Exception during client auth handshake
852276Apr 11 2011 — edited Apr 13 2011I have a client device that must run java 1.3. I've downloaded and installed jce 1.2.2. The server side is running java 1.6. The source code comes right out of the Beginning Cryptography with Java book (with a couple of minor tweaks to get it to compile with com.sun.net.ssl.). The example uses jks keystore for the trust and server keystores and pkcs12 for the client keystore. However, I've tried different combination with all being jks, bks, etc. with the same result. Below s the output from the client and server with javax.net.debug=all. The source code will follow in a reply (exceeded max message length).
This one is stumping me and is probably something simple I'm doing wrong. Any advice?
Best Regards,
Bill
client output:
C:\tmp>java SSLClientWithClientAuthExample
generating ssl context
***
found key for : client
chain [0] = [
[
Version: V3
Subject: CN=Test Intermediate Certificate
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: RSA Public Key
modulus: 8da700d381b9a2e7d165b832ce2acff8966e58c5e1c7c504a4ee34787dc2f7d7cfb5cb898c8062ab42ab774d2d43037835f
ec8ebf90d0a35fb311c80bba10ca9
public exponent: 10001
Validity: [From: Mon Apr 11 17:24:52 GMT 2011,
To: Mon Apr 18 17:24:52 GMT 2011]
Issuer: CN=Test Intermediate Certificate
SerialNumber: [ 01]
Certificate Extensions: 4
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 6E CE 8C 98 15 07 38 45 96 2B 8A F4 D8 A0 54 ED n.....8E.+....T.
0010: BE 5D 22 35 .]"5
]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 17 78 F7 85 E0 A0 25 AE 3B 95 C4 B3 85 E5 52 1E .x....%.;.....R.
0010: 83 EB D1 CA ....
]
[CN=Test CA Certificate]
SerialNumber: [ 01]
]
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: AB AA CF 26 4C D2 3D 61 A0 CE FC 09 37 3E 02 3E ...&L.=a....7>.>
0010: 6F C4 11 CC 27 95 80 3C 8F C0 FA 23 A2 5C 8F AB o...'..<...#.\..
0020: 48 F1 DF 09 6E 8B D9 57 9F D7 B7 BC E6 37 11 8A H...n..W.....7..
0030: 50 C6 B3 36 17 B4 0E EE 4A 11 66 AD 7E 8E FF 2D P..6....J.f....-
]
chain [1] = [
[
Version: V3
Subject: CN=Test Intermediate Certificate
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: RSA Public Key
modulus: ac4cd3625db770408b09871284d06bbda0900e87edecb2771e3be11c5d10b0ff2467ec49035f86cc76fc5162ebd7d658809
23fff3d4927658c0cb2acdf8afb93
public exponent: 10001
Validity: [From: Mon Apr 11 17:24:52 GMT 2011,
To: Mon Apr 18 17:24:52 GMT 2011]
Issuer: CN=Test CA Certificate
SerialNumber: [ 01]
Certificate Extensions: 4
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 17 78 F7 85 E0 A0 25 AE 3B 95 C4 B3 85 E5 52 1E .x....%.;.....R.
0010: 83 EB D1 CA ....
]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: FD 9E 21 88 68 08 F4 F6 5D B9 87 27 AC 1B 49 63 ..!.h...]..'..Ic
0010: B0 B9 62 94 ..b.
]
[CN=Test CA Certificate]
SerialNumber: [ 01]
]
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 41 FF 61 9E 87 73 C7 FA 82 8C 06 7B AB AC 65 E2 A.a..s........e.
0010: 6B 00 F7 F7 61 DF 99 AE 8D B3 3D EF 1C 86 AC 62 k...a.....=....b
0020: 61 2C F8 70 63 27 38 BD 20 83 E4 F6 27 91 B5 F4 a,.pc'8. ...'...
0030: D9 FE CF 15 D7 AD 19 8D C4 A1 4A 14 99 F9 3F D2 ..........J...?.
