Re: Updating SSL certificate version

Girish Vasmatkar Wed, 06 Mar 2019 00:57:33 -0800

Hi Mathieu

I tried reproducing the issue you're facing with GNU Icecat by providing
the exact cipher suites (that Icecat seems to present in the logs) to my
local OFBiz installation. However, the handshake seems to be working for me.


There seems to be no issue with respect to the protocol version used. It is
all coming down to the fact that Icecat and OFBiz jvm can't settle down on
the cipher suite to choose. As for Epiphany, I could see common cipher
suites sent by both Icecat and Epiphany and yet OFBiz denying handshake.

I'll see if there is more I can extract out of the logs but at the moment I
can't think of a proper solution here apart from installing JCE Unlimited
Strength in the JVM and see if you can get the handshake working.

Thanks and Regards,
Girish


On Wed, Mar 6, 2019 at 1:17 AM Mathieu Lirzin <[email protected]>
wrote:

> with the inlined logs:
>
> Mathieu Lirzin <[email protected]> writes:
>
> > Hello Girish and Jacques,
> >
> > Jacques Le Roux <[email protected]> writes:
> >
> >> Did Girish's answer help? (thanks Girish)
> >
> > Yes it helps alot.
> >
> >> Le 04/03/2019 à 08:09, Girish Vasmatkar a écrit :
> >>>
> >>> Perhaps it will help if you could enable SSL debugging (either in your
> >>> browser or in OFBiz (-Djavax.net.debug=ssl)) and provide details how
> the
> >>> SSL handshake happened. Specifically, it would be interesting to see
> what
> >>> all protocols your browser presented to OFBiz.
> >
> > Here is the log of OFBiz with (-Djavax.net.debug=ssl) with a failing
> > handshake with GNU Icecat:
>
> Using SSLEngineImpl.
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> https-jsse-nio-8443-exec-8, READ: TLSv1 Handshake, length = 512
> *** ClientHello, TLSv1.2
> RandomCookie:  GMT: 1736093966 bytes = { 189, 227, 177, 17, 199, 186, 164,
> 220, 197, 114, 96, 6, 87, 64, 58, 23, 142, 75, 57, 206, 107, 227, 181, 65,
> 168, 6, 76, 155 }
> Session ID:  {193, 60, 237, 251, 184, 155, 76, 93, 36, 222, 130, 94, 35,
> 149, 245, 251, 82, 146, 204, 227, 113, 188, 245, 195, 46, 17, 198, 7, 175,
> 181, 1, 156}
> Cipher Suites: [Unknown 0x13:0x1, Unknown 0x13:0x3, Unknown 0x13:0x2,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xcc:0xa9, Unknown
> 0xcc:0xa8, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,
> TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
> Compression Methods:  { 0 }
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Extension extended_master_secret
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension elliptic_curves, curve names: {unknown curve 29, secp256r1,
> secp384r1, secp521r1, unknown curve 256, unknown curve 257}
> Extension ec_point_formats, formats: [uncompressed]
> Unsupported extension type_35, data:
> Unsupported extension type_16, data:
> 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31
> Unsupported extension status_request, data: 01:00:00:00:00
> Unsupported extension type_51, data:
> 00:69:00:1d:00:20:15:8a:11:44:3e:65:b5:86:d5:91:8e:46:d4:4c:f1:05:44:48:a7:43:9e:04:69:69:fe:58:f5:80:ce:bc:d2:58:00:17:00:41:04:b7:0f:c1:73:e5:bf:9d:fd:4c:29:24:07:27:9e:77:1e:fb:30:d2:b8:17:b5:87:1e:f6:61:d1:b3:9c:f8:59:2a:cd:63:07:7f:9b:2f:3d:f9:80:a5:e2:f3:09:3d:e5:91:f4:35:2a:d0:ec:aa:89:ed:6d:63:7c:93:74:a6:0e:e9
> Unsupported extension type_43, data: 08:7f:17:03:03:03:02:03:01
> Extension signature_algorithms, signature_algorithms: SHA256withECDSA,
> SHA384withECDSA, SHA512withECDSA, Unknown (hash:0x8, signature:0x4),
> Unknown (hash:0x8, signature:0x5), Unknown (hash:0x8, signature:0x6),
> SHA256withRSA, SHA384withRSA, SHA512withRSA, SHA1withECDSA, SHA1withRSA
> Unsupported extension type_45, data: 01:01
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> %% Initialized:  [Session-54, SSL_NULL_WITH_NULL_NULL]
> https-jsse-nio-8443-exec-8, fatal error: 40: no cipher suites in common
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
> %% Invalidated:  [Session-54, SSL_NULL_WITH_NULL_NULL]
> https-jsse-nio-8443-exec-8, SEND TLSv1.2 ALERT:  fatal, description =
> handshake_failure
> https-jsse-nio-8443-exec-8, WRITE: TLSv1.2 Alert, length = 2
> https-jsse-nio-8443-exec-8, fatal: engine already closed.  Rethrowing
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
> https-jsse-nio-8443-exec-8, called closeOutbound()
> https-jsse-nio-8443-exec-8, closeOutboundInternal()
> Using SSLEngineImpl.
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> https-jsse-nio-8443-exec-3, READ: TLSv1 Handshake, length = 177
> *** ClientHello, TLSv1.2
> RandomCookie:  GMT: 146371561 bytes = { 199, 41, 221, 220, 249, 76, 16,
> 148, 121, 235, 169, 29, 195, 217, 73, 96, 168, 20, 66, 190, 101, 117, 147,
> 205, 153, 77, 208, 190 }
> Session ID:  {}
> Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xcc:0xa9, Unknown
> 0xcc:0xa8, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
> SSL_RSA_WITH_3DES_EDE_CBC_SHA]
> Compression Methods:  { 0 }
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Extension extended_master_secret
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension elliptic_curves, curve names: {unknown curve 29, secp256r1,
> secp384r1, secp521r1}
> Extension ec_point_formats, formats: [uncompressed]
> Unsupported extension type_35, data:
> Unsupported extension type_16, data:
> 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension signature_algorithms, signature_algorithms: SHA256withECDSA,
> SHA384withECDSA, SHA512withECDSA, Unknown (hash:0x8, signature:0x4),
> Unknown (hash:0x8, signature:0x5), Unknown (hash:0x8, signature:0x6),
> SHA256withRSA, SHA384withRSA, SHA512withRSA, SHA1withECDSA, SHA1withRSA
> ***
> %% Initialized:  [Session-55, SSL_NULL_WITH_NULL_NULL]
> https-jsse-nio-8443-exec-3, fatal error: 40: no cipher suites in common
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
> %% Invalidated:  [Session-55, SSL_NULL_WITH_NULL_NULL]
> https-jsse-nio-8443-exec-3, SEND TLSv1.2 ALERT:  fatal, description =
> handshake_failure
> https-jsse-nio-8443-exec-3, WRITE: TLSv1.2 Alert, length = 2
> https-jsse-nio-8443-exec-3, fatal: engine already closed.  Rethrowing
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
> https-jsse-nio-8443-exec-3, called closeOutbound()
> https-jsse-nio-8443-exec-3, closeOutboundInternal()
>
> > Here is the log with another browser (Epiphany) with a successful
> handshake:
>
> Using SSLEngineImpl.
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> https-jsse-nio-8443-exec-2, READ: TLSv1.2 Alert, length = 26
> https-jsse-nio-8443-exec-2, RECV TLSv1.2 ALERT:  warning, close_notify
> https-jsse-nio-8443-exec-2, closeInboundInternal()
> https-jsse-nio-8443-exec-2, closeOutboundInternal()
> https-jsse-nio-8443-exec-2, SEND TLSv1.2 ALERT:  warning, description =
> close_notify
> https-jsse-nio-8443-exec-1, READ: TLSv1 Handshake, length = 512
> https-jsse-nio-8443-exec-2, WRITE: TLSv1.2 Alert, length = 26
> https-jsse-nio-8443-exec-2, called closeOutbound()
> *** ClientHello, TLSv1.2
> RandomCookie:  https-jsse-nio-8443-exec-2, closeOutboundInternal()
> GMT: 814150594 bytes = { 189, 14, 209, 176, 97, 15, 214, 107, 117, 63,
> 187, 162, 12, 184, 245, 189, 245, 227, 127, 128, 244, 154, 249, 115, 101,
> 100, 61, 40 }
> Session ID:  {92, 125, 15, 237, 254, 33, 2, 52, 144, 148, 0, 165, 156,
> 232, 106, 139, 222, 199, 99, 71, 41, 230, 1, 75, 246, 145, 175, 22, 191,
> 231, 28, 218}
> Cipher Suites: [Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0x13:0x1,
> Unknown 0x13:0x4, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xa9, Unknown 0xc0:0xad, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0xac,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa8,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
> Unknown 0xc0:0x9d, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9c,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xaa, Unknown 0xc0:0x9f, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9e,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
> Compression Methods:  { 0 }
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1,
> unknown curve 29, unknown curve 256, unknown curve 257, unknown curve 258,
> unknown curve 259, unknown curve 260}
> Extension ec_point_formats, formats: [uncompressed]
> Extension signature_algorithms, signature_algorithms: SHA256withRSA,
> Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0x4),
> SHA256withECDSA, Unknown (hash:0x8, signature:0x7), SHA384withRSA, Unknown
> (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0x5),
> SHA384withECDSA, SHA512withRSA, Unknown (hash:0x8, signature:0xb), Unknown
> (hash:0x8, signature:0x6), SHA512withECDSA, SHA1withRSA, SHA1withECDSA
> Unsupported extension type_35, data:
> Unsupported extension type_51, data:
> 00:69:00:17:00:41:04:64:09:13:0a:51:7f:68:f5:63:01:39:08:81:34:af:cd:75:75:98:c8:81:91:0d:6a:2a:22:43:3e:a9:2d:23:48:16:7a:d0:a8:b5:bd:ce:8d:54:25:fd:33:c3:99:bd:42:9f:05:d1:7e:dd:e8:5e:37:fa:7f:dd:e1:6a:ef:a0:b9:00:1d:00:20:e8:f0:72:c3:30:bc:24:4e:cd:5f:14:38:a2:86:9e:84:cd:51:df:a4:6d:72:33:e8:e9:a0:55:8e:4c:60:21:50
> Unsupported extension type_43, data: 08:03:04:03:03:03:02:03:01
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Unsupported extension type_45, data: 02:01:00
> Unsupported extension type_28, data: 40:00
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> %% Initialized:  [Session-10, SSL_NULL_WITH_NULL_NULL]
> Standard ciphersuite chosen: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> %% Negotiating:  [Session-10, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> *** ServerHello, TLSv1.2
> RandomCookie:  GMT: 1551699703 bytes = { 1, 74, 230, 110, 14, 123, 143,
> 104, 216, 59, 77, 109, 156, 237, 68, 152, 241, 106, 128, 168, 185, 218, 12,
> 202, 6, 4, 174, 147 }
> Session ID:  {92, 125, 15, 247, 246, 249, 211, 141, 164, 158, 249, 105,
> 184, 211, 34, 29, 135, 131, 232, 36, 64, 192, 38, 174, 54, 83, 112, 53,
> 142, 111, 182, 94}
> Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> Compression Method: 0
> Extension renegotiation_info, renegotiated_connection: <empty>
> ***
> Cipher suite:  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> https-jsse-nio-8443-exec-9, WRITE: TLSv1.2 Application Data, length = 339
> *** Certificate chain
> chain [0] = [
> [
>   Version: V3
>   Subject: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>
>   Key:  Sun RSA public key, 2048 bits
>   modulus:
> 21944740401167172627731583459321030363948627215746053925732477915060915436180167456469785746662093119306577380200747716284652995937004530444336851845029170241627465854006145050037178991946925696078563485570896673835545540824265905937881682387179314987285174428010940266412458943894800978345731524307952507729956745301047871771953945124256516782917326981125087548987889540650149121302888872237484100834740328828765018090383963294418357028839734723410564800765871733483849269364796949055153420777966213779145518299141217288017794394762274753999989298548507425930217302947589819396239489846633419099079578249651345685751
>   public exponent: 65537
>   Validity: [From: Fri May 30 08:43:19 GMT 2014,
>                To: Mon May 27 08:43:19 GMT 2024]
>   Issuer: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   SerialNumber: [    a6ef7a9a 5368eb27]
>
> Certificate Extensions: 3
> [1]: ObjectId: 2.5.29.35 Criticality=false
> AuthorityKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> [2]: ObjectId: 2.5.29.19 Criticality=false
> BasicConstraints:[
>   CA:true
>   PathLen:2147483647
> ]
>
> [3]: ObjectId: 2.5.29.14 Criticality=false
> SubjectKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> ]
>   Algorithm: [SHA1withRSA]
>   Signature:
> 0000: 19 16 5A 21 99 21 24 98   3C 0A E8 D8 00 AB 44 24  ..Z!.!$.<.....D$
> 0010: F2 0C B7 83 D5 9F 96 17   87 E2 1F 1D A3 47 68 C7  .............Gh.
