Web Service over SSL failing in BEA Workshop
I have deployed a web service on weblogic 9.2
I have enabled one-way ssl on it. got a trial ssl certificate from verisign. installed them on the keystore/truststore on the server as well as the jre (cacerts and jssecacerts truststores) being used by the client. the client is on different machine than the server.
i have developed the service through 'bea weblogic workshop 9.2' now when i try to test the service through the 'web services explorer' within bea weblogic workshop i receive the following error:
IWAB0135E An unexpected error has occurred.
IOException
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
on server:
<Jul 13, 2009 6:45:44 PM EDT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from yunus.l1id.local - 10.10.2.72. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.>
if i try to access the web service (over ssl) through the browser (ie/firefox), it works fine. i have generated a proxy class to access this web service through the same bea workshop and that works fine too. certificates are identified and all. i also created a small .net (c#) application that calls this secure web service over ssl from another machine and it works fine too!
of course non-secure url for the web service is working fine in every case.
what can be the reason for this failing only in 'web services explorer' in bea workshop?
cross posted at: http://www.coderanch.com/t/453879/Web-Services/java/Web-Service-over-SSL-failing
thanks.
Hello,
I used this example, when I made my experiments with SSL and Glassfish (GF):
http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
If you have problems with GF I suggest to post a message here:
http://forums.java.net/jive/forum.jspa?forumID=56
e.g. here is one thread:
http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
Miro.
Similar Messages
-
Web service client behind a proxy server connecting to web service over SSL
Hi Friends,
A web service is exposed by an external system over SSL. We are behind a proxy server and are trying to get connected to web service over SSL. <p>
We are getting the following error on the test browser of workshop<p><p>
External Service Failure: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters.<p><p>
the whole trace is <p>
<p>JDIProxy attached
<Sep 24, 2005 9:27:25 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl:salesExpertServiceControl; Method=creditcheckcontr
ol.SalesExpertServiceControl.doCreditVerification(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
Code:javax.net.ssl.SSLHandshakeException
String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
Detail:
END SERVICE FAULT>
<Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl; Method=creditcheckcontrol.CreditCheck.testCreditC
heck(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
Code:javax.net.ssl.SSLHandshakeException
String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
Detail:
END SERVICE FAULT [ServiceException]>
<Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=top-level; Method=processes.CreditCheck_wf.$__clientRequest(); Fai
lure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled process exception [ServiceException]>
<Sep 24, 2005 9:27:26 AM EDT> <Error> <WLW> <000000> <Failure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled pr
ocess exception [ServiceException]><p>
I am not able to make out what could be possibly wrong. Please let me know if you guys have any ideas about how to resolve it.
Thanks
Sridhardid you resolve this problem. I am looking at the same issue. If you did I would really appreciate your response.
Thanks. -
BAD_CERTIFICATE error calling a web service over SSL in ALSB 2.6
We have a business service on an ALSB 2.6 server (running on WL 9.2.1) that connects to a web service over SSL. When we try to run it, we get the following exception:
<Sep 17, 2009 7:49:17 AM PDT> <Error> <ALSB Kernel> <BEA-380001> <Exception on TransportManagerImpl.sendMessageToService, com.bea.
wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
com.bea.wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.bea.wli.sb.transports.TransportException.newInstance(TransportException.java:146)
at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOu
tboundMessageContext.java:310)
at com.bea.wli.sb.transports.http.HttpsTransportProvider.sendMessageAsync(HttpsTransportProvider.java:435)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Truncated. see log file for complete stacktrace
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
Truncated. see log file for complete stacktrace
This exception only occurs when hitting the web service through the bus. I have written a standalone Java application that posts to the web service and it works fine. I ran the application on the server where the ALSB is running using the same jdk (1.5.0_06 - the version that ships with 9.2.1) and the same cacerts file so I know it's not a problem with the certificate not being trusted. I have tried updating the cacerts file to the latest one distributed with JRE 1.6 and it still doesn't work.
After 8 hours of troubleshooting, I'm out of ideas. Does anyone have any suggestiosn?
Thanks.
Matt
Edited by: user6946981 on Sep 17, 2009 7:58 AMAre you sure that your standalone application is using the same keystore (eg. cacert)? Default WebLogic configuration uses different keystore (demo).
I saw BAD_CERTIFICATE error only once and the cause was in keytool that somehow corrupted certificate during import. Deleting and importing certificate again helped me, but I doubt you have the same problem as your standalone application works.
Another idea ... Is hostname varification used? I know that the error message would look different if this was the cause, but try to add this parameter to your weblogic startup script: -Dweblogic.security.SSL.ignoreHostnameVerification=true
Last but not least, there is difference between your standalone application and ALSB runtime as WebLogic uses Certicom SSL provider. If you don't find the reason, contact Oracle support. Maybe they can help you to tweak Certicom provider in some way. -
Web Service over SSL hangs if sent data size exceeds around 12Kb
Hi,
I have a Web Service running on a WebLogic Server 10.3. One of its purposes is to send and receive documents over a one-way SSL connection. The service runs fine if the documents are smaller than around 12Kb, however if its larger than that, the service simply hangs. From SSL debug information it looks like some data is sent but afterwards it simply stops. When testing the Web Service without SSL it works fine, which points to an SSL issue. Also, surprisingly, when it receives documents over the SSL, it also works fine. I assumed there is a parameter that limits the size of the POST message sent over SSL, however all the parameters that I found, that could do that, were already set to unlimited.We ended up resolving this issue. It turned out to be something really simple. The client that was sending the soap traffic did not have the proper SSL certificate installed on the server that was generating the soap traffic.
-
Web Service over SSL exception
Hi,
Using NetBeans 6.5 (updated), I have created a web service like this:
package test.webservice;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
import javax.ejb.Stateless;
@WebService()
@Stateless()
public class TestWebService {
@WebMethod(operationName = "testOperation")
public String testOperation(@WebParam(name = "firstParameter") String firstParameter) {
//TODO write your implementation code here:
return "This method has executed " + (firstParameter == null ? "no strings attached." : firstParameter);
}I've deployed and tested it on a local Glassfish server. Some additional information:
- Sun GlassFish Enterprise Server v2.1 (9.1.1) (build b60e-fcs)
- jdk1.6.0_13
It worked fine when accessing it through 'http://localhost:8080/TestWebServiceService/TestWebService?Tester', however, when accessing it through the SSL port (using this link: 'https://localhost:8181/TestWebServiceService/TestWebService?Tester'), it has produced an exception with the following stack trace:
Exceptions details : null
java.lang.NullPointerException at java.io.File.(File.java:222) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.initializePort(WebServiceTesterServlet.java:524) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.doGet(WebServiceTesterServlet.java:184) at com.sun.enterprise.webservice.monitoring.WebServiceTesterServlet.invoke(WebServiceTesterServlet.java:119) at com.sun.enterprise.webservice.EjbWebServiceServlet.service(EjbWebServiceServlet.java:142) at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) at com.sun.enterprise.web.AdHocContextValve.invoke(AdHocContextValve.java:114) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:87) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:222) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1096) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:166) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1096) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:288) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:647) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:579) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:831) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341) at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.process(SSLReadTask.java:440) at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.doTask(SSLReadTask.java:228) at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265) at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
Question 1: Why isn't the tester working when using the SSL port? A reason or a bug (possibly fixed in later releases)?
