I am creating a client web service call to a server that require a client authentication. They provide me three files :-
1) filename001.pfx
2) odintern2010.cer
3) odprimary2010.cer
I have read from a few articles and all they need is the pfx file, I am not sure what do I need to do with the .cer files as a client. Most of the solutions is to set system property properly in order to get this works. So, I am not sure what am I missing out.
The following are my codes to add the pfx file to keystore.
System.setProperty("javax.net.ssl.keyStoreType", "PKCS12");
System.setProperty("javax.net.ssl.keyStore", "absolute/to/file/path");
System.setProperty("javax.net.ssl.keyStorePassword", "passphrase");
When I run the application, it returns me with 403 Forbidden error.
The following are the errors from my debug log using System.setProperty("javax.net.debug", "all");
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is : C:\Users\RYau\workspace\.metadata\.plugins\org.eclipse.wst.server.core\tmp0\wtpwebapps\xx\WEB-INF/config/yy/filename001.pfx
keyStore type is : PKCS12
keyStore provider is :
init keystore
init keymanager of type SunX509
***
found key for : le-ddrs_cert-51133b97-623c-45de-afa6-9c6ace581dd8
chain [0] = [
[
Version: V3
Subject: CN=001 DetNorske, OU=Eksterne-OD, OU=IKT-Ressurser, DC=od, DC=local
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 24180827391186019495712650195424752262529503287268793897348467450989442905991124599468849947722638318905988211181034994163584051978677599291142026665194199981635173811348042776259595781759122368907425364318128838881813556859094955892445092706722120715307157750478227930604761843236745546549274536831381808611184553731796417622465027455640137505042415560163964022313376874144309141625086312634493334408055694160800173371397553961211096958030205834391480182659556156931606196654018382742632550000643060987021157283075691548770201645287771219696539160501269780941452092276424994540602745839292352382452945564765789480857
public exponent: 65537
Validity: [From: Fri Aug 20 06:03:11 GMT+00:00 2010,
To: Mon Aug 20 06:02:48 GMT+00:00 2012]
Issuer: CN=OD Interne, DC=od, DC=local
SerialNumber: [ 613672b8 00060000 084c]
Certificate Extensions: 8
[1]: ObjectId: 1.3.6.1.4.1.311.21.10 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 28 30 26 30 0A 06 08 2B 06 01 05 05 07 03 02 .(0&0...+.......
0010: 30 0A 06 08 2B 06 01 05 05 07 03 04 30 0C 06 0A 0...+.......0...
0020: 2B 06 01 04 01 82 37 0A 03 04 +.....7...
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 71 6D 55 46 3D BE 7D 6C 2F 8A E0 F2 D1 98 66 CE qmUF=..l/.....f.
0010: 00 59 AF CC .Y..
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 6A 5A F7 05 A5 B4 DD 3B 8F D3 C5 17 FC 52 06 E1 jZ.....;.....R..
0010: B6 2F 84 90 ./..
]
]
[4]: ObjectId: 1.2.840.113549.1.9.15 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 37 30 35 30 0E 06 08 2A 86 48 86 F7 0D 03 02 .7050...*.H.....
0010: 02 02 00 80 30 0E 06 08 2A 86 48 86 F7 0D 03 04 ....0...*.H.....
0020: 02 02 00 80 30 07 06 05 2B 0E 03 02 07 30 0A 06 ....0...+....0..
0030: 08 2A 86 48 86 F7 0D 03 07 .*.H.....
[5]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 31 30 2F 06 27 2B 06 01 04 01 82 37 15 08 87 .10/.'+.....7...
0010: E7 AF 32 86 B5 82 63 82 FD 87 26 85 B4 DA 0C 86 ..2...c...&.....
0020: DF C5 1E 81 79 84 E7 F0 31 86 B8 87 62 02 01 64 ....y...1...b..d
0030: 02 01 03 ...
