RECV SSLv3 ALERT: fatal, handshake_failure / URGENT
843811Jun 30 2005 — edited Jul 1 2005Hi,
Iam using JSSE to connect an Apache webserver. Some times I get an error from the server saying handshake failed. Appreciate if anyone can help resolve the same. Attaching the JSSE debug log and also the code.
JSSE Version : 1.0.3_03
JDK : 1.3.1
********** Code **********
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
System.setProperty("https.proxyHost", host);
System.setProperty("https.proxyPort", port);
System.setProperty("javax.net.ssl.keyStore", keyDBPath);
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
System.setProperty("javax.net.ssl.keyStorePassword", keyDBPass);
System.setProperty("javax.net.ssl.trustStore", trustDBPath);
System.setProperty("javax.net.ssl.trustStorePassword",trustDBPass);
url_in = new URL("https:\\....");
************************** JSSE debug Log ****************************
keyStore is : /ebp/eaifiles/sft/security/keydb/20050531000000000049.key
keyStore type is : PKCS12
init keystore
init keymanager of type SunX509
***
found key for : cn=db-ebillstest1,o=deutsche bank,c=sg,ou=db-ebills,e=jian-feng.chen@db.com,l=singapore
chain [0] = [
[
Version: V3
Subject: CN=db-eBillsTest1, O=Deutsche Bank, C=SG, OU=db-eBills, EmailAddress=jian-feng.chen@db.com, L=Singapore
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@350e24
Validity: [From: Tue May 31 00:00:00 GMT 2005,
To: Wed May 31 00:00:00 GMT 2006]
Issuer: CN=dbeBills-RootV4.3.1
SerialNumber: [ 31343930 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 2F 2E AE 75 36 97 53 7A B3 B9 AF 2A 2C DD 51 85 /..u6.Sz...*,.Q.
0010: BB C3 2C CB A6 86 DB 15 71 B4 FC D5 A8 F3 2D BA ..,.....q.....-.
0020: EB 0A 36 87 25 C3 34 FB 96 61 0F D4 96 C2 AF B4 ..6.%.4..a......
0030: 3F EA B7 FF 2A AE AB AF 78 FF 3F F3 D5 44 01 34 ?...*...x.?..D.4
0040: 5B F7 44 E4 03 3C 4C 3B FD 68 8F FC AA 3A 2F 01 [.D..<L;.h...:/.
0050: 3C F0 7B AA 4F 97 69 95 31 EC 21 7B B3 A6 BB 83 <...O.i.1.!.....
0060: 08 9C 2B 3C 1B F2 3D 05 0A 73 D8 3F 5E 26 51 9A ..+<..=..s.?^&Q.
0070: F6 01 95 23 D1 99 79 56 1E 1F 17 06 E4 AC 44 50 ...#..yV......DP
]
chain [1] = [
[
Version: V3
Subject: CN=dbeBills-RootV4.3.1
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@251bb9
Validity: [From: Fri Nov 05 00:00:00 GMT 2004,
To: Wed Nov 04 00:00:00 GMT 2009]
Issuer: CN=dbeBills-RootV4.3.1
SerialNumber: [ 31343734 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: B9 F3 DE F4 DB ED C0 E0 F8 C6 82 50 CC 5E 73 DB ...........P.^s.
0010: 75 61 04 3F 04 DB 52 7B 00 F3 06 DD C0 DD 92 5E ua.?..R........^
0020: E6 2E 4D 99 21 EA 94 56 11 91 B7 45 C7 85 30 B1 ..M.!..V...E..0.
0030: 8B 2F 19 9D AF DD A8 92 65 4C D7 37 69 D6 E2 A3 ./......eL.7i...
0040: 75 2E 54 97 8E F2 3E 10 C7 0A FE 78 36 CD DA EA u.T...>....x6...
0050: 2E D0 C1 4B 09 AB DE 3B 03 34 44 44 C7 A4 69 34 ...K...;.4DD..i4
0060: B1 96 78 D0 E7 BB 21 23 7B 5D D3 5C 43 F4 24 96 ..x...!#.].\C.$.
0070: 4F 09 76 8C C1 8C 98 CA 9F 84 50 BF AE 47 C3 B7 O.v.......P..G..
]
***
trustStore is: /ebp/eaifiles/sft/security/trustdb/sfttrustdb.db
trustStore type is : jks
init truststore
adding as trusted cert: [
[
Version: V3
Subject: CN=BIZBILL, EmailAddress=louis.patrick@db.com
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@2e2d61
Validity: [From: Tue Apr 20 16:00:00 GMT 2004,
To: Fri Dec 31 16:00:00 GMT 2004]
Issuer: CN=Root
SerialNumber: [ 31323732 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: AF 63 B6 B5 F7 0D 21 79 42 51 8C 5F 5A 16 44 9E .c....!yBQ._Z.D.