]
chain [2] = [
[
Version: V1
Subject: CN=Test CA Certificate
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: RSA Public Key
modulus: d0f0236eea7077b35eb0e4de229b2da89c3295905cf5745d2243ae96136e663e1e2e38ee95630717a6ac8b85c5dd77645d3
e87acd7b1f2edea3bc1da0b3290cd
public exponent: 10001
Validity: [From: Mon Apr 11 17:24:51 GMT 2011,
To: Mon Apr 18 17:24:52 GMT 2011]
Issuer: CN=Test CA Certificate
SerialNumber: [ 01]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 2B CB 62 62 95 0C 32 2B 1C 61 B4 0D 4B 42 AD 6E +.bb..2+.a..KB.n
0010: 54 08 DF DB 30 68 62 BF 1D 79 DA 87 49 48 D0 48 T...0hb..y..IH.H
0020: 50 E6 DD 6A 7A CD D1 55 F4 A1 EA 47 63 11 85 0B P..jz..U...Gc...
0030: 6B CF 1E EE 45 CE 4C 53 62 70 FC D7 86 2E 5C 50 k...E.LSbp....\P
]
***
adding as trusted cert: [
[
Version: V1
Subject: CN=Test CA Certificate
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: RSA Public Key
modulus: d0f0236eea7077b35eb0e4de229b2da89c3295905cf5745d2243ae96136e663e1e2e38ee95630717a6ac8b85c5dd77645d3
e87acd7b1f2edea3bc1da0b3290cd
public exponent: 10001
Validity: [From: Mon Apr 11 17:24:51 GMT 2011,
To: Mon Apr 18 17:24:52 GMT 2011]
Issuer: CN=Test CA Certificate
SerialNumber: [ 01]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 2B CB 62 62 95 0C 32 2B 1C 61 B4 0D 4B 42 AD 6E +.bb..2+.a..KB.n
0010: 54 08 DF DB 30 68 62 BF 1D 79 DA 87 49 48 D0 48 T...0hb..y..IH.H
0020: 50 E6 DD 6A 7A CD D1 55 F4 A1 EA 47 63 11 85 0B P..jz..U...Gc...
0030: 6B CF 1E EE 45 CE 4C 53 62 70 FC D7 86 2E 5C 50 k...E.LSbp....\P
]
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1285765653 bytes = { 6, 163, 211, 179, 47, 154, 152, 106, 1, 110, 183, 72, 111, 187, 138, 218, 142,
128, 74, 129, 192, 43, 34, 81, 17, 67, 56, 146 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 4D A3 3A 15 06 A3 D3 B3 2F 9A ...7..M.:...../.
0010: 98 6A 01 6E B7 48 6F BB 8A DA 8E 80 4A 81 C0 2B .j.n.Ho.....J..+
0020: 22 51 11 43 38 92 00 00 10 00 05 00 04 00 09 00 "Q.C8...........
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 4D A3 3A .............M.:
0030: 15 06 A3 D3 B3 2F 9A 98 6A 01 6E B7 48 6F BB 8A ...../..j.n.Ho..
0040: DA 8E 80 4A 81 C0 2B 22 51 11 43 38 92 ...J..+"Q.C8.
main, WRITE: SSL v2, contentType = 22, translated length = 16310
main, READ: SSL v3.1 Handshake, length = 429
*** ServerHello, v3.1
RandomCookie: GMT: 1285765653 bytes = { 220, 153, 151, 106, 4, 1, 79, 143, 65, 144, 188, 23, 205, 160, 233, 120, 202, 1
40, 208, 241, 226, 177, 32, 189, 76, 78, 91, 130 }
Session ID: {77, 163, 58, 21, 74, 209, 53, 180, 124, 123, 76, 168, 187, 176, 66, 56, 18, 233, 121, 112, 166, 46, 134, 4
6, 22, 79, 101, 212, 169, 227, 163, 176}
Cipher Suite: { 0, 5 }
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 4D A3 3A 15 DC 99 97 6A 04 01 ...F..M.:....j..
0010: 4F 8F 41 90 BC 17 CD A0 E9 78 CA 8C D0 F1 E2 B1 O.A......x......