Question 2: Will the Web Service itself also not work when invoked through the SSL port? Is it possible to invoke a simple web service over the simple SSL port?
Question 3: When accessing the WSDL description through the SSL port it produces a blank (empty) response - a blank page. Why so?
Thank you very much in advance!
Best regards
MatejHello,
I used this example, when I made my experiments with SSL and Glassfish (GF):
http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
If you have problems with GF I suggest to post a message here:
http://forums.java.net/jive/forum.jspa?forumID=56
e.g. here is one thread:
http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
Miro. -
Error while invoking web service over SSL
While making a SSL Connections to web service i am getting the below mentioned error in spite of configuring the certificate provided by the client onto WLS.
I tried adding the certificate to the default DemoTrust and DemoIdentity Keystores. The error still persisted.
I also tried importing the certificate(into cacerts keystore) as Java Standard Trust as well as tried pointing it to the custom keystores. None of it worked :(
Could somebody please give a solution to resolve this error ASAP.
The error is:
Message:exception occured, due to org.apache.axis2.AxisFault: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
org.apache.axis2.AxisFault: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:83)
at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:84)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:542)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:76)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:400)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:225)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:435)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at com.intel.services.warrantyservice.Get_Warranty_Details_OutServiceStub.get_Warranty_Details_Out(Get_Warranty_Details_OutServiceStub.java:184)
at com.intel.www.PortalServices.PortalServicesSOAPImpl.getWarrantyDetails(PortalServicesSOAPImpl.java:1865)
at com.intel.www.PortalServices.PortalServicesSOAPSkeleton.getWarrantyDetails(PortalServicesSOAPSkeleton.java:213)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:397)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:186)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:323)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3590)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: javax.xml.stream.XMLStreamException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at weblogic.xml.stax.XMLWriterBase.flush(XMLWriterBase.java:504)
at org.apache.axiom.om.impl.MTOMXMLStreamWriter.flush(MTOMXMLStreamWriter.java:168)
at org.apache.axis2.databinding.utils.writer.MTOMAwareXMLSerializer.flush(MTOMAwareXMLSerializer.java:79)
at org.apache.axis2.databinding.ADBDataSource.serialize(ADBDataSource.java:94)
at org.apache.axiom.om.impl.llom.OMSourcedElementImpl.internalSerializeAndConsume(OMSourcedElementImpl.java:738)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:966)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerializeAndConsume(OMElementImpl.java:995)
at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.serializeInternally(SOAPEnvelopeImpl.java:254)
at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.internalSerialize(SOAPEnvelopeImpl.java:242)
at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerializeAndConsume(OMElementImpl.java:995)
at org.apache.axiom.om.impl.llom.OMNodeImpl.serializeAndConsume(OMNodeImpl.java:486)
at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:79)
... 48 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:187)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:181)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1035)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:124)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at org.apache.commons.httpclient.ChunkedOutputStream.flush(ChunkedOutputStream.java:191)
at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
at java.io.BufferedWriter.flush(BufferedWriter.java:236)
at weblogic.xml.stax.XMLWriterBase.flush(XMLWriterBase.java:502)
... 59 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1014)
... 74 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 80 moreWhich version/platform are you using?
The thing you need to consider here is that the JDev proxy settings do not affect the BPEL server.
So if the BPEL server cannot connect to your webservice, it will not be because of any Jdev setting.
Check the proxy settings on your BPEL server (on 10.1.2 developer install it will be in obsetenv.bat, on 10.1.3 it will be a commandline property of the JVM - see AS Control administration page for the JVM) -
Problema with web services over ssl
I'm trying to consume a web service that require ssql. i enabled ssl debug, but i can't understand what's wrong. :-(
keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: C:\Arquivos de programas\Java\jdk1.6.0_06\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Algorithm: RSA; Serial number: 0x20000000000d678b79405
Valid from Tue Sep 01 09:00:00 GMT-03:00 1998 until Tue Jan 28 09:00:00 GMT-03:00 2014
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:44:50 GMT-03:00 2000 until Sat May 30 07:44:50 GMT-03:00 2020
adding as trusted cert:
Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
adding as trusted cert:
Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
Algorithm: RSA; Serial number: 0x10a
Valid from Wed Feb 14 14:58:31 GMT-03:00 2007 until Mon Feb 13 14:58:31 GMT-03:00 2012
adding as trusted cert:
Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1a5
Valid from Wed Aug 12 21:29:00 GMT-03:00 1998 until Mon Aug 13 20:59:00 GMT-03:00 2018
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000b9
Valid from Fri May 12 15:46:00 GMT-03:00 2000 until Mon May 12 20:59:00 GMT-03:00 2025
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389ef6e4
Valid from Mon Feb 07 13:16:40 GMT-03:00 2000 until Fri Feb 07 13:46:40 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x70bae41d10d92934b638ca7b03ccbabf
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000bf
Valid from Wed May 17 11:01:00 GMT-03:00 2000 until Sat May 17 20:59:00 GMT-03:00 2025
adding as trusted cert:
Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510
Valid from Thu Mar 23 11:10:23 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x2d1bfc4a178da391ebe7fff58b45be0b
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x374ad243
Valid from Tue May 25 13:09:40 GMT-03:00 1999 until Sat May 25 13:39:40 GMT-03:00 2019
adding as trusted cert:
Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606
Valid from Wed Mar 22 12:54:28 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
adding as trusted cert:
Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x380391ee
Valid from Tue Oct 12 16:24:30 GMT-03:00 1999 until Sat Oct 12 16:54:30 GMT-03:00 2019
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 21:19:54 GMT-03:00 1999 until Tue Jun 25 21:19:54 GMT-03:00 2019
adding as trusted cert:
Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:38:31 GMT-03:00 2000 until Sat May 30 07:38:31 GMT-03:00 2020
adding as trusted cert:
Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:48:38 GMT-03:00 2000 until Sat May 30 07:48:38 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Algorithm: RSA; Serial number: 0x35def4cf
Valid from Sat Aug 22 13:41:51 GMT-03:00 1998 until Wed Aug 22 13:41:51 GMT-03:00 2018
adding as trusted cert:
Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 14:39:16 GMT-03:00 2004 until Thu Jun 29 14:39:16 GMT-03:00 2034
adding as trusted cert:
Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x4
Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
adding as trusted cert:
Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Algorithm: RSA; Serial number: 0x1
Valid from Wed Dec 31 21:00:00 GMT-03:00 2003 until Sun Dec 31 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Algorithm: RSA; Serial number: 0x3770cfb5
Valid from Wed Jun 23 09:14:45 GMT-03:00 1999 until Sun Jun 23 09:14:45 GMT-03:00 2019
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Algorithm: RSA; Serial number: 0x400000000010f8626e60d
Valid from Fri Dec 15 05:00:00 GMT-03:00 2006 until Wed Dec 15 05:00:00 GMT-03:00 2021
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389b113c
Valid from Fri Feb 04 14:20:00 GMT-03:00 2000 until Tue Feb 04 14:50:00 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Algorithm: RSA; Serial number: 0x2ad667e4e45fe5e576f3c98195eddc0
Valid from Tue Nov 08 21:00:00 GMT-03:00 1994 until Thu Jan 07 20:59:59 GMT-03:00 2010
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x23456
Valid from Tue May 21 01:00:00 GMT-03:00 2002 until Sat May 21 01:00:00 GMT-03:00 2022
adding as trusted cert:
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xcdba7f56f0dfe4bc54fe22acb372aa55
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=Sonera Class1 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x24
Valid from Fri Apr 06 07:49:13 GMT-03:00 2001 until Tue Apr 06 07:49:13 GMT-03:00 2021
adding as trusted cert:
Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 14:06:20 GMT-03:00 2004 until Thu Jun 29 14:06:20 GMT-03:00 2034
adding as trusted cert:
Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
Valid from Fri Jul 09 15:10:42 GMT-03:00 1999 until Tue Jul 09 15:19:22 GMT-03:00 2019
adding as trusted cert:
Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989
Valid from Fri Jul 09 14:28:50 GMT-03:00 1999 until Tue Jul 09 14:36:58 GMT-03:00 2019
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 03:00:00 GMT-03:00 2002 until Thu Nov 19 17:43:00 GMT-03:00 2037
adding as trusted cert:
Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x3863b966
Valid from Fri Dec 24 14:50:51 GMT-03:00 1999 until Tue Dec 24 15:20:51 GMT-03:00 2019
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 11:50:00 GMT-03:00 1998 until Wed Aug 14 20:59:00 GMT-03:00 2013
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Fri Jul 09 15:31:20 GMT-03:00 1999 until Tue Jul 09 15:40:36 GMT-03:00 2019
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Thu Jun 24 15:57:21 GMT-03:00 1999 until Mon Jun 24 16:06:30 GMT-03:00 2019
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 04:29:40 GMT-03:00 2001 until Tue Apr 06 04:29:40 GMT-03:00 2021
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 11:38:43 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1213102186 bytes = { 150, 70, 222, 91, 1, 159, 135, 122, 245, 66, 221, 50, 113, 8, 128, 154, 68, 232, 127, 215, 140, 215, 148, 147, 58, 93, 236, 23 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 10761
*** ServerHello, TLSv1
RandomCookie: GMT: 1213102414 bytes = { 186, 36, 22, 99, 140, 117, 31, 5, 231, 216, 148, 205, 190, 127, 202, 37, 111, 176, 39, 77, 137, 208, 110, 239, 167, 210, 211, 160 }
Session ID: {72, 78, 121, 78, 23, 96, 172, 97, 143, 196, 65, 95, 90, 198, 182, 217, 85, 189, 237, 255, 214, 174, 250, 18, 138, 100, 13, 130, 185, 47, 30, 194}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=homolog.sefaz.go.gov.br, OU=Equipamento A1, OU=SEFAZ, OU=Autoridade Certificadora SERPROACF, O=ICP-Brasil, C=BR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 121822830792857140980544413730208327423965418338836769494531514391506636002202311770038004646445375567736723855328246700773881808368957013969090425291780159678803518407365187798936095103086486699406270894225547100200566740997780387564247231686362223169873014182514927324634241630443664842180597672619260289963
public exponent: 65537
Validity: [From: Mon Aug 20 15:22:15 GMT-03:00 2007,
To: Tue Aug 19 15:22:15 GMT-03:00 2008]
Issuer: CN=Autoridade Certificadora do SERPRO Final v1, OU=CSPB-1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
SerialNumber: [ 32303037 30383230 31373434 35343032]
Certificate Extensions: 7
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 32 38 96 C7 EE 44 64 E9 9A AA 15 5D E0 08 B4 8D 28...Dd....]....
0010: 89 47 51 A2 .GQ.
[2]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://ccd.serpro.gov.br/lcr/serproacfv1.crl]
[3]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.4
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.2
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.3
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.7
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.8
RFC822Name: [email protected]
[4]: ObjectId: 2.5.29.37 Criticality=true
ExtendedKeyUsages [
serverAuth
clientAuth
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.76.1.2.1.16]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 39 68 74 74 70 73 3A 2F 2F 63 63 64 2E 73 65 .9https://ccd.se
0010: 72 70 72 6F 2E 67 6F 76 2E 62 72 2F 73 65 72 70 rpro.gov.br/serp
0020: 72 6F 61 63 66 2F 64 6F 63 73 2F 64 70 63 73 65 roacf/docs/dpcse
0030: 72 70 72 6F 61 63 66 2E 70 64 66 rproacf.pdf
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
[7]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen:2147483647
Algorithm: [SHA1withRSA]
Signature:
0000: 5B 3B 86 9B 76 9A 9E 5A 21 53 38 A2 38 F8 53 00 [;..v..Z!S8.8.S.
0010: DA 12 46 B4 18 77 7E 12 8F A8 BE 36 DC C8 FB 50 ..F..w.....6...P
0020: 75 AA 4B 53 62 68 8A 5E 89 BB A5 96 54 75 4B DE u.KSbh.^....TuK.
0030: A5 C8 B8 85 5F 37 D5 A9 AC 9D 06 9E 31 B3 E0 E7 ...._7......1...
0040: BF AC B5 87 9F 24 AB 9D B5 C1 20 6B 63 B4 77 7E .....$.... kc.w.
0050: 83 1D 59 2F 81 B7 3D 02 45 D3 26 C4 A8 09 6E 3A ..Y/..=.E.&...n:
0060: 16 A3 0B 35 EE 06 4E 98 20 BD B3 92 90 50 C1 ED ...5..N. ....P..
0070: 2D 00 66 2D D0 C7 7D 7A 54 2B 1F 7D 68 11 C9 D8 -.f-...zT+..h...
0080: D4 45 5A 7D C4 C3 55 E6 0F 6D A1 5C D4 69 AC 04 .EZ...U..m.\.i..
0090: DB 0F FC 02 DF 63 17 17 A2 DD 9D 3E C6 6A 1E F2 .....c.....>.j..
00A0: 9B 6B 27 48 B2 52 75 8A B1 8B 6B 05 0D 7A 83 7E .k'H.Ru...k..z..
00B0: 3B 4D 5F 13 4D 69 7D 98 BF D0 29 86 43 01 1F F0 ;M_.Mi....).C...
00C0: DD D9 4D 41 D2 27 82 B3 D6 48 3B A6 CA 7B 18 21 ..MA.'...H;....!
00D0: E0 8A D0 07 EF 1F 4F 6D DA 74 BC AC 64 99 9C 80 ......Om.t..d...
00E0: FD EC 89 22 AE 18 D3 1A 1B C8 D4 D8 EC 69 80 99 ...".........i..
00F0: 43 5B 91 1C E3 28 5F 4C 51 71 F4 4D 85 01 71 E7 C[...(_LQq.M..q.
chain [1] = [
Version: V3
Subject: CN=Autoridade Certificadora do SERPRO Final v1, OU=CSPB-1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 23659367425961339986383814473655435770305076360336120846402324294010759604691167341796796450718297422937486485989173997689009435615853573479123246742093161509679795253583183150516996100507241385700603597169864442790237544440295928051568067762067963906038465181975829517141032706152589802921982785603244093509126659971216775796468681697846064212891335993008177024582806600140619329189802486109058177503824508848203446928569492107040513868017002818333597993397664228505910643929070063949422917116775478325433437537593716368812763202859366097841062831999053298446527212103412654663554371896386629504450969081314886684871
public exponent: 58865
Validity: [From: Mon Apr 04 13:26:59 GMT-03:00 2005,
To: Mon Oct 24 20:59:00 GMT-03:00 2011]
Issuer: CN=Autoridade Certificadora do SERPRO v1, OU=Servico Federal de Processamento de Dados - SERPRO, O=ICP-Brasil, C=BR
SerialNumber: [ 32303035 30343034 31353530 35363030 3031]
Certificate Extensions: 6
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 32 38 96 C7 EE 44 64 E9 9A AA 15 5D E0 08 B4 8D 28...Dd....]....