> 0020: 68 4A CB 56 0E 77 2B E8   1A 9F E7 09 A1 19 77 D0  hJ.V.w+.......w.
> 0030: 5E CC C1 B3 9A C4 35 3D   CB E0 A5 A6 43 5D A3 26  ^.....5=....C].&
> 0040: A4 91 8A C1 FA 7B 10 EA   DC C3 C7 1C 47 DC 97 32  ............G..2
> 0050: C0 37 80 1C F1 42 10 E3   74 17 FA 3E 60 4A B7 59  .7...B..t..>`J.Y
> 0060: 92 C1 E0 6F BB F1 BB 9F   82 89 B5 83 D5 AE 1E 90  ...o............
> 0070: 0A 89 8D FB 4C C0 C5 9E   DC C5 8C C6 2F EE D9 B4  ....L......./...
> 0080: 95 47 27 2E BE 82 31 6F   76 C0 DB 4C C8 0D 3B 7B  .G'...1ov..L..;.
> 0090: D1 6A BF BD 3B 93 30 04   A2 9E 81 F7 96 28 77 F2  .j..;.0......(w.
> 00A0: 32 05 68 44 1F B3 30 CE   40 9F 20 F3 B4 2B AA E6  2.hD..0.@. ..+..
> 00B0: 40 9B FB 7F 34 6E 3A 99   FD F8 28 F1 8C 9B 56 34  @...4n:...(...V4
> 00C0: 64 AD 4D 56 39 CB 96 18   50 9B 99 43 80 0A 39 A5  d.MV9...P..C..9.
> 00D0: 13 7A 6E C5 25 E0 95 4A   92 E5 A8 8B EE 03 49 B4  .zn.%..J......I.
> 00E0: D9 7C 00 E3 F0 3B A7 BA   40 30 CC 89 55 C6 97 93  .....;[email protected]...
> 00F0: B5 15 F6 62 D3 B1 74 9C   0B 80 2B 8A D4 03 84 A0  ...b..t...+.....
>
> ]
> ***
> *** Diffie-Hellman ServerKeyExchange
> DH Modulus:  { 255, 255, 255, 255, 255, 255, 255, 255, 201, 15, 218, 162,
> 33, 104, 194, 52, 196, 198, 98, 139, 128, 220, 28, 209, 41, 2, 78, 8, 138,
> 103, 204, 116, 2, 11, 190, 166, 59, 19, 155, 34, 81, 74, 8, 121, 142, 52,
> 4, 221, 239, 149, 25, 179, 205, 58, 67, 27, 48, 43, 10, 109, 242, 95, 20,
> 55, 79, 225, 53, 109, 109, 81, 194, 69, 228, 133, 181, 118, 98, 94, 126,
> 198, 244, 76, 66, 233, 166, 55, 237, 107, 11, 255, 92, 182, 244, 6, 183,
> 237, 238, 56, 107, 251, 90, 137, 159, 165, 174, 159, 36, 17, 124, 75, 31,
> 230, 73, 40, 102, 81, 236, 230, 83, 129, 255, 255, 255, 255, 255, 255, 255,
> 255 }
> DH Base:  { 2 }
> Server DH Public Key:  { 207, 201, 241, 189, 224, 175, 68, 248, 216, 197,
> 47, 214, 124, 101, 217, 9, 127, 95, 125, 123, 118, 132, 240, 161, 211, 172,
> 155, 151, 38, 81, 217, 225, 137, 34, 92, 50, 243, 88, 199, 76, 154, 29,
> 118, 218, 187, 175, 51, 153, 133, 115, 97, 176, 38, 139, 13, 107, 114, 66,
> 44, 201, 109, 168, 61, 214, 28, 170, 130, 136, 66, 189, 7, 217, 29, 83, 49,
> 211, 167, 220, 13, 57, 229, 176, 106, 101, 147, https-jsse-nio-8443-exec-9,
> WRITE: TLSv1.2 Application Data, length = 548
> 155, 102, 135, 27, 15, 236, 14, 126, 81, 118, 54, 20, 33, 204, 63, 45, 14,
> 239, 232, 96, 218, 144, 135, 68, 98, 120, 209, 97, 189, 243, 74, 38, 12,
> 149, 112, 124, 118, 40, 193, 94, 129, 194, 136 }
> Signature Algorithm SHA256withRSA
> Signed with a DSA or RSA public key
> *** ServerHelloDone
> https-jsse-nio-8443-exec-1, WRITE: TLSv1.2 Handshake, length = 1697
> Using SSLEngineImpl.
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> https-jsse-nio-8443-exec-1, READ: TLSv1 Handshake, length = 512
> *** ClientHello, TLSv1.2
> RandomCookie:  GMT: 891426139 bytes = { 70, 64, 99, 252, 252, 243, 247,
> 61, 84, 99, 225, 22, 197, 217, 232, 204, 83, 219, 77, 96, 217, 224, 36, 16,
> 75, 250, 115, 210 }
> Session ID:  {92, 125, 15, 237, 254, 33, 2, 52, 144, 148, 0, 165, 156,
> 232, 106, 139, 222, 199, 99, 71, 41, 230, 1, 75, 246, 145, 175, 22, 191,
> 231, 28, 218}
> Cipher Suites: [Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0x13:0x1,
> Unknown 0x13:0x4, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xa9, Unknown 0xc0:0xad, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0xac,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa8,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
> Unknown 0xc0:0x9d, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9c,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xaa, Unknown 0xc0:0x9f, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9e,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
> Compression Methods:  { 0 }
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1,
> unknown curve 29, unknown curve 256, unknown curve 257, unknown curve 258,
> unknown curve 259, unknown curve 260}
> Extension ec_point_formats, formats: [uncompressed]
> Extension signature_algorithms, signature_algorithms: SHA256withRSA,
> Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0x4),
> SHA256withECDSA, Unknown (hash:0x8, signature:0x7), SHA384withRSA, Unknown
> (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0x5),
> SHA384withECDSA, SHA512withRSA, Unknown (hash:0x8, signature:0xb), Unknown
> (hash:0x8, signature:0x6), SHA512withECDSA, SHA1withRSA, SHA1withECDSA
> Unsupported extension type_35, data:
> Unsupported extension type_51, data:
> 00:69:00:17:00:41:04:4c:4b:f9:0d:41:a2:d1:e0:cc:78:46:72:f7:54:96:02:a0:a2:d6:14:0b:7a:6e:f1:45:0a:8f:bd:40:4f:eb:26:cb:d1:4d:1c:12:24:25:45:db:9c:f3:85:55:8d:0a:3f:4e:d8:d0:1f:95:1c:46:97:c5:b1:74:e7:c7:38:ed:b4:00:1d:00:20:e1:f7:e1:e0:c6:56:96:45:a4:22:c3:5b:78:3c:d2:1c:ad:eb:c3:85:0d:9e:01:6e:4a:f7:60:5d:14:14:4f:2a
> Unsupported extension type_43, data: 08:03:04:03:03:03:02:03:01
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Unsupported extension type_45, data: 02:01:00
> Unsupported extension type_28, data: 40:00
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> %% Initialized:  [Session-11, SSL_NULL_WITH_NULL_NULL]
> Standard ciphersuite chosen: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> %% Negotiating:  [Session-11, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> *** ServerHello, TLSv1.2
> RandomCookie:  GMT: 1551699703 bytes = { 84, 57, 154, 20, 67, 161, 125,
> 104, 24, 253, 249, 172, 67, 138, 44, 163, 152, 238, 181, 239, 217, 23, 49,
> 149, 121, 11, 142, 123 }
> Session ID:  {92, 125, 15, 247, 213, 157, 46, 13, 7, 249, 27, 59, 188, 52,
> 107, 216, 12, 30, 168, 6, 161, 1, 93, 140, 189, 97, 129, 164, 189, 189,
> 122, 170}
> Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> Compression Method: 0
> Extension renegotiation_info, renegotiated_connection: <empty>
> ***
> Cipher suite:  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> *** Certificate chain
> chain [0] = [
> [
>   Version: V3
>   Subject: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>
>   Key:  Sun RSA public key, 2048 bits
>   modulus:
> 21944740401167172627731583459321030363948627215746053925732477915060915436180167456469785746662093119306577380200747716284652995937004530444336851845029170241627465854006145050037178991946925696078563485570896673835545540824265905937881682387179314987285174428010940266412458943894800978345731524307952507729956745301047871771953945124256516782917326981125087548987889540650149121302888872237484100834740328828765018090383963294418357028839734723410564800765871733483849269364796949055153420777966213779145518299141217288017794394762274753999989298548507425930217302947589819396239489846633419099079578249651345685751
>   public exponent: 65537
>   Validity: [From: Fri May 30 08:43:19 GMT 2014,
>                To: Mon May 27 08:43:19 GMT 2024]
>   Issuer: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   SerialNumber: [    a6ef7a9a 5368eb27]
>
> Certificate Extensions: 3
> [1]: ObjectId: 2.5.29.35 Criticality=false
> AuthorityKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> [2]: ObjectId: 2.5.29.19 Criticality=false
> BasicConstraints:[
>   CA:true
>   PathLen:2147483647
> ]
>
> [3]: ObjectId: 2.5.29.14 Criticality=false
> SubjectKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> ]
>   Algorithm: [SHA1withRSA]
>   Signature:
> 0000: 19 16 5A 21 99 21 24 98   3C 0A E8 D8 00 AB 44 24  ..Z!.!$.<.....D$
> 0010: F2 0C B7 83 D5 9F 96 17   87 E2 1F 1D A3 47 68 C7  .............Gh.
