Gone through that process with no luck.
So attached is my ssl dump
James Parry
INFO: Server startup in 9551 ms
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
http-8443-1, setSoTimeout(60000) called
http-8443-1, READ: TLSv1 Handshake, length = 205
*** ClientHello, TLSv1
RandomCookie: GMT: 1298478676 bytes = { 91, 200, 114, 191, 152, 236,
89, 156, 148, 7, 240, 79, 202, 172, 206, 156, 169, 41, 171, 43, 2, 8,
85, 220, 183, 23, 84, 252 }
Session ID: {77, 101, 53, 125, 187, 240, 122, 211, 97, 206, 125, 131,
29, 112, 171, 35, 179, 109, 12, 52, 121, 37, 57, 188, 71, 33, 226, 192,
79, 56, 9, 81}
Cipher Suites: [TLS_EMPTY_RENEGOTIATION_INFO_SCSV,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, Unknown 0x0:0x88, Unknown 0x0:0x87,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
Unknown 0x0:0x84, TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
Unknown 0x0:0x45, Unknown 0x0:0x44, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, Unknown 0x0:0x96, Unknown 0x0:0x41,
SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Unsupported extension server_name, [host_name:
ws-dev-04.meganexus.local]
Extension elliptic_curves, curve names: {secp256r1, secp384r1,
secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data:
***
%% Created: [Session-1, TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
*** ServerHello, TLSv1
RandomCookie: GMT: 1298478676 bytes = { 15, 233, 125, 102, 203, 86,
104, 175, 88, 200, 38, 68, 52, 193, 65, 142, 110, 175, 12, 47, 23, 92,
235, 109, 136, 166, 223, 191 }
Session ID: {77, 101, 54, 84, 59, 231, 222, 63, 94, 182, 36, 126, 180,
22, 49, 60, 7, 144, 21, 7, 55, 121, 92, 108, 103, 12, 81, 23, 226, 222,
175, 52}
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=ws-dev-04.meganexus.local, OU=Meganexus, O=Meganexus,
L=London, ST=London, C=GB
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus:
107923437254683929089193465097603311454074321068865454945888583659365848
981564150474311447922530276749103850357729473394906636707444213987924843
933643705793298251817795391442049821095343159539590202719688016987441607
909909681939566664046308108231869901995740621483355146772330804789895724
154500372472340773073
public exponent: 65537
Validity: [From: Tue Feb 22 15:59:47 GMT 2011,
To: Wed Feb 22 15:59:47 GMT 2012]
Issuer: CN=ws-dev-04.meganexus.local, OU=Meganexus, O=Meganexus,
L=London, ST=London, C=GB
SerialNumber: [ 4d63dd73]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 28 57 7A 8F BD 31 E2 7D D2 2F 3C 16 F9 E9 B7 38
(Wz..1.../<....8
0010: 6D BB EA FB AE 6C 1C 8D 14 6A 21 58 A5 21 D4 DF
m....l...j!X.!..
0020: 43 69 1F 30 F0 A5 A8 AC 19 53 41 C1 A5 1B C6 75
Ci.0.....SA....u
0030: CE 1F F6 B8 ED 46 07 9D 52 5B 4D E3 6A EC 4A FB
.....F..R[M.j.J.
0040: 20 D9 97 8F 2A 3C 44 CA A0 D9 83 12 42 9F 2A 1A
...*<D.....B.*.
0050: 21 AE 83 5F D2 F1 FE 60 85 C5 F5 F8 07 0B EB EE
!.._...`........
0060: 96 B5 7C E8 5E 7E E6 DF F4 59 29 D4 A6 0B 9F 9D
....^....Y).....
0070: 44 AD 10 CC 5C B0 BC E5 33 E9 31 DE 36 E2 64 0F
D...\...3.1.6.d.