0010: 89 47 51 A2 .GQ.
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E2 8B 15 41 DB 75 39 29 BC 1C 54 7B FB 51 3F 14 ...A.u9)..T..Q?.
0010: 09 12 F2 B4 ....
[3]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://ccd.serpro.gov.br/lcr/acserpro.crl]
[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.76.1.2.1.16]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 37 68 74 74 70 73 3A 2F 2F 63 63 64 2E 73 65 .7https://ccd.se
0010: 72 70 72 6F 2E 67 6F 76 2E 62 72 2F 61 63 73 65 rpro.gov.br/acse
0020: 72 70 72 6F 2F 64 6F 63 73 2F 64 70 63 61 63 73 rpro/docs/dpcacs
0030: 65 72 70 72 6F 2E 70 64 66 erpro.pdf
[CertificatePolicyId: [2.16.76.1.2.3.13]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 37 68 74 74 70 73 3A 2F 2F 63 63 64 2E 73 65 .7https://ccd.se
0010: 72 70 72 6F 2E 67 6F 76 2E 62 72 2F 61 63 73 65 rpro.gov.br/acse
0020: 72 70 72 6F 2F 64 6F 63 73 2F 64 70 63 61 63 73 rpro/docs/dpcacs
0030: 65 72 70 72 6F 2E 70 64 66 erpro.pdf
[CertificatePolicyId: [2.16.76.1.2.1.17]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 37 68 74 74 70 73 3A 2F 2F 63 63 64 2E 73 65 .7https://ccd.se
0010: 72 70 72 6F 2E 67 6F 76 2E 62 72 2F 61 63 73 65 rpro.gov.br/acse
0020: 72 70 72 6F 2F 64 6F 63 73 2F 64 70 63 61 63 73 rpro/docs/dpcacs
0030: 65 72 70 72 6F 2E 70 64 66 erpro.pdf
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
Algorithm: [SHA1withRSA]
Signature:
0000: 20 D5 4E 17 91 54 10 D5 3C 8C A0 3F F3 5D 23 FB .N..T..<..?.]#.
0010: 03 83 C8 92 59 13 58 E1 DA 37 3E B6 85 00 F2 F5 ....Y.X..7>.....
0020: C2 5E 27 DE C6 DD 30 F1 F8 8D CB DF E0 79 42 52 .^'...0......yBR
0030: E8 8A 9C C0 39 40 67 E2 32 19 05 0F C3 8A 62 7C [email protected].
0040: 44 D8 AB 1C 02 90 BF 4A 0D 85 89 D9 28 3C 19 6A D......i get a new certificate and now i'm getting the following error:
run:
keyStore is : D:\NFe\FiboNFe\Codigo\binarios\Certificados\00647154000250.p12
keyStore type is : PKCS12
keyStore provider is :
init keystore
init keymanager of type SunX509
found key for : ac sefazgo - zema cia de petroleo ltda
chain [0] = [
Version: V3
Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 156165028103689130512128042499152839841454193332056593988973957180679312477722424100906759434445855868490108915782950316422470489371768181578031249674215052225925638629814529894401995141383245975637710610778796528775386241354343792138837300923183596668288077189084522054268656963846045071234921096231142045503
public exponent: 65537
Validity: [From: Wed Feb 14 14:58:31 GMT-03:00 2007,
To: Mon Feb 13 14:58:31 GMT-03:00 2012]
Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
SerialNumber: [ 010a]
Certificate Extensions: 8
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 34 16 32 43 65 72 74 69 66 69 63 61 64 6F 20 .4.2Certificado
0010: 63 6C 69 65 6E 74 65 20 70 61 72 61 20 5A 45 4D cliente para ZEM
0020: 41 20 43 49 41 20 44 45 20 50 45 54 52 4F 4C 45 A CIA DE PETROLE
0030: 4F 20 4C 54 44 41 O LTDA
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 98 9E 12 CE 90 93 05 1A D5 22 DA 37 86 DE FA DF .........".7....
0010: 82 DA 3D 76 ..=v
[3]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
S/MIME
Object Signing
[4]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
[CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR]
SerialNumber: [ fddca941 482ec9a8]
[5]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
RFC822Name: [email protected]
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.4
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.2
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.3
Other-Name: Unrecognized ObjectIdentifier: 2.16.76.1.3.7
[6]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://homolog.sefaz.go.gov.br/acsefazgo/acsefazgo.crl]
[7]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
[8]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: 5D C2 B6 D0 46 C7 62 75 0B C9 4B 33 6C DC C9 59 ]...F.bu..K3l..Y
0010: 5E 2C C0 DB 5E 4A 1D 92 E7 07 D6 57 A8 42 F3 9C ^,..^J.....W.B..
0020: 20 73 06 2F 85 C3 7F D7 4B 9C 37 01 78 CE F5 D6 s./....K.7.x...
0030: 0A 4E 73 E3 97 D4 91 AB E5 36 FD E1 72 0A 52 81 .Ns......6..r.R.
0040: E4 7C 71 C9 ED 3B 07 CF 5F 92 23 6E BD D1 41 B4 ..q..;.._.#n..A.
0050: 0E 63 98 34 30 58 45 BC F2 8B 79 CC 42 35 C4 9E .c.40XE...y.B5..
0060: 11 60 4A 4D 18 E8 5C 5D E0 DE 00 62 92 3E 5C 3A .`JM..\]...b.>\:
0070: F8 1B 22 F3 25 0D F1 44 19 0F 4D 39 AB 28 2A D9 ..".%..D..M9.(*.
chain [1] = [
Version: V1
Subject: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 127802546146235830576140179493601283095940595321418162651326663347027489542570383903029994774550120601063051515739969496712154341918329211265045381248247800442115925457899222625312701264189136966705127659226917208209098405021110477504756857490937404558470512168426299183317779894163270945711882621802732846421
public exponent: 65537
Validity: [From: Mon Feb 12 21:49:13 GMT-03:00 2007,
To: Thu Feb 09 21:49:13 GMT-03:00 2017]
Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
SerialNumber: [ fddca941 482ec9a8]
Algorithm: [SHA1withRSA]
Signature:
0000: 9C FC A1 04 AC D5 EB E6 27 EC B3 F8 5F 77 96 C6 ........'..._w..