[6]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[Other-Name: Unrecognized ObjectIdentifier: 1.3.6.1.4.1.311.20.2.3]]
[7]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
]
[8]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.2, 1.3.6.1.5.5.7.3.4, 1.3.6.1.4.1.311.10.3.4]]
Unparseable certificate extensions: 2
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
+*Junk*+ 6).crt
[2]: ObjectId: 2.5.29.31 Criticality=false
+*Junk*+ 20Interne.crl
]
Algorithm: [SHA1withRSA]
Signature:
+*Algorithm*+
]
***
trustStore is: C:\Program Files\Java\jdk1.5.0_09\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
+*A lot of truststore cert added*+
init context
trigger seeding of SecureRandom
done seeding SecureRandom
instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
http-8080-Processor24, setSoTimeout(60000) called
http-8080-Processor24, setSoTimeout(120000) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1268280169 bytes = { 191, 200, 78, 3, 82, 98, 4, 114, 38, 113, 91, 210, 158, 68, 18, 76, 157, 103, 153, 161, 178, 235, 221, 64, 113, 113, 127, 4 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 73
0000: 01 00 00 45 03 01 4C 98 6B 69 BF C8 4E 03 52 62 ...E..L.ki..N.Rb
0010: 04 72 26 71 5B D2 9E 44 12 4C 9D 67 99 A1 B2 EB .r&q[..D.L.g....
0020: DD 40 71 71 7F 04 00 00 1E 00 04 00 05 00 2F 00 .@qq........../.
0030: 33 00 32 00 0A 00 16 00 13 00 09 00 15 00 12 00 3.2.............
0040: 03 00 08 00 14 00 11 01 00 .........
http-8080-Processor24, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
0000: 01 03 01 00 39 00 00 00 20 00 00 04 01 00 80 00 ....9... .......
0010: 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A 07 00 ..../..3..2.....
0020: C0 00 00 16 00 00 13 00 00 09 06 00 40 00 00 15 ............@...
0030: 00 00 12 00 00 03 02 00 80 00 00 08 00 00 14 00 ................
0040: 00 11 4C 98 6B 69 BF C8 4E 03 52 62 04 72 26 71 ..L.ki..N.Rb.r&q
0050: 5B D2 9E 44 12 4C 9D 67 99 A1 B2 EB DD 40 71 71 [..D.L.g.....@qq
0060: 7F 04 ..
http-8080-Processor24, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
0000: 80 62 01 03 01 00 39 00 00 00 20 00 00 04 01 00 .b....9... .....
0010: 80 00 00 05 00 00 2F 00 00 33 00 00 32 00 00 0A ....../..3..2...
0020: 07 00 C0 00 00 16 00 00 13 00 00 09 06 00 40 00 ..............@.
0030: 00 15 00 00 12 00 00 03 02 00 80 00 00 08 00 00 ................
0040: 14 00 00 11 4C 98 6B 69 BF C8 4E 03 52 62 04 72 ....L.ki..N.Rb.r
0050: 26 71 5B D2 9E 44 12 4C 9D 67 99 A1 B2 EB DD 40 &q[..D.L.g.....@
0060: 71 71 7F 04 qq..
[Raw read]: length = 5
0000: 16 03 01 17 DD .....
[Raw read]: length = 3747
+*Junk*+
Aut
[Raw read]: length = 2362
+*Junk*+
Agency....
http-8080-Processor24, READ: TLSv1 Handshake, length = 6109
*** ServerHello, TLSv1
RandomCookie: GMT: 1268280173 bytes = { 40, 33, 99, 18, 228, 160, 222, 39, 207, 56, 55, 253, 72, 158, 10, 158, 165, 44, 84, 66, 7, 62, 166, 251, 173, 163, 218, 104 }
Session ID: {160, 38, 0, 0, 224, 244, 175, 57, 185, 118, 108, 250, 141, 225, 235, 97, 46, 171, 183, 249, 101, 244, 81, 71, 81, 96, 69, 121, 99, 201, 101, 95}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 4C 98 6B 6D 28 21 63 12 E4 A0 ...F..L.km(!c...
0010: DE 27 CF 38 37 FD 48 9E 0A 9E A5 2C 54 42 07 3E .'.87.H....,TB.>
0020: A6 FB AD A3 DA 68 20 A0 26 00 00 E0 F4 AF 39 B9 .....h .&.....9.