]
***
*** Diffie-Hellman ServerKeyExchange
DH Modulus: { 233, 230, 66, 89, 157, 53, 95, 55, 201, 127, 253, 53,
103, 18, 11, 142, 37, 201, 205, 67, 233, 39, 179, 169, 103, 15, 190,
197, 216, 144, 20, 25, 34, 210, 195, 179, 173, 36, 128, 9, 55, 153, 134,
157, 30, 132, 106, 171, 73, 250, 176, 173, 38, 210, 206, 106, 34, 33,
157, 71, 11, 206, 125, 119, 125, 74, 33, 251, 233, 194, 112, 181, 127,
96, 112, 2, 243, 206, 248, 57, 54, 148, 207, 69, 238, 54, 136, 193, 26,
140, 86, 171, 18, 122, 61, 175 }
DH Base: { 48, 71, 10, 213, 160, 5, 251, 20, 206, 45, 157, 205, 135,
227, 139, 199, 209, 177, 197, 250, 203, 174, 203, 233, 95, 25, 10, 167,
163, 29, 35, 196, 219, 188, 190, 6, 23, 69, 68, 64, 26, 91, 44, 2, 9,
101, 216, 194, 189, 33, 113, 211, 102, 132, 69, 119, 31, 116, 186, 8,
77, 32, 41, 216, 60, 28, 21, 133, 71, 243, 169, 241, 162, 113, 91, 226,
61, 81, 174, 77, 62, 90, 31, 106, 112, 100, 243, 22, 147, 58, 52, 109,
63, 82, 146, 82 }
Server DH Public Key: { 153, 79, 244, 247, 210, 113, 246, 209, 150,
187, 159, 149, 186, 174, 32, 88, 11, 114, 212, 64, 196, 32, 93, 43, 159,
103, 140, 49, 78, 255, 17, 241, 88, 121, 104, 110, 232, 248, 191, 115,
44, 203, 122, 66, 138, 59, 11, 85, 104, 23, 141, 84, 29, 227, 243, 134,
132, 21, 96, 221, 255, 46, 117, 202, 175, 73, 158, 232, 16, 18, 53, 186,
204, 43, 30, 72, 33, 102, 158, 241, 202, 179, 142, 69, 0, 109, 171, 127,
156, 145, 48, 47, 18, 75, 197, 170 }
Signed with a DSA or RSA public key
*** ServerHelloDone
http-8443-1, WRITE: TLSv1 Handshake, length = 1148
http-8443-1, READ: TLSv1 Handshake, length = 102
*** ClientKeyExchange, DH
DH Public key: { 10, 14, 254, 124, 243, 87, 119, 2, 45, 190, 199, 200,
157, 85, 38, 151, 151, 209, 30, 38, 208, 14, 18, 43, 121, 193, 214, 208,
95, 235, 26, 159, 243, 210, 82, 49, 43, 63, 0, 62, 176, 246, 166, 137,
155, 116, 198, 139, 216, 112, 50, 16, 64, 8, 170, 32, 167, 109, 96, 198,
103, 136, 97, 195, 90, 46, 229, 121, 37, 210, 103, 193, 102, 106, 161,
179, 5, 169, 144, 228, 240, 174, 192, 18, 91, 107, 135, 211, 163, 185,
165, 107, 186, 110, 195, 165 }
SESSION KEYGEN:
PreMaster Secret:
0000: 3C D4 BD 90 E9 15 3F 70 6F 2C 89 7D AE 39 7A D6
<.....?po,...9z.
0010: 67 28 21 D0 23 DF 25 4A 5D 38 CF D3 1F 42 04 B2
g(!.#.%J]8...B..
0020: B8 7E 07 CF CC A5 C1 B5 FD 31 DC 99 88 1D 3C 71
.........1....<q
0030: 74 92 B1 D7 0C 86 A7 C7 34 C1 DE 96 1B 8D 04 18
t.......4.......
0040: DD BC 14 1A CF AF 01 98 2B A3 29 CF E8 CE 89 A7
........+.).....
0050: 3C B0 A8 50 B5 A5 97 44 9B E0 00 BD F5 95 02 8C
<..P...D........
CONNECTION KEYGEN:
Client Nonce:
0000: 4D 65 36 54 5B C8 72 BF 98 EC 59 9C 94 07 F0 4F
Me6T[.r...Y....O
0010: CA AC CE 9C A9 29 AB 2B 02 08 55 DC B7 17 54 FC
.....).+..U...T.
Server Nonce:
0000: 4D 65 36 54 0F E9 7D 66 CB 56 68 AF 58 C8 26 44
Me6T...f.Vh.X.&D
0010: 34 C1 41 8E 6E AF 0C 2F 17 5C EB 6D 88 A6 DF BF
4.A.n../.\.m....
Master Secret:
0000: E3 31 FF 7D A0 A9 A9 9B 34 CF 2F D0 D5 FF DE 56
.1......4./....V
0010: 54 76 9B 78 29 3C 0E F5 15 AD A5 C3 AA FE 88 75
Tv.x)<.........u
0020: 12 A3 3C 7D B7 28 3F 2F 98 2E 3F C4 FD 2B 17 94
..<..(?/..?..+..
Client MAC write Secret:
0000: 4D 88 67 DF A1 E0 26 35 E4 23 05 F6 F2 03 7C 9A
M.g...&5.#......
0010: A1 E8 58 E5 ..X.
Server MAC write Secret:
0000: 31 F9 C4 F8 CC D2 57 BA E7 DE 00 66 1E 60 D7 9B
1.....W....f.`..
0010: 1B E2 59 F0 ..Y.