0010: 3D 65 8D C7 83 C4 3E 17 E3 AF D2 8C 66 48 C0 38 =e....>.....fH.8
0020: 12 41 41 18 58 92 91 6D 64 E1 8C B5 5A 3C 18 5B .AA.X..md...Z<.[
0030: E6 42 79 97 1B 50 4D 7B 49 C5 55 95 7B 73 EC 42 .By..PM.I.U..s.B
0040: A5 BE E5 A7 4A 2A 00 59 0C B3 0D B9 23 F6 D5 70 ....J*.Y....#..p
0050: 1B 9A 2B 75 97 46 25 EF 1C 7C 57 41 43 7B 37 53 ..+u.F%...WAC.7S
0060: E3 D7 BF 04 AE EA 83 26 B7 AF D2 8D 50 4B 04 60 .......&....PK.`
0070: 3A CE 5A A6 4B 0E 27 BA A6 7D 49 02 34 CD EB F6 :.Z.K.'...I.4...
trustStore is: C:\Arquivos de programas\Java\jdk1.6.0_06\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Algorithm: RSA; Serial number: 0x20000000000d678b79405
Valid from Tue Sep 01 09:00:00 GMT-03:00 1998 until Tue Jan 28 09:00:00 GMT-03:00 2014
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:44:50 GMT-03:00 2000 until Sat May 30 07:44:50 GMT-03:00 2020
adding as trusted cert:
Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
adding as trusted cert:
Subject: CN=ZEMA CIA DE PETROLEO LTDA, OU=GIT, O=ICP-SEFAZGO, ST=GO, C=BR
Issuer: CN=Autoridade Certificadora SEFAZ Goias, OU=GIT, O=ICP-SEFAZGO, L=Goiania, ST=GO, C=BR
Algorithm: RSA; Serial number: 0x10a
Valid from Wed Feb 14 14:58:31 GMT-03:00 2007 until Mon Feb 13 14:58:31 GMT-03:00 2012
adding as trusted cert:
Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1a5
Valid from Wed Aug 12 21:29:00 GMT-03:00 1998 until Mon Aug 13 20:59:00 GMT-03:00 2018
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000b9
Valid from Fri May 12 15:46:00 GMT-03:00 2000 until Mon May 12 20:59:00 GMT-03:00 2025
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389ef6e4
Valid from Mon Feb 07 13:16:40 GMT-03:00 2000 until Fri Feb 07 13:46:40 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x70bae41d10d92934b638ca7b03ccbabf
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000bf
Valid from Wed May 17 11:01:00 GMT-03:00 2000 until Sat May 17 20:59:00 GMT-03:00 2025
adding as trusted cert:
Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510
Valid from Thu Mar 23 11:10:23 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x2d1bfc4a178da391ebe7fff58b45be0b
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x374ad243
Valid from Tue May 25 13:09:40 GMT-03:00 1999 until Sat May 25 13:39:40 GMT-03:00 2019
adding as trusted cert:
Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606
Valid from Wed Mar 22 12:54:28 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
adding as trusted cert:
Subject: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 21:00:00 GMT-03:00 1996 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Issuer: CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS incorp. by ref. limits liab., O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x380391ee
Valid from Tue Oct 12 16:24:30 GMT-03:00 1999 until Sat Oct 12 16:54:30 GMT-03:00 2019
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 21:19:54 GMT-03:00 1999 until Tue Jun 25 21:19:54 GMT-03:00 2019
adding as trusted cert:
Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:38:31 GMT-03:00 2000 until Sat May 30 07:38:31 GMT-03:00 2020
adding as trusted cert:
Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 07:48:38 GMT-03:00 2000 until Sat May 30 07:48:38 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Algorithm: RSA; Serial number: 0x35def4cf
Valid from Sat Aug 22 13:41:51 GMT-03:00 1998 until Wed Aug 22 13:41:51 GMT-03:00 2018
adding as trusted cert:
Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 14:39:16 GMT-03:00 2004 until Thu Jun 29 14:39:16 GMT-03:00 2034
adding as trusted cert:
Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x4
Valid from Mon Jun 21 01:00:00 GMT-03:00 1999 until Sun Jun 21 01:00:00 GMT-03:00 2020
adding as trusted cert:
Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Algorithm: RSA; Serial number: 0x1
Valid from Wed Dec 31 21:00:00 GMT-03:00 2003 until Sun Dec 31 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039
Valid from Thu Nov 09 21:00:00 GMT-03:00 2006 until Sun Nov 09 21:00:00 GMT-03:00 2031
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
Valid from Sun May 17 21:00:00 GMT-03:00 1998 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Algorithm: RSA; Serial number: 0x3770cfb5
Valid from Wed Jun 23 09:14:45 GMT-03:00 1999 until Sun Jun 23 09:14:45 GMT-03:00 2019
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Algorithm: RSA; Serial number: 0x400000000010f8626e60d
Valid from Fri Dec 15 05:00:00 GMT-03:00 2006 until Wed Dec 15 05:00:00 GMT-03:00 2021
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x389b113c
Valid from Fri Feb 04 14:20:00 GMT-03:00 2000 until Tue Feb 04 14:50:00 GMT-03:00 2020
adding as trusted cert:
Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
Algorithm: RSA; Serial number: 0x2ad667e4e45fe5e576f3c98195eddc0
Valid from Tue Nov 08 21:00:00 GMT-03:00 1994 until Thu Jan 07 20:59:59 GMT-03:00 2010
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 21:00:00 GMT-03:00 1995 until Thu Dec 31 20:59:59 GMT-03:00 2020
adding as trusted cert:
Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x23456
Valid from Tue May 21 01:00:00 GMT-03:00 2002 until Sat May 21 01:00:00 GMT-03:00 2022
adding as trusted cert:
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xcdba7f56f0dfe4bc54fe22acb372aa55
Valid from Sun Jan 28 21:00:00 GMT-03:00 1996 until Tue Aug 01 20:59:59 GMT-03:00 2028
adding as trusted cert:
Subject: CN=Sonera Class1 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x24
Valid from Fri Apr 06 07:49:13 GMT-03:00 2001 until Tue Apr 06 07:49:13 GMT-03:00 2021
adding as trusted cert:
Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 14:06:20 GMT-03:00 2004 until Thu Jun 29 14:06:20 GMT-03:00 2034
adding as trusted cert:
Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
Valid from Fri Jul 09 15:10:42 GMT-03:00 1999 until Tue Jul 09 15:19:22 GMT-03:00 2019
adding as trusted cert:
Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989
Valid from Fri Jul 09 14:28:50 GMT-03:00 1999 until Tue Jul 09 14:36:58 GMT-03:00 2019
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 03:00:00 GMT-03:00 2002 until Thu Nov 19 17:43:00 GMT-03:00 2037
adding as trusted cert:
Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
Valid from Thu Sep 30 21:00:00 GMT-03:00 1999 until Wed Jul 16 20:59:59 GMT-03:00 2036
adding as trusted cert:
Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x3863b966
Valid from Fri Dec 24 14:50:51 GMT-03:00 1999 until Tue Dec 24 15:20:51 GMT-03:00 2019
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 11:50:00 GMT-03:00 1998 until Wed Aug 14 20:59:00 GMT-03:00 2013
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Fri Jul 09 15:31:20 GMT-03:00 1999 until Tue Jul 09 15:40:36 GMT-03:00 2019
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Thu Jun 24 15:57:21 GMT-03:00 1999 until Mon Jun 24 16:06:30 GMT-03:00 2019
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 04:29:40 GMT-03:00 2001 until Tue Apr 06 04:29:40 GMT-03:00 2021
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 11:38:43 GMT-03:00 2006 until Wed Dec 31 19:59:59 GMT-03:00 2025
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1213286062 bytes = { 175, 119, 88, 156, 122, 87, 49, 44, 101, 238, 155, 248, 50, 93, 130, 181, 230, 183, 242, 175, 99, 73, 45, 213, 138, 159, 67, 2 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 48 51 47 AE AF 77 58 9C 7A 57 ...E..HQG..wX.zW
0010: 31 2C 65 EE 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 1,e...2]......cI
0020: 2D D5 8A 9F 43 02 00 00 1E 00 04 00 05 00 2F 00 -...C........./.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 48 51 47 AE AF 77 58 9C 7A 57 31 2C 65 EE ..HQG..wX.zW1,e.