> 0020: 68 4A CB 56 0E 77 2B E8   1A 9F E7 09 A1 19 77 D0  hJ.V.w+.......w.
> 0030: 5E CC C1 B3 9A C4 35 3D   CB E0 A5 A6 43 5D A3 26  ^.....5=....C].&
> 0040: A4 91 8A C1 FA 7B 10 EA   DC C3 C7 1C 47 DC 97 32  ............G..2
> 0050: C0 37 80 1C F1 42 10 E3   74 17 FA 3E 60 4A B7 59  .7...B..t..>`J.Y
> 0060: 92 C1 E0 6F BB F1 BB 9F   82 89 B5 83 D5 AE 1E 90  ...o............
> 0070: 0A 89 8D FB 4C C0 C5 9E   DC C5 8C C6 2F EE D9 B4  ....L......./...
> 0080: 95 47 27 2E BE 82 31 6F   76 C0 DB 4C C8 0D 3B 7B  .G'...1ov..L..;.
> 0090: D1 6A BF BD 3B 93 30 04   A2 9E 81 F7 96 28 77 F2  .j..;.0......(w.
> 00A0: 32 05 68 44 1F B3 30 CE   40 9F 20 F3 B4 2B AA E6  2.hD..0.@. ..+..
> 00B0: 40 9B FB 7F 34 6E 3A 99   FD F8 28 F1 8C 9B 56 34  @...4n:...(...V4
> 00C0: 64 AD 4D 56 39 CB 96 18   50 9B 99 43 80 0A 39 A5  d.MV9...P..C..9.
> 00D0: 13 7A 6E C5 25 E0 95 4A   92 E5 A8 8B EE 03 49 B4  .zn.%..J......I.
> 00E0: D9 7C 00 E3 F0 3B A7 BA   40 30 CC 89 55 C6 97 93  .....;[email protected]...
> 00F0: B5 15 F6 62 D3 B1 74 9C   0B 80 2B 8A D4 03 84 A0  ...b..t...+.....
>
> ]
> Using SSLEngineImpl.
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Using SSLEngineImpl.
> https-jsse-nio-8443-exec-9, WRITE: TLSv1.2 Application Data, length = 286
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> https-jsse-nio-8443-exec-5, READ: TLSv1 Handshake, length = 512
> https-jsse-nio-8443-exec-3, READ: TLSv1 Handshake, length = 512
> https-jsse-nio-8443-exec-4, READ: TLSv1.2 Handshake, length = 134
> ***
> *** ClientHello, TLSv1.2
> Using SSLEngineImpl.
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> RandomCookie:  GMT: 937077586 bytes = { 174, 84, 63, 142, 131, 103, 98,
> 166, 55, 40, 255, 208, 186, 157, 182, 91, 213, 254, 173, 94, 119, 55, 74,
> 51, 128, 16, 27, 127 }
> Session ID:  {92, 125, 15, 237, 254, 33, 2, 52, 144, 148, 0, 165, 156,
> 232, 106, 139, 222, 199, 99, 71, 41, 230, 1, 75, 246, 145, 175, 22, 191,
> 231, 28, 218}
> Cipher Suites: [Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0x13:0x1,
> Unknown 0x13:0x4, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xa9, Unknown 0xc0:0xad, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0xac,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa8,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
> Unknown 0xc0:0x9d, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9c,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xaa, Unknown 0xc0:0x9f, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9e,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
> Compression Methods:  { 0 }
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1,
> unknown curve 29, unknown curve 256, unknown curve 257, unknown curve 258,
> unknown curve 259, unknown curve 260}
> Extension ec_point_formats, formats: [uncompressed]
> Extension signature_algorithms, signature_algorithms: SHA256withRSA,
> Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0x4),
> SHA256withECDSA, Unknown (hash:0x8, signature:0x7), SHA384withRSA, Unknown
> (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0x5),
> SHA384withECDSA, SHA512withRSA, Unknown (hash:0x8, signature:0xb), Unknown
> (hash:0x8, signature:0x6), SHA512withECDSA, SHA1withRSA, SHA1withECDSA
> Unsupported extension type_35, data:
> Unsupported extension type_51, data:
> 00:69:00:17:00:41:04:63:49:bf:ec:49:38:e9:99:e5:34:bf:79:d7:44:85:9b:ae:30:19:12:ea:6a:b9:66:e4:ce:a5:bc:ac:5d:fb:69:6c:ff:6e:5f:19:83:88:c1:28:66:40:3c:1a:3c:60:b7:26:38:7a:8d:34:f4:8c:db:b2:5b:36:b1:9f:5b:0b:7f:00:1d:00:20:9e:f1:d0:52:64:c2:20:af:55:dc:18:64:f8:cb:ae:a9:f3:e7:f9:cd:2c:03:6f:96:cf:86:86:88:c4:f5:ca:2e
> Unsupported extension type_43, data: 08:03:04:03:03:03:02:03:01
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Unsupported extension type_45, data: 02:01:00
> Unsupported extension type_28, data: 40:00
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> %% Initialized:  [Session-12, SSL_NULL_WITH_NULL_NULL]
> *** ClientHello, TLSv1.2
> RandomCookie:  GMT: -1820512062 bytes = { 64, 6, 99, 211, 116, 173, 108,
> 226, 253, 149, 49, 235, 200, 156, 119, 226, 92, 124, 69, 218, 214, 105, 68,
> 37, 151, 243, 120, 41 }
> Session ID:  {92, 125, 15, 237, 254, 33, 2, 52, 144, 148, 0, 165, 156,
> 232, 106, 139, 222, 199, 99, 71, 41, 230, 1, 75, 246, 145, 175, 22, 191,
> 231, 28, 218}
> Cipher Suites: [Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0x13:0x1,
> Unknown 0x13:0x4, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xa9, Unknown 0xc0:0xad, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0xac,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa8,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
> Unknown 0xc0:0x9d, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9c,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xaa, Unknown 0xc0:0x9f, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9e,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
> Compression Methods:  { 0 }
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1,
> unknown curve 29, unknown curve 256, unknown curve 257, unknown curve 258,
> unknown curve 259, unknown curve 260}
> *** ClientKeyExchange, DH
> Extension ec_point_formats, formats: [uncompressed]
> https-jsse-nio-8443-exec-9, WRITE: TLSv1.2 Application Data, length = 53
> Standard ciphersuite chosen: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> *** Diffie-Hellman ServerKeyExchange
> DH Modulus:  { 255, 255, 255, 255, 255, 255, 255, 255,
> https-jsse-nio-8443-exec-6, READ: TLSv1 Handshake, length = 512
> 201%% Negotiating:  [Session-12, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> *** ServerHello, TLSv1.2
> RandomCookie:  GMT: 1551699703 bytes = { 189, 88, 236, 195, 16, 20, ***
> ClientHello, TLSv1.2
> RandomCookie:  GMT: -2052347668 bytes = { Extension signature_algorithms,
> signature_algorithms: SHA256withRSA, Unknown (hash:0x8, signature:0x9),
> Unknown (hash:0x8, signature:0x4), SHA256withECDSA, Unknown (hash:0x8,
> signature:0x7), SHA384withRSA, Unknown (hash:0x8, signature:0xa), Unknown
> (hash:0x8, signature:0x5), SHA384withECDSA, SHA512withRSA, Unknown
> (hash:0x8, signature:0xb), Unknown (hash:0x8, signature:0x6),
> SHA512withECDSA, SHA1withRSA, SHA1withECDSA
> DH Public key:  { 44, 33, 108, 222, 37, 147, 165, 17, 83, 11, 125, 252,
> 177, 121, 176, 220, 53, 161, 114, 76, 39, 221, 24, 63, 102, 217, 38, 175,
> 12, 184, 22, 169, 114, 30, 2, 36, 65, 125, 130, 154, 243, 72, 184, 27, 206,
> 250, 2, 219, 212, 150, 48, 222, 58, 17, 96, 109, 17, 180, 111, 224, 168,
> 191, 38, 96, 214, 110, 81, 34, 212, 94, 3, 119, 24, 43, 189, 128, 60, 93,
> 34, 7, 243, 167, 69, 203, 197, 247, 124, 116, 14, 107, 52, 145, 150, 18,
> 90, 253, 218, 3, 179, 185, 157, 238, 191, 152, 68, 242, 208, 83, 120, 171,
> 228, 145, 249, 212, 132, 160, 48, 67, 206, 49, 40, 43, 165, 58, 143, 82,
> 19, 137 }
> Unsupported extension type_35, data:
> Unsupported extension type_51, data:
> 00:69:00:17:00:41:04:fb:ce:2a:0c:db:49:2b:b8:4c:df:04:e9:fe:c8:83:44:a1:47:5f:59:37:fe:55:ea:46:17:82:64:6a:7f:67:62:19:fd:2f:51:e5:71:ef:51:70:a7:2a:19:88:de:b4:15:41:b6:86:57:a9:a7:16:75:73:ab:fb:f1:e8:6f:e1:17:00:1d:00:20:ec:07:9e:5c:8f:5d:b4:66:c2:f2:55:52:65:25:41:0d:24:27:dc:0d:ad:88:59:19:48:a3:dc:e0:5a:8f:cc:7c
> Unsupported extension type_43, data: 08:03:04:03:03:03:02:03:01
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Unsupported extension type_45, data: 02:01:00
> Unsupported extension type_28, data: 40:00
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> %% Initialized:  [Session-13, SSL_NULL_WITH_NULL_NULL]
> SESSION KEYGEN:
> PreMaster Secret:
> 0000: 14 2B 4A 96 4B DB 65 AE   A4 12 66 E4 51 AE B4 4B  .+J.K.e...f.Q..K
> 0010: CC 85 AD 73 25 8E 51 18   27 97 B8 9E 86 63 D2 C6  ...s%.Q.'....c..
> 0020: C6 BE 67 E5 8B 8C 0E 78   6F 69 E0 E2 6C C1 48 06  ..g....xoi..l.H.
> 0030: 71 DA B2 D6 8A 26 D4 5A   05 9D 7E 83 1D 18 93 C3  q....&.Z........
> 0040: D3 04 28 1E 43 02 31 03   1B 72 45 4A 80 BE F5 19  ..(.C.1..rEJ....
> 0050: D4 EC 73 06 B4 EE FA CC   F1 8C 8F 9F 86 5F 81 B6  ..s.........._..
> 0060: 25 F4 26 24 F1 BD EB 12   B7 40 30 70 BC 05 FC BC  %.&$.....@0p....
> 0070: 70 33 59 E9 71 1C C4 23   5D DA DF 4C 8D 06 F1 E7  p3Y.q..#]..L....
> Standard ciphersuite chosen: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> %% Negotiating:  [Session-13, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> *** ServerHello, TLSv1.2
> RandomCookie:  GMT: 1551699703 bytes = { 252, 170, 211, 79, 11, 228, 84,
> 65, 15, 83, 81, 221, 200, 117, 89, 186, 233, 119, 90, 185CONNECTION KEYGEN:
> Client Nonce:
> 0000: 31 87 F4 C2 BD 0E D1 B0   61 0F D6 6B 75 3F BB A2  1.......a..ku?..