Client write key:
0000: D3 F0 08 DF 23 93 FA FE F5 1D 3B 60 C6 D7 0C 87
....#.....;`....
Server write key:
0000: 6E 4C 56 04 A1 DD 6C A0 82 B0 7E EA 30 66 C9 74
nLV...l.....0f.t
Client write IV:
0000: E5 D5 29 90 3B 74 50 0D E5 0C 2E 1D 4D 15 31 B0
..).;tP.....M.1.
Server write IV:
0000: F0 21 22 55 9A B1 EA C5 BE A3 AF 1C 53 44 2D 62
.!"U........SD-b
http-8443-1, READ: TLSv1 Change Cipher Spec, length = 1
http-8443-1, READ: TLSv1 Handshake, length = 48
*** Finished
verify_data: { 56, 20, 34, 255, 66, 70, 50, 2, 27, 180, 132, 31 }
***
http-8443-1, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 225, 236, 142, 115, 195, 51, 14, 86, 156, 100, 197, 201
}
***
http-8443-1, WRITE: TLSv1 Handshake, length = 48
%% Cached server session: [Session-1, TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
http-8443-1, setSoTimeout(60000) called
http-8443-1, READ: TLSv1 Application Data, length = 560
http-8443-1, setSoTimeout(60000) called
http-8443-1, WRITE: TLSv1 Application Data, length = 304
http-8443-1, setSoTimeout(60000) called
http-8443-1, READ: TLSv1 Application Data, length = 624
http-8443-1, setSoTimeout(60000) called
keyStore is :
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: C:\Program
Files\Java\jdk1.6.0_23\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0x4eb200670c035d4f
Valid from Wed Oct 25 09:36:00 BST 2006 until Sat Oct 25 09:36:00 BST
2036
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/,
OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.",
L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/,
OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.",
L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 23:23:48 BST 1999 until Tue Jun 25 23:23:48 BST
2019
adding as trusted cert:
Subject: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For
authorized use only", OU=Certification Services Division, O="thawte,
Inc.", C=US
Issuer: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For
authorized use only", OU=Certification Services Division, O="thawte,
Inc.", C=US
Algorithm: RSA; Serial number: 0x344ed55720d5edec49f42fce37db2b6d
Valid from Fri Nov 17 00:00:00 GMT 2006 until Thu Jul 17 00:59:59 BST
2036
adding as trusted cert:
Subject: CN=Entrust Root Certification Authority, OU="(c) 2006
Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference,
O="Entrust, Inc.", C=US
Issuer: CN=Entrust Root Certification Authority, OU="(c) 2006
Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference,
O="Entrust, Inc.", C=US
Algorithm: RSA; Serial number: 0x456b5054
Valid from Mon Nov 27 20:23:42 GMT 2006 until Fri Nov 27 20:53:42 GMT
2026
adding as trusted cert:
Subject: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
Issuer: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
Algorithm: RSA; Serial number: 0x1121bc276c5547af584eefd4ced629b2a285
Valid from Tue May 26 01:00:00 BST 2009 until Tue May 26 01:00:00 BST
2020
adding as trusted cert:
Subject: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A.,
SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Issuer: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A.,
SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Algorithm: RSA; Serial number: 0xc9cdd3e9d57d23ce
Valid from Fri Aug 01 13:31:40 BST 2008 until Sat Jul 31 13:31:40 BST
2038
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 2, O=America
Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 2, O=America
Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 07:00:00 BST 2002 until Tue Sep 29 15:08:00 BST
2037
adding as trusted cert:
Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network,
O=AddTrust AB, C=SE
Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network,
O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 11:44:50 BST 2000 until Sat May 30 11:44:50 BST
2020
adding as trusted cert:
Subject: CN=QuoVadis Root Certification Authority, OU=Root
Certification Authority, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root Certification Authority, OU=Root
Certification Authority, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x3ab6508b
Valid from Mon Mar 19 18:33:33 GMT 2001 until Wed Mar 17 18:33:33 GMT
2021
adding as trusted cert:
Subject: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0x4f1bd42f54bb2f4b
Valid from Wed Oct 25 09:32:46 BST 2006 until Sat Oct 25 09:32:46 BST
2036
adding as trusted cert:
Subject: OU=Security Communication EV RootCA1, O="SECOM Trust Systems
CO.,LTD.", C=JP
Issuer: OU=Security Communication EV RootCA1, O="SECOM Trust Systems
CO.,LTD.", C=JP
Algorithm: RSA; Serial number: 0x0
Valid from Wed Jun 06 03:12:32 BST 2007 until Sat Jun 06 03:12:32 BST
2037
adding as trusted cert:
Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure
Inc., C=US
Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure
Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Mon Jun 21 05:00:00 BST 1999 until Sun Jun 21 05:00:00 BST
2020
adding as trusted cert:
Subject: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0xbb401c43f55e4fb0
Valid from Wed Oct 25 09:30:35 BST 2006 until Sat Oct 25 09:30:35 BST