0030: 76 6C FA 8D E1 EB 61 2E AB B7 F9 65 F4 51 47 51 vl....a....e.QGQ
0040: 60 45 79 63 C9 65 5F 00 04 00 `Eyc.e_...
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=ws.npd.no, OU=Commfides Web Access SSL, OU=Provided by OLJEDIREKTORATET, OU=IKT, O=Oljedirektoratet, OID.2.5.4.18="Postboks 600,4003 STAVANGER", STREET=Prof. Olav Hanssensv 10, L=Stavanger, ST=Rogaland, OID.2.5.4.17=4003, C=NO
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 125911847342684116029626343144016507780972291430216562072324660693049481873532293940295451857939103488719860255096886590902755296357378966848978095868684303812484692384108922597306507492733328833342951156438308839435844401552197826379347484692027654292943383011820504142822616331096199588515559732935728864991
public exponent: 65537
Validity: [From: Fri Dec 21 00:00:00 GMT+00:00 2007,
To: Mon Dec 20 23:59:59 GMT+00:00 2010]
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
SerialNumber: [ 1f75fd1c 097533a5 d8da0ae3 74cf9cbf]
Certificate Extensions: 9
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://crt.comodoca.com/UTNAddTrustServerCA.crt, accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://crt.comodo.net/UTNAddTrustServerCA.crt]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: A1 72 5F 26 1B 28 98 43 95 5D 07 37 D5 85 96 9D .r_&.(.C.].7....
0010: 4B D2 C3 45 K..E
]
]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 24 C7 D5 D4 D2 B5 DC 89 98 DF 07 0A 21 0D E8 B2 $...........!...
0010: 11 D9 F1 7B ....
]
]
[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.3.6.1.4.1.6449.1.2.1.3.4]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1D 68 74 74 70 73 3A 2F 2F 73 65 63 75 72 65 ..https://secure
0010: 2E 63 6F 6D 6F 64 6F 2E 6E 65 74 2F 43 50 53 .comodo.net/CPS
]] ]
]
[5]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL client
SSL server
]
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
[7]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1, 1.3.6.1.5.5.7.3.2]]
[8]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.comodoca.com/UTN-USERFirst-Hardware.crl]
, DistributionPoint:
[URIName: http://crl.comodo.net/UTN-USERFirst-Hardware.crl]
]]
[9]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
+*Junk*+
]
chain [1] = [
[
Version: V3
Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: +*Junk*+
public exponent: 65537
Validity: [From: Tue Jun 07 08:09:10 GMT+00:00 2005,
To: Sat May 30 10:48:38 GMT+00:00 2020]
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
SerialNumber: [ 5242064a 4f37fe43 69487a96 67ff5d27]
Certificate Extensions: 6
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A1 72 5F 26 1B 28 98 43 95 5D 07 37 D5 85 96 9D .r_&.(.C.].7....
0010: 4B D2 C3 45 K..E
]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
]
[3]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.comodoca.com/AddTrustExternalCARoot.crl]
, DistributionPoint:
[URIName: http://crl.comodo.net/AddTrustExternalCARoot.crl]
]]
[4]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.5.29.32.0]
[] ]
]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [SHA1withRSA]
Signature:
+*Junk*+
]
***
Found trusted certificate:
[
[
Version: V3
Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: +*Junk*+
public exponent: 65537
Validity: [From: Tue May 30 10:48:38 GMT+00:00 2000,
To: Sat May 30 10:48:38 GMT+00:00 2020]
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
SerialNumber: [ 01]
Certificate Extensions: 4
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7 FA C4 26 54 EF 03 BD E0 ...z4.&...&T....
0010: 24 CB 54 1A $.T.