0050: 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 2D D5 8A 9F ..2]......cI-...
0060: 43 02 C.
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
0000: 80 62 01 03 01 00 39 00 00 00 20 00 00 04 01 00 .b....9... .....
0010: 80 00 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A ....../..3..2...
0020: 07 00 C0 00 00 16 00 00 13 00 00 09 06 00 40 00 ..............@.
0030: 00 15 00 00 12 00 00 03 02 00 80 00 00 08 00 00 ................
0040: 14 00 00 11 48 51 47 AE AF 77 58 9C 7A 57 31 2C ....HQG..wX.zW1,
0050: 65 EE 9B F8 32 5D 82 B5 E6 B7 F2 AF 63 49 2D D5 e...2]......cI-.
0060: 8A 9F 43 02 ..C.
[Raw read]: length = 5
0000: 16 03 01 2A 09 ...*.
[Raw read]: length = 1447
0000: 02 00 00 46 03 01 48 51 48 9A E1 59 9B EA B2 68 ...F..HQH..Y...h
0010: 3E 94 C8 47 A5 D6 1B 61 84 A6 09 1D 59 5D 16 1E >..G...a....Y]..
0020: B2 20 9C FF 2C B2 20 48 51 48 9A 01 56 28 85 90 . ..,. HQH..V(..
0030: 5C D9 06 F0 DC B0 A4 7E DB 4C 64 25 0D 3D 4E FF \........Ld%.=N.
0040: B3 89 4D 54 E7 0E AF 00 04 00 0B 00 14 09 00 14 ..MT............
0050: 06 00 05 47 30 82 05 43 30 82 04 2B A0 03 02 01 ...G0..C0..+....
0060: 02 02 10 32 30 30 37 30 38 32 30 31 37 34 34 35 ...2007082017445
0070: 34 30 32 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 4020...*.H......
0080: 05 00 30 81 A6 31 0B 30 09 06 03 55 04 06 13 02 ..0..1.0...U....
0090: 42 52 31 13 30 11 06 03 55 04 0A 13 0A 49 43 50 BR1.0...U....ICP
00A0: 2D 42 72 61 73 69 6C 31 3B 30 39 06 03 55 04 0B -Brasil1;09..U..
00B0: 13 32 53 65 72 76 69 63 6F 20 46 65 64 65 72 61 .2Servico Federa
00C0: 6C 20 64 65 20 50 72 6F 63 65 73 73 61 6D 65 6E l de Processamen
00D0: 74 6F 20 64 65 20 44 61 64 6F 73 20 2D 20 53 45 to de Dados - SE
00E0: 52 50 52 4F 31 0F 30 0D 06 03 55 04 0B 13 06 43 RPRO1.0...U....C
00F0: 53 50 42 2D 31 31 34 30 32 06 03 55 04 03 13 2B SPB-11402..U...+
0100: 41 75 74 6F 72 69 64 61 64 65 20 43 65 72 74 69 Autoridade Certi
0110: 66 69 63 61 64 6F 72 61 20 64 6F 20 53 45 52 50 ficadora do SERP
0120: 52 4F 20 46 69 6E 61 6C 20 76 31 30 1E 17 0D 30 RO Final v10...0
0130: 37 30 38 32 30 31 38 32 32 31 35 5A 17 0D 30 38 70820182215Z..08
0140: 30 38 31 39 31 38 32 32 31 35 5A 30 81 9A 31 0B 0819182215Z0..1.
0150: 30 09 06 03 55 04 06 13 02 42 52 31 13 30 11 06 0...U....BR1.0..
0160: 03 55 04 0A 13 0A 49 43 50 2D 42 72 61 73 69 6C .U....ICP-Brasil
0170: 31 2B 30 29 06 03 55 04 0B 13 22 41 75 74 6F 72 1+0)..U..."Autor
0180 -
Hi,
1) Used clientgen utility to create stub classes based on wsdl file
application is build using following ant task
2) Created a java application which acts as a client for invoking generated stubs (in step 1) for comunicating with webservice over HTTPS protocol.
3) Able to comunicate with required webservice through normal java client.
4) Integrate the above created java application in weblogic workflows. All the required jar (stubs and application) files are available in APP-INF/lib directory ofworrkflow application.
5) While invoking java application from work flow (to communicate with webservice) we get the following error
SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: The server at https://www.3pv.
net/3PVWebServices/3PVWebServices.asmx returned a 403 error code (Forbidden). P
lease ensure that your URL is correct and that the correct protocol is in use.
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webse
rvice/fault/1.0.0">weblogic.webservice.util.AccessException: The server at https
://www.3pv.net/3PVWebServices/3PVWebServices.asmx returned a 403 error code (For
bidden). Please ensure that your URL is correct and that the correct protocol i
s in use.
at weblogic.webservice.binding.soap.HttpClientBinding.handleErrorRespons
e(HttpClientBinding.java:371)
at weblogic.webservice.binding.soap.HttpClientBinding.receive(HttpClient
Binding.java:233)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientH
Thanks
Sandip MehtaHey exact problem i am facing
1. Can access webservice through my thin java client using the stubs generated by clientgen.
2. But get 403 error when running inside weblogic.
8.1 SP2
Also saw in SP4 release notes....
CR185228:
The WebService SSL client failed to connect the service when "weblogic.webservice.client.ssl.strictcertchecking" was not set to false. WebLogic Server now connects to the service with this property set to either true or false."
Does this mean if i set
weblogic.webservice.client.ssl.strictcertchecking =false in SP2 my call from within weblogic will work
I appreciate immediate feedback.
Sachin -
Calling a web service through SSL via a stand alone java class
HI,
I am trying to call a web service through SSL via a simple stand alone java client.
I have imported the SSL certificate in my keystore by using the keytool -import command.
Basically I want to add a user to a group on the server. Say I add a user user 1 to group group 1 using an admin userid and password. All these values are set in an xml file which I send to the server while calling the server. I pass the web service URL, the soap action name and the xml to post as the command line arguments to the java client.
My xml file(Add.xml) that is posted looks like :
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:xsi = "http://www.w3.org/1999/XMLSchema-instance"
xmlns:SOAP-ENC = "http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENV = "http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd = "http://www.w3.org/1999/XMLSchema"
SOAP-ENV:encodingStyle = "http://schemas.xmlsoap.org/soap/encoding/">
<SOAP-ENV:Body>
<namesp1:modifyGroupOperation xmlns:namesp1 = "/services/modifyGroup/modifyGroupOp">
<auth>
<user>adminUser</user>
<password>adminPassword</password>
</auth>
<operationType>ADD</operationType>
<groupName>group1</groupName>
<users>
<userName>user1</userName>
</users>
</namesp1:modifyGroupOperation>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
I call the client as:
java PostXML https://com.webservice.com/services/modifyGroup "/services/modifyGroup/modifyGroupOp" Add.xml
I my client, I have set the following:
System.setProperty("javax.net.ssl.keyStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
But when I try to execute the java client, I get the following error:
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is : C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
init context
trigger seeding of SecureRandom
done seeding SecureRandom
instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
main, setSoTimeout(0) called
main, setSoTimeout(0) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: .....
