Hi
I try to connect to a .NET webservice via SSL with two way
authentication (client and server). Everything works fine if the ssl
enabled webserver does not require the client authentication. However
when the client authentication is required I get an error below (debug
information). The client certificate is add to the keystore of the web
server.
Another issue: how can the client know what certificate it has to send
to the server. Is there a way to specify this. What is there are more
than one client certificate in the client's keystore.
Is it possible to create certificates with extension like "KeyUsage"
with the KeyTool or KeyMan tools and might this have something to do
with the problem?
Any input will be very helpfull.
Thx
Frederik
The client code:
import proxy.soap.*;
import java.security.Security;
import javax.net.ssl.*;
public class Test {
public static void main(String[] args) throws Exception {
System.setProperty("javax.net.ssl.trustStore","C:\\Documents and
Settings\\MyUser\\.keystore");
System.setProperty("javax.net.ssl.keyStorePassword","");
System.setProperty("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
HelloWorldProxy hw = new HelloWorldProxy();
String x = hw.GetMessage();
Debug information of the ssl handshaking (-Djavax.net.debug=all):
Apparently there are two clienthello's done!
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: C:\Documents and Settings\FSN\.keystore
trustStore type is : jks
init truststore
adding as trusted cert: [
[
Version: V3
Subject: CN=connectorservice.dev-svh, OU=general, O=tectrade,
L=brugge, ST=wv, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@a7ddcf
Validity: [From: Tue Mar 19 13:33:20 CET 2002,
To: Wed Mar 19 13:43:20 CET 2003]
Issuer: CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]
SerialNumber: [ 1e0df6b6 00000000 0003]
Certificate Extensions: 6
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 81 A7 30 81 A4 30 4F 06 08 2B 06 01 05 05 07
...0..0O..+.....
0010: 30 02 86 43 68 74 74 70 3A 2F 2F 64 65 76 2D 73
0..Chttp://dev-s
0020: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 2F
vh.tectrade.net/
0030: 43 65 72 74 45 6E 72 6F 6C 6C 2F 64 65 76 2D 73
CertEnroll/dev-s
0040: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5F
vh.tectrade.net_
0050: 53 56 48 2E 63 72 74 30 51 06 08 2B 06 01 05 05
SVH.crt0Q..+....
0060: 07 30 02 86 45 66 69 6C 65 3A 2F 2F 5C 5C 64 65
.0..Efile://\\de
0070: 76 2D 73 76 68 2E 74 65 63 74 72 61 64 65 2E 6E
v-svh.tectrade.n
0080: 65 74 5C 43 65 72 74 45 6E 72 6F 6C 6C 5C 64 65
et\CertEnroll\de
0090: 76 2D 73 76 68 2E 74 65 63 74 72 61 64 65 2E 6E
v-svh.tectrade.n
00A0: 65 74 5F 53 56 48 2E 63 72 74 et_SVH.crt
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A7 AA 6B 7A 87 3C 22 D4 84 EF 64 0C 94 59 12 81
..kz.<"...d..Y..
0010: 90 7B B9 AD ....
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F3 06 6A B4 53 83 F1 5E 45 C5 64 12 D3 B3 B2 08
..j.S..^E.d.....
0010: 98 00 9F F2 ....
]
[CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]]
SerialNumber: [ 6cf4488b 0b59d9a8 4930e64a 7d3f0fda ]
]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 70 30 6E 30 34 A0 32 A0 30 86 2E 68 74 74 70
.p0n04.2.0..http
0010: 3A 2F 2F 64 65 76 2D 73 76 68 2E 74 65 63 74 72
://dev-svh.tectr
0020: 61 64 65 2E 6E 65 74 2F 43 65 72 74 45 6E 72 6F
ade.net/CertEnro
0030: 6C 6C 2F 53 56 48 2E 63 72 6C 30 36 A0 34 A0 32
ll/SVH.crl06.4.2
0040: 86 30 66 69 6C 65 3A 2F 2F 5C 5C 64 65 76 2D 73
.0file://\\dev-s
0050: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5C
vh.tectrade.net\
0060: 43 65 72 74 45 6E 72 6F 6C 6C 5C 53 56 48 2E 63
CertEnroll\SVH.c
0070: 72 6C rl
[5]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1]]
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 39 50 1B F5 AC 79 C8 A2 23 35 CF 5A 35 79 E4 16
9P...y..#5.Z5y..
0010: 78 B0 12 96 88 A7 C8 22 91 95 92 82 69 7F F4 35
x......"....i..5
0020: 8C 86 C0 B8 26 83 86 BF C4 38 B5 44 C7 AA 6C 1E
....&....8.D..l.
0030: 46 8A C2 EE C0 EA 0C 12 5B 22 98 FD 54 35 A6 EB
F.......["..T5..