0020: 20 BD 4C 4E 5B 82 20 4D A3 3A 15 4A D1 35 B4 7C .LN[. M.:.J.5..
0030: 7B 4C A8 BB B0 42 38 12 E9 79 70 A6 2E 86 2E 16 .L...B8..yp.....
0040: 4F 65 D4 A9 E3 A3 B0 00 05 00 Oe........
*** Certificate chain
chain [0] = [
[
Version: V1
Subject: CN=Test CA Certificate
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: RSA Public Key
modulus: d0f0236eea7077b35eb0e4de229b2da89c3295905cf5745d2243ae96136e663e1e2e38ee95630717a6ac8b85c5dd77645d3
e87acd7b1f2edea3bc1da0b3290cd
public exponent: 10001
Validity: [From: Mon Apr 11 17:24:51 GMT 2011,
To: Mon Apr 18 17:24:52 GMT 2011]
Issuer: CN=Test CA Certificate
SerialNumber: [ 01]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 2B CB 62 62 95 0C 32 2B 1C 61 B4 0D 4B 42 AD 6E +.bb..2+.a..KB.n
0010: 54 08 DF DB 30 68 62 BF 1D 79 DA 87 49 48 D0 48 T...0hb..y..IH.H
0020: 50 E6 DD 6A 7A CD D1 55 F4 A1 EA 47 63 11 85 0B P..jz..U...Gc...
0030: 6B CF 1E EE 45 CE 4C 53 62 70 FC D7 86 2E 5C 50 k...E.LSbp....\P
]
***
updated/found trusted cert: [
[
Version: V1
Subject: CN=Test CA Certificate
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: RSA Public Key
modulus: d0f0236eea7077b35eb0e4de229b2da89c3295905cf5745d2243ae96136e663e1e2e38ee95630717a6ac8b85c5dd77645d3
e87acd7b1f2edea3bc1da0b3290cd
public exponent: 10001
Validity: [From: Mon Apr 11 17:24:51 GMT 2011,
To: Mon Apr 18 17:24:52 GMT 2011]
Issuer: CN=Test CA Certificate
SerialNumber: [ 01]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 2B CB 62 62 95 0C 32 2B 1C 61 B4 0D 4B 42 AD 6E +.bb..2+.a..KB.n
0010: 54 08 DF DB 30 68 62 BF 1D 79 DA 87 49 48 D0 48 T...0hb..y..IH.H
0020: 50 E6 DD 6A 7A CD D1 55 F4 A1 EA 47 63 11 85 0B P..jz..U...Gc...
0030: 6B CF 1E EE 45 CE 4C 53 62 70 FC D7 86 2E 5C 50 k...E.LSbp....\P
]
[read] MD5 and SHA1 hashes: len = 307
0000: 0B 00 01 2F 00 01 2C 00 01 29 30 82 01 25 30 81 .../..,..)0..%0.
0010: D0 02 01 01 30 0D 06 09 2A 86 48 86 F7 0D 01 01 ....0...*.H.....
0020: 05 05 00 30 1E 31 1C 30 1A 06 03 55 04 03 0C 13 ...0.1.0...U....
0030: 54 65 73 74 20 43 41 20 43 65 72 74 69 66 69 63 Test CA Certific
0040: 61 74 65 30 1E 17 0D 31 31 30 34 31 31 31 37 32 ate0...110411172
0050: 34 35 31 5A 17 0D 31 31 30 34 31 38 31 37 32 34 451Z..1104181724
0060: 35 32 5A 30 1E 31 1C 30 1A 06 03 55 04 03 0C 13 52Z0.1.0...U....
0070: 54 65 73 74 20 43 41 20 43 65 72 74 69 66 69 63 Test CA Certific
0080: 61 74 65 30 5C 30 0D 06 09 2A 86 48 86 F7 0D 01 ate0\0...*.H....
0090: 01 01 05 00 03 4B 00 30 48 02 41 00 D0 F0 23 6E .....K.0H.A...#n
00A0: EA 70 77 B3 5E B0 E4 DE 22 9B 2D A8 9C 32 95 90 .pw.^...".-..2..