0010: 4F 8F 62 7C C3 55 5A F5 74 27 49 BF 87 B0 45 DA O.b..UZ.t'I...E.
0020: 4E 1D C1 D5 2E 0A 62 FC 87 12 55 AB B7 4E 62 9E N.....b...U..Nb.
0030: 27 55 A7 24 33 CE 34 47 B0 04 55 66 00 9E B2 74 'U.$3.4G..Uf...t
0040: 40 10 7C F3 86 4B 3E 4E 00 B6 5D 8E F9 F7 3D 18 @....K>N..]...=.
0050: 61 12 9F 18 F9 B1 58 61 CF 2C 12 74 D5 2E 9D 5C a.....Xa.,.t...\
0060: C3 91 C6 44 9D AB 73 EE 2B 70 88 CD A7 40 84 A8 ...D..s.+p...@..
0070: E6 2F FD 31 87 F3 0E 61 4A 07 25 B4 F8 71 AE 47 ./.1...aJ.%..q.G
]
adding as trusted cert: [
[
Version: V3
Subject: CN=ft.dbebills-sit-uat.db.com, OU=APHO, O=Deutsche Bank, L=Singapore, ST=Singapore, C=SG
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@66ee0e
Validity: [From: Wed Apr 21 09:38:05 GMT 2004,
To: Thu Apr 21 09:38:05 GMT 2005]
Issuer: CN=Certificate Manager-Ecommerce, OU=CIT GTO, O=Deutsche Bank, L=SG, ST=SG, C=SG
SerialNumber: [ 3c]
Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A7 00 B9 D1 4C 3A 35 C2 FB 82 29 75 C4 23 19 95 ....L:5...)u.#..
0010: D8 50 AE 80 .P..
]
]
[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
SSL CA
S/MIME CA
Object Signing CA]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 82 84 16 07 FF 03 73 F6 34 BB 0F A7 35 A3 88 78 ......s.4...5..x
0010: F5 60 CE 73 .`.s
]
]
[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_CertSign
Crl_Sign
]
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 61 EE 9E FE 32 9D 2A F4 A7 E8 ED 1B 35 25 21 5D a...2.*.....5%!]
0010: 17 65 A4 C8 F0 7D 26 45 C1 39 06 D9 DA 7C D0 9D .e....&E.9......
0020: DC E9 F3 D7 75 4B A7 85 87 C1 A6 01 53 CB 1C 2F ....uK......S../
0030: 09 61 12 55 16 4A A2 7B BD C4 DB F8 DB 21 42 2B .a.U.J.......!B+
0040: 9B CE EB 3C E0 73 4C 77 6F 79 0F 25 5C 43 67 DB ...<.sLwoy.%\Cg.
0050: D5 B2 89 8F 99 12 DA 85 59 0A 66 83 CE 6B AF 51 ........Y.f..k.Q
0060: 75 EB 27 49 B7 38 C8 64 22 8A 5F F0 38 E5 AA D3 u.'I.8.d"._.8...
0070: 12 7A 21 0E 6B 3E 0D B6 3D D9 53 48 4F E3 6C CD .z!.k>..=.SHO.l.
0080: EB 3B 25 63 8A 2F 06 60 19 5A D1 62 44 4E 38 A2 .;%c./.`.Z.bDN8.
0090: B4 ED CA 85 E2 DA B5 95 53 74 72 1D B4 26 CC 0D ........Str..&..
00A0: 03 15 E7 83 B6 18 77 23 E8 0F 1D 35 8A 0C 7B 1C ......w#...5....
00B0: 92 1D AE CD A1 87 04 6E 97 7B 17 9F 93 52 DB 3E .......n.....R.>
00C0: 94 B5 14 C0 FB CF 0B B0 CC 9A B5 10 75 70 2E 92 ............up..
00D0: 08 9C 9B 59 E8 ED 19 09 F7 EB CB E1 F7 08 37 6A ...Y..........7j
00E0: B6 5F 50 38 99 C5 FE 64 45 67 DA 41 E0 38 7D F1 ._P8...dEg.A.8..