]
adding private entry as trusted cert: [
[
Version: V1
Subject: CN=Frederik, OU=Dev, O=Tectrade, L=Gent, ST=W-Vl, C=BE
Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3
Key: Sun DSA Public Key
Parameters:DSA
p: fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400
c31e3f80 b6512669
455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f
f26660b7
6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6
150f04fb
83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d
d14801c7
q: 9760508f 15230bcc b292b982 a2eb840b f0581cf5
g: f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82
f9574c0b 3d078267
5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932
8cc8a6e1
3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62
7a01243b
cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b
fecf492a
y:
af4c4231 03b823dc 26f8c0a9 6fa24231 a4b9d366 e7ba9ebe fe98d23e
49737496
b5b494ee 08343cd9 e7c52ad9 af738171 23ab3703 58ecc700 f8f66773
f01380c6
f99fc2e9 9db850dd 4e2f43aa 0770bb41 2c635a45 d0fc6f6e d11140b3
01b430a9
f828229a 2b1162bd 73a00e7a 5ff1805d 330ae7a0 0b6bfd82 7a80079c
72c2d721
Validity: [From: Tue Mar 19 17:06:46 CET 2002,
To: Mon Jun 17 18:06:46 CEST 2002]
Issuer: CN=Frederik, OU=Dev, O=Tectrade, L=Gent, ST=W-Vl, C=BE
SerialNumber: [ 3c976216 ]
]
Algorithm: [SHA1withDSA]
Signature:
0000: 30 2C 02 14 12 66 3F EB FC 2C 6A 51 FA 57 A7 B4
0,...f?..,jQ.W..
0010: E6 8B 11 1A 8E 13 BC 0E 02 14 6D 7C 11 36 DB A3
..........m..6..
0020: 23 41 D0 6F 2E 34 18 84 E9 F1 2F 83 DA 9E #A.o.4..../...
]
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 999785075 bytes = { 94, 48, 94, 149, 126, 68, 151,
84, 242, 19, 77, 47, 140, 222, 117, 241, 2, 11, 244, 187, 77, 102, 161,
71, 41, 210, 13, 165 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 3C 98 82 73 5E 30 5E 95 7E 44
...7..<..s^0^..D
0010: 97 54 F2 13 4D 2F 8C DE 75 F1 02 0B F4 BB 4D 66
.T..M/..u.....Mf
0020: A1 47 29 D2 0D A5 00 00 10 00 05 00 04 00 09 00
.G).............
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$...
.......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00
.......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 3C 98 82
.............<..
0030: 73 5E 30 5E 95 7E 44 97 54 F2 13 4D 2F 8C DE 75
s^0^..D.T..M/..u
0040: F1 02 0B F4 BB 4D 66 A1 47 29 D2 0D A5 .....Mf.G)...
main, WRITE: SSL v2, contentType = 22, translated length = 16310
main, READ: SSL v3.1 Handshake, length = 1189
*** ServerHello, v3.1
RandomCookie: GMT: 1884912779 bytes = { 253, 62, 13, 91, 211, 159, 118,
225, 179, 82, 210, 173, 57, 92, 124, 76, 90, 112, 78, 177, 156, 84, 91,
160, 252, 28, 138, 24 }
Session ID: {88, 17, 0, 0, 73, 231, 105, 163, 148, 213, 41, 102, 236,
177, 37, 14, 222, 139, 150, 222, 59, 83, 16, 115, 87, 67, 228, 222, 116,
25, 3, 189}
Cipher Suite: { 0, 4 }
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 70 59 7D 8B FD 3E 0D 5B D3 9F
...F..pY...>.[..
0010: 76 E1 B3 52 D2 AD 39 5C 7C 4C 5A 70 4E B1 9C 54
v..R..9\.LZpN..T
0020: 5B A0 FC 1C 8A 18 20 58 11 00 00 49 E7 69 A3 94 [.....
X...I.i..
0030: D5 29 66 EC B1 25 0E DE 8B 96 DE 3B 53 10 73 57
.)f..%.....;S.sW
0040: 43 E4 DE 74 19 03 BD 00 04 00 C..t......
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=connectorservice.dev-svh, OU=general, O=tectrade,
L=brugge, ST=wv, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@e13e07
Validity: [From: Tue Mar 19 13:33:20 CET 2002,
To: Wed Mar 19 13:43:20 CET 2003]
Issuer: CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]
SerialNumber: [ 1e0df6b6 00000000 0003]
Certificate Extensions: 6
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 81 A7 30 81 A4 30 4F 06 08 2B 06 01 05 05 07
...0..0O..+.....
0010: 30 02 86 43 68 74 74 70 3A 2F 2F 64 65 76 2D 73
0..Chttp://dev-s
0020: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 2F
vh.tectrade.net/
0030: 43 65 72 74 45 6E 72 6F 6C 6C 2F 64 65 76 2D 73
CertEnroll/dev-s
0040: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5F
vh.tectrade.net_
0050: 53 56 48 2E 63 72 74 30 51 06 08 2B 06 01 05 05
SVH.crt0Q..+....
0060: 07 30 02 86 45 66 69 6C 65 3A 2F 2F 5C 5C 64 65
.0..Efile://\\de
0070: 76 2D 73 76 68 2E 74 65 63 74 72 61 64 65 2E 6E
v-svh.tectrade.n
0080: 65 74 5C 43 65 72 74 45 6E 72 6F 6C 6C 5C 64 65
et\CertEnroll\de
0090: 76 2D 73 76 68 2E 74 65 63 74 72 61 64 65 2E 6E
v-svh.tectrade.n
00A0: 65 74 5F 53 56 48 2E 63 72 74 et_SVH.crt
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A7 AA 6B 7A 87 3C 22 D4 84 EF 64 0C 94 59 12 81
..kz.<"...d..Y..
0010: 90 7B B9 AD ....