2036
adding as trusted cert:
Subject: [email protected], CN=Thawte Personal
Freemail CA, OU=Certification Services Division, O=Thawte Consulting,
L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Personal
Freemail CA, OU=Certification Services Division, O=Thawte Consulting,
L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x123df0e7da2a2247a43889e08aeec967
Valid from Mon Jan 01 00:00:00 GMT 1996 until Fri Jan 01 23:59:59 GMT
2021
adding as trusted cert:
Subject: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. -
For authorized use only", OU=Certification Services Division, O="thawte,
Inc.", C=US
Issuer: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. -
For authorized use only", OU=Certification Services Division, O="thawte,
Inc.", C=US
Algorithm: RSA; Serial number: 0x600197b746a7eab4b49ad64b2ff790fb
Valid from Wed Apr 02 01:00:00 BST 2008 until Tue Dec 01 23:59:59 GMT
2037
adding as trusted cert:
Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions,
Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions,
Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1a5
Valid from Thu Aug 13 01:29:00 BST 1998 until Tue Aug 14 00:59:00 BST
2018
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore,
C=IE
Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore,
C=IE
Algorithm: RSA; Serial number: 0x20000b9
Valid from Fri May 12 19:46:00 BST 2000 until Tue May 13 00:59:00 BST
2025
adding as trusted cert:
Subject: OU=Class 1 Public Primary Certification Authority,
O="VeriSign, Inc.", C=US
Issuer: OU=Class 1 Public Primary Certification Authority,
O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x3f691e819cf09a4af373ffb948a2e4dd
Valid from Mon Jan 29 00:00:00 GMT 1996 until Thu Aug 03 00:59:59 BST
2028
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com,
O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com,
O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Fri Nov 10 00:00:00 GMT 2006 until Mon Nov 10 00:00:00 GMT
2031
adding as trusted cert:
Subject: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x509
Valid from Fri Nov 24 18:27:00 GMT 2006 until Mon Nov 24 18:23:33 GMT
2031
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust,
O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust,
O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000bf
Valid from Wed May 17 15:01:00 BST 2000 until Sun May 18 00:59:00 BST
2025
adding as trusted cert:
Subject: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center,
O=T-Systems Enterprise Services GmbH, C=DE
Issuer: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center,
O=T-Systems Enterprise Services GmbH, C=DE
Algorithm: RSA; Serial number: 0x1
Valid from Wed Oct 01 11:29:56 BST 2008 until Sun Oct 02 00:59:59 BST
2033
adding as trusted cert:
Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999
Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits
liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999
Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits
liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x3863def8
Valid from Fri Dec 24 17:50:51 GMT 1999 until Tue Jul 24 15:15:12 BST
2029
adding as trusted cert:
Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4
CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4
CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510
Valid from Thu Mar 23 14:10:23 GMT 2006 until Wed Dec 31 22:59:59 GMT
2025
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For
authorized use only", OU=Class 2 Public Primary Certification Authority
- G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For
authorized use only", OU=Class 2 Public Primary Certification Authority
- G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
Valid from Mon May 18 01:00:00 BST 1998 until Wed Aug 02 00:59:59 BST
2028
adding as trusted cert:
Subject: CN=ws-dev-04.meganexus.local, OU=Meganexus, O=Meganexus,
L=London, ST=London, C=GB
Issuer: CN=ws-dev-04.meganexus.local, OU=Meganexus, O=Meganexus,
L=London, ST=London, C=GB
Algorithm: RSA; Serial number: 0x4d63dd73
Valid from Tue Feb 22 15:59:47 GMT 2011 until Wed Feb 22 15:59:47 GMT
2012
adding as trusted cert:
Subject: [email protected], CN=Thawte Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x34a4fff630af4ca53c331742a1946675
Valid from Thu Aug 01 01:00:00 BST 1996 until Fri Jan 01 23:59:59 GMT
2021
adding as trusted cert:
Subject: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center,
O=Deutsche Telekom AG, C=DE
Issuer: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center,
O=Deutsche Telekom AG, C=DE
Algorithm: RSA; Serial number: 0x26
Valid from Fri Jul 09 13:11:00 BST 1999 until Wed Jul 10 00:59:00 BST
2019
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c)
1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits
liab.), O=Entrust.net, C=US
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c)
1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits
liab.), O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x374ad243
Valid from Tue May 25 17:09:40 BST 1999 until Sat May 25 17:39:40 BST
