorithm: RSA; Serial number: 0x400000000010f8626e60d
  Valid from Fri Dec 15 05:00:00 GMT-03:00 2006 until Wed Dec 15 05:00:00 GMT-03:00 2021
  adding as trusted cert:
  Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
  Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
  Algorithm: RSA; Serial number: 0x389b113c
  Valid from Fri Feb 04 14:20:00 GMT-03:00 2000 until Tue Feb 04 14:50:00 GMT-03:00 2020
  adding as trusted cert:
  Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
  Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
  Algorithm: RSA; Serial number: 0x2ad667e4e45fe5e576f3c98195eddc0
  Valid from Tue Nov 08 21:00:00 GMT-03:00 1994 until Thu Jan 07 20:59:59 GMT-03:00 2010
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x0
  Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Algorithm: RSA; Serial number: 0x0
  Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
  adding as trusted cert:
  Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
  Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
  Algorithm: RSA; Serial number: 0x23456
  Valid from Tue May 21 01:00:00 GMT-03:00 2002 until Sat May 21 01:00:00 GMT-03:00 2022
  adding as trusted cert:
  Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0xcdba7f56f0dfe4bc54fe22acb372aa55
  Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
  adding as trusted cert:
  Subject: CN=Sonera Class1 CA, O=Sonera, C=FI
  Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI
  Algorithm: RSA; Serial number: 0x24
  Valid from Fri Apr 06 07:49:13 GMT-03:00 2001 until Tue Apr 06 07:49:13 GMT-03:00 2021
  adding as trusted cert:
  Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
  Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
  Algorithm: RSA; Serial number: 0x0
  Valid from Tue Jun 29 14:06:20 GMT-03:00 2004 until Thu Jun 29 14:06:20 GMT-03:00 2034
  adding as trusted cert:
  Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
  Valid from Fri Jul 09 15:10:42 GMT-03:00 1999 until Tue Jul 09 15:19:22 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989
  Valid from Fri Jul 09 14:28:50 GMT-03:00 1999 until Tue Jul 09 14:36:58 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
  Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
  Algorithm: RSA; Serial number: 0x1
  Valid from Tue May 28 03:00:00 GMT-03:00 2002 until Thu Nov 19 17:43:00 GMT-03:00 2037
  adding as trusted cert:
  Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
  Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
  Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
  adding as trusted cert:
  Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
  Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
  Algorithm: RSA; Serial number: 0x3863b966
  Valid from Fri Dec 24 14:50:51 GMT-03:00 1999 until Tue Dec 24 15:20:51 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Algorithm: RSA; Serial number: 0x1b6
  Valid from Fri Aug 14 11:50:00 GMT-03:00 1998 until Wed Aug 14 20:59:00 GMT-03:00 2013
  adding as trusted cert:
  Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
  Valid from Fri Jul 09 15:31:20 GMT-03:00 1999 until Tue Jul 09 15:40:36 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
  Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
  Valid from Thu Jun 24 15:57:21 GMT-03:00 1999 until Mon Jun 24 16:06:30 GMT-03:00 2019
  adding as trusted cert:
  Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
  Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
  Algorithm: RSA; Serial number: 0x1d
  Valid from Fri Apr 06 04:29:40 GMT-03:00 2001 until Tue Apr 06 04:29:40 GMT-03:00 2021
  adding as trusted cert:
  Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
  Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
  Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
  Valid from Thu Jan 12 11:38:43 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
  trigger seeding of SecureRandom
  done seeding SecureRandom
  %% No cached client session
  *** ClientHello, TLSv1
  RandomCookie: GMT: 1213286062 bytes = { 175, 119, 88, 156, 122, 87, 49, 44, 101, 238, 155, 248, 50, 93, 130, 181, 230, 183, 242, 175, 99, 73, 45, 213, 138, 159, 67, 2 }
  Session ID: {}
  Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
  Compression Methods: { 0 }
  [write] MD5 and SHA1 hashes: len = 73
  0000: 01 00 00 45 03 01 48 51 47 AE AF 77 58 9C 7A 57 ...E..HQG..wX.zW
  0010: 31 2C 65 EE 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 1,e...2]......cI
  0020: 2D D5 8A 9F 43 02 00 00 1E 00 04 00 05 00 2F 00 -...C........./.