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F3 06 6A B4 53 83 F1 5E 45 C5 64 12 D3 B3 B2 08
..j.S..^E.d.....
0010: 98 00 9F F2 ....
]
[CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]]
SerialNumber: [ 6cf4488b 0b59d9a8 4930e64a 7d3f0fda ]
]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 70 30 6E 30 34 A0 32 A0 30 86 2E 68 74 74 70
.p0n04.2.0..http
0010: 3A 2F 2F 64 65 76 2D 73 76 68 2E 74 65 63 74 72
://dev-svh.tectr
0020: 61 64 65 2E 6E 65 74 2F 43 65 72 74 45 6E 72 6F
ade.net/CertEnro
0030: 6C 6C 2F 53 56 48 2E 63 72 6C 30 36 A0 34 A0 32
ll/SVH.crl06.4.2
0040: 86 30 66 69 6C 65 3A 2F 2F 5C 5C 64 65 76 2D 73
.0file://\\dev-s
0050: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5C
vh.tectrade.net\
0060: 43 65 72 74 45 6E 72 6F 6C 6C 5C 53 56 48 2E 63
CertEnroll\SVH.c
0070: 72 6C rl
[5]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1]]
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 39 50 1B F5 AC 79 C8 A2 23 35 CF 5A 35 79 E4 16
9P...y..#5.Z5y..
0010: 78 B0 12 96 88 A7 C8 22 91 95 92 82 69 7F F4 35
x......"....i..5
0020: 8C 86 C0 B8 26 83 86 BF C4 38 B5 44 C7 AA 6C 1E
....&....8.D..l.
0030: 46 8A C2 EE C0 EA 0C 12 5B 22 98 FD 54 35 A6 EB
F.......["..T5..
]
***
stop on trusted cert: [
[
Version: V3
Subject: CN=connectorservice.dev-svh, OU=general, O=tectrade,
L=brugge, ST=wv, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@e13e07
Validity: [From: Tue Mar 19 13:33:20 CET 2002,
To: Wed Mar 19 13:43:20 CET 2003]
Issuer: CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]
SerialNumber: [ 1e0df6b6 00000000 0003]
Certificate Extensions: 6
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A7 AA 6B 7A 87 3C 22 D4 84 EF 64 0C 94 59 12 81
..kz.<"...d..Y..
0010: 90 7B B9 AD ....
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F3 06 6A B4 53 83 F1 5E 45 C5 64 12 D3 B3 B2 08
..j.S..^E.d.....
0010: 98 00 9F F2 ....
]
[CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]]
SerialNumber: [ 6cf4488b 0b59d9a8 4930e64a 7d3f0fda ]
]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 70 30 6E 30 34 A0 32 A0 30 86 2E 68 74 74 70
.p0n04.2.0..http
0010: 3A 2F 2F 64 65 76 2D 73 76 68 2E 74 65 63 74 72
://dev-svh.tectr
0020: 61 64 65 2E 6E 65 74 2F 43 65 72 74 45 6E 72 6F
ade.net/CertEnro
0030: 6C 6C 2F 53 56 48 2E 63 72 6C 30 36 A0 34 A0 32
ll/SVH.crl06.4.2
0040: 86 30 66 69 6C 65 3A 2F 2F 5C 5C 64 65 76 2D 73
.0file://\\dev-s
0050: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5C
vh.tectrade.net\
0060: 43 65 72 74 45 6E 72 6F 6C 6C 5C 53 56 48 2E 63
CertEnroll\SVH.c
0070: 72 6C rl
[5]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1]]
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 39 50 1B F5 AC 79 C8 A2 23 35 CF 5A 35 79 E4 16
9P...y..#5.Z5y..
0010: 78 B0 12 96 88 A7 C8 22 91 95 92 82 69 7F F4 35
x......"....i..5
0020: 8C 86 C0 B8 26 83 86 BF C4 38 B5 44 C7 AA 6C 1E
....&....8.D..l.
0030: 46 8A C2 EE C0 EA 0C 12 5B 22 98 FD 54 35 A6 EB
F.......["..T5..
]
[read] MD5 and SHA1 hashes: len = 1111
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
JsseJCE: Using JSSE internal implementation for cipher
RSA/ECB/PKCS1Padding
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret: { 3, 1, 177, 94, 134, 65, 105, 149, 137, 27, 87, 201,
116, 110, 200, 192, 56, 174, 155, 109, 22, 0, 179, 136, 85, 232, 251, 3,
79, 152, 201, 27, 74, 23, 171, 234, 81, 155, 162, 156, 36, 8, 47, 127,
27, 196, 189, 172 }
[write] MD5 and SHA1 hashes: len = 70
0000: 10 00 00 42 00 40 25 E5 C3 31 D4 39 A0 39 EA 91
...B.@%..1.9.9..
0010: 59 C4 EB 62 B0 1B 9E A8 BA 9A B5 09 3C AA 50 C9
Y..b........<.P.
0020: C7 0C 48 E4 F9 91 79 84 B9 71 6D 21 E2 2B 94 A4
..H...y..qm!.+..
0030: B4 79 90 4D E9 20 57 EE B0 BD 63 82 87 A4 29 FA .y.M.
W...c...).
0040: 0E F1 AB 52 D4 BC ...R..
main, WRITE: SSL v3.1 Handshake, length = 70
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 B1 5E 86 41 69 95 89 1B 57 C9 74 6E C8 C0
...^.Ai...W.tn..