00B0: 5C F5 74 5D 22 43 AE 96 13 6E 66 3E 1E 2E 38 EE \.t]"C...nf>..8.
00C0: 95 63 07 17 A6 AC 8B 85 C5 DD 77 64 5D 3E 87 AC .c........wd]>..
00D0: D7 B1 F2 ED EA 3B C1 DA 0B 32 90 CD 02 03 01 00 .....;...2......
00E0: 01 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 .0...*.H........
00F0: 03 41 00 2B CB 62 62 95 0C 32 2B 1C 61 B4 0D 4B .A.+.bb..2+.a..K
0100: 42 AD 6E 54 08 DF DB 30 68 62 BF 1D 79 DA 87 49 B.nT...0hb..y..I
0110: 48 D0 48 50 E6 DD 6A 7A CD D1 55 F4 A1 EA 47 63 H.HP..jz..U...Gc
0120: 11 85 0B 6B CF 1E EE 45 CE 4C 53 62 70 FC D7 86 ...k...E.LSbp...
0130: 2E 5C 50 .\P
*** CertificateRequest
Cert Types: RSA, DSS, Type-64,
Cert Authorities:
<CN=#0C1354657374204341204365727469666963617465>
[read] MD5 and SHA1 hashes: len = 44
0000: 0D 00 00 28 03 01 02 40 00 22 00 20 30 1E 31 1C ...(...@.". 0.1.
0010: 30 1A 06 03 55 04 03 0C 13 54 65 73 74 20 43 41 0...U....Test CA
0020: 20 43 65 72 74 69 66 69 63 61 74 65 Certificate
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
***
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret: { 3, 1, 141, 137, 165, 207, 1, 152, 104, 34, 55, 25, 38, 212, 142, 171, 70, 90, 118, 19, 219, 159, 179,
233, 155, 214, 77, 78, 193, 82, 0, 198, 23, 24, 3, 16, 2, 190, 142, 222, 61, 102, 217, 224, 29, 27, 128, 229 }
[write] MD5 and SHA1 hashes: len = 77
0000: 0B 00 00 03 00 00 00 10 00 00 42 00 40 11 1E 58 ..........B.@..X
0010: FF C9 E6 D8 FA DB 33 12 45 B2 D6 12 C3 35 4D 3C ......3.E....5M<
0020: 34 C4 0A B3 21 2C F6 59 C9 F5 F2 0D A8 B2 EB 9A 4...!,.Y........
0030: 83 F7 E2 8B D4 D7 13 A7 22 40 5F 50 4E F4 C7 91 ........"@_PN...
0040: 8C 4F 58 92 42 8B 41 20 CF 95 C3 F5 F6 .OX.B.A .....
main, WRITE: SSL v3.1 Handshake, length = 77
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 8D 89 A5 CF 01 98 68 22 37 19 26 D4 8E AB ........h"7.&...
0010: 46 5A 76 13 DB 9F B3 E9 9B D6 4D 4E C1 52 00 C6 FZv.......MN.R..
0020: 17 18 03 10 02 BE 8E DE 3D 66 D9 E0 1D 1B 80 E5 ........=f......
CONNECTION KEYGEN:
Client Nonce:
0000: 4D A3 3A 15 06 A3 D3 B3 2F 9A 98 6A 01 6E B7 48 M.:...../..j.n.H
0010: 6F BB 8A DA 8E 80 4A 81 C0 2B 22 51 11 43 38 92 o.....J..+"Q.C8.
Server Nonce:
0000: 4D A3 3A 15 DC 99 97 6A 04 01 4F 8F 41 90 BC 17 M.:....j..O.A...
0010: CD A0 E9 78 CA 8C D0 F1 E2 B1 20 BD 4C 4E 5B 82 ...x...... .LN[.
Master Secret:
0000: AD D3 E5 AF FE 73 D5 9A 49 22 67 0D 78 14 F5 05 .....s..I"g.x...
0010: 91 70 47 8C 7A 5B 61 0F D4 4A 76 2C B4 71 37 BE .pG.z[a..Jv,.q7.