2019
adding as trusted cert:
Subject: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Thu Mar 04 05:00:00 GMT 2004 until Sun Mar 04 05:00:00 GMT
2029
adding as trusted cert:
Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal
CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal
CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606
Valid from Wed Mar 22 15:54:28 GMT 2006 until Wed Dec 31 22:59:59 GMT
2025
adding as trusted cert:
Subject: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center,
O=T-Systems Enterprise Services GmbH, C=DE
Issuer: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center,
O=T-Systems Enterprise Services GmbH, C=DE
Algorithm: RSA; Serial number: 0x1
Valid from Wed Oct 01 11:40:14 BST 2008 until Sun Oct 02 00:59:59 BST
2033
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority -
G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority -
G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
Valid from Fri Oct 01 01:00:00 BST 1999 until Thu Jul 17 00:59:59 BST
2036
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/,
OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.",
L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/,
OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.",
L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Sat Jun 26 01:19:54 BST 1999 until Wed Jun 26 01:19:54 BST
2019
adding as trusted cert:
Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert
Inc, C=US
Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert
Inc, C=US
Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a
Valid from Fri Nov 10 00:00:00 GMT 2006 until Mon Nov 10 00:00:00 GMT
2031
adding as trusted cert:
Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network,
O=AddTrust AB, C=SE
Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network,
O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 11:38:31 BST 2000 until Sat May 30 11:38:31 BST
2020
adding as trusted cert:
Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP
Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP
Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 11:48:38 BST 2000 until Sat May 30 11:48:38 BST
2020
adding as trusted cert:
Subject: CN=Class 2 Primary CA, O=Certplus, C=FR
Issuer: CN=Class 2 Primary CA, O=Certplus, C=FR
Algorithm: RSA; Serial number: 0x85bd4bf3d8dae369f694d75fc3a54423
Valid from Wed Jul 07 18:05:00 BST 1999 until Sun Jul 07 00:59:59 BST
2019
adding as trusted cert:
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Algorithm: RSA; Serial number: 0x35def4cf
Valid from Sat Aug 22 17:41:51 BST 1998 until Wed Aug 22 17:41:51 BST
2018
adding as trusted cert:
Subject: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A.,
SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Issuer: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A.,
SERIALNUMBER=A82743287, L=Madrid (see current address at
www.camerfirma.com/address), C=EU
Algorithm: RSA; Serial number: 0xa3da427ea4b1aeda
Valid from Fri Aug 01 13:29:50 BST 2008 until Sat Jul 31 13:29:50 BST
2038
adding as trusted cert:
Subject: CN=VeriSign Class 2 Public Primary Certification Authority -
G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority -
G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
Valid from Fri Oct 01 01:00:00 BST 1999 until Thu Jul 17 00:59:59 BST
2036
adding as trusted cert:
Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford,
ST=Greater Manchester, C=GB
Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford,
ST=Greater Manchester, C=GB
Algorithm: RSA; Serial number: 0x1
Valid from Thu Jan 01 00:00:00 GMT 2004 until Sun Dec 31 23:59:59 GMT
2028
adding as trusted cert:
Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x4
Valid from Mon Jun 21 05:00:00 BST 1999 until Sun Jun 21 05:00:00 BST
2020
adding as trusted cert:
Subject: OU=Starfield Class 2 Certification Authority, O="Starfield
Technologies, Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield
Technologies, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 18:39:16 BST 2004 until Thu Jun 29 18:39:16 BST
2034
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For
authorized use only", OU=Class 1 Public Primary Certification Authority
- G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For
authorized use only", OU=Class 1 Public Primary Certification Authority
- G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
Valid from Mon May 18 01:00:00 BST 1998 until Wed Aug 02 00:59:59 BST
2028
adding as trusted cert:
Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com,
O=DigiCert Inc, C=US
Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com,
O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039
Valid from Fri Nov 10 00:00:00 GMT 2006 until Mon Nov 10 00:00:00 GMT
2031
adding as trusted cert:
Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Algorithm: RSA; Serial number: 0x40000000001154b5ac394
Valid from Tue Sep 01 13:00:00 BST 1998 until Fri Jan 28 12:00:00 GMT
2028
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For