0010: 38 AE 9B 6D 16 00 B3 88 55 E8 FB 03 4F 98 C9 1B
8..m....U...O...
0020: 4A 17 AB EA 51 9B A2 9C 24 08 2F 7F 1B C4 BD AC
J...Q...$./.....
CONNECTION KEYGEN:
Client Nonce:
0000: 3C 98 82 73 5E 30 5E 95 7E 44 97 54 F2 13 4D 2F
<..s^0^..D.T..M/
0010: 8C DE 75 F1 02 0B F4 BB 4D 66 A1 47 29 D2 0D A5
..u.....Mf.G)...
Server Nonce:
0000: 70 59 7D 8B FD 3E 0D 5B D3 9F 76 E1 B3 52 D2 AD
pY...>.[..v..R..
0010: 39 5C 7C 4C 5A 70 4E B1 9C 54 5B A0 FC 1C 8A 18
9\.LZpN..T[.....
Master Secret:
0000: 40 ED 2C 54 6C EA FC BE 3A 53 A7 65 76 D5 75 DB
@.,Tl...:S.ev.u.
0010: 39 28 39 6D C3 33 C1 83 FA 42 E0 C8 3A 79 64 F5
9(9m.3...B..:yd.
0020: CE 97 A7 84 BB 26 56 47 D7 47 8C FC D2 09 83 91
.....&VG.G......
Client MAC write Secret:
0000: 06 2C 3B 26 E8 F5 D7 80 36 14 2A FD C1 01 C8 17
.,;&....6.*.....
Server MAC write Secret:
0000: B9 40 67 91 E3 DB 8F F0 6E A8 0B 10 8D 8B 53 86
[EMAIL PROTECTED]
Client write key:
0000: F1 73 A9 B9 C5 A9 38 27 0B F1 FF EC 4A 2F 3B F9
.s....8'....J/;.
Server write key:
0000: 0E CA 17 9C FF 7C 11 D4 7F DF 6E CE 9D 55 5C F7
..........n..U\.
... no IV for cipher
main, WRITE: SSL v3.1 Change Cipher Spec, length = 1
JsseJCE: Using JSSE internal implementation for cipher RC4
*** Finished, v3.1
verify_data: { 75, 173, 112, 94, 134, 37, 106, 224, 20, 165, 224, 184 }
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 4B AD 70 5E 86 25 6A E0 14 A5 E0 B8
....K.p^.%j.....
Plaintext before ENCRYPTION: len = 32
0000: 14 00 00 0C 4B AD 70 5E 86 25 6A E0 14 A5 E0 B8
....K.p^.%j.....
0010: 35 11 BD B7 8B 8F F1 C4 33 88 C0 A8 38 7A 8D 43
5.......3...8z.C
main, WRITE: SSL v3.1 Handshake, length = 32
main, READ: SSL v3.1 Change Cipher Spec, length = 1
JsseJCE: Using JSSE internal implementation for cipher RC4
main, READ: SSL v3.1 Handshake, length = 32
Plaintext after DECRYPTION: len = 32
0000: 14 00 00 0C 5C A2 1F E7 AE 43 D1 CC 07 88 E9 E2
....\....C......
0010: 98 CB 2F 86 2A 72 1C 65 AF 34 0C FA 2D F4 24 84
../.*r.e.4..-.$.
*** Finished, v3.1
verify_data: { 92, 162, 31, 231, 174, 67, 209, 204, 7, 136, 233, 226 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
[read] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 5C A2 1F E7 AE 43 D1 CC 07 88 E9 E2
....\....C......
Plaintext before ENCRYPTION: len = 210
0000: 50 4F 53 54 20 2F 48 65 6C 6C 6F 57 6F 72 6C 64 POST
/HelloWorld
0010: 2F 48 65 6C 6C 6F 57 6F 72 6C 64 2E 61 73 6D 78
/HelloWorld.asmx
0020: 20 48 54 54 50 2F 31 2E 30 0D 0A 48 6F 73 74 3A
HTTP/1.0..Host:
0030: 20 63 6F 6E 6E 65 63 74 6F 72 73 65 72 76 69 63
connectorservic
0040: 65 2E 64 65 76 2D 73 76 68 0D 0A 43 6F 6E 74 65
e.dev-svh..Conte
0050: 6E 74 2D 54 79 70 65 3A 20 74 65 78 74 2F 78 6D nt-Type:
text/xm
0060: 6C 3B 20 63 68 61 72 73 65 74 3D 75 74 66 2D 38 l;
charset=utf-8
0070: 0D 0A 43 6F 6E 74 65 6E 74 2D 4C 65 6E 67 74 68
..Content-Length
0080: 3A 20 34 32 34 0D 0A 53 4F 41 50 41 63 74 69 6F :
424..SOAPActio
0090: 6E 3A 20 22 68 74 74 70 3A 2F 2F 74 65 63 74 72 n:
"http://tectr
00A0: 61 64 65 2E 6E 65 74 2F 68 65 6C 6C 6F 77 6F 72
ade.net/hellowor
00B0: 6C 64 2F 47 65 74 4D 65 73 73 61 67 65 22 0D 0A
ld/GetMessage"..
00C0: 0D 0A 62 EB 61 BC 91 96 67 D7 26 49 72 34 F4 1A
..b.a...g.&Ir4..