0020: EB 71 99 F1 33 E9 64 8F 96 A2 3A 59 53 32 87 6E .q..3.d...:YS2.n
Client MAC write Secret:
0000: 2E F8 2E E9 83 50 D2 68 AF 29 E5 13 7E B4 39 4F .....P.h.)....9O
0010: 85 C1 21 F0 ..!.
Server MAC write Secret:
0000: 15 47 D5 C6 D2 13 14 B2 62 DC E9 6E 1C 50 6A 8F .G......b..n.Pj.
0010: CC 10 29 88 ..).
Client write key:
0000: 05 D2 94 63 D5 F0 ED 18 68 83 D7 2F CF 04 24 DA ...c....h../..$.
Server write key:
0000: B7 FB A0 E0 BB FA 09 BD 11 CA 6B 29 9D BB F0 97 ..........k)....
... no IV for cipher
main, WRITE: SSL v3.1 Change Cipher Spec, length = 1
*** Finished, v3.1
verify_data: { 255, 180, 1, 236, 211, 144, 97, 49, 230, 235, 26, 146 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C FF B4 01 EC D3 90 61 31 E6 EB 1A 92 ..........a1....
Plaintext before ENCRYPTION: len = 36
0000: 14 00 00 0C FF B4 01 EC D3 90 61 31 E6 EB 1A 92 ..........a1....
0010: 6A 5B E0 13 DA 40 82 F1 0C 6E FA D4 49 75 C2 0D j[...@...n..Iu..
0020: BE F7 DE 92 ....
main, WRITE: SSL v3.1 Handshake, length = 36
Exception in thread "main" java.net.SocketException: Connection aborted by peer: socket write error
at java.net.SocketOutputStream.socketWrite(Native Method)
at java.net.SocketOutputStream.write(SocketOutputStream.java:91)
at com.sun.net.ssl.internal.ssl.OutputRecord.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(DashoA12275)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(DashoA12275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.c(DashoA12275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(DashoA12275)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(DashoA12275)
at java.io.OutputStream.write(OutputStream.java:56)
at SSLClientExample.doProtocol(SSLClientExample.java:48)
at SSLClientWithClientAuthExample.main(SSLClientWithClientAuthExample.java:46)
server output:
D:\niagara\r3dev\fw\plat\platCrypto\cryptoTest\samples>java SSLServerWithClientAuthExample
***
found key for : server
chain [0] = [
[
Version: V1
Subject: CN=Test CA Certificate
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: RSA Public Key
modulus: d0f0236eea7077b35eb0e4de229b2da89c3295905cf5745d2243ae96136e663e1e2e38ee95630717a6ac8b85c5dd77645d3e87acd7b1f2edea3bc1d
a0b3290cd
public exponent: 10001
Validity: [From: Mon Apr 11 13:24:51 EDT 2011,
To: Mon Apr 18 13:24:52 EDT 2011]
Issuer: CN=Test CA Certificate
SerialNumber: [ 01]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 2B CB 62 62 95 0C 32 2B 1C 61 B4 0D 4B 42 AD 6E +.bb..2+.a..KB.n
0010: 54 08 DF DB 30 68 62 BF 1D 79 DA 87 49 48 D0 48 T...0hb..y..IH.H
0020: 50 E6 DD 6A 7A CD D1 55 F4 A1 EA 47 63 11 85 0B P..jz..U...Gc...
0030: 6B CF 1E EE 45 CE 4C 53 62 70 FC D7 86 2E 5C 50 k...E.LSbp....\P
]
***
adding as trusted cert:
Subject: CN=Test CA Certificate
Issuer: CN=Test CA Certificate
Algorithm: RSA; Serial number: 0x1
Valid from Mon Apr 11 13:24:51 EDT 2011 until Mon Apr 18 13:24:52 EDT 2011
X509KeyManager passed to SSLContext.init(): need an X509ExtendedKeyManager for SSLEngine use
trigger seeding of SecureRandom
done seeding SecureRandom
Setting client auth required
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
matching alias: server
main, called closeSocket()
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Session started.