> 0010: 0C B8 F5 BD F5 E3 7F 80   F4 9A F9 73 65 64 3D 28  ...........sed=(
> Server Nonce:
> 0000: 5C 7D 0F F7 01 4A E6 6E   0E 7B 8F 68 D8 3B 4D 6D  \....J.n...h.;Mm
> 0010: 9C ED 44 98 F1 6A 80 A8   B9 DA 0C CA 06 04 AE 93  ..D..j..........
> Master Secret:
> 0000: 4B 25 56 4E 5D FD 49 87   57 95 61 F8 41 E4 31 7C  K%VN].I.W.a.A.1.
> 0010: EA 86 7F 50 6A FC 09 08   52 3E FC 2E 07 97 05 4E  ...Pj...R>.....N
> 0020: 9C FD AC AB 2F 42 F1 ED   15 4C 13 A3 2B 30 20 58  ..../B...L..+0 X
> ... no MAC keys used for this cipher
> Client write key:
> 0000: 97 B5 1F 11 07 50 73 FE   8C 9E ED 35 58 70 A4 BB  .....Ps....5Xp..
> 0010: 5A EB 7B A0 F8 BC 09 83   67 95 E6 4F 24 8C 74 30  Z.......g..O$.t0
> Server write key:
> 0000: 4C 6A 51 F2 BD FB 38 96   7B 95 F6 1C 5F 5D 09 93  LjQ...8....._]..
> 0010: F5 61 31 9C 3A 0C 9D 50   20 FB 93 92 E6 89 E6 37  .a1.:..P ......7
> Client write IV:
> 0000: 15 B3 BB A8                                        ....
> Server write IV:
> 0000: A0 38 66 10                                        .8f.
> 114, 112, 85, 166, 214, 221, 236, 123, 184, 112, 134, , 15, 218, 162, 33,
> 104, 194, 52, 196, 198, 98, 139, 128, 220, 28, 209, 41, 2, 78, 8, 138, 103,
> 204, 116, 2, 11, 190, 166, 59, 19, 155, 34, 81, 74, 8, 121, 142, 52, 4,
> 221, 239, 149, 25, 179, 205, 58, 67, 27, 48, 43, 10, 109, 242, 95, 20, 55,
> 79, 225, 53, 109, 109, 81, 194, 69, 228, 133, 181, 118, 98, 94, 126, 198,
> 244, 76, 66, 233, 166, 55, 237, 107, 11, 255, 92, 182, 244, 6, 183, 237,
> 238, 56, 107, 251, 90, 137, 159, 165, 174, 159, 36, 17, 124, 75, 31, 230,
> 73, 40, 102, 81, 236, 230, 83, 129, 255, 255, 255, 255, 255, 255, 255, 255 }
> 155, DH Base:  { 2 }
> Server DH Public Key:  { 134, 63, 21, 208, 230, 233, 175, 114, 39, 141,
> 112, 190, 98, 170, 50, 62, 188, 50, 255, 139, 99, 214, 188, 84, 72, 83,
> 180, 84, 119, 199, 203, 23, 228, 34, 201, 57, 130, 183, 252, 53, 152, 17,
> 186, 166https-jsse-nio-8443-exec-4, READ: TLSv1.2 Change Cipher Spec,
> length = 1
> https-jsse-nio-8443-exec-9, WRITE: TLSv1.2 Application Data, length = 20
> 2019-03-04 11:45:59,567 |jsse-nio-8443-exec-9 |ServerHitBin
>   |I| Visit delegatorName=default, ServerHitBin delegatorName=default
> https-jsse-nio-8443-exec-4, READ: TLSv1.2 Handshake, length = 40
> 2019-03-04 11:45:59,586 |jsse-nio-8443-exec-9 |ControlServlet
>   |T| [[[login(Domain:https://localhost)] Request Done- total:0.433,since
> last([login(Domain:htt...):0.433]]
> *** Finished
> verify_data:  { 155, 222, 165, 24, 115, 12, 246, 156, 60, 164, 142, 178 }
> ***
> https-jsse-nio-8443-exec-4, WRITE: TLSv1.2 Change Cipher Spec, length = 1
> *** Finished
> verify_data:  { 6, 6, 16, 184, 161, 157, 241, 204, 225, 185, 204, 190 }
> ***
> , 106, 35, 185, 98, 28, 250, 88, 249 }
> Session ID:  , 2, 255, 71, 96 }
> Session ID:  64, 104, 42, 166, 221, 165, 130, 152, 79, 44, 74, 66, 234,
> 105, 217, 162, 156, 55, 120, 122, 122, 100, 89, 111, 1, 89, 172, 237, 227,
> 121, 153, 61, 228, 161, 19, 115, 184, 42, 124, 190, 204, 189, 222, 120,
> 130, 193, 146, 0, 91, 96, 21, 216, 12, 212, 121, 122, 185, 188, 213, 232,
> 141, 115, 36, 88, 98, 138, 166, 244, 88, 246, 108, 235, 28, 181, 191, 203,
> 95, 70, 83, 147, 235, 212, 94, 154, 107, 232, 137, 63, 123, 156, 188, 229,
> 8, 225, 216, 246, 95, 134, 1, 192, 30 }
> Session ID:  49{92, 125, 15, 247, 188, 79, 171, 39, 143, 40, 158, 162,
> 235, 8, 205, 92, 188, 20, 0, 130, 247, 147, 227, 140, 94, 73, 165, 209,
> 150, 178, 61, 238}
> Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> Compression Method: 0
> https-jsse-nio-8443-exec-9, WRITE: TLSv1.2 Application Data, length = 84
> {92, 125, 15, 237, 254, 33, 2, 52, 144, 148, 0, 165, 156, 232, 106, 139,
> 222, 199, 99, 71, 41, 230, 1, 75, 246, 145, 175, 22, 191, 231, 28, 218}
> Cipher Suites: [Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0x13:0x1,
> Unknown 0x13:0x4, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xa9, Unknown 0xc0:0xad, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0xac,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa8,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
> Unknown 0xc0:0x9d, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9c,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xaa, Unknown 0xc0:0x9f, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9e,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
> Compression Methods:  { 0 }
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1,
> unknown curve 29, unknown curve 256, unknown curve 257, unknown curve 258,
> unknown curve 259, unknown curve 260}
> Extension ec_point_formats, formats: [uncompressed]
> Extension signature_algorithms, signature_algorithms: SHA256withRSA,
> Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0x4),
> SHA256withECDSA, Unknown (hash:0x8, signature:0x7), SHA384withRSA, Unknown
> (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0x5),
> SHA384withECDSA, SHA512withRSA, Unknown (hash:0x8, signature:0xb), Unknown
> (hash:0x8, signature:0x6), SHA512withECDSA, SHA1withRSA, SHA1withECDSA
> Unsupported extension type_35, data:
> Unsupported extension type_51, data:
> 00:69:00:17:00:41:04:09:2c:38:aa:5b:66:0a:29:e1:28:22:44:e6:26:34:0f:77:d8:d5:c5:c2:06:5f:9f:ab:05:cb:26:60:db:ac:37:26:61:cc:69:6c:58:20:88:2f:9d:18:72:cf:2e:01:e5:9b:db:9b:26:c8:95:50:a8:66:9c:e6:30:b2:f5:3d:b0:00:1d:00:20:40:c5:6e:d8:93:c4:ca:68:a7:b1:db:d4:c4:a3:5a:61:73:74:57:c9:d5:cf:2f:c1:21:7a:3a:ff:c3:a0:f5:28
> Unsupported extension type_43, data: 08:03:04:03:03:03:02:03:01
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Unsupported extension type_45, data: 02:01:00
> Unsupported extension type_28, data: 40:00
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> %% Initialized:  [Session-14, SSL_NULL_WITH_NULL_NULL]
> https-jsse-nio-8443-exec-9, READ: TLSv1.2 Alert, length = 26
> {92, 125, 15, 247, 50, 58, 5, 184, 11, 182, 57, 252, 105, 8, 156, 212,
> 100, 243, 238, 186, 235, 226, 190, 120, 154, 82, 26, 51, 98, 107, 132, 131}
> Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> Compression Method: 0
> https-jsse-nio-8443-exec-4, WRITE: TLSv1.2 Handshake, length = 40
> Using SSLEngineImpl.
> %% Cached server session: [Session-10, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Standard ciphersuite chosen: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> %% Negotiating:  [Session-14, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> *** ServerHello, TLSv1.2
> RandomCookie:  GMT: 1551699703 bytes = { 249, 106, 24, 48, 151, 27, 53,
> 192, 6, 37, 123, 97, 160, 198, 58, 140, 51, 36, 55, 26, 66, 142, 253, 24,
> 76, 152, 166, 217 }
> Session ID:  {92, 125, 15, 247, 242, 122, 131, 156, 80, 117, 217, 241,
> 196, 233, 43, 6, 10, 175, 226, 239, 82, 201, 190, 246, 213, 22, 177, 21,
> 148, 39, 43, 131}
> Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> Compression Method: 0
> Extension renegotiation_info, renegotiated_connection: <empty>
> ***
> Cipher suite:  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> *** Certificate chain
> chain [0] = [
> [
>   Version: V3
>   Subject: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>
>   Key:  Sun RSA public key, 2048 bits
>   modulus:
> 21944740401167172627731583459321030363948627215746053925732477915060915436180167456469785746662093119306577380200747716284652995937004530444336851845029170241627465854006145050037178991946925696078563485570896673835545540824265905937881682387179314987285174428010940266412458943894800978345731524307952507729956745301047871771953945124256516782917326981125087548987889540650149121302888872237484100834740328828765018090383963294418357028839734723410564800765871733483849269364796949055153420777966213779145518299141217288017794394762274753999989298548507425930217302947589819396239489846633419099079578249651345685751
>   public exponent: 65537
>   Validity: [From: Fri May 30 08:43:19 GMT 2014,
>                To: Mon May 27 08:43:19 GMT 2024]
>   Issuer: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   SerialNumber: [    a6ef7a9a 5368eb27]
>
> Certificate Extensions: 3
> [1]: ObjectId: 2.5.29.35 Criticality=false
> AuthorityKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> [2]: ObjectId: 2.5.29.19 Criticality=false
> BasicConstraints:[
>   CA:true
>   PathLen:2147483647
> ]
>
> [3]: ObjectId: 2.5.29.14 Criticality=false
> SubjectKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> ]
>   Algorithm: [SHA1withRSA]
>   Signature:
> 0000: 19 16 5A 21 99 21 24 98   3C 0A E8 D8 00 AB 44 24  ..Z!.!$.<.....D$
> 0010: F2 0C B7 83 D5 9F 96 17   87 E2 1F 1D A3 47 68 C7  .............Gh.
> 0020: 68 4A CB 56 0E 77 2B E8   1A 9F E7 09 A1 19 77 D0  hJ.V.w+.......w.
> 0030: 5E CC C1 B3 9A C4 35 3D   CB E0 A5 A6 43 5D A3 26  ^.....5=....C].&
> 0040: A4 91 8A C1 FA 7B 10 EA   DC C3 C7 1C 47 DC 97 32  ............G..2
> 0050: C0 37 80 1C F1 42 10 E3   74 17 FA 3E 60 4A B7 59  .7...B..t..>`J.Y
> 0060: 92 C1 E0 6F BB F1 BB 9F   82 89 B5 83 D5 AE 1E 90  ...o............