00D0: DC 82 ..
main, WRITE: SSL v3.1 Application Data, length = 210
Plaintext before ENCRYPTION: len = 440
main, WRITE: SSL v3.1 Application Data, length = 440
main, READ: SSL v3.1 Handshake, length = 20
Plaintext after DECRYPTION: len = 20
0000: 00 00 00 00 CF 1A 34 5E FF 03 97 EF 16 CE 20 36 ......4^......
6
0010: 65 E0 00 5F e.._
*** HelloRequest (empty)
%% Client cached [Session-1, SSL_RSA_WITH_RC4_128_MD5]
%% Try resuming [Session-1, SSL_RSA_WITH_RC4_128_MD5] from port 2271
!!!!!! A Second ClientHello?? !!!!!!
*** ClientHello, v3.1
RandomCookie: GMT: 999785076 bytes = { 195, 18, 244, 6, 85, 191, 10,
59, 188, 74, 66, 128, 51, 123, 138, 14, 165, 140, 58, 230, 15, 118, 181,
152, 30, 165, 218, 82 }
Session ID: {88, 17, 0, 0, 73, 231, 105, 163, 148, 213, 41, 102, 236,
177, 37, 14, 222, 139, 150, 222, 59, 83, 16, 115, 87, 67, 228, 222, 116,
25, 3, 189}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 91
0000: 01 00 00 57 03 01 3C 98 82 74 C3 12 F4 06 55 BF
...W..<..t....U.
0010: 0A 3B BC 4A 42 80 33 7B 8A 0E A5 8C 3A E6 0F 76
.;.JB.3.....:..v
0020: B5 98 1E A5 DA 52 20 58 11 00 00 49 E7 69 A3 94 .....R
X...I.i..
0030: D5 29 66 EC B1 25 0E DE 8B 96 DE 3B 53 10 73 57
.)f..%.....;S.sW
0040: 43 E4 DE 74 19 03 BD 00 10 00 05 00 04 00 09 00
C..t............
0050: 0A 00 12 00 13 00 03 00 11 01 00 ...........
Plaintext before ENCRYPTION: len = 107
0000: 01 00 00 57 03 01 3C 98 82 74 C3 12 F4 06 55 BF
...W..<..t....U.
0010: 0A 3B BC 4A 42 80 33 7B 8A 0E A5 8C 3A E6 0F 76
.;.JB.3.....:..v
0020: B5 98 1E A5 DA 52 20 58 11 00 00 49 E7 69 A3 94 .....R
X...I.i..
0030: D5 29 66 EC B1 25 0E DE 8B 96 DE 3B 53 10 73 57
.)f..%.....;S.sW
0040: 43 E4 DE 74 19 03 BD 00 10 00 05 00 04 00 09 00
C..t............
0050: 0A 00 12 00 13 00 03 00 11 01 00 EB E6 1C AA 42
...............B
0060: B3 71 69 15 1B 12 0B 73 74 53 DB .qi....stS.
main, WRITE: SSL v3.1 Handshake, length = 107
main, READ: SSL v3.1 Handshake, length = 5413
Plaintext after DECRYPTION: len = 5413
1520: A9 4B 99 F6 20 .K..
*** ServerHello, v3.1
RandomCookie: GMT: 107465770 bytes = { 65, 155, 192, 25, 143, 170, 206,
137, 73, 122, 127, 201, 32, 204, 37, 18, 130, 25, 241, 226, 97, 133, 54,
63, 93, 201, 227, 14 }
Session ID: {38, 1, 0, 0, 115, 201, 105, 251, 130, 117, 107, 242, 111,
62, 48, 31, 203, 103, 225, 89, 214, 213, 191, 139, 122, 90, 69, 170, 45,
3, 139, 33}
Cipher Suite: { 0, 4 }
Compression Method: 0
***
%% Created: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 01 06 68 CC 2A 41 9B C0 19 8F AA
...F...h.*A.....
0010: CE 89 49 7A 7F C9 20 CC 25 12 82 19 F1 E2 61 85 ..Iz..
.%.....a.
0020: 36 3F 5D C9 E3 0E 20 26 01 00 00 73 C9 69 FB 82 6?]...
&...s.i..
0030: 75 6B F2 6F 3E 30 1F CB 67 E1 59 D6 D5 BF 8B 7A
uk.o>0..g.Y....z
0040: 5A 45 AA 2D 03 8B 21 00 04 00 ZE.-..!...
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=connectorservice.dev-svh, OU=general, O=tectrade,
L=brugge, ST=wv, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@5bb966
Validity: [From: Tue Mar 19 13:33:20 CET 2002,
To: Wed Mar 19 13:43:20 CET 2003]
Issuer: CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]
SerialNumber: [ 1e0df6b6 00000000 0003]
Certificate Extensions: 6
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 81 A7 30 81 A4 30 4F 06 08 2B 06 01 05 05 07
...0..0O..+.....
0010: 30 02 86 43 68 74 74 70 3A 2F 2F 64 65 76 2D 73
0..Chttp://dev-s
0020: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 2F
vh.tectrade.net/
0030: 43 65 72 74 45 6E 72 6F 6C 6C 2F 64 65 76 2D 73
CertEnroll/dev-s
0040: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5F
vh.tectrade.net_
0050: 53 56 48 2E 63 72 74 30 51 06 08 2B 06 01 05 05
SVH.crt0Q..+....