[Raw read]: length = 5
0000: 80 4D 01 03 01 .M...
[Raw read]: length = 74
0000: 00 24 00 00 00 20 00 00 05 00 00 04 01 00 80 00 .$... ..........
0010: 00 09 06 00 40 00 00 0A 07 00 C0 00 00 12 00 00 ....@...........
0020: 13 00 00 03 02 00 80 00 00 11 4D A3 3A 15 06 A3 ..........M.:...
0030: D3 B3 2F 9A 98 6A 01 6E B7 48 6F BB 8A DA 8E 80 ../..j.n.Ho.....
0040: 4A 81 C0 2B 22 51 11 43 38 92 J..+"Q.C8.
[read] MD5 and SHA1 hashes: len = 3
0000: 01 03 01 ...
[read] MD5 and SHA1 hashes: len = 74
0000: 00 24 00 00 00 20 00 00 05 00 00 04 01 00 80 00 .$... ..........
0010: 00 09 06 00 40 00 00 0A 07 00 C0 00 00 12 00 00 ....@...........
0020: 13 00 00 03 02 00 80 00 00 11 4D A3 3A 15 06 A3 ..........M.:...
0030: D3 B3 2F 9A 98 6A 01 6E B7 48 6F BB 8A DA 8E 80 ../..j.n.Ho.....
0040: 4A 81 C0 2B 22 51 11 43 38 92 J..+"Q.C8.
main, READ: SSL v2, contentType = Handshake, translated length = 59
*** ClientHello, TLSv1
RandomCookie: GMT: 1285765653 bytes = { 6, 163, 211, 179, 47, 154, 152, 106, 1, 110, 183, 72, 111, 187, 138, 218, 142, 128, 74, 129, 192, 4
3, 34, 81, 17, 67, 56, 146 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_DES_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WIT
H_DES_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
Warning: No renegotiation indication in ClientHello, allow legacy ClientHello
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
*** ServerHello, TLSv1
RandomCookie: GMT: 1285765653 bytes = { 220, 153, 151, 106, 4, 1, 79, 143, 65, 144, 188, 23, 205, 160, 233, 120, 202, 140, 208, 241, 226, 1
77, 32, 189, 76, 78, 91, 130 }
Session ID: {77, 163, 58, 21, 74, 209, 53, 180, 124, 123, 76, 168, 187, 176, 66, 56, 18, 233, 121, 112, 166, 46, 134, 46, 22, 79, 101, 212,
169, 227, 163, 176}
Cipher Suite: SSL_RSA_WITH_RC4_128_SHA
Compression Method: 0
***
Cipher suite: SSL_RSA_WITH_RC4_128_SHA
*** Certificate chain
chain [0] = [
[
Version: V1
Subject: CN=Test CA Certificate
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: RSA Public Key
modulus: d0f0236eea7077b35eb0e4de229b2da89c3295905cf5745d2243ae96136e663e1e2e38ee95630717a6ac8b85c5dd77645d3e87acd7b1f2edea3bc1d
a0b3290cd
public exponent: 10001
Validity: [From: Mon Apr 11 13:24:51 EDT 2011,
To: Mon Apr 18 13:24:52 EDT 2011]
Issuer: CN=Test CA Certificate
SerialNumber: [ 01]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 2B CB 62 62 95 0C 32 2B 1C 61 B4 0D 4B 42 AD 6E +.bb..2+.a..KB.n
0010: 54 08 DF DB 30 68 62 BF 1D 79 DA 87 49 48 D0 48 T...0hb..y..IH.H
0020: 50 E6 DD 6A 7A CD D1 55 F4 A1 EA 47 63 11 85 0B P..jz..U...Gc...
0030: 6B CF 1E EE 45 CE 4C 53 62 70 FC D7 86 2E 5C 50 k...E.LSbp....\P
]
***
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Cert Authorities:
<CN=Test CA Certificate>
*** ServerHelloDone
[write] MD5 and SHA1 hashes: len = 429
0000: 02 00 00 46 03 01 4D A3 3A 15 DC 99 97 6A 04 01 ...F..M.:....j..