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
[Raw read]: length = 5
[Raw read]: length = 58
main, READ: TLSv1 Handshake, length = 58
*** ServerHello, TLSv1
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 58
[Raw read]: length = 5
[Raw read]: length = 5530
main, READ: TLSv1 Handshake, length = 5530
*** Certificate chain
chain [0] = ...
chain [1] = ...
chain [2] = ...
chain [3] = ...
main, SEND TLSv1 ALERT: fatal, description = certificate_unknown
main, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 2E .......
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.c
ertpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2110)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1088)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at PostXML.main(PostXML.java:111)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find v
alid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
... 18 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 23 more
I do not know where I have gone wrong. Could someone point out my mistake.
Thanks In advance!Hi jazz123,
There's an example in the [*Java Web Services Tutorial*|http://java.sun.com/webservices/docs/2.0/tutorial/doc/] : see Chapter 1: Building Web Services with JAX-WS - A Simple JAX-WS Client. -
Hi,
I have to develope a Web Service proxy client to invoke a web service on SSL. First I'm testing with OC4J 10.1.3.1 and JDEV 10.1.3.1 and did this:
1) Developed a basic PL/SQL Web Service with JDEV and publish on my standalone OC4J.
2) Made a test with a browser, it worked OK
3) Generated a proxy client from JDev 10.1.3.1 to invoke web service, it worked OK
--- Now make it work on SSL----
4) Then, added SSL configuration to oc4j , generated a certificate with keytool (updated server.xml, secure-web-site.xml), and shutting down and starting the OC4j instance.
5) Import the certificate to JAVA_HOME/jre/lib/security/cacerts
6) Test web service from browser on https and worked OK.
7) When tried to modified proxy client (generated in step 3) to make it work on SSL, I realized that just changing the END_POINT to the new url (https) it worked!
Questions----
1.- By default the proxy client generated from JDEV 10.1.3.1 knows how to deal with SSL conections?
2.- If I dont have previously the server certificate to import it into JAVA keystore (cacerts) how could I ,from proxy client code, capture it and import it before the validation occurs... because if the certificate is not in keystore , the program fails.
Thanks in advance
J.Hi,
Could you please provide me with the steps necessary to create a web service proxy client through JDeveloper or any other mechanism when 2 way SSL (requiring client authentication) is enabled.
Thanks a lot in advance
Nilesh -
Error calling external web service over HTTPS
Hi everyone
I'm trying to call an external web service over HTTPS, and continually get the following error:
com.sap.engine.services.webservices.espbase.wsdl.exceptions.WSDLException: Peer sent alert: Alert Fatal: handshake failure
I haven't tried doing this before, so not quite sure where to start. I have a client certificate that must be used to access the remote web service, and I think the problem is associating the client cert with the web service call.
Has anyone else tried this before? Any suggestions of where to look?
I've had a brief look at Key Storage in NWA, but it's not something I'm familiar with - so not sure if it's even the right place to be looking.
Some help on this would be great!
Thanks
StuartThanks Aleksandar
Here's the output from the trace. Unfortunately the SAP forums don't allow attachments, so it may be difficult to read. Please let me know if you see anything that may help.
Thanks
Stuart
Time Severity User Thread Location Message
09:18:23:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:23:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@fa1b67
09:18:24:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:24:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@4c8af
09:18:24:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:24:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@b6981b
09:18:25:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:25:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:25:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:25:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:26:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:26:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider [com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider] 'nonProxyHosts' are configured '10.|127.|192.168.*'.
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider [com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider] 'nonProxyHosts' default value is '10.|127.|192.168.*'.
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider Loadin mapping file from location :[c:/mapping.txt]
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider Additional file for CTS configuration can not be found [c:\mapping.txt (The system cannot find the file specified)].
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider >>>>>>>>> ERROR: Could not find mapping for service QName=vipSoapInterfaceService, class=class com.verisign._2006._08.vipservice.VipSoapInterfaceService
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider: Creating client instance with WSDL URL [https://pilot-vipservices-auth.verisign.com:443/prov/soap/val/soap] (vipSoapInterfaceService) <com.verisign._2006._08.vipservice.VipSoapInterfaceService>
09:18:26:203 Debug Administrator HTTP Worker [0] ~es.espbase.client.jaxws.cts.CTSProvider com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider: Using SAP JAX-WS Implemetation to create service delegate.
09:18:26:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:26:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@5586b0
09:18:26:687 Path Administrator HTTP Worker [0] ~s.espbase.wsdl.exceptions.WSDLException Exception : Peer sent alert: Alert Fatal: handshake failure
java.lang.Exception
at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1230)
at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:147)
at com.sap.exception.BaseException.<init>(BaseException.java:89)
at com.sap.engine.services.webservices.espbase.wsdl.exceptions.WSDLException.<init>(WSDLException.java:34)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.loadDOMDocument(WSDLLoader.java:140)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:91)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:80)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.loadWSDLDefinitions(SAPServiceDelegate.java:201)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.initWSDL(SAPServiceDelegate.java:159)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.<init>(SAPServiceDelegate.java:113)
at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createDelegate(CTSProvider.java:170)
at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createServiceDelegate(CTSProvider.java:151)
at javax.xml.ws.Service.<init>(Service.java:57)
at com.verisign._2006._08.vipservice.VipSoapInterfaceService.<init>(VipSoapInterfaceService.java:41)
at JEE_jsp_result_6740550_1225116575421_1225116585468._jspService(JEE_jsp_result_6740550_1225116575421_1225116585468.java:64)
at com.sap.engine.services.servlets_jsp.lib.jspruntime.JspBase.service(JspBase.java:102)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:433)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
Caused by: org.w3c.www.protocol.http.HttpException: Peer sent alert: Alert Fatal: handshake failure
iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: handshake failure
at iaik.security.ssl.r.f(Unknown Source)
at iaik.security.ssl.x.b(Unknown Source)
at iaik.security.ssl.x.a(Unknown Source)
at iaik.security.ssl.r.d(Unknown Source)
at iaik.security.ssl.SSLTransport.startHandshake(Unknown Source)
at iaik.security.ssl.SSLTransport.getOutputStream(Unknown Source)
at iaik.security.ssl.SSLSocket.getOutputStream(Unknown Source)
at org.w3c.www.protocol.http.g.markUsed(Unknown Source)
at org.w3c.www.protocol.http.HttpBasicServer.getConnection(Unknown Source)
at org.w3c.www.protocol.http.HttpBasicServer.runRequest(Unknown Source)
at org.w3c.www.protocol.http.HttpManager.runRequest(Unknown Source)
at org.w3c.www.protocol.http.HttpURLConnection.connect(Unknown Source)
at org.w3c.www.protocol.http.HttpURLConnection.a(Unknown Source)
at org.w3c.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.net.URL.openStream(URL.java:1007)
at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:201)
at com.sap.engine.lib.xml.parser.AbstractXMLParser.parse(AbstractXMLParser.java:263)
at com.sap.engine.lib.xml.parser.Parser.parse_DTDValidation(Parser.java:282)
at com.sap.engine.lib.xml.parser.Parser.parse(Parser.java:293)
at com.sap.engine.lib.xml.parser.DOMParser.parse(DOMParser.java:101)
at com.sap.engine.lib.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:127)
at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:146)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.loadDOMDocument(WSDLLoader.java:132)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:91)