00F0: D5 A8 12 21 11 4C E3 1D C2 3B 40 C4 D4 8A A7 3E ...!.L...;@....>
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=tcadmin@trustcenter.de, CN=tcdss.trustcenter.de, O=TC TrustCenter AG, L=Hamburg, ST=Hamburg, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@16ef23
Validity: [From: Tue Mar 15 09:05:07 GMT 2005,
To: Mon May 01 09:05:07 GMT 2006]
Issuer: EmailAddress=certificate@trustcenter.de, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
SerialNumber: [ 9f510000 000230e0 cfc2ad69 44a4]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
]
[2]: ObjectId: 2.16.840.1.113730.1.8 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 31 16 2F 68 74 74 70 3A 2F 2F 77 77 77 2E 74 .1./http://www.t
0010: 72 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 rustcenter.de/gu
0020: 69 64 65 6C 69 6E 65 73 2F 69 6E 64 65 78 2E 68 idelines/index.h
0030: 74 6D 6C tml
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
]
[4]: ObjectId: 2.16.840.1.113730.1.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 43 16 41 68 74 74 70 73 3A 2F 2F 6E 72 75 2E .C.Ahttps://nru.
0010: 74 63 63 6C 61 73 73 32 2E 74 72 75 73 74 63 65 tcclass2.trustce
0020: 6E 74 65 72 2E 64 65 2F 39 46 35 31 30 30 30 30 nter.de/9F510000
0030: 30 30 30 32 33 30 45 30 43 46 43 32 41 44 36 39 000230E0CFC2AD69
0040: 34 34 41 34 3F 44A4?
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: CB A6 03 8B BA F8 75 64 90 07 F3 29 8F E1 6C C2 ......ud...)..l.
0010: 1F 81 A4 28 16 6B EB 19 D6 82 AD 39 6E 92 F6 D2 ...(.k.....9n...
0020: 7E BD EA 55 37 F0 5A 03 A2 5E 31 3A 61 8B 70 C8 ...U7.Z..^1:a.p.
0030: 3B 91 BA 5A CE 27 51 C2 EA B0 1B 55 A4 18 4B DF ;..Z.'Q....U..K.
0040: FF 3D FE ED 91 73 8C C0 9F 92 93 C7 CD 66 30 F4 .=...s.......f0.
0050: E2 FB F5 06 05 9F BA 5B 81 24 2F 18 52 CE 53 A6 .......[.$/.R.S.
0060: 21 0B 63 D4 AE B3 FD E6 9C C2 EE 74 53 E6 E2 5E !.c........tS..^
0070: 8C 2A 0C 77 AB E9 F9 95 76 4C E8 B6 63 A3 CB 89 .*.w....vL..c...
]
adding as trusted cert: [
[
Version: V3
Subject: CN=Venkat, OU=EBPP, O=Deutsche Bank, L=SIngapore, ST=Singapore, C=SG
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@2df2c7
Validity: [From: Fri Mar 04 09:30:03 GMT 2005,
To: Sat Mar 04 09:30:03 GMT 2006]
Issuer: CN=Certificate Manager, OU=PCB, O=Deutsche Bank AG, L=Singapore, ST=Singapore, C=SG
SerialNumber: [ 08]
Certificate Extensions: 3
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 89 A4 2E 72 47 B7 E8 52 5A 4F 2D 56 5F A0 1E 87 ...rG..RZO-V_...
0010: 43 E2 AA 2E C...
]
]
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [MD5withRSA]
Signature:
0000: DA F2 FA 04 B2 C6 E3 87 5C 32 B8 41 5A 74 CB 9E ........\2.AZt..
0010: B5 6F 85 01 55 A8 3F 0C EB 52 68 EC C0 4B 6D 0B .o..U.?..Rh..Km.
0020: 04 30 86 24 74 A2 CF DF 7F 20 06 3F 8E AD C3 6E .0.$t.... .?...n
0030: 76 01 97 F7 A3 A6 2D 51 4D D4 17 4D 74 78 13 C3 v.....-QM..Mtx..
]
adding as trusted cert: [
[
Version: V3
Subject: CN=www.ppg.com, OU=Terms of use at www.verisign.com/rpa (c)00, OU=PPG Industries, O=PPG Industries Inc., L=Pittsburgh, ST=Pennsylvania, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@1df480
Validity: [From: Wed Oct 01 00:00:00 GMT 2003,
To: Tue Oct 26 23:59:59 GMT 2004]
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
SerialNumber: [ 7a070d62 d01d5e6f 878eb52e f981c2ea ]
Certificate Extensions: 7
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 28 30 26 30 24 06 08 2B 06 01 05 05 07 30 01 .(0&0$..+.....0.