0010: 4F 8F 41 90 BC 17 CD A0 E9 78 CA 8C D0 F1 E2 B1 O.A......x......
0020: 20 BD 4C 4E 5B 82 20 4D A3 3A 15 4A D1 35 B4 7C .LN[. M.:.J.5..
0030: 7B 4C A8 BB B0 42 38 12 E9 79 70 A6 2E 86 2E 16 .L...B8..yp.....
0040: 4F 65 D4 A9 E3 A3 B0 00 05 00 0B 00 01 2F 00 01 Oe.........../..
0050: 2C 00 01 29 30 82 01 25 30 81 D0 02 01 01 30 0D ,..)0..%0.....0.
0060: 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30 1E 31 ..*.H........0.1
0070: 1C 30 1A 06 03 55 04 03 0C 13 54 65 73 74 20 43 .0...U....Test C
0080: 41 20 43 65 72 74 69 66 69 63 61 74 65 30 1E 17 A Certificate0..
0090: 0D 31 31 30 34 31 31 31 37 32 34 35 31 5A 17 0D .110411172451Z..
00A0: 31 31 30 34 31 38 31 37 32 34 35 32 5A 30 1E 31 110418172452Z0.1
00B0: 1C 30 1A 06 03 55 04 03 0C 13 54 65 73 74 20 43 .0...U....Test C
00C0: 41 20 43 65 72 74 69 66 69 63 61 74 65 30 5C 30 A Certificate0\0
00D0: 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 4B ...*.H.........K
00E0: 00 30 48 02 41 00 D0 F0 23 6E EA 70 77 B3 5E B0 .0H.A...#n.pw.^.
00F0: E4 DE 22 9B 2D A8 9C 32 95 90 5C F5 74 5D 22 43 ..".-..2..\.t]"C
0100: AE 96 13 6E 66 3E 1E 2E 38 EE 95 63 07 17 A6 AC ...nf>..8..c....
0110: 8B 85 C5 DD 77 64 5D 3E 87 AC D7 B1 F2 ED EA 3B ....wd]>.......;
0120: C1 DA 0B 32 90 CD 02 03 01 00 01 30 0D 06 09 2A ...2.......0...*
0130: 86 48 86 F7 0D 01 01 05 05 00 03 41 00 2B CB 62 .H.........A.+.b
0140: 62 95 0C 32 2B 1C 61 B4 0D 4B 42 AD 6E 54 08 DF b..2+.a..KB.nT..
0150: DB 30 68 62 BF 1D 79 DA 87 49 48 D0 48 50 E6 DD .0hb..y..IH.HP..
0160: 6A 7A CD D1 55 F4 A1 EA 47 63 11 85 0B 6B CF 1E jz..U...Gc...k..
0170: EE 45 CE 4C 53 62 70 FC D7 86 2E 5C 50 0D 00 00 .E.LSbp....\P...
0180: 28 03 01 02 40 00 22 00 20 30 1E 31 1C 30 1A 06 (...@.". 0.1.0..
0190: 03 55 04 03 0C 13 54 65 73 74 20 43 41 20 43 65 .U....Test CA Ce
01A0: 72 74 69 66 69 63 61 74 65 0E 00 00 00 rtificate....
main, WRITE: TLSv1 Handshake, length = 429
[Raw write]: length = 434
0000: Finalizer, called close()
16 03 01 01 AD 02 00 00 46 03 01 4D A3 3A 15 DC Finalizer, called closeInternal(true)
........F..M.:..
0010: 99 97 6A 04 01 4F 8F 41 90 BC 17 CD A0 E9 78 CA ..j..O.A......x.
0020: 8C D0 F1 E2 B1 20 BD 4C 4E 5B 82 20 4D A3 3A 15 ..... .LN[. M.:.
0030: 4A D1 35 B4 7C 7B 4C A8 BB B0 42 38 12 E9 79 70 J.5...L...B8..yp
0040: A6 2E 86 2E 16 4F 65 D4 A9 E3 A3 B0 00 05 00 0B .....Oe.........