  0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
  0040: 03 00 08 00 14 00 11 01 00 .........
  main, WRITE: TLSv1 Handshake, length = 73
  [write] MD5 and SHA1 hashes: len = 98
  0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
  0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
  0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
  0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
  0040: 00 11 48 51 47 AE AF 77 58 9C 7A 57 31 2C 65 EE ..HQG..wX.zW1,e.
  0050: 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 2D D5 8A 9F ..2]......cI-...
  0060: 43 02 C.
  main, WRITE: SSLv2 client hello message, length = 98
  [Raw write]: length = 100
  0000: 80 62 01 03 01 00 39 00 00 00 20 00 00 04 01 00 .b....9... .....
  0010: 80 00 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A ....../..3..2...
  0020: 07 00 C0 00 00 16 00 00 13 00 00 09 06 00 40 00 ..............@.
  0030: 00 15 00 00 12 00 00 03 02 00 80 00 00 08 00 00 ................
  0040: 14 00 00 11 48 51 47 AE AF 77 58 9C 7A 57 31 2C ....HQG..wX.zW1,
  0050: 65 EE 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 2D D5 e...2]......cI-.
  0060: 8A 9F 43 02 ..C.
  [Raw read]: length = 5
  0000: 16 03 01 2A 09 ...*.
  [Raw read]: length = 1447
  0000: 02 00 00 46 03 01 48 51 48 9A E1 59 9B EA B2 68 ...F..HQH..Y...h
  0010: 3E 94 C8 47 A5 D6 1B 61 84 A6 09 1D 59 5D 16 1E >..G...a....Y]..
  0020: B2 20 9C FF 2C B2 20 48 51 48 9A 01 56 28 85 90 . ..,. HQH..V(..
  0030: 5C D9 06 F0 DC B0 A4 7E DB 4C 64 25 0D 3D 4E FF \........Ld%.=N.
  0040: B3 89 4D 54 E7 0E AF 00 04 00 0B 00 14 09 00 14 ..MT............
  0050: 06 00 05 47 30 82 05 43 30 82 04 2B A0 03 02 01 ...G0..C0..+....
  0060: 02 02 10 32 30 30 37 30 38 32 30 31 37 34 34 35 ...2007082017445
  0070: 34 30 32 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 4020...*.H......
  0080: 05 00 30 81 A6 31 0B 30 09 06 03 55 04 06 13 02 ..0..1.0...U....
  0090: 42 52 31 13 30 11 06 03 55 04 0A 13 0A 49 43 50 BR1.0...U....ICP
  00A0: 2D 42 72 61 73 69 6C 31 3B 30 39 06 03 55 04 0B -Brasil1;09..U..
  00B0: 13 32 53 65 72 76 69 63 6F 20 46 65 64 65 72 61 .2Servico Federa
  00C0: 6C 20 64 65 20 50 72 6F 63 65 73 73 61 6D 65 6E l de Processamen
  00D0: 74 6F 20 64 65 20 44 61 64 6F 73 20 2D 20 53 45 to de Dados - SE
  00E0: 52 50 52 4F 31 0F 30 0D 06 03 55 04 0B 13 06 43 RPRO1.0...U....C
  00F0: 53 50 42 2D 31 31 34 30 32 06 03 55 04 03 13 2B SPB-11402..U...+
  0100: 41 75 74 6F 72 69 64 61 64 65 20 43 65 72 74 69 Autoridade Certi
  0110: 66 69 63 61 64 6F 72 61 20 64 6F 20 53 45 52 50 ficadora do SERP
  0120: 52 4F 20 46 69 6E 61 6C 20 76 31 30 1E 17 0D 30 RO Final v10...0
  0130: 37 30 38 32 30 31 38 32 32 31 35 5A 17 0D 30 38 70820182215Z..08
  0140: 30 38 31 39 31 38 32 32 31 35 5A 30 81 9A 31 0B 0819182215Z0..1.
  0150: 30 09 06 03 55 04 06 13 02 42 52 31 13 30 11 06 0...U....BR1.0..
  0160: 03 55 04 0A 13 0A 49 43 50 2D 42 72 61 73 69 6C .U....ICP-Brasil
  0170: 31 2B 30 29 06 03 55 04 0B 13 22 41 75 74 6F 72 1+0)..U..."Autor
  0180