authorized use only", OU=Class 3 Public Primary Certification Authority
- G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For
authorized use only", OU=Class 3 Public Primary Certification Authority
- G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
Valid from Mon May 18 01:00:00 BST 1998 until Wed Aug 02 00:59:59 BST
2028
adding as trusted cert:
Subject: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x5c6
Valid from Fri Nov 24 19:11:23 GMT 2006 until Mon Nov 24 19:06:44 GMT
2031
adding as trusted cert:
Subject: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL
Issuer: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL
Algorithm: RSA; Serial number: 0x10020
Valid from Tue Jun 11 11:46:39 BST 2002 until Fri Jun 11 11:46:39 BST
2027
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Algorithm: RSA; Serial number: 0x400000000010f8626e60d
Valid from Fri Dec 15 08:00:00 GMT 2006 until Wed Dec 15 08:00:00 GMT
2021
adding as trusted cert:
Subject: [email protected], CN=Thawte Premium
Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
L=Cape Town, ST=Western Cape, C=ZA
Issuer: [email protected], CN=Thawte Premium
Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x36122296c5e338a520a1d25f4cd70954
Valid from Thu Aug 01 01:00:00 BST 1996 until Fri Jan 01 23:59:59 GMT
2021
adding as trusted cert:
Subject: CN=Chambers of Commerce Root, OU=http://www.chambersign.org,
O=AC Camerfirma SA CIF A82743287, C=EU
Issuer: CN=Chambers of Commerce Root, OU=http://www.chambersign.org,
O=AC Camerfirma SA CIF A82743287, C=EU
Algorithm: RSA; Serial number: 0x0
Valid from Tue Sep 30 17:13:43 BST 2003 until Wed Sep 30 17:13:44 BST
2037
adding as trusted cert:
Subject: CN=Entrust Root Certification Authority - G2, OU="(c) 2009
Entrust, Inc. - for authorized use only", OU=See
www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
Issuer: CN=Entrust Root Certification Authority - G2, OU="(c) 2009
Entrust, Inc. - for authorized use only", OU=See
www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
Algorithm: RSA; Serial number: 0x4a538c28
Valid from Tue Jul 07 18:25:54 BST 2009 until Sat Dec 07 17:55:54 GMT
2030
adding as trusted cert:
Subject: CN=Class 3P Primary CA, O=Certplus, C=FR
Issuer: CN=Class 3P Primary CA, O=Certplus, C=FR
Algorithm: RSA; Serial number: 0xbf5cdbb6f21c6ec04deb7a023b36e879
Valid from Wed Jul 07 18:10:00 BST 1999 until Sun Jul 07 00:59:59 BST
2019
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority -
G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority -
G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x18dad19e267de8bb4a2158cdcc6b3b4a
Valid from Wed Nov 08 00:00:00 GMT 2006 until Thu Jul 17 00:59:59 BST
2036
adding as trusted cert:
Subject: CN=localhost, OU=Test, O=Test, L=Test, ST=Test, C=gb
Issuer: CN=localhost, OU=Test, O=Test, L=Test, ST=Test, C=gb
Algorithm: RSA; Serial number: 0x4d2af5ac
Valid from Mon Jan 10 12:03:56 GMT 2011 until Tue Jan 10 12:03:56 GMT
2012
adding as trusted cert:
Subject: CN=VeriSign Universal Root Certification Authority, OU="(c)
2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust
Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Universal Root Certification Authority, OU="(c)
2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust
Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x401ac46421b31321030ebbe4121ac51d
Valid from Wed Apr 02 01:00:00 BST 2008 until Tue Dec 01 23:59:59 GMT
2037
adding as trusted cert:
Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x23456
Valid from Tue May 21 05:00:00 BST 2002 until Sat May 21 05:00:00 BST
2022
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority,
O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority,
O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be
Valid from Mon Jan 29 00:00:00 GMT 1996 until Thu Aug 03 00:59:59 BST
2028
adding as trusted cert:
Subject: CN=Certum Trusted Network CA, OU=Certum Certification
Authority, O=Unizeto Technologies S.A., C=PL
Issuer: CN=Certum Trusted Network CA, OU=Certum Certification
Authority, O=Unizeto Technologies S.A., C=PL
Algorithm: RSA; Serial number: 0x444c0
Valid from Wed Oct 22 13:07:37 BST 2008 until Mon Dec 31 12:07:37 GMT
2029
adding as trusted cert:
Subject: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP
Issuer: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP
Algorithm: RSA; Serial number: 0x0
Valid from Tue Sep 30 05:20:49 BST 2003 until Sat Sep 30 05:20:49 BST
2023
adding as trusted cert:
Subject: CN=Sonera Class1 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x24
Valid from Fri Apr 06 11:49:13 BST 2001 until Tue Apr 06 11:49:13 BST
2021
adding as trusted cert:
Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy
Group, Inc.", C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy
Group, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 18:06:20 BST 2004 until Thu Jun 29 18:06:20 BST
2034
adding as trusted cert:
Subject: CN=UTN-USERFirst-Client Authentication and Email,
OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City,
ST=UT, C=US
Issuer: CN=UTN-USERFirst-Client Authentication and Email,
OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City,
ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989
Valid from Fri Jul 09 18:28:50 BST 1999 until Tue Jul 09 18:36:58 BST
2019
adding as trusted cert:
Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
Valid from Fri Jul 09 19:10:42 BST 1999 until Tue Jul 09 19:19:22 BST
2019
adding as trusted cert:
Subject: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc.,
C=US
Issuer: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc.,
C=US
Algorithm: RSA; Serial number: 0x18acb56afd69b6153a636cafdafac4a1
Valid from Mon Nov 27 00:00:00 GMT 2006 until Thu Jul 17 00:59:59 BST
2036
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Algorithm: RSA; Serial number: 0x4000000000121585308a2
Valid from Wed Mar 18 10:00:00 GMT 2009 until Sun Mar 18 10:00:00 GMT
2029
adding as trusted cert:
Subject: CN=VeriSign Class 1 Public Primary Certification Authority -
G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority -
G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
Valid from Fri Oct 01 01:00:00 BST 1999 until Thu Jul 17 00:59:59 BST
2036
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 1, O=America
Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 1, O=America
Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 07:00:00 BST 2002 until Thu Nov 19 20:43:00 GMT
2037
adding as trusted cert:
Subject: OU=Security Communication RootCA2, O="SECOM Trust Systems
CO.,LTD.", C=JP
Issuer: OU=Security Communication RootCA2, O="SECOM Trust Systems
CO.,LTD.", C=JP
Algorithm: RSA; Serial number: 0x0
Valid from Fri May 29 06:00:39 BST 2009 until Tue May 29 06:00:39 BST
2029
adding as trusted cert:
Subject: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte,
L=Durbanville, ST=Western Cape, C=ZA
Issuer: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte,
L=Durbanville, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Wed Jan 01 00:00:00 GMT 1997 until Thu Dec 31 23:59:59 GMT
2020
adding as trusted cert:
Subject: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008
GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008
GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x15ac6e9419b2794b41f627a9c3180f1f
Valid from Wed Apr 02 01:00:00 BST 2008 until Tue Dec 01 23:59:59 GMT
2037
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions,
Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions,
Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 15:50:00 BST 1998 until Thu Aug 15 00:59:00 BST
2013
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Fri Jul 09 19:31:20 BST 1999 until Tue Jul 09 19:40:36 BST
2019
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The
USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Thu Jun 24 19:57:21 BST 1999 until Mon Jun 24 20:06:30 BST
2019
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 08:29:40 BST 2001 until Tue Apr 06 08:29:40 BST
2021
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2
CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2
CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 14:38:43 GMT 2006 until Wed Dec 31 22:59:59 GMT
2025
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1298478676 bytes = { 186, 216, 34, 166, 184, 140,
159, 218, 238, 130, 192, 156, 176, 158, 172, 100, 140, 167, 152, 82,
132, 133, 110, 215, 105, 24, 5, 147 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA,
SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
***
http-8443-1, WRITE: TLSv1 Handshake, length = 75
http-8443-1, WRITE: SSLv2 client hello message, length = 101
http-8443-1, READ: TLSv1 Handshake, length = 722
*** ServerHello, TLSv1
RandomCookie: GMT: 1298478676 bytes = { 88, 252, 243, 6, 114, 253, 234,
30, 228, 48, 65, 19, 7, 77, 204, 147, 4, 209, 24, 247, 38, 155, 85, 143,
176, 23, 220, 214 }
Session ID: {77, 101, 54, 84, 239, 79, 19, 250, 107, 11, 129, 6, 5, 12,
52, 15, 95, 231, 180, 118, 67, 197, 214, 48, 60, 200, 68, 146, 171, 62,
180, 220}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
%% Created: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=ws-dev-04.meganexus.local, OU=James Test, O=Meganexus,
L=London, ST=London, C=GB
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus:
162366006529188509813175211827720455085094845871510653579581013224839130
992988542366859560409764563772175063014314347938843353321754893840031143
188649052077253286181218015431682391425937998042237907458321819824682633
985175337389436020100867581742982793692853568234438520005021138558602428
195350347535744762587
public exponent: 65537
Validity: [From: Tue Feb 22 16:51:04 GMT 2011,
To: Wed Feb 22 16:51:04 GMT 2012]
Issuer: CN=ws-dev-04.meganexus.local, OU=James Test, O=Meganexus,
L=London, ST=London, C=GB
SerialNumber: [ 4d63e978]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 7C 13 CA B1 E3 B5 75 BF AE 22 D8 D8 57 E4 1A 36
......u.."..W..6
0010: 6C C6 6A D8 93 A0 A9 51 39 18 77 EE 0A 26 D6 7E
l.j....Q9.w..&..
0020: 0A 61 7C 5C EC A3 CD F1 FC 39 DF DC CF F9 14 30
.a.\.....9.....0
0030: 3A 99 EB 99 F9 B8 22 E8 02 7F FF 20 70 E4 9C 06 :....."....
p...