]
[CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE]
SerialNumber: [ 01]
]
[3]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [SHA1withRSA]
Signature:
+*Junk*+
]
[read] MD5 and SHA1 hashes: len = 2609
+*Junk*+
*** CertificateRequest
Cert Types: RSA, DSS,
Cert Authorities:
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 4 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<EMAILADDRESS=personal-freemail@thawte.com, CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
<EMAILADDRESS=personal-premium@thawte.com, CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<CN=First Data Digital Certificates Inc. Certification Authority, O=First Data Digital Certificates Inc., C=US>
<EMAILADDRESS=personal-basic@thawte.com, CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<CN=NetLock Uzleti (Class B) Tanusitvanykiado, OU=Tanusitvanykiadok, O=NetLock Halozatbiztonsagi Kft., L=Budapest, C=HU>
<CN=GTE CyberTrust Root, O=GTE Corporation, C=US>
<CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US>
<CN=NetLock Kozjegyzoi (Class A) Tanusitvanykiado, OU=Tanusitvanykiadok, O=NetLock Halozatbiztonsagi Kft., L=Budapest, ST=Hungary, C=HU>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US>
<CN=GTE CyberTrust Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
<CN=NetLock Expressz (Class C) Tanusitvanykiado, OU=Tanusitvanykiadok, O=NetLock Halozatbiztonsagi Kft., L=Budapest, C=HU>
<CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
<CN=Microsoft Root Authority, OU=Microsoft Corporation, OU=Copyright (c) 1997 Microsoft Corp.>
<CN=CA-IKT, DC=od, DC=local>
<CN=OD Primary>
<CN=Microsoft Root Certificate Authority, DC=microsoft, DC=com>
<CN=Root Agency>
[read] MD5 and SHA1 hashes: len = 3422
+*Junk*+
...Root Agency
*** *ServerHelloDone*
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
***
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
Random Secret: { 3, 1, 181, 83, 174, 178, 115, 158, 62, 215, 136, 231, 180, 128, 37, 246, 23, 86, 242, 108, 191, 252, 144, 239, 158, 89, 108, 37, 131, 33, 79, 108, 136, 41, 5, 116, 227, 133, 114, 237, 252, 72, 239, 50, 212, 231, 224, 67 }
[write] MD5 and SHA1 hashes: len = 141
+*Junk*+
http-8080-Processor24, WRITE: TLSv1 Handshake, length = 141
[Raw write]: length = 146
+*Junk*+
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 B5 53 AE B2 73 9E 3E D7 88 E7 B4 80 25 F6 ...S..s.>.....%.
0010: 17 56 F2 6C BF FC 90 EF 9E 59 6C 25 83 21 4F 6C .V.l.....Yl%.!Ol
0020: 88 29 05 74 E3 85 72 ED FC 48 EF 32 D4 E7 E0 43 .).t..r..H.2...C
CONNECTION KEYGEN:
Client Nonce:
0000: 4C 98 6B 69 BF C8 4E 03 52 62 04 72 26 71 5B D2 L.ki..N.Rb.r&q[.
0010: 9E 44 12 4C 9D 67 99 A1 B2 EB DD 40 71 71 7F 04 .D.L.g.....@qq..
Server Nonce:
0000: 4C 98 6B 6D 28 21 63 12 E4 A0 DE 27 CF 38 37 FD L.km(!c....'.87.
0010: 48 9E 0A 9E A5 2C 54 42 07 3E A6 FB AD A3 DA 68 H....,TB.>.....h
Master Secret:
0000: E2 01 87 F6 27 03 FC B0 80 C0 EB 57 5E 30 77 05 ....'......W^0w.
0010: D2 53 2A 6A 9E 4D 72 3A 9B 17 27 DD B7 B1 F5 4F .S*j.Mr:..'....O
0020: C4 A9 2A E2 B5 0A 0E 1F 02 4F 18 C7 33 5E 0D 6A ..*......O..3^.j
Client MAC write Secret:
0000: 49 F0 18 36 50 EF CF C8 B3 AF 42 3E C7 EB C6 88 I..6P.....B>....
Server MAC write Secret:
0000: 9A 94 C0 2F 18 92 16 F0 E7 1C 89 84 96 8F BF D0 .../............
Client write key:
0000: 0D C4 47 D7 C0 6D 87 03 37 19 96 59 D2 F3 9F 87 ..G..m..7..Y....
Server write key:
0000: 04 80 EF 71 07 61 36 F2 11 97 B5 B0 4D 24 53 9D ...q.a6.....M$S.