> 0070: 0A 89 8D FB 4C C0 C5 9E   DC C5 8C C6 2F EE D9 B4  ....L......./...
> 0080: 95 47 27 2E BE 82 31 6F   76 C0 DB 4C C8 0D 3B 7B  .G'...1ov..L..;.
> 0090: D1 6A BF BD 3B 93 30 04   A2 9E 81 F7 96 28 77 F2  .j..;.0......(w.
> 00A0: 32 05 68 44 1F B3 30 CE   40 9F 20 F3 B4 2B AA E6  2.hD..0.@. ..+..
> 00B0: 40 9B FB 7F 34 6E 3A 99   FD F8 28 F1 8C 9B 56 34  @...4n:...(...V4
> 00C0: 64 AD 4D 56 39 CB 96 18   50 9B 99 43 80 0A 39 A5  d.MV9...P..C..9.
> 00D0: 13 7A 6E C5 25 E0 95 4A   92 E5 A8 8B EE 03 49 B4  .zn.%..J......I.
> 00E0: D9 7C 00 E3 F0 3B A7 BA   40 30 CC 89 55 C6 97 93  .....;[email protected]...
> 00F0: B5 15 F6 62 D3 B1 74 9C   0B 80 2B 8A D4 03 84 A0  ...b..t...+.....
>
> ]
> ***
> Extension renegotiation_info, renegotiated_connection: <empty>
> ***
> Cipher suite:  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> https-jsse-nio-8443-exec-9, RECV TLSv1.2 ALERT:  warning, close_notify
> https-jsse-nio-8443-exec-9, closeInboundInternal()
> Extension renegotiation_info, renegotiated_connection: <empty>
> ***
> , Cipher suite:  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> https-jsse-nio-8443-exec-9, closeOutboundInternal()
> *** Certificate chain
> https-jsse-nio-8443-exec-8, WRITE: TLSv1.2 Application Data, length = 84
> chain [0] = [
> [
>   Version: V3
>   Subject: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>
>   Key:  Sun RSA public key, 2048 bits
>   modulus:
> 21944740401167172627731583459321030363948627215746053925732477915060915436180167456469785746662093119306577380200747716284652995937004530444336851845029170241627465854006145050037178991946925696078563485570896673835545540824265905937881682387179314987285174428010940266412458943894800978345731524307952507729956745301047871771953945124256516782917326981125087548987889540650149121302888872237484100834740328828765018090383963294418357028839734723410564800765871733483849269364796949055153420777966213779145518299141217288017794394762274753999989298548507425930217302947589819396239489846633419099079578249651345685751
>   public exponent: 65537
>   Validity: [From: Fri May 30 08:43:19 GMT 2014,
>                To: Mon May 27 08:43:19 GMT 2024]
>   Issuer: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   SerialNumber: [    a6ef7a9a 5368eb27]
>
> Certificate Extensions: 3
> [1]: ObjectId: 2.5.29.35 Criticality=false
> AuthorityKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> [2]: ObjectId: 2.5.29.19 Criticality=false
> BasicConstraints:[
>   CA:true
>   PathLen:2147483647
> ]
>
> [3]: ObjectId: 2.5.29.14 Criticality=false
> SubjectKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> ]
>   Algorithm: [SHA1withRSA]
>   Signature:
> 0000: 19 16 5A 21 99 21 24 98   3C 0A E8 D8 00 AB 44 24  ..Z!.!$.<.....D$
> 0010: F2 0C B7 83 D5 9F 96 17   87 E2 1F 1D A3 47 68 C7  .............Gh.
> 0020: 68 4A CB 56 0E 77 2B E8   1A 9F E7 09 A1 19 77 D0  hJ.V.w+.......w.
> 0030: 5E CC C1 B3 9A C4 35 3D   CB E0 A5 A6 43 5D A3 26  ^.....5=....C].&
> 0040: A4 91 8A C1 FA 7B 10 EA   DC C3 C7 1C 47 DC 97 32  ............G..2
> 0050: C0 37 80 1C F1 42 10 E3   74 17 FA 3E 60 4A B7 59  .7...B..t..>`J.Y
> 0060: 92 C1 E0 6F BB F1 BB 9F   82 89 B5 83 D5 AE 1E 90  ...o............
> 0070: 0A 89 8D FB 4C C0 C5 9E   DC C5 8C C6 2F EE D9 B4  ....L......./...
> 0080: 95 47 27 2E BE 82 31 6F   76 C0 DB 4C C8 0D 3B 7B  .G'...1ov..L..;.
> 0090: D1 6A BF BD 3B 93 30 04   A2 9E 81 F7 96 28 77 F2  .j..;.0......(w.
> 00A0: 32 05 68 44 1F B3 30 CE   40 9F 20 F3 B4 2B AA E6  2.hD..0.@. ..+..
> 00B0: 40 9B FB 7F 34 6E 3A 99   FD F8 28 F1 8C 9B 56 34  @...4n:...(...V4
> 00C0: 64 AD 4D 56 39 CB 96 18   50 9B 99 43 80 0A 39 A5  d.MV9...P..C..9.
> 00D0: 13 7A 6E C5 25 E0 95 4A   92 E5 A8 8B EE 03 49 B4  .zn.%..J......I.
> 00E0: D9 7C 00 E3 F0 3B A7 BA   40 30 CC 89 55 C6 97 93  .....;[email protected]...
> 00F0: B5 15 F6 62 D3 B1 74 9C   0B 80 2B 8A D4 03 84 A0  ...b..t...+.....
>
> ]
> ***
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> https-jsse-nio-8443-exec-8, READ: TLSv1.2 Alert, length = 26
> *** Diffie-Hellman ServerKeyExchange
> DH Modulus:  { 255, 255, 255, 255, 255, 255, 255, 255, 201, 15, 218, 162,
> 33, 104, 194, 52, 196, 198, 98, 139, 128, 220, 28, 209, 41, 2, 78, 8, 138,
> 103, 204, 116, 2, 11, 190, 166, 59, 19, 155, 34, 81, 74, 8, 121, 142, 52,
> 4, 221, 239, 149, 25, 179, 205, 58, 67, 27, 48, 43, 10, 109, 242, 95, 20,
> 55, 79, 225, 53, 109, 109, 81, 194, 69, 228, 133, 181, 118, 98, 94, 126,
> 198, 244, 76, 66, 233, 166, 55, 237, 107, 11, 255, 92, 182, 244, 6, 183,
> 237, 238, 56, 107, 251, 90, 137, 159, 165, 174, 159, 36, 17, 124, 75, 31,
> 230, 73, 40, 102, 81, 236, 230, 83, 129, 255, 255, Using SSLEngineImpl.
> Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> https-jsse-nio-8443-exec-4, READ: TLSv1 Handshake, length = 512
> *** ClientHello, TLSv1.2
> RandomCookie:  GMT: 643821250 bytes = { 137, 48, 182, 80, 80, 34, 131,
> 177, 184, 128, 9, 127, 211, 99, 150, 129, 92, 69, 3, 172, 96, 191, 219,
> 200, 115, 25, 212, 35 }
> Session ID:  {92, 125, 15, 247, 246, 249, 211, 141, 164, 158, 249, 105,
> 184, 211, 34, 29, 135, 131, 232, 36, 64, 192, 38, 174, 54, 83, 112, 53,
> 142, 111, 182, 94}
> Cipher Suites: [Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0x13:0x1,
> Unknown 0x13:0x4, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xa9, Unknown 0xc0:0xad, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0xac,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa8,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
> Unknown 0xc0:0x9d, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9c,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xaa, Unknown 0xc0:0x9f, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9e,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
> Compression Methods:  { 0 }
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1,
> unknown curve 29, unknown curve 256, unknown curve 257, unknown curve 258,
> unknown curve 259, unknown curve 260}
> Extension ec_point_formats, formats: [uncompressed]
> Extension signature_algorithms, signature_algorithms: SHA256withRSA,
> Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0x4),
> SHA256withECDSA, Unknown (hash:0x8, signature:0x7), SHA384withRSA, Unknown
> (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0x5),
> SHA384withECDSA, SHA512withRSA, Unknown (hash:0x8, signature:0xb), Unknown
> (hash:0x8, signature:0x6), SHA512withECDSA, SHA1withRSA, SHA1withECDSA
> Unsupported extension type_35, data:
> Unsupported extension type_51, data:
> 00:69:00:17:00:41:04:78:2b:24:a2:10:62:da:65:7e:7f:87:75:d2:71:65:9b:df:5a:cc:85:8a:dd:8f:da:79:7d:22:ec:77:68:7e:b8:ac:e1:a7:b8:49:c7:09:e1:c9:45:bf:0b:31:62:e8:f6:4d:a9:9a:26:ab:fd:ec:b9:cf:f9:9a:98:fc:6a:05:f3:00:1d:00:20:2f:22:42:1e:67:89:6e:49:6a:48:64:f2:8e:92:11:05:92:e5:7d:8d:85:c7:b0:1f:96:3d:14:aa:8e:b8:74:08
> Unsupported extension type_43, data: 08:03:04:03:03:03:02:03:01
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Unsupported extension type_45, data: 02:01:00
> Unsupported extension type_28, data: 40:00
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> *** Diffie-Hellman ServerKeyExchange
> https-jsse-nio-8443-exec-9, SEND TLSv1.2 ALERT:  warning, description =
> close_notify
> *** Certificate chain
> https-jsse-nio-8443-exec-9, WRITE: TLSv1.2 Alert, length = 26
> https-jsse-nio-8443-exec-9, called closeOutbound()
> https-jsse-nio-8443-exec-9, closeOutboundInternal()
> chain [0] = [
> [
>   Version: V3
>   Subject: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>
>   Key:  Sun RSA public key, 2048 bits
>   modulus:
> 21944740401167172627731583459321030363948627215746053925732477915060915436180167456469785746662093119306577380200747716284652995937004530444336851845029170241627465854006145050037178991946925696078563485570896673835545540824265905937881682387179314987285174428010940266412458943894800978345731524307952507729956745301047871771953945124256516782917326981125087548987889540650149121302888872237484100834740328828765018090383963294418357028839734723410564800765871733483849269364796949055153420777966213779145518299141217288017794394762274753999989298548507425930217302947589819396239489846633419099079578249651345685751
>   public exponent: 65537
>   Validity: [From: Fri May 30 08:43:19 GMT 2014,
>                To: Mon May 27 08:43:19 GMT 2024]
>   Issuer: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   SerialNumber: [    a6ef7a9a 5368eb27]
>
> Certificate Extensions: 3
> [1]: ObjectId: 2.5.29.35 Criticality=false
> AuthorityKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> [2]: ObjectId: 2.5.29.19 Criticality=false
> BasicConstraints:[
>   CA:true
>   PathLen:2147483647
> ]
>
> [3]: ObjectId: 2.5.29.14 Criticality=false
> SubjectKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> ]
>   Algorithm: [SHA1withRSA]
>   Signature:
> 0000: 19 16 5A 21 99 21 24 98   3C 0A E8 D8 00 AB 44 24  ..Z!.!$.<.....D$
> 0010: F2 0C B7 83 D5 9F 96 17   87 E2 1F 1D A3 47 68 C7  .............Gh.
> 0020: 68 4A CB 56 0E 77 2B E8   1A 9F E7 09 A1 19 77 D0  hJ.V.w+.......w.