0040: 82 55 82 6E 70 91 6F 10 B5 C2 9F 93 C6 CF 5A 16
.U.np.o.......Z.
0050: BD 29 8E 4A 4A 12 A4 01 1E 51 76 6D 65 A3 4B 8D
.).JJ....Qvme.K.
0060: 4B FA AD 06 4D 8C 85 4D 75 87 E3 65 70 4F 04 52
K...M..Mu..epO.R
0070: B8 7A EF 6E 44 34 BF 3F 5C 25 D2 80 54 8B EB E6
.z.nD4.?\%..T...
]
***
http-8443-1, SEND TLSv1 ALERT: fatal, description = certificate_unknown
http-8443-1, WRITE: TLSv1 Alert, length = 2
http-8443-1, called closeSocket()
http-8443-1, handling exception: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
http-8443-1, called close()
http-8443-1, called closeInternal(true)
23-Feb-2011 16:31:16 org.apache.catalina.core.StandardWrapperValve
invoke
SEVERE: Servlet.service() for servlet neo_1_0 threw exception
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at
org.jasig.cas.client.validation.Saml11TicketValidator.retrieveResponseFr
omServer(Saml11TicketValidator.java:203)
at
org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate
(AbstractUrlBasedTicketValidator.java:178)
at
org.springframework.security.cas.authentication.CasAuthenticationProvide
r.authenticateNow(CasAuthenticationProvider.java:131)
at
org.springframework.security.cas.authentication.CasAuthenticationProvide
r.authenticate(CasAuthenticationProvider.java:117)
at
org.springframework.security.authentication.ProviderManager.doAuthentica
tion(ProviderManager.java:130)
at
org.springframework.security.authentication.AbstractAuthenticationManage
r.authenticate(AbstractAuthenticationManager.java:48)
at
org.springframework.security.cas.web.CasAuthenticationFilter.attemptAuth
entication(CasAuthenticationFilter.java:104)
at
org.springframework.security.web.authentication.AbstractAuthenticationPr
ocessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doF
ilter(FilterChainProxy.java:380)
at
org.springframework.security.web.authentication.logout.LogoutFilter.doFi
lter(LogoutFilter.java:105)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doF
ilter(FilterChainProxy.java:380)
at
org.springframework.security.web.context.SecurityContextPersistenceFilte
r.doFilter(SecurityContextPersistenceFilter.java:79)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doF
ilter(FilterChainProxy.java:380)
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainPr
oxy.java:169)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Dele
gatingFilterProxy.java:237)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegating
FilterProxy.java:167)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:206)
at
org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(H
iddenHttpMethodFilter.java:77)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequ
estFilter.java:76)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:206)
at
org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter.doFilt
erInternal(OpenEntityManagerInViewFilter.java:113)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequ
estFilter.java:76)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
tionFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
erChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
e.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
e.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:2
98)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:85
2)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(
Http11Protocol.java:588)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649
)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHa
ndshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHands
haker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:5
29)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java
:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSo
cketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.
java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.
java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434
)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Ab
stractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConne
ction.java:1019)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsU
RLConnectionImpl.java:230)
at
org.jasig.cas.client.validation.Saml11TicketValidator.retrieveResponseFr
omServer(Saml11TicketValidator.java:186)
... 35 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:2
17)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustMana
gerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X50
9TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X50
9TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHa
ndshaker.java:1185)
... 47 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPat
hBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 53 more
Finalizer, called close()
Finalizer, called closeInternal(true)
Finalizer, called close()
Finalizer, called closeInternal(true)
http-8443-1, WRITE: TLSv1 Application Data, length = 528
http-8443-1, WRITE: TLSv1 Application Data, length = 32
http-8443-1, called close()
http-8443-1, called closeInternal(true)
http-8443-1, SEND TLSv1 ALERT: warning, description = close_notify
http-8443-1, WRITE: TLSv1 Alert, length = 32
-----Original Message-----
From: Marvin Addison [mailto:[email protected]]
Sent: 23 February 2011 14:51
To: [email protected]
Subject: Re: [cas-user] Cas Server and Client Issues regarding Cas
assertion
> I'm having a few issues getting Cas assersion to work with LDAP.
> I'm assuming my issues is Certificate related but have tried
reinstalling many certificates to try and fix the problem.
Have you tried the fixes discussed at
https://wiki.jasig.org/display/CASUM/SSL+Troubleshooting+and+Reference+G
uide?
Based on your stack trace, this is a problem with your CAS _client_
not trusting the CAS server certificate. Focus on the client, and if
all else fails do a client-side SSL trace and post it here.
M
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 5897 (20110222) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 5897 (20110222) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