0060: 07 30 02 86 45 66 69 6C 65 3A 2F 2F 5C 5C 64 65
.0..Efile://\\de
0070: 76 2D 73 76 68 2E 74 65 63 74 72 61 64 65 2E 6E
v-svh.tectrade.n
0080: 65 74 5C 43 65 72 74 45 6E 72 6F 6C 6C 5C 64 65
et\CertEnroll\de
0090: 76 2D 73 76 68 2E 74 65 63 74 72 61 64 65 2E 6E
v-svh.tectrade.n
00A0: 65 74 5F 53 56 48 2E 63 72 74 et_SVH.crt
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A7 AA 6B 7A 87 3C 22 D4 84 EF 64 0C 94 59 12 81
..kz.<"...d..Y..
0010: 90 7B B9 AD ....
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F3 06 6A B4 53 83 F1 5E 45 C5 64 12 D3 B3 B2 08
..j.S..^E.d.....
0010: 98 00 9F F2 ....
]
[CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]]
SerialNumber: [ 6cf4488b 0b59d9a8 4930e64a 7d3f0fda ]
]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 70 30 6E 30 34 A0 32 A0 30 86 2E 68 74 74 70
.p0n04.2.0..http
0010: 3A 2F 2F 64 65 76 2D 73 76 68 2E 74 65 63 74 72
://dev-svh.tectr
0020: 61 64 65 2E 6E 65 74 2F 43 65 72 74 45 6E 72 6F
ade.net/CertEnro
0030: 6C 6C 2F 53 56 48 2E 63 72 6C 30 36 A0 34 A0 32
ll/SVH.crl06.4.2
0040: 86 30 66 69 6C 65 3A 2F 2F 5C 5C 64 65 76 2D 73
.0file://\\dev-s
0050: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5C
vh.tectrade.net\
0060: 43 65 72 74 45 6E 72 6F 6C 6C 5C 53 56 48 2E 63
CertEnroll\SVH.c
0070: 72 6C rl
[5]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1]]
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 39 50 1B F5 AC 79 C8 A2 23 35 CF 5A 35 79 E4 16
9P...y..#5.Z5y..
0010: 78 B0 12 96 88 A7 C8 22 91 95 92 82 69 7F F4 35
x......"....i..5
0020: 8C 86 C0 B8 26 83 86 BF C4 38 B5 44 C7 AA 6C 1E
....&....8.D..l.
0030: 46 8A C2 EE C0 EA 0C 12 5B 22 98 FD 54 35 A6 EB
F.......["..T5..
]
***
stop on trusted cert: [
[
Version: V3
Subject: CN=connectorservice.dev-svh, OU=general, O=tectrade,
L=brugge, ST=wv, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@5bb966
Validity: [From: Tue Mar 19 13:33:20 CET 2002,
To: Wed Mar 19 13:43:20 CET 2003]
Issuer: CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]
SerialNumber: [ 1e0df6b6 00000000 0003]
Certificate Extensions: 6
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 81 A7 30 81 A4 30 4F 06 08 2B 06 01 05 05 07
...0..0O..+.....
0010: 30 02 86 43 68 74 74 70 3A 2F 2F 64 65 76 2D 73
0..Chttp://dev-s
0020: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 2F
vh.tectrade.net/
0030: 43 65 72 74 45 6E 72 6F 6C 6C 2F 64 65 76 2D 73
CertEnroll/dev-s
0040: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5F
vh.tectrade.net_
0050: 53 56 48 2E 63 72 74 30 51 06 08 2B 06 01 05 05
SVH.crt0Q..+....
0060: 07 30 02 86 45 66 69 6C 65 3A 2F 2F 5C 5C 64 65
.0..Efile://\\de
0070: 76 2D 73 76 68 2E 74 65 63 74 72 61 64 65 2E 6E
v-svh.tectrade.n
0080: 65 74 5C 43 65 72 74 45 6E 72 6F 6C 6C 5C 64 65
et\CertEnroll\de
0090: 76 2D 73 76 68 2E 74 65 63 74 72 61 64 65 2E 6E
v-svh.tectrade.n
00A0: 65 74 5F 53 56 48 2E 63 72 74 et_SVH.crt
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A7 AA 6B 7A 87 3C 22 D4 84 EF 64 0C 94 59 12 81
..kz.<"...d..Y..
0010: 90 7B B9 AD ....
]
]
[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F3 06 6A B4 53 83 F1 5E 45 C5 64 12 D3 B3 B2 08
..j.S..^E.d.....
0010: 98 00 9F F2 ....
]
[CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]]
SerialNumber: [ 6cf4488b 0b59d9a8 4930e64a 7d3f0fda ]
]
[4]: ObjectId: 2.5.29.31 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 70 30 6E 30 34 A0 32 A0 30 86 2E 68 74 74 70
.p0n04.2.0..http
0010: 3A 2F 2F 64 65 76 2D 73 76 68 2E 74 65 63 74 72
://dev-svh.tectr
0020: 61 64 65 2E 6E 65 74 2F 43 65 72 74 45 6E 72 6F
ade.net/CertEnro
0030: 6C 6C 2F 53 56 48 2E 63 72 6C 30 36 A0 34 A0 32
ll/SVH.crl06.4.2
0040: 86 30 66 69 6C 65 3A 2F 2F 5C 5C 64 65 76 2D 73
.0file://\\dev-s
0050: 76 68 2E 74 65 63 74 72 61 64 65 2E 6E 65 74 5C
vh.tectrade.net\
0060: 43 65 72 74 45 6E 72 6F 6C 6C 5C 53 56 48 2E 63
CertEnroll\SVH.c
0070: 72 6C rl
[5]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[1.3.6.1.5.5.7.3.1]]
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 39 50 1B F5 AC 79 C8 A2 23 35 CF 5A 35 79 E4 16
9P...y..#5.Z5y..