> 0030: 5E CC C1 B3 9A C4 35 3D   CB E0 A5 A6 43 5D A3 26  ^.....5=....C].&
> 0040: A4 91 8A C1 FA 7B 10 EA   DC C3 C7 1C 47 DC 97 32  ............G..2
> 0050: C0 37 80 1C F1 42 10 E3   74 17 FA 3E 60 4A B7 59  .7...B..t..>`J.Y
> 0060: 92 C1 E0 6F BB F1 BB 9F   82 89 B5 83 D5 AE 1E 90  ...o............
> 0070: 0A 89 8D FB 4C C0 C5 9E   DC C5 8C C6 2F EE D9 B4  ....L......./...
> 0080: 95 47 27 2E BE 82 31 6F   76 C0 DB 4C C8 0D 3B 7B  .G'...1ov..L..;.
> 0090: D1 6A BF BD 3B 93 30 04   A2 9E 81 F7 96 28 77 F2  .j..;.0......(w.
> 00A0: 32 05 68 44 1F B3 30 CE   40 9F 20 F3 B4 2B AA E6  2.hD..0.@. ..+..
> 00B0: 40 9B FB 7F 34 6E 3A 99   FD F8 28 F1 8C 9B 56 34  @...4n:...(...V4
> 00C0: 64 AD 4D 56 39 CB 96 18   50 9B 99 43 80 0A 39 A5  d.MV9...P..C..9.
> 00D0: 13 7A 6E C5 25 E0 95 4A   92 E5 A8 8B EE 03 49 B4  .zn.%..J......I.
> 00E0: D9 7C 00 E3 F0 3B A7 BA   40 30 CC 89 55 C6 97 93  .....;[email protected]...
> 00F0: B5 15 F6 62 D3 B1 74 9C   0B 80 2B 8A D4 03 84 A0  ...b..t...+.....
>
> ]
> ***
> 75, %% Initialized:  [Session-15, SSL_NULL_WITH_NULL_NULL]
> DH Modulus:  { 255, 255, 255, 255, 255, 255 }
> https-jsse-nio-8443-exec-8, RECV TLSv1.2 ALERT:  warning, close_notify
> https-jsse-nio-8443-exec-8, closeInboundInternal()
> https-jsse-nio-8443-exec-8, closeOutboundInternal()
> https-jsse-nio-8443-exec-8, SEND TLSv1.2 ALERT:  warning, description =
> close_notify
> https-jsse-nio-8443-exec-8, WRITE: TLSv1.2 Alert, length = 26
> https-jsse-nio-8443-exec-8, called closeOutbound()
> https-jsse-nio-8443-exec-8, closeOutboundInternal()
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> 255DH Base:  { 2 }
> Server DH Public Key:  { 177, 46, 218, 230, 151, 33, 161, 94, 214, 180,
> 215, 165, 151, 60, 134, 118, 72, 235, 168, 110, 64, 81, 143, 166, 12, 246,
> 101, 54, 179, 48, 30, 25, 217, 6, 0, 82, 255, 156, 50, 42, 163, 245, 129,
> 17, 24, 191, 111, 135, 130, 39, 111, 76, 27, 43, 199, 194, 122, 223, 144,
> 110, 178, 79, 101, 109, 51, 158, 60, 219, 86, 104, 87, 22, 16, 145, 98,
> 213, 41, 162, 41, 194, 85, 251, 46, 21, 164, 92, 82, 43, 64, 134, 22, 167,
> 216, 227, 36, 230, 90, 31, 150, 223, 17, 125, 194, 16, 229, 56, 37, 71,
> 180, 75, 67, 107, 4, 154, 250, 220, 233, 74, 138, 181, 207, 206, 65, 73,
> 71, 142, 1, 225 }
> Signature Algorithm SHA256withRSA
> Signed with a DSA or RSA public key
> *** ServerHelloDone
> https-jsse-nio-8443-exec-6, WRITE: TLSv1.2 Handshake, length = 1697
> Standard ciphersuite chosen: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> %% Negotiating:  [Session-15, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> *** ServerHello, TLSv1.2
> RandomCookie:  GMT: 1551699703 bytes = { 198, 11, 117, 179, 159, 93, 48,
> 227, 13, 155, 36, 80, 90, 158, 84, 220, 89, 20, 35, 144, 216, 180, 203, 23,
> 217, 172, 24, 58 }
> Session ID:  {92, 125, 15, 247, 11, 132, 70, 127, 210, 91, 74, 138, 226,
> 252, 111, 170, 226, 8, 142, 158, 184, 98, 97, 19, 34, 33, 55, 248, 219, 15,
> 65, 161}
> Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> Compression Method: 0
> Extension renegotiation_info, renegotiated_connection: <empty>
> ***
> Cipher suite:  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> *** Certificate chain
> 196, 187, 73, 78, 45, 31, 224, 64, 65, 236, 30, 143, 125, 66, 234 }
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> https-jsse-nio-8443-exec-6, READ: TLSv1.2 Handshake, length = 134
> *** ClientKeyExchange, DH
> DH Public key:  { 157, 154, 50, 120, 59, 112, 151, 246, 118, 246, 99, 60,
> 208, 120, 179, 160, 184, 247, 26, 167, 185, 205, 106, 238, 241, 71, 3, 69,
> 147, 4, 120, 153, 192, 24, 173, 137, 235, 161, 187, 124, 156, 85, 177, 114,
> 253, 240, 126, 107, 95, 2, 136, 50, 197, 247, 97, 81, 79, 54, 32, 43, 112,
> 132, 176, 192, 158, 187, 122, 171, 118, 218, 96, 214, 148, 234, 43, 164,
> 105, 71, 136, 215, 29, 80, 246, 123, 214, 203, 34, 98, 141, 91, 100, 11,
> 130, 114, 53, 116, 176, 188, 130, 120, 144, 12, 227, 168, 217, 19, 252,
> 132, 217, 104, 81, 169, 205, 73, 108, 87, 232, 158, 7, 239, 184, 156, 165,
> 71, 209, 54, 191, 82 }
> chain [0] = [
> [
>   Version: V3
>   Subject: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>
>   Key:  Sun RSA public key, 2048 bits
>   modulus:
> 21944740401167172627731583459321030363948627215746053925732477915060915436180167456469785746662093119306577380200747716284652995937004530444336851845029170241627465854006145050037178991946925696078563485570896673835545540824265905937881682387179314987285174428010940266412458943894800978345731524307952507729956745301047871771953945124256516782917326981125087548987889540650149121302888872237484100834740328828765018090383963294418357028839734723410564800765871733483849269364796949055153420777966213779145518299141217288017794394762274753999989298548507425930217302947589819396239489846633419099079578249651345685751
>   public exponent: 65537
>   Validity: [From: Fri May 30 08:43:19 GMT 2014,
>                To: Mon May 27 08:43:19 GMT 2024]
>   Issuer: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   SerialNumber: [    a6ef7a9a 5368eb27]
>
> Certificate Extensions: 3
> [1]: ObjectId: 2.5.29.35 Criticality=false
> AuthorityKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> [2]: ObjectId: 2.5.29.19 Criticality=false
> BasicConstraints:[
>   CA:true
>   PathLen:2147483647
> ]
>
> [3]: ObjectId: 2.5.29.14 Criticality=false
> SubjectKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> ]
>   Algorithm: [SHA1withRSA]
>   Signature:
> 0000: 19 16 5A 21 99 21 24 98   3C 0A E8 D8 00 AB 44 24  ..Z!.!$.<.....D$
> 0010: F2 0C B7 83 D5 9F 96 17   87 E2 1F 1D A3 47 68 C7  .............Gh.
> 0020: 68 4A CB 56 0E 77 2B E8   1A 9F E7 09 A1 19 77 D0  hJ.V.w+.......w.
> 0030: 5E CC C1 B3 9A C4 35 3D   CB E0 A5 A6 43 5D A3 26  ^.....5=....C].&
> 0040: A4 91 8A C1 FA 7B 10 EA   DC C3 C7 1C 47 DC 97 32  ............G..2
> 0050: C0 37 80 1C F1 42 10 E3   74 17 FA 3E 60 4A B7 59  .7...B..t..>`J.Y
> 0060: 92 C1 E0 6F BB F1 BB 9F   82 89 B5 83 D5 AE 1E 90  ...o............
> 0070: 0A 89 8D FB 4C C0 C5 9E   DC C5 8C C6 2F EE D9 B4  ....L......./...
> 0080: 95 47 27 2E BE 82 31 6F   76 C0 DB 4C C8 0D 3B 7B  .G'...1ov..L..;.
> 0090: D1 6A BF BD 3B 93 30 04   A2 9E 81 F7 96 28 77 F2  .j..;.0......(w.
> 00A0: 32 05 68 44 1F B3 30 CE   40 9F 20 F3 B4 2B AA E6  2.hD..0.@. ..+..
> 00B0: 40 9B FB 7F 34 6E 3A 99   FD F8 28 F1 8C 9B 56 34  @...4n:...(...V4
> 00C0: 64 AD 4D 56 39 CB 96 18   50 9B 99 43 80 0A 39 A5  d.MV9...P..C..9.
> 00D0: 13 7A 6E C5 25 E0 95 4A   92 E5 A8 8B EE 03 49 B4  .zn.%..J......I.
> 00E0: D9 7C 00 E3 F0 3B A7 BA   40 30 CC 89 55 C6 97 93  .....;[email protected]...
> 00F0: B5 15 F6 62 D3 B1 74 9C   0B 80 2B 8A D4 03 84 A0  ...b..t...+.....
>
> ]
> ***
> SESSION KEYGEN:
> PreMaster Secret:
> 0000: 4C 4C 7D 36 B9 C2 EA 5B   14 A6 33 34 1D 0B E1 4C  LL.6...[..34...L
> 0010: FF 80 50 41 86 7E 0E 53   C8 DD F0 E5 78 2A FC A7  ..PA...S....x*..
> 0020: A5 57 35 26 9C C6 DC 32   0A 9F F0 67 B2 E2 97 B6  .W5&...2...g....
> 0030: 91 1D BD C5 F7 D1 BD 87   59 AD 5A C6 6F C1 86 93  ........Y.Z.o...
> 0040: 56 CD E9 09 C2 F1 4B 7D   00 78 FA C0 BF D8 53 44  V.....K..x....SD
> 0050: E8 BF 14 5A AA 28 59 B6   8B 2A DC 92 ED 16 47 B4  ...Z.(Y..*....G.
> 0060: BD 3C 66 98 F8 86 61 AB   3B 2C 02 DE FE 0D CB 53  .<f...a.;,.....S
> 0070: 6D A1 F4 88 82 73 C8 F7   98 CC 42 4A 87 6F 9B DB  m....s....BJ.o..
> CONNECTION KEYGEN:
> Client Nonce:
> 0000: 86 AC A9 EC 72 70 55 A6   D6 DD EC 7B B8 70 86 17  ....rpU......p..
> 0010: E4 22 C9 39 82 B7 FC 35   98 11 BA A6 02 FF 47 60  .".9...5......G`
> Server Nonce:
> 0000: 5C 7D 0F F7 F9 6A 18 30   97 1B 35 C0 06 25 7B 61  \....j.0..5..%.a
> 0010: A0 C6 3A 8C 33 24 37 1A   42 8E FD 18 4C 98 A6 D9  ..:.3$7.B...L...