... no IV for cipher
http-8080-Processor24, WRITE: TLSv1 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 01 00 01 01 ......
*** Finished
verify_data: { 118, 119, 175, 115, 188, 153, 104, 92, 154, 19, 158, 87 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 76 77 AF 73 BC 99 68 5C 9A 13 9E 57 ....vw.s..h\...W
Padded plaintext before ENCRYPTION: len = 32
0000: 14 00 00 0C 76 77 AF 73 BC 99 68 5C 9A 13 9E 57 ....vw.s..h\...W
0010: 18 42 12 0B C8 FF 89 5A 79 56 1A 63 01 59 6F FD .B.....ZyV.c.Yo.
http-8080-Processor24, WRITE: TLSv1 Handshake, length = 32
[Raw write]: length = 37
0000: 16 03 01 00 20 D3 C4 47 7B 2C B8 58 7A 54 26 17 .... ..G.,.XzT&.
0010: 8A 3B 52 53 F8 43 DB 68 76 01 82 18 53 C9 5B 69 .;RS.C.hv...S.[i
0020: 8C A3 CD 9A 96 .....
[Raw read]: length = 5
0000: 14 03 01 00 01 .....
[Raw read]: length = 1
0000: 01 .
http-8080-Processor24, READ: TLSv1 Change Cipher Spec, length = 1
[Raw read]: length = 5
0000: 16 03 01 00 20 ....
[Raw read]: length = 32
0000: 02 70 6E 52 D4 FE 52 1A 80 A4 79 ED 68 DC 02 A6 .pnR..R...y.h...
0010: B0 1A 2F B6 2D 52 1C F6 F2 55 C3 87 A2 92 80 F6 ../.-R...U......
http-8080-Processor24, READ: TLSv1 Handshake, length = 32
Padded plaintext after DECRYPTION: len = 32
0000: 14 00 00 0C 7B F7 70 8F E9 14 7B 9D F5 E6 3C 39 ......p.......<9
0010: 3A 34 F3 82 F4 DA 99 62 00 23 98 3D 56 03 97 3E :4.....b.#.=V..>
*** Finished
verify_data: { 123, 247, 112, 143, 233, 20, 123, 157, 245, 230, 60, 57 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
[read] MD5 and SHA1 hashes: len = 16
+*Junk*+
http-8080-Processor24, WRITE: TLSv1 Application Data, length = 250
[Raw write]: length = 255
+*Junk*+
Padded plaintext before ENCRYPTION: len = 2171
+*Junk*+
http-8080-Processor24, WRITE: TLSv1 Application Data, length = 2171
[Raw write]: length = 2176
+*junk*+
[Raw read]: length = 5
0000: 17 03 01 00 81 .....
[Raw read]: length = 129
+*Junk*+ .
http-8080-Processor24, READ: TLSv1 Application Data, length = 129
Padded plaintext after DECRYPTION: len = 129
0000: 48 54 54 50 2F 31 2E 31 20 34 30 33 20 46 6F 72 HTTP/1.1 403 For
0010: 62 69 64 64 65 6E 0D 0A 43 6F 6E 74 65 6E 74 2D bidden..Content-
0020: 4C 65 6E 67 74 68 3A 20 30 0D 0A 53 65 72 76 65 Length: 0..Serve
0030: 72 3A 20 4D 69 63 72 6F 73 6F 66 74 2D 48 54 54 r: Microsoft-HTT
0040: 50 41 50 49 2F 31 2E 30 0D 0A 44 61 74 65 3A 20 PAPI/1.0..Date:
0050: 54 75 65 2C 20 32 31 20 53 65 70 20 32 30 31 30 Tue, 21 Sep 2010
0060: 20 30 38 3A 32 33 3A 31 30 20 47 4D 54 0D 0A 0D 08:23:10 GMT...
0070: 0A 1C 47 F0 30 79 02 1E 9A 88 88 1E 5A 0B E0 CD ..G.0y......Z...
0080: 0F .
org.apache.axis2.AxisFault: Transport error: 403 Error: Forbidden
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:221)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:452)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:330)
at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)