0010: 78 B0 12 96 88 A7 C8 22 91 95 92 82 69 7F F4 35
x......"....i..5
0020: 8C 86 C0 B8 26 83 86 BF C4 38 B5 44 C7 AA 6C 1E
....&....8.D..l.
0030: 46 8A C2 EE C0 EA 0C 12 5B 22 98 FD 54 35 A6 EB
F.......["..T5..
]
[read] MD5 and SHA1 hashes: len = 1111
*** CertificateRequest
Cert Types: RSA,
Cert Authorities:
<CN=Frederik, OU=Dev, O=Tectrade, L=Gent, ST=W-Vl, C=BE>
<CN=Tectrade.net CA, OU=Tectrade, O=Tectrade, L=Bruges, ST=WVL, C=BE,
[EMAIL PROTECTED]>
<CN=Tectrade.net CA, OU=Tectrade Systems and Networks, O=Tectrade NV,
L=Brugge, ST=WVL, C=BE, [EMAIL PROTECTED]>
<CN=Kris Dierckens CA, OU=Development, O=Tectrade, L=Brugge, ST=WVL,
C=BE, [EMAIL PROTECTED]>
<CN=Tectrade.net DC02, OU=Tectrade, O=Tectrade, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized
use only", OU=Class 1 Public Primary Certification Authority - G2,
O="VeriSign, Inc.", C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized
use only", OU=Class 4 Public Primary Certification Authority - G2,
O="VeriSign, Inc.", C=US>
<CN=VeriSign Class 3 Public Primary Certification Authority - G3,
OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US>
<CN=VeriSign Class 1 Public Primary Certification Authority - G3,
OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US>
<[EMAIL PROTECTED], CN=Thawte Personal Freemail
CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA>
<[EMAIL PROTECTED], CN=Thawte Personal Premium
CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA>
<CN=First Data Digital Certificates Inc. Certification Authority,
O=First Data Digital Certificates Inc., C=US>
<[EMAIL PROTECTED], CN=Thawte Personal Basic CA,
OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA>
<OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.",
C=US>
<CN=VeriSign Class 2 Public Primary Certification Authority - G3,
OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US>
<OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.",
C=US>
<OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.",
C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized
use only", OU=Class 3 Public Primary Certification Authority - G2,
O="VeriSign, Inc.", C=US>
<CN=SVH, OU=Development, O=Tectrade NV, L=Brugge, ST=WVL, C=BE,
[EMAIL PROTECTED]>
<CN=GTE CyberTrust Root, O=GTE Corporation, C=US>
<CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.",
O=GTE Corporation, C=US>
<CN=Microsoft Root Authority, OU=Microsoft Corporation, OU=Copyright (c)
1997 Microsoft Corp.>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized
use only", OU=Class 2 Public Primary Certification Authority - G2,
O="VeriSign, Inc.", C=US>
<CN=Post.Trust Root CA, OU=Post.Trust Ltd., O=An Post, C=IE>
<CN=VeriSign Class 4 Public Primary Certification Authority - G3,
OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign
Trust Network, O="VeriSign, Inc.", C=US>
<CN=Microsoft Root Certificate Authority, DC=microsoft, DC=com>
<CN=GTE CyberTrust Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE
Corporation, C=US>
[read] MD5 and SHA1 hashes: len = 4208
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0E 00 00 00 ....
*** Certificate chain
***
JsseJCE: Using JSSE internal implementation for cipher
RSA/ECB/PKCS1Padding
*** ClientKeyExchange, RSA PreMasterSecret, v3.1
Random Secret: { 3, 1, 139, 1, 143, 155, 212, 30, 222, 39, 124, 196,
174, 146, 244, 15, 85, 80, 20, 163, 10, 203, 227, 182, 165, 139, 60, 32,
47, 36, 227, 171, 31, 53, 77, 48, 232, 173, 170, 74, 214, 171, 148, 133,
10, 178, 1, 211 }
[write] MD5 and SHA1 hashes: len = 77
0000: 0B 00 00 03 00 00 00 10 00 00 42 00 40 B2 CC 75
..........B.@..u
0010: 8C 95 0E EF D1 8F E8 38 4F 4E 7C 7B 69 20 0F B3 .......8ON..i
..
0020: 5C A5 3B DD FA BE 82 3E 0D D0 94 01 F8 07 A4 57
\.;....>.......W
0030: 9D 95 B1 F7 FD CC 00 7B EC 7D 3C 66 08 C9 B3 09
..........<f....
0040: CC C6 51 B0 11 BE 08 9E 29 F0 02 C1 9A ..Q.....)....