> Master Secret:
> 0000: D2 6F 9C 6A E2 98 C7 AC   E1 36 49 74 D3 74 72 20  .o.j.....6It.tr
> 0010: 25 16 88 E3 C0 12 14 B0   66 17 52 9A 94 3B 1E AE  %.......f.R..;..
> 0020: DD 7E 78 F7 1C 21 74 67   65 7C 55 09 12 54 65 36  ..x..!tge.U..Te6
> ... no MAC keys used for this cipher
> Client write key:
> 0000: F8 CA 67 96 B0 33 B9 F6   3E EE D8 29 8A 18 70 25  ..g..3..>..)..p%
> 0010: B0 C2 22 05 1E A2 CC C6   9F 92 62 C9 DB D8 AB 46  ..".......b....F
> Server write key:
> 0000: 6F FA 2F 76 B0 CE 3D 38   8B 8C 53 48 3E 16 63 49  o./v..=8..SH>.cI
> 0010: 29 ED B7 D0 85 DD C8 3B   11 19 71 29 BC 2F C0 43  )......;..q)./.C
> Client write IV:
> 0000: 90 75 CF 92                                        .u..
> Server write IV:
> 0000: C3 17 23 D2                                        ..#.
> https-jsse-nio-8443-exec-6, READ: TLSv1.2 Change Cipher Spec, length = 1
> https-jsse-nio-8443-exec-6, READ: TLSv1.2 Handshake, length = 40
> *** Finished
> verify_data:  { 125, 229, 83, 206, 118, 221, 127, 176, 77, 43, 74, 250 }
> ***
> https-jsse-nio-8443-exec-6, WRITE: TLSv1.2 Change Cipher Spec, length = 1
> *** Finished
> verify_data:  { 220, 32, 94, 37, 86, 154, 92, 9, 15, 195, 183, 59 }
> ***
> Signature Algorithm SHA256withRSA
> Signed with a DSA or RSA public key
> *** ServerHelloDone
> *** Diffie-Hellman ServerKeyExchange
> DH Modulus:  { 255, 255, 255, 255, 255, 255, 255, 255, 201, 15, 218, 162,
> 33, 104, 194, 52, 196, 198, 98, 139, 128, 220, 28, 209, 41, 2, 78, 8, 138,
> 103, 204, 116, 2, 11, 190, 166, 59, 19, 155, 34, 81, 74, 8, 121, 142, 52,
> 4, 221, 239, 149, 25, 179, 205, 58, 67, 27, 48, 43, 10, 109, 242, 95, 20,
> 55, 79, 225, 53, 109, 109, 81, 194, , 255, 255, 255, 255, 255, 255, 255,
> 201, *** Diffie-Hellman ServerKeyExchange
> 15DH Modulus:  { 255, 255, 255, 255, 255, 255, 255, 255, 201, 15, 218,
> 162, 33, 104, 194, 52, 196, 198, 98, 139, 128, 220, 28, 209, 41, 2, 78, 8,
> 138, 103, 204, 116, 2, 11, 190, 166, 59, 19, 155, 34, 81, 74, 8, 121, 142,
> 52, 4, 221, 239, 149, 25, 179, 205, 58, 67, 27, 48, 43, 10, 109, 242, 95,
> 20, 55, 79, 225, 53, 109, 109, 81, 194, 69, 228, 133, 181, 118, 98, 94,
> 126, 198, 244, 76, 66, 233, 166, 55, 237, 107, 11, 255, 92, 182, 244, 6,
> 183, 237, 238, 56, 107, 251, 90, 137, 159, 165, 174, 159, 36, 17, 124, 75,
> 31, 230, 73, 40, 102, 81, 236, 230, 83, 129, 255, 255, 255, 255, 255, 255,
> 255, 255 }
> https-jsse-nio-8443-exec-6, WRITE: TLSv1.2 Handshake, length = 40
> 69, 228, 133, 181, 118, 98, 94, 126, 198, 244, 76, 66, 233, 166, 55, 237,
> 107, 11, 255, 92, 182, 244, 6, 183, 237, 238, 56, 107, 251, 90, 137, 159,
> 165, 174, 159, 36, 17, 124, 75, 31, 230, 73, 40, 102, 81, 236, 230, 83,
> 129, 255, 255, 255, 255, 255, 255, 255, 255 }
> https-jsse-nio-8443-exec-1, WRITE: TLSv1.2 Handshake, length = 1697
> https-jsse-nio-8443-exec-7, READ: TLSv1 Handshake, length = 512
> DH Base:  { 2 }
> Server DH Public Key:  { 193, 96, 176, 222, 230, 37, 252, 19, 5, 43, 101,
> 80, 70, 102, 130, 118, 131, 152, 32, 57, 29, 115, 181, 106, 56, 103, 229,
> 196, 134, 219, 63, 212, 96, 179, 36, 86, 213, 90, 81, 245, 4, 58, 100, 54,
> 84, 210, 191, 183, 116, 242, 80, 67, 50, 253, 211, 91, 173, 143, 212, 82,
> 195, 58, 108, 142, 94, 192, 231, 124, 87, 50, 145, 248, 23, 86, 64, 46,
> 122, 103, 165, 81, 62, 140, 56, 244, 41, 224, 250, 39, 64, 223, 7, 39, 34,
> 56, 204, 44, 1, 248, 68, 126, 121, 77, 81, 20, 78, 26, 74, 211, 31, 115,
> 33, 196, 185, 198, 143, 159, 34, 7, 162, 30, 165, 75, 115, 173, 30, 23,
> 147, 152 }
> Signature Algorithm SHA256withRSA
> Signed with a DSA or RSA public key
> *** ServerHelloDone
> https-jsse-nio-8443-exec-4, WRITE: TLSv1.2 Handshake, length = 1697
> %% Cached server session: [Session-14, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> DH Base:  { 2 }
> Server DH Public Key:  { 70, 38, 125, 98, 236, 23, 27, 22, 194, 211, 229,
> 253, 113, 86, 193, 213, 189, 160, 201, 194, 165, 143, 35, 222, 55, 108,
> 224, 113, 136, 247, 119, 255, 38, 167, 5, 67, 240, 61, 189, 136, 208, 229,
> 118, 220, 251, 141, 36, 156, 74, 98, 117, 235, 180, 84, 153, 139, 114, 161,
> 108, 133, 123, 63, 193, 121, 68, 167, 18, 183, 79, 252, 161, 177, 41, 85,
> 193, 92, 167, 191, 42, 54, 87, 60, 213, 143, 93, 116, 122, 227, 157, 37,
> 40, 44, 135, 232, 156, 208, 179, 219, 176, 42, 238, 51, 230, 16, 155, 11,
> 223, 98, 92, 102, 24, 13, 252, 30, 137, 81, 233, 185, 167, 116, 70, 131,
> 130, 117, 144, 239, 35, 50 }
> Signature Algorithm SHA256withRSA
> Signed with a DSA or RSA public key
> *** ServerHelloDone
> , 218, 162, 33, 104, 194, 52, 196, 198, 98, 139, 128, 220, 28, 209, 41, 2,
> 78, 8, 138, 103, 204, 116, 2, 11, 190, 166, 59, 19, 155, 34, 81, 74, 8,
> 121, 142, 52, 4, 221, 239, 149, 25, 179, 205, 58, 67, 27, 48, 43, 10, 109,
> 242, 95, 20, 55, 79, 225, 53, 109, 109, 81, 194, 69, 228, 133, 181, 118,
> 98, 94, 126, 198, 244, 76, 66, 233, 166, 55, 237, 107, 11, 255, 92, 182,
> 244, 6, 183, 237, 238, 56, 107, 251, 90, 137, 159, 165, 174, 159, 36, 17,
> 124, 75, 31, 230, 73, 40, 102, 81, 236, 230, 83, 129, 255, 255, 255, 255,
> 255, 255, 255, 255 }
> DH Base:  { 2 }
> Server DH Public Key:  { 217, 93, 254, 238, 74, 68, 192, 30, 45, 154, 168,
> 126, 223, 188, 188, 211, 23, 82, 229, 4, 203, 84, 246, 79, 209, 112, 187,
> 23, 136, 40, 120, 87, 228, 233, 170, 48, 169, 12, 71, 25, 8, 194, 208, 158,
> 244, 169, 96, 249, 26, 146, 81, 65, 55, 117, 56, 39, 217, 149, 79, 35, 120,
> 140, 70, 159, 60, 191, 88, 188, 142, 205, 168, 124, 168, 227, 63, 194, 245,
> 114, 199, 28, 96, 77, 92, 216, 122, 186, 226, 142, 45, 235, 188, 201, 127,
> 22, 123, 9, 77, 251, 179, 139, 197, 105, 182, 47, 237, 45, 167, 34, 245,
> 143, 156, 101, 223, 218, 239, 63, 147, 168, 245, 151, 61, 224, 1, 76, 140,
> 51, 14, 10 }
> Signature Algorithm SHA256withRSA
> Signed with a DSA or RSA public key
> *** ServerHelloDone
> https-jsse-nio-8443-exec-3, WRITE: TLSv1.2 Handshake, length = 1697
> https-jsse-nio-8443-exec-5, WRITE: TLSv1.2 Handshake, length = 1697
> https-jsse-nio-8443-exec-10, READ: TLSv1.2 Handshake, length = 134
> *** ClientHello, TLSv1.2
> RandomCookie:  GMT: -706604215 bytes = { 196, 111, 179, 208, 244, 129,
> 162, 107, 156, 95, 201, 27, 64, 190, 101, 179, 175, 152, 138, 37, 220, 22,
> 85, 26, 42, 30, 238, 85 }
> Session ID:  {92, 125, 15, 237, 254, 33, 2, 52, 144, 148, 0, 165, 156,
> 232, 106, 139, 222, 199, 99, 71, 41, 230, 1, 75, 246, 145, 175, 22, 191,
> 231, 28, 218}
> Cipher Suites: [Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0x13:0x1,
> Unknown 0x13:0x4, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xa9, Unknown 0xc0:0xad, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0xac,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa8,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
> Unknown 0xc0:0x9d, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9c,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xaa, Unknown 0xc0:0x9f, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9e,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
> Compression Methods:  { 0 }
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1,
> unknown curve 29, unknown curve 256, unknown curve 257, unknown curve 258,
> unknown curve 259, unknown curve 260}
> Extension ec_point_formats, formats: [uncompressed]
> Extension signature_algorithms, signature_algorithms: SHA256withRSA,
> Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0x4),
> SHA256withECDSA, Unknown (hash:0x8, signature:0x7), SHA384withRSA, Unknown
> (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0x5),
> SHA384withECDSA, SHA512withRSA, Unknown (hash:0x8, signature:0xb), Unknown
> (hash:0x8, signature:0x6), SHA512withECDSA, SHA1withRSA, SHA1withECDSA
> Unsupported extension type_35, data:
> Unsupported extension type_51, data:
> 00:69:00:17:00:41:04:ae:26:0e:77:5f:28:ef:c6:07:56:58:e5:86:ad:d2:a9:7f:36:c0:10:9f:b4:2e:3f:6e:38:42:1b:99:da:08:de:71:5e:f8:f6:73:40:34:82:e5:bf:d6:e0:88:5c:5e:76:8d:ac:e8:10:44:c4:a6:31:61:e2:c0:4e:11:a1:c5:d0:00:1d:00:20:ad:5a:7b:16:64:36:ac:fe:0c:1b:a3:66:f3:1c:c5:d6:5c:6d:6d:bf:9e:fd:dd:ba:f2:4a:92:ba:75:36:65:74
> Unsupported extension type_43, data: 08:03:04:03:03:03:02:03:01
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Unsupported extension type_45, data: 02:01:00
> Unsupported extension type_28, data: 40:00
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> %% Initialized:  [Session-16, SSL_NULL_WITH_NULL_NULL]
> https-jsse-nio-8443-exec-8, WRITE: TLSv1.2 Application Data, length = 85
> https-jsse-nio-8443-exec-9, READ: TLSv1.2 Handshake, length = 134
> *** ClientKeyExchange, DH
> DH Public key:  { 208, 16, 173, 145, 228, 230, 22, 149, 101, 4, 218, 106,
> 213, 64, 141, 224, 237, 45, Using SSLEngineImpl.