0010: 86 18 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 76 65 ..http://ocsp.ve
0020: 72 69 73 69 67 6E 2E 63 6F 6D risign.com
[2]: ObjectId: 1.3.6.1.5.5.7.1.12 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 5F 30 5D A1 5B A0 59 30 57 30 55 16 09 69 6D ._0].[.Y0W0U..im
0010: 61 67 65 2F 67 69 66 30 21 30 1F 30 07 06 05 2B age/gif0!0.0...+
0020: 0E 03 02 1A 04 14 AE 6C A8 E1 70 62 68 65 FB 55 .......l..pbhe.U
0030: 49 82 B5 82 32 5B 90 91 42 B7 30 25 16 23 68 74 I...2[..B.0%.#ht
0040: 74 70 3A 2F 2F 6C 6F 67 6F 2E 76 65 72 69 73 69 tp://logo.verisi
0050: 67 6E 2E 63 6F 6D 2F 76 73 6C 6F 67 6F 2E 67 69 gn.com/vslogo.gi
0060: 66 f
[3]: ObjectId: 2.5.29.32 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 3D 30 3B 30 39 06 0B 60 86 48 01 86 F8 45 01 .=0;09..`.H...E.
0010: 07 17 03 30 2A 30 28 06 08 2B 06 01 05 05 07 02 ...0*0(..+......
0020: 01 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 ...https://www.v
0030: 65 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 70 61 erisign.com/rpa
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 35 30 33 30 31 A0 2F A0 2D 86 2B 68 74 74 70 .50301./.-.+http
0010: 3A 2F 2F 63 72 6C 2E 76 65 72 69 73 69 67 6E 2E ://crl.verisign.
0020: 63 6F 6D 2F 52 53 41 53 65 63 75 72 65 53 65 72 com/RSASecureSer
0030: 76 65 72 2E 63 72 6C ver.crl
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
]
[6]: ObjectId: 2.5.29.37 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 16 30 14 06 08 2B 06 01 05 05 07 03 01 06 08 ..0...+.........
0010: 2B 06 01 05 05 07 03 02 +.......
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 3F DC 1E E4 DE 9A EE 95 D9 07 CE AF FA AA 54 10 ?.............T.
0010: 6C 56 BA A3 49 98 E4 C8 30 8D 24 E8 19 22 16 92 lV..I...0.$.."..
0020: 9D E8 B8 FE BB 8E 24 6E 9D AD B4 97 B3 1B 04 50 ......$n.......P
0030: 96 63 45 A9 03 DE 41 B8 77 22 EC 73 B4 C7 0E 55 .cE...A.w".s...U
0040: 77 9A 81 2B 2B 57 A9 D9 CE 83 57 27 69 D9 62 6A w..++W....W'i.bj
0050: CF A4 82 75 A8 1E AC 0B DD 98 4A E5 4E 99 5F A4 ...u......J.N._.
0060: F2 E3 4F 62 48 FE 1B 1A 6A B2 54 77 CD D0 9B 20 ..ObH...j.Tw...
0070: A1 4E A5 F5 BE 38 78 1B 7C 7E 41 1F F1 .N...8x...A..
]
adding as trusted cert: [
[
Version: V3
Subject: CN=ft.dbebills-sit-uat.db.com, OU=Deutsche Bank, O=APHO, L=Singapore, ST=Singapore, C=SG
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@1f08ca
Validity: [From: Wed Apr 06 06:11:49 GMT 2005,
To: Thu Apr 06 06:11:49 GMT 2006]
Issuer: CN=Certificate Manager, OU=PCB, O=Deutsche Bank AG, L=Singapore, ST=Singapore, C=SG
SerialNumber: [ 14]
Certificate Extensions: 3
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 89 A4 2E 72 47 B7 E8 52 5A 4F 2D 56 5F A0 1E 87 ...rG..RZO-V_...
0010: 43 E2 AA 2E C...
]
]
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 02 B6 98 37 77 89 D0 FE BD FC 73 35 5F 86 C3 47 ...7w.....s5_..G
0010: D2 60 F7 7F D8 26 BE 69 0E C6 C2 16 60 B8 25 C2 .`...&.i....`.%.
0020: 6A ED 49 09 30 52 5C A4 37 7E DE 9C 27 AE 32 F8 j.I.0R\.7...'.2.
0030: B6 6F 13 88 1C B7 4D 21 09 74 F4 50 01 16 67 83 .o....M!.t.P..g.