at com.sap.engine.services.webservices.espbase.wsdl.WSDLLoader.load(WSDLLoader.java:80)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.loadWSDLDefinitions(SAPServiceDelegate.java:201)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.initWSDL(SAPServiceDelegate.java:159)
at com.sap.engine.services.webservices.espbase.client.jaxws.core.SAPServiceDelegate.<init>(SAPServiceDelegate.java:113)
at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createDelegate(CTSProvider.java:170)
at com.sap.engine.services.webservices.espbase.client.jaxws.cts.CTSProvider.createServiceDelegate(CTSProvider.java:151)
at javax.xml.ws.Service.<init>(Service.java:57)
at com.verisign._2006._08.vipservice.VipSoapInterfaceService.<init>(VipSoapInterfaceService.java:41)
at JEE_jsp_result_6740550_1225116575421_1225116585468._jspService(JEE_jsp_result_6740550_1225116575421_1225116585468.java:64)
at com.sap.engine.services.servlets_jsp.lib.jspruntime.JspBase.service(JspBase.java:102)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:433)
at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:240)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:66)
at com.sap.engine.services.servlets_jsp.server.Invokable.invoke(Invokable.java:32)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:431)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:289)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:376)
at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:85)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:160)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:67)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:71)
at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:309)
at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.run(Processor.java:222)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:152)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:247)
09:18:27:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:27:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@20ba3c
09:18:27:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:27:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:28:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:28:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@26e3bf
09:18:28:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:28:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:29:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:29:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@f827f6
09:18:29:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:29:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@a8646a
09:18:30:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:30:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:30:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:30:687 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=com.sap.engine.services.dbpool.cci.CommonConnectionHandle@c449f1
09:18:31:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out About to get connection from DS
09:18:31:187 Info caf_gp_svcuser Thread[Timer-8,5,ApplicationThreadGroup] System.out DS connection=[email protected]
09:18:31:593 Info Administrator HTTP Worker [3] System.out SessionImpl::getContext():[ B E G I N ].timerId=15
09:18:31:593 Info Administrator HTTP Worker [3] System.out SessionImpl::getContext():[ E N D ].timerId=[id:#15, elapsed: 0 ms.] -
Importing external web service with SSL certificate security
Hello,
I'm trying to import an external web service (that resides in another server, independent of ours). However, right after I enter the WSDL in the import window I get the following error in the NWDS:
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target [Error: com.sap.ide.es.core.ui.internal.wizards.fragments Thread[ModalContext,6,main]]
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1172)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.getURLAsStream(UrlValidationRunnable.java:137)
at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.validate(UrlValidationRunnable.java:75)
at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.run(UrlValidationRunnable.java:55)
at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:121)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
... 15 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 21 more
Has anyone ever consumed an external web service with SSL certificate security? How do you import this in your Web Dynpro project?
Cheers!Hi Alain,
I just checked on a newer NW environment (NW 7.2) and was presented an empty list as well... It seems the mapping procedure I described is deprecated since NW 7.11, and the modeled CAF application service is already exposed as a web service.
You may want to have a look at http://help.sap.com/saphelp_nwce711/helpdata/en/43/f173947bbb025be10000000a1553f7/content.htm or http://scn.sap.com/message/7852996 for more info -
BizTalk WCF service over SSL -WSDL is not working
we are exposed BizTalk Schema as Service and deployed in both IIS servers.BTW IIS cluster working as a loadbalancer.
First Question:
The service is exposed over SSL and shared URL like https://DNSName/abc.svc.When they browse the URL with WSDL nothing is getting (i.e.https://DNSName/abc.svc?wsdl).
Please help me why WSDL is not generating
Second Question:
Exposing service over SSL and in web.config making httpgetenabled=true and endpoint name="HttpMexEndpoint enabled.
Then when we browse URL(i.e.https://DNSName/abc.svc) it displaying like http://ipadress/abc.service?wsdl.
So when we click on http://ipadress/abc.service?wsdl ,the wsdl is generated.
Why when we try http://DNSName/abc.service?wsdl ,wsdl not generated.
Instead of displaying IPAddress to end user, we want to display DNSName.how to do it?
Regards BizTalkWorshipHi,
For the problem of SVC file changing to WSDL when you bowse, this normally happens when "httpsHelpPageEnabled" property (in case of HTTPS as your case otherwise httpHelpPageEnabled) of you service is set to "false"
in service's web.config file. When the help page option is set to "false" in the service's web.config file, this happens. Change it to "true"
<serviceDebug httpHelpPageEnabled="true"
Regards,
M.R.Ashwin Prabhu
If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply. -
ORA-28868 error when calling Web service over HTTPS from PL/SQL utl_http
I am getting error message ORA-28868 error when calling Web service over HTTPS from PL/SQL utl_http PL/SQL package,
when browsed through some of the messages they point to setting Oracle Wallet Manager.
I am trying to connect
Any idea on how to resolve this issue ?
your input is appreciated.
Thanks
RaviDuplicate post ... please ignore.
-
Hi,
I do not succeed in calling a web service via SSL from within a Web Dynpro application.
Current settings of my logical port:
Target Address: https://...
Authentication: HTTP authentication, basic (username/password)
I do call methods _setUser and _setPassword to set userid and password before calling method execute() of my modelclass.
On calling method execute(), I get message "Connection closed by remote host".
Any suggestions ?
Many thanks.
JorgenCan you check the following?
1) Did you install the SAP Cryptographic toolkit for Java available from service.sap.com?
2) Did you install the "Java Cryptography Extension (JCE)
Unlimited Strength Jurisdiction Policy Files 1.4.2". For Sun they are available here: http://java.sun.com/j2se/1.4.2/download.html (last item on page)
3) How is the SSL server configured? Does it require client authentication? In this case you must send a client certificate.
Maybe you are looking for
-
Vendor aging unreconciled bal. does not match with TB Acct. Payable balance
Dear all, When i take unreconciled vendor aging report with selection creteria all vendor codes selected,aging date as 31/03/09 and posting date from 01/04/08 to date 31/03/09,Interval - 30 Days,By Journal postings Deticked all check boxes in it. Agi
-
Need help to back up imac 27inch
hi Turned imac off last night and powered it up this morning, all I had was the apple emblem and an upload bar below with a circular doing its thing in the middle and then shuts off.. spoke this morning to an apple advisor on the phone who took me th
-
I need to install windows on my new Macbook pro for running my flight simulator software
Hi! I'm new to the Mac world and I need to install windows on my new Macbook pro for running my flight simulator software which only runs on windows. I would like to purchase and download the windows 8.1 rather than buying the CD. When i go to the mi
-
Upload a document from a form into a SharePoint document library
The idea is that I have a form which I want to allow users to upload files into my SharePoint document library. I am just not just what to do after the 'HasFile' Statement. Some small snippets of my code below. I am just not sure how from the fileupl
-
T61 has a problem with sleep mode
When I turned on stand by mode for my T61, after about 3 second, my computrer automaticed restart. Help me ! Thank !