0050: 00 01 2F 00 01 2C 00 01 29 30 82 01 25 30 81 D0 ../..,..)0..%0..
0060: 02 01 01 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 ...0...*.H......
0070: 05 00 30 1E 31 1C 30 1A 06 03 55 04 03 0C 13 54 ..0.1.0...U....T
0080: 65 73 74 20 43 41 20 43 65 72 74 69 66 69 63 61 est CA Certifica
0090: 74 65 30 1E 17 0D 31 31 30 34 31 31 31 37 32 34 te0...1104111724
00A0: 35 31 5A 17 0D 31 31 30 34 31 38 31 37 32 34 35 51Z..11041817245
00B0: 32 5A 30 1E 31 1C 30 1A 06 03 55 04 03 0C 13 54 2Z0.1.0...U....T
00C0: 65 73 74 20 43 41 20 43 65 72 74 69 66 69 63 61 est CA Certifica
00D0: 74 65 30 5C 30 0D 06 09 2A 86 48 86 F7 0D 01 01 te0\0...*.H.....
00E0: 01 05 00 03 4B 00 30 48 02 41 00 D0 F0 23 6E EA ....K.0H.A...#n.
00F0: 70 77 B3 5E B0 E4 DE 22 9B 2D A8 9C 32 95 90 5C pw.^...".-..2..\
0100: F5 74 5D 22 43 AE 96 13 6E 66 3E 1E 2E 38 EE 95 .t]"C...nf>..8..
0110: 63 07 17 A6 AC 8B 85 C5 DD 77 64 5D 3E 87 AC D7 c........wd]>...
0120: B1 F2 ED EA 3B C1 DA 0B 32 90 CD 02 03 01 00 01 ....;...2.......
0130: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 03 0...*.H.........
0140: 41 00 2B CB 62 62 95 0C 32 2B 1C 61 B4 0D 4B 42 A.+.bb..2+.a..KB
0150: AD 6E 54 08 DF DB 30 68 62 BF 1D 79 DA 87 49 48 .nT...0hb..y..IH
0160: D0 48 50 E6 DD 6A 7A CD D1 55 F4 A1 EA 47 63 11 .HP..jz..U...Gc.
0170: 85 0B 6B CF 1E EE 45 CE 4C 53 62 70 FC D7 86 2E ..k...E.LSbp....
0180: 5C 50 0D 00 00 28 03 01 02 40 00 22 00 20 30 1E \P...(...@.". 0.
0190: 31 1C 30 1A 06 03 55 04 03 0C 13 54 65 73 74 20 1.0...U....Test
01A0: 43 41 20 43 65 72 74 69 66 69 63 61 74 65 0E 00 CA Certificate..
01B0: 00 00 ..
[Raw read]: length = 5
0000: 16 03 01 00 4D ....M
[Raw read]: length = 77
0000: 0B 00 00 03 00 00 00 10 00 00 42 00 40 11 1E 58 ..........B.@..X
0010: FF C9 E6 D8 FA DB 33 12 45 B2 D6 12 C3 35 4D 3C ......3.E....5M<
0020: 34 C4 0A B3 21 2C F6 59 C9 F5 F2 0D A8 B2 EB 9A 4...!,.Y........
0030: 83 F7 E2 8B D4 D7 13 A7 22 40 5F 50 4E F4 C7 91 ........"@_PN...
0040: 8C 4F 58 92 42 8B 41 20 CF 95 C3 F5 F6 .OX.B.A .....
main, READ: TLSv1 Handshake, length = 77
*** Certificate chain
***
main, SEND TLSv1 ALERT: fatal, description = bad_certificate
main, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 2A ......*
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: null cert chain
Exception in thread "main" javax.net.ssl.SSLHandshakeException: null cert chain
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:231)
at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1369)
at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:160)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:632)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at java.io.OutputStream.write(OutputStream.java:58)
at SSLServerExample.doProtocol(SSLServerExample.java:61)
at SSLServerWithClientAuthExample.main(SSLServerWithClientAuthExample.java:31)