]
adding as trusted cert: [
[
Version: V1
Subject: EmailAddress=bengel@csc.com, CN=194.45.147.44, OU=EBILLS, O=CSC PLOENZKE, L=WIESBADEN, ST=HESSEN, C=DE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@2f4fde
Validity: [From: Mon May 23 14:19:25 GMT 2005,
To: Thu May 18 14:19:25 GMT 2006]
Issuer: EmailAddress=bengel@csc.com, CN=194.45.147.44, OU=EBILLS, O=CSC PLOENZKE, L=WIESBADEN, ST=HESSEN, C=DE
SerialNumber: [ 0 ]
]
Algorithm: [MD5withRSA]
Signature:
0000: 83 20 EE 98 23 F0 0B BA 6F FF 99 66 EE 74 00 0A . ..#...o..f.t..
0010: CA 13 F5 66 80 2D 86 68 08 8F 8D 7D CE 7D 4A 50 ...f.-.h......JP
0020: 76 E7 54 68 23 31 07 9B EC D2 B6 B2 4C FF DA 9E v.Th#1......L...
0030: CD BB 6A F0 5A 6A 67 37 D9 D8 29 9E 9E B0 AF DE ..j.Zjg7..).....
0040: AC A4 22 3D 72 A0 DB 98 48 C9 A1 26 32 8B 1B C1 .."=r...H..&2...
0050: 34 BE 53 52 4D 5A 3C E9 6C 03 02 79 1B C7 F0 2E 4.SRMZ<.l..y....
0060: 9E 2D C8 15 1E 4E CB 46 60 70 6B 9A 12 80 5C 77 .-...N.F`pk...\w
0070: C7 DC DF FA D4 95 F9 48 52 DC 64 E4 35 50 22 F6 .......HR.d.5P".
]
adding as trusted cert: [
[
Version: V3
Subject: CN=BILL, EmailAddress=louis.patrick@db.com
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@249c54
Validity: [From: Mon Apr 26 16:00:00 GMT 2004,
To: Thu Mar 31 16:00:00 GMT 2005]
Issuer: CN=Root
SerialNumber: [ 31323936 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 43 3F F3 73 DC F0 F9 CC 42 C1 84 D0 EF D9 DA E7 C?.s....B.......
0010: AC D8 ED 33 0F 1F B7 F9 33 44 DC FB E8 3D B4 DE ...3....3D...=..
0020: EA 0D 06 CC D4 05 D9 CB FF 38 FC 66 83 59 C0 A9 .........8.f.Y..
0030: 9F 86 5F 7E EB 84 89 97 13 9D E8 57 FD 79 97 9C .._........W.y..
0040: 77 81 8C 74 CD E8 3B 57 29 F1 40 FA 94 5D F8 A4 w..t..;W).@..]..
0050: E6 91 19 B7 6E 4D A0 11 BE 64 2E A7 EF 43 BE 8B ....nM...d...C..
0060: 0A DB 08 AE B2 00 4F 4B C7 56 BE 64 D6 B9 59 1C ......OK.V.d..Y.
0070: 76 CE B9 60 B6 8D 9C D7 26 A6 2D D5 FD 20 0E 0F v..`....&.-.. ..
]
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1103321439 bytes = { 177, 1, 40, 203, 34, 64, 115, 231, 49, 198, 131, 41, 39, 61, 235, 196, 246, 250, 218, 72, 237, 195, 238, 146, 75, 131, 215, 17 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 42 C3 59 5F B1 01 28 CB 22 40 ...7..B.Y_..(."@
0010: 73 E7 31 C6 83 29 27 3D EB C4 F6 FA DA 48 ED C3 s.1..)'=.....H..
0020: EE 92 4B 83 D7 11 00 00 10 00 05 00 04 00 09 00 ..K.............
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
Flux Job /SUB/HERPPROC/0:206, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 42 C3 59 .............B.Y
0030: 5F B1 01 28 CB 22 40 73 E7 31 C6 83 29 27 3D EB _..(."@s.1..)'=.
0040: C4 F6 FA DA 48 ED C3 EE 92 4B 83 D7 11 ....H....K...
Flux Job /SUB/HERPPROC/0:206, WRITE: SSL v2, contentType = 22, translated length = 16310
Flux Job /SUB/HERPPROC/0:206, READ: SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie: GMT: 1103321645 bytes = { 64, 165, 150, 119, 79, 50, 213, 1, 63, 55, 101, 74, 132, 53, 176, 86, 103, 56, 226, 190, 45, 64, 217, 133, 36, 224, 165, 173 }
Session ID: {86, 92, 205, 118, 98, 208, 225, 182, 250, 233, 193, 34, 73, 46, 179, 174, 69, 225, 219, 44, 6, 87, 176, 78, 32, 130, 113, 140, 189, 107, 157, 122}
Cipher Suite: { 0, 5 }
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 42 C3 5A 2D 40 A5 96 77 4F 32 ...F..B.Z-@..wO2
0010: D5 01 3F 37 65 4A 84 35 B0 56 67 38 E2 BE 2D 40 ..?7eJ.5.Vg8..-@
0020: D9 85 24 E0 A5 AD 20 56 5C CD 76 62 D0 E1 B6 FA ..$... V\.vb....