Plaintext before ENCRYPTION: len = 93
0000: 0B 00 00 03 00 00 00 10 00 00 42 00 40 B2 CC 75
..........B.@..u
0010: 8C 95 0E EF D1 8F E8 38 4F 4E 7C 7B 69 20 0F B3 .......8ON..i
..
0020: 5C A5 3B DD FA BE 82 3E 0D D0 94 01 F8 07 A4 57
\.;....>.......W
0030: 9D 95 B1 F7 FD CC 00 7B EC 7D 3C 66 08 C9 B3 09
..........<f....
0040: CC C6 51 B0 11 BE 08 9E 29 F0 02 C1 9A 20 74 7A ..Q.....)....
tz
0050: 56 77 A8 D6 7A 38 4E 18 D3 21 96 B2 EB Vw..z8N..!...
main, WRITE: SSL v3.1 Handshake, length = 93
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 8B 01 8F 9B D4 1E DE 27 7C C4 AE 92 F4 0F
.........'......
0010: 55 50 14 A3 0A CB E3 B6 A5 8B 3C 20 2F 24 E3 AB UP........<
/$..
0020: 1F 35 4D 30 E8 AD AA 4A D6 AB 94 85 0A B2 01 D3
.5M0...J........
CONNECTION KEYGEN:
Client Nonce:
0000: 3C 98 82 74 C3 12 F4 06 55 BF 0A 3B BC 4A 42 80
<..t....U..;.JB.
0010: 33 7B 8A 0E A5 8C 3A E6 0F 76 B5 98 1E A5 DA 52
3.....:..v.....R
Server Nonce:
0000: 06 68 CC 2A 41 9B C0 19 8F AA CE 89 49 7A 7F C9
.h.*A.......Iz..
0010: 20 CC 25 12 82 19 F1 E2 61 85 36 3F 5D C9 E3 0E
.%.....a.6?]...
Master Secret:
0000: B8 40 21 0F 4C 94 3A C3 1B 95 B8 52 83 6B D6 C2
.@!.L.:....R.k..
0010: 9B 1E F4 41 AD 08 76 F1 D2 48 83 FC B5 41 8C 84
...A..v..H...A..
0020: 82 D9 2C F4 1F 95 94 7B E2 76 91 23 81 13 9B E8
..,......v.#....
Client MAC write Secret:
0000: 7C 82 C6 72 73 50 19 BC D2 C1 CC 69 0B D9 AA 99
...rsP.....i....
Server MAC write Secret:
0000: 80 B8 2F FA C5 D5 91 FF 42 43 34 ED C4 BD 1E BB
../.....BC4.....
Client write key:
0000: 34 93 2F 33 D1 8A D2 5A 7F 6E 17 73 5D 80 16 C9
4./3...Z.n.s]...
Server write key:
0000: 20 08 FF 18 5B C9 BB 4A DA 2E E6 A8 BE 15 19 2E
...[..J........
... no IV for cipher
Plaintext before ENCRYPTION: len = 17
0000: 01 F6 6D 7D 7E F8 0C E4 4A 21 25 42 7B 3F EE FC
..m.....J!%B.?..
0010: 59 Y
main, WRITE: SSL v3.1 Change Cipher Spec, length = 17
JsseJCE: Using JSSE internal implementation for cipher RC4
*** Finished, v3.1
verify_data: { 219, 239, 242, 9, 21, 106, 188, 248, 149, 200, 204, 209
}
***
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C DB EF F2 09 15 6A BC F8 95 C8 CC D1
.........j......
Plaintext before ENCRYPTION: len = 32
0000: 14 00 00 0C DB EF F2 09 15 6A BC F8 95 C8 CC D1
.........j......
0010: 4D A0 71 7C F3 81 B8 D1 C0 E9 CE 9E 15 0A CC 08
M.q.............
main, WRITE: SSL v3.1 Handshake, length = 32
main, READ: SSL v3.1 Change Cipher Spec, length = 17
Plaintext after DECRYPTION: len = 17
0000: 01 1C 21 D0 E9 9C FD 22 0E 5D B4 53 6D 6D 75 27
..!....".].Smmu'
0010: 34 4
JsseJCE: Using JSSE internal implementation for cipher RC4
main, READ: SSL v3.1 Handshake, length = 32
Plaintext after DECRYPTION: len = 32
0000: 14 00 00 0C 27 62 70 F6 21 26 89 46 D8 17 04 AD
....'bp.!&.F....
0010: 6C CB 77 42 01 6B AA A4 70 65 D7 D8 AE 5F D7 BD
l.wB.k..pe..._..
*** Finished, v3.1
verify_data: { 39, 98, 112, 246, 33, 38, 137, 70, 216, 23, 4, 173 }
***
%% Cached client session: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
[read] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C 27 62 70 F6 21 26 89 46 D8 17 04 AD
....'bp.!&.F....
main, READ: SSL v3.1 Application Data, length = 3509
Plaintext after DECRYPTION: len = 3509
main, SEND SSL v3.1 ALERT: fatal, description = close_notify
Plaintext before ENCRYPTION: len = 18
0000: 02 00 33 FE BD C9 30 59 37 53 D3 44 3A 36 CF 1D
..3...0Y7S.D:6..
0010: 3C 53 <S
main, WRITE: SSL v3.1 Alert, length = 18
%% Invalidated: [Session-2, SSL_RSA_WITH_RC4_128_MD5]
Error message:
<title>The page requires a client certificate</title>