0030: E9 C1 22 49 2E B3 AE 45 E1 DB 2C 06 57 B0 4E 20 .."I...E..,.W.N
0040: 82 71 8C BD 6B 9D 7A 00 05 00 .q..k.z...
Flux Job /SUB/HERPPROC/0:206, READ: SSL v3.1 Handshake, length = 1805
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: EmailAddress=tcadmin@trustcenter.de, CN=tcdss.trustcenter.de, O=TC TrustCenter AG, L=Hamburg, ST=Hamburg, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@12dab2
Validity: [From: Tue Mar 15 09:05:07 GMT 2005,
To: Mon May 01 09:05:07 GMT 2006]
Issuer: EmailAddress=certificate@trustcenter.de, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
SerialNumber: [ 9f510000 000230e0 cfc2ad69 44a4]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
]
[2]: ObjectId: 2.16.840.1.113730.1.8 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 31 16 2F 68 74 74 70 3A 2F 2F 77 77 77 2E 74 .1./http://www.t
0010: 72 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 rustcenter.de/gu
0020: 69 64 65 6C 69 6E 65 73 2F 69 6E 64 65 78 2E 68 idelines/index.h
0030: 74 6D 6C tml
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
]
[4]: ObjectId: 2.16.840.1.113730.1.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 43 16 41 68 74 74 70 73 3A 2F 2F 6E 72 75 2E .C.Ahttps://nru.
0010: 74 63 63 6C 61 73 73 32 2E 74 72 75 73 74 63 65 tcclass2.trustce
0020: 6E 74 65 72 2E 64 65 2F 39 46 35 31 30 30 30 30 nter.de/9F510000
0030: 30 30 30 32 33 30 45 30 43 46 43 32 41 44 36 39 000230E0CFC2AD69
0040: 34 34 41 34 3F 44A4?
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: CB A6 03 8B BA F8 75 64 90 07 F3 29 8F E1 6C C2 ......ud...)..l.
0010: 1F 81 A4 28 16 6B EB 19 D6 82 AD 39 6E 92 F6 D2 ...(.k.....9n...
0020: 7E BD EA 55 37 F0 5A 03 A2 5E 31 3A 61 8B 70 C8 ...U7.Z..^1:a.p.
0030: 3B 91 BA 5A CE 27 51 C2 EA B0 1B 55 A4 18 4B DF ;..Z.'Q....U..K.
0040: FF 3D FE ED 91 73 8C C0 9F 92 93 C7 CD 66 30 F4 .=...s.......f0.
0050: E2 FB F5 06 05 9F BA 5B 81 24 2F 18 52 CE 53 A6 .......[.$/.R.S.
0060: 21 0B 63 D4 AE B3 FD E6 9C C2 EE 74 53 E6 E2 5E !.c........tS..^
0070: 8C 2A 0C 77 AB E9 F9 95 76 4C E8 B6 63 A3 CB 89 .*.w....vL..c...
]
chain [1] = [
[
Version: V3
Subject: EmailAddress=certificate@trustcenter.de, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.rsajca.JSA_RSAPublicKey@53e355
Validity: [From: Mon Mar 09 11:59:59 GMT 1998,
To: Sat Jan 01 11:59:59 GMT 2011]
Issuer: EmailAddress=certificate@trustcenter.de, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
SerialNumber: [ 03ea]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[2]: ObjectId: 2.16.840.1.113730.1.8 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 26 16 24 68 74 74 70 3A 2F 2F 77 77 77 2E 74 .&.$http://www.t
0010: 72 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 rustcenter.de/gu
0020: 69 64 65 6C 69 6E 65 73 idelines
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 84 52 FB 28 DF FF 1F 75 01 BC 01 BE 04 56 97 6A .R.(...u.....V.j
0010: 74 42 24 31 83 F9 46 B1 06 8A 89 CF 96 2C 33 BF tB$1..F......,3.
0020: 8C B5 5F 7A 72 A1 85 06 CE 86 F8 05 8E E8 F9 25 .._zr..........%
0030: CA DA 83 8C 06 AC EB 36 6D 85 91 34 04 36 F4 42 .......6m..4.6.B
0040: F0 F8 79 2E 0A 48 5C AB CC 51 4F 78 76 A0 D9 AC ..y..H\..QOxv...
0050: 19 BD 2A D1 69 04 28 91 CA 36 10 27 80 57 5B D2 ..*.i.(..6.'.W[.
0060: 5C F5 C2 5B AB 64 81 63 74 51 F4 97 BF CD 12 28 \..[.d.ctQ.....(
0070: F7 4D 66 7F A7 F0 1C 01 26 78 B2 66 47 70 51 64 .Mf.....&x.fGpQd
]
***
updated/found trusted cert: [
[
Version: V3
Subject: EmailAddress=tcadmin@trustcenter.de, CN=tcdss.trustcenter.de, O=TC TrustCenter AG, L=Hamburg, ST=Hamburg, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.rsajca.JSA_RSAPublicKey@12dab2
Validity: [From: Tue Mar 15 09:05:07 GMT 2005,
To: Mon May 01 09:05:07 GMT 2006]
Issuer: EmailAddress=certificate@trustcenter.de, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter for Security in Data Networks GmbH, L=Hamburg, ST=Hamburg, C=DE
SerialNumber: [ 9f510000 000230e0 cfc2ad69 44a4]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
]
[2]: ObjectId: 2.16.840.1.113730.1.8 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 31 16 2F 68 74 74 70 3A 2F 2F 77 77 77 2E 74 .1./http://www.t
0010: 72 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 rustcenter.de/gu
0020: 69 64 65 6C 69 6E 65 73 2F 69 6E 64 65 78 2E 68 idelines/index.h
0030: 74 6D 6C tml
[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
]
[4]: ObjectId: 2.16.840.1.113730.1.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 43 16 41 68 74 74 70 73 3A 2F 2F 6E 72 75 2E .C.Ahttps://nru.
0010: 74 63 63 6C 61 73 73 32 2E 74 72 75 73 74 63 65 tcclass2.trustce
0020: 6E 74 65 72 2E 64 65 2F 39 46 35 31 30 30 30 30 nter.de/9F510000
0030: 30 30 30 32 33 30 45 30 43 46 43 32 41 44 36 39 000230E0CFC2AD69
0040: 34 34 41 34 3F 44A4?
[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: CB A6 03 8B BA F8 75 64 90 07 F3 29 8F E1 6C C2 ......ud...)..l.
0010: 1F 81 A4 28 16 6B EB 19 D6 82 AD 39 6E 92 F6 D2 ...(.k.....9n...
0020: 7E BD EA 55 37 F0 5A 03 A2 5E 31 3A 61 8B 70 C8 ...U7.Z..^1:a.p.
0030: 3B 91 BA 5A CE 27 51 C2 EA B0 1B 55 A4 18 4B DF ;..Z.'Q....U..K.
0040: FF 3D FE ED 91 73 8C C0 9F 92 93 C7 CD 66 30 F4 .=...s.......f0.
0050: E2 FB F5 06 05 9F BA 5B 81 24 2F 18 52 CE 53 A6 .......[.$/.R.S.
0060: 21 0B 63 D4 AE B3 FD E6 9C C2 EE 74 53 E6 E2 5E !.c........tS..^
0070: 8C 2A 0C 77 AB E9 F9 95 76 4C E8 B6 63 A3 CB 89 .*.w....vL..c...
]
[read] MD5 and SHA1 hashes: len = 1805
0000: 0B 00 07 09 00 07 06 00 03 A0 30 82 03 9C 30 82 ..........0...0.
0010: 03 05 A0 03 02 01 02 02 0F 00 9F 51 00 00 00 02 ...........Q....
0020: 30 E0 CF C2 AD 69 44 A4 30 0D 06 09 2A 86 48 86 0....iD.0...*.H.
0030: F7 0D 01 01 05 05 00 30 81 BC 31 0B 30 09 06 03 .......0..1.0...
0040: 55 04 06 13 02 44 45 31 10 30 0E 06 03 55 04 08 U....DE1.0...U..
0050: 13 07 48 61 6D 62 75 72 67 31 10 30 0E 06 03 55 ..Hamburg1.0...U
0060: 04 07 13 07 48 61 6D 62 75 72 67 31 3A 30 38 06 ....Hamburg1:08.
0070: 03 55 04 0A 13 31 54 43 20 54 72 75 73 74 43 65 .U...1TC TrustCe
0080: 6E 74 65 72 20 66 6F 72 20 53 65 63 75 72 69 74 nter for Securit
0090: 79 20 69 6E 20 44 61 74 61 20 4E 65 74 77 6F 72 y in Data Networ
00A0: 6B 73 20 47 6D 62 48 31 22 30 20 06 03 55 04 0B ks GmbH1"0 ..U..
00B0: 13 19 54 43 20 54 72 75 73 74 43 65 6E 74 65 72 ..TC TrustCenter
00C0: 20 43 6C 61 73 73 20 32 20 43 41 31 29 30 27 06 Class 2 CA1)0'.
00D0: 09 2A 86 48 86 F7 0D 01 09 01 16 1A 63 65 72 74 .*.H........cert
00E0: 69 66 69 63 61 74 65 40 74 72 75 73 74 63 65 6E ificate@trustcen
00F0: 74 65 72 2E 64 65 30 1E 17 0D 30 35 30 33 31 35 ter.de0...050315
0100: 30 39 30 35 30 37 5A 17 0D 30 36 30 35 30 31 30 090507Z..0605010
0110: 39 30 35 30 37 5A 30 81 93 31 0B 30 09 06 03 55 90507Z0..1.0...U
0120: 04 06 13 02 44 45 31 10 30 0E 06 03 55 04 08 13 ....DE1.0...U...
0130: 07 48 61 6D 62 75 72 67 31 10 30 0E 06 03 55 04 .Hamburg1.0...U.
0140: 07 13 07 48 61 6D 62 75 72 67 31 1A 30 18 06 03 ...Hamburg1.0...
0150: 55 04 0A 13 11 54 43 20 54 72 75 73 74 43 65 6E U....TC TrustCen
0160: 74 65 72 20 41 47 31 1D 30 1B 06 03 55 04 03 13 ter AG1.0...U...
0170: 14 74 63 64 73 73 2E 74 72 75 73 74 63 65 6E 74 .tcdss.trustcent
0180: 65 72 2E 64 65 31 25 30 23 06 09 2A 86 48 86 F7 er.de1%0#..*.H..
0190: 0D 01 09 01 16 16 74 63 61 64 6D 69 6E 40 74 72 ......tcadmin@tr
01A0: 75 73 74 63 65 6E 74 65 72 2E 64 65 30 81 9F 30 ustcenter.de0..0
01B0: 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 81 ...*.H..........
01C0: 8D 00 30 81 89 02 81 81 00 AF 9E 59 FD 3F 23 29 ..0........Y.?#)
01D0: 01 E0 B9 C8 88 E1 A5 5C 63 14 3D ED 21 20 04 27 .......\c.=.! .'
01E0: A5 EE 3B B2 F1 E8 4F 4B 3B 4C 74 BE 8C 29 7A 41 ..;...OK;Lt..)zA
01F0: 89 FD A3 98 48 BF 8C 7B 72 9A 5B 7B 20 06 37 56 ....H...r.[. .7V
0200: 08 04 E3 8D 57 6D 02 3A 94 78 84 71 11 A7 26 56 ....Wm.:.x.q..&V
0210: 55 71 9D 55 E4 1C 54 2A 5A 2A 22 7A 23 A4 B4 F1 Uq.U..T*Z*"z#...
0220: 04 EC 18 D1 B8 EA D8 CF 24 97 C4 91 81 75 68 38 ........$....uh8
0230: 7C 63 3B BF 74 64 17 8D 28 7F F5 14 B8 7B 65 5F .c;.td..(.....e_
0240: 8A 51 E8 72 ED 1C 77 39 27 02 03 01 00 01 A3 81 .Q.r..w9'.......
0250: C6 30 81 C3 30 0C 06 03 55 1D 13 01 01 FF 04 02 .0..0...U.......
0260: 30 00 30 0E 06 03 55 1D 0F 01 01 FF 04 04 03 02 0.0...U.........
0270: 05 E0 30 3E 06 09 60 86 48 01 86 F8 42 01 08 04 ..0>..`.H...B...
0280: 31 16 2F 68 74 74 70 3A 2F 2F 77 77 77 2E 74 72 1./http://www.tr
0290: 75 73 74 63 65 6E 74 65 72 2E 64 65 2F 67 75 69 ustcenter.de/gui
02A0: 64 65 6C 69 6E 65 73 2F 69 6E 64 65 78 2E 68 74 delines/index.ht
02B0: 6D 6C 30 11 06 09 60 86 48 01 86 F8 42 01 01 04 ml0...`.H...B...
02C0: 04 03 02 06 40 30 50 06 09 60 86 48