> *** ClientKeyExchange, DH
> DH Public key:  { 99, 58, 152, 205, 251, 195, 178, 244, 230, 142, 181,
> 100, Allow unsafe renegotiation: false
> Allow legacy hello messages: true
> Is initial handshake: true
> Is secure renegotiation: false
> 230, 59, 209, 239, 243, 185, 102, 26, 219, 196, 138, 199, 133, 254, 120,
> 180, 224, 146, 217, 28, 95, 47, 121, 59, 237, 106, 196, 19, 32, 21, 113, 7,
> 28, 103, 73, 44, 17, 94, 26, 178, 114, 38, 165, 180, 9, 253, 81, 99, 47,
> 217, 91, 119, 129, 125, 254, 52, 168, 237, 176, 114, 0, 68, 154, 65, 203,
> 28, 126, 159, 65, 219, 89, 221, 151, 28, 139, 170, 226, 143, 68, 144, 227,
> 36, 128, 163, 135, 170, 75, 162, 118, 92, 64, 19, 110, 18, 0, 143, 66, 67,
> 214, 64, 42, 63, 128, 101, 101, 77, 217, 92, 2, 213 }
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Standard ciphersuite chosen: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> 212%% Negotiating:  [Session-16, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for
> TLSv1
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1
> https-jsse-nio-8443-exec-4, READ: TLSv1.2 Handshake, length = 134
> *** ServerHello, TLSv1.2
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for
> TLSv1.1
> SESSION KEYGEN:
> PreMaster Secret:
> https-jsse-nio-8443-exec-6, READ: TLSv1.2 Alert, length = 26
> https-jsse-nio-8443-exec-1, READ: TLSv1.2 Handshake, length = 134
> *** ClientKeyExchange, DH
> DH Public key:  { 232, 46, 72, 12, 170, 19, 61, 133, 121, ***
> ClientKeyExchange, DH
> DH Public key:  { 46, 120, 54, 246, 196, 238, 228, 47, 229, 9, 234, 188,
> 11, 239, 188, 145, 201, 234, 51, 171, 155, 114, 4, 32, 33, 69, 173, 180,
> 48, 249, 215, 103, 201, 25, 255, 111, 63, 186, 171, 93, 189, 90, 205, 116,
> 250, 209, 241, 73, 248, 242, 181, 212, 226, 145, 106, 177, 237, 6, 75, 84,
> 106, 80, 102, 129, 255, 218, 214, 213, 197, 24, 39, 230, 144, 155, 67, 117,
> 220, 21, 92, 132, 111, 212, 218, 30, 61, 255, 73, 221, 128, 47, 22, 85,
> 198, 87, 66, 26, 120, 78, 219, 126, 170, 178, 8, 31, 234, 38, 129, 100,
> 174, 169, 5, 243, 106, 83, 242, 189, 210, 10, 192, 16, 130, 214, 131, 104,
> 204, 204, 6, 65 }
> SESSION KEYGEN:
> PreMaster Secret:
> 0000: 59 6D C0 DA 06 E0 FD 3D   C8 44 C9 73 91 B6 39 3C  Ym.....=.D.s..9<
> 0010: 41 72 7B 70 F4 3B D7 FE   9C 8F F7 F5 64 56 A4 BD  Ar.p.;......dV..
> 0020: BB 3E 1F B5 D3 91 5F E6   E1 04 CB 6A 40 46 B4 91  .>...._....j@F..
> 0030: 95 D7 0C D9 6B DC EC DD   BA FD D8 A2 06 E5 2E 12  ....k...........
> 0040: 7C 47 5A 01 75 BC E5 2E   AC 2F 78 CA CE 0A E5 40  .GZ.u..../x....@
> 0050: 8A 17 97 19 52 B2 46 A2   1A D3 0D 02 D2 35 59 C1  ....R.F......5Y.
> 0060: E6 38 C0 EF DC 67 5C EE   50 B3 34 23 AD 96 4F C3  .8...g\.P.4#..O.
> 0070: CC 69 A1 04 FE 96 FF 22   E7 86 BB A3 A5 D2 74 32  .i....."......t2
> CONNECTION KEYGEN:
> Client Nonce:
> 0000: 93 7D 31 C2 40 06 63 D3   74 AD 6C E2 FD 95 31 EB  [email protected].
> 0010: C8 9C 77 E2 5C 7C 45 DA   D6 69 44 25 97 F3 78 29  ..w.\.E..iD%..x)
> Server Nonce:
> 0000: 5C 7D 0F F7 FC AA D3 4F   0B E4 54 41 0F 53 51 DD  \......O..TA.SQ.
> 0010: C8 75 59 BA E9 77 5A B9   6A 23 B9 62 1C FA 58 F9  .uY..wZ.j#.b..X.
> Master Secret:
> 0000: ED D0 E5 18 AE 36 25 39   46 BA 4B C3 EA 22 8E B5  .....6%9F.K.."..
> 0010: 40 19 5C 46 93 C1 F4 90   3E 66 2F 86 D9 4A F4 CD  @.\F....>f/..J..
> 0020: A6 0A 77 DA 9A 30 37 FA   68 00 0F CA E7 AE 6F C0  ..w..07.h.....o.
> ... no MAC keys used for this cipher
> Client write key:
> 0000: 91 A4 F4 23 6D 8C 87 45   A4 09 04 67 0D 20 AA E2  ...#m..E...g. ..
> 0010: 7C EE 48 CB 6E 0C F1 E3   6C B0 0F 72 4B C1 B8 04  ..H.n...l..rK...
> Server write key:
> 0000: 0A 3D A5 C5 7D F8 54 B2   DC 99 8B 7D A5 95 05 74  .=....T........t
> 0010: DF C6 50 34 F3 2F 0B A7   CC 2A EA 00 C8 79 0C 5F  ..P4./...*...y._
> Client write IV:
> 0000: 62 96 EB 08                                        b...
> Server write IV:
> 0000: 58 D8 ED CD                                        X...
> 0000: Ignoring unsupported cipher suite:
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
> RandomCookie:  GMT: 1551699704 bytes = { 240, https-jsse-nio-8443-exec-1,
> READ: TLSv1.2 Change Cipher Spec, length = 1
> , 66, 5, 10, 121, 136, 226, 41, 170, 37, 114, 13, 145, 74, 43, 3, 99, 230,
> 46, 204, 127, 48, 116, 134, 47, 96, 75, 77 }
> Session ID:  {92, 125, 15, 248, 20, 0, 210, 78, 109, 221, 37, 254, 86,
> 107, 83, 134, 247, 144, 23, 57, 215, 100, 31, 197, 211, 245, 87, 100, 146,
> 61, 193, 176}
> Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> Compression Method: 0
> Extension renegotiation_info, renegotiated_connection: <empty>
> ***
> Cipher suite:  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
> *** Certificate chain
> chain [0] = [
> [
>   Version: V3
>   Subject: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
>
>   Key:  Sun RSA public key, 2048 bits
>   modulus:
> 21944740401167172627731583459321030363948627215746053925732477915060915436180167456469785746662093119306577380200747716284652995937004530444336851845029170241627465854006145050037178991946925696078563485570896673835545540824265905937881682387179314987285174428010940266412458943894800978345731524307952507729956745301047871771953945124256516782917326981125087548987889540650149121302888872237484100834740328828765018090383963294418357028839734723410564800765871733483849269364796949055153420777966213779145518299141217288017794394762274753999989298548507425930217302947589819396239489846633419099079578249651345685751
>   public exponent: 65537
>   Validity: [From: Fri May 30 08:43:19 GMT 2014,
>                To: Mon May 27 08:43:19 GMT 2024]
>   Issuer: [email protected], CN=ofbiz-vm.apache.org,
> OU=Apache OFBiz, O=Apache Software Fundation, L=Wilmington, ST=DE, C=US
>   SerialNumber: [    a6ef7a9a 5368eb27]
>
> Certificate Extensions: 3
> [1]: ObjectId: 2.5.29.35 Criticality=false
> AuthorityKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> [2]: ObjectId: 2.5.29.19 Criticality=false
> BasicConstraints:[
>   CA:true
>   PathLen:2147483647
> ]
>
> [3]: ObjectId: 2.5.29.14 Criticality=false
> SubjectKeyIdentifier [
> KeyIdentifier [
> 0000: 78 0D 96 9D FE D3 0B BE   8C C7 E3 EC 67 04 AB 4B  x...........g..K
> 0010: EA E0 00 29                                        ...)
> ]
> ]
>
> ]
>   Algorithm: [SHA1withRSA]
>   Signature:
> 0000: 19 16 5A 21 99 21 24 98   3C 0A E8 D8 00 AB 44 24  ..Z!.!$.<.....D$
> 0010: F2 0C B7 83 D5 9F 96 17   87 E2 1F 1D A3 47 68 C7  .............Gh.
> 0020: 68 4A CB 56 0E 77 2B E8   1A 9F E7 09 A1 19 77 D0  hJ.V.w+.......w.
> 0030: 5E CC C1 B3 9A C4 35 3D   CB E0 A5 A6 43 5D A3 26  ^.....5=....C].&
> 0040: A4 91 8A C1 FA 7B 10 EA   DC C3 C7 1C 47 DC 97 32  ............G..2
> 0050: C0 37 80 1C F1 42 10 E3   74 17 FA 3E 60 4A B7 59  .7...B..t..>`J.Y
> 0060: 92 C1 E0 6F BB F1 BB 9F   82 89 B5 83 D5 AE 1E 90  ...o............
> 0070: 0A 89 8D FB 4C C0 C5 9E   DC C5 8C C6 2F EE D9 B4  ....L......./...
> 0080: 95 47 27 2E BE 82 31 6F   76 C0 DB 4C C8 0D 3B 7B  .G'...1ov..L..;.
> 0090: D1 6A BF BD 3B 93 30 04   A2 9E 81 F7 96 28 77 F2  .j..;.0......(w.
> 00A0: 32 05 68 44 1F B3 30 CE   40 9F 20 F3 B4 2B AA E6  2.hD..0.@. ..+..
> 00B0: 40 9B FB 7F 34 6E 3A 99   FD F8 28 F1 8C 9B 56 34  @...4n:...(...V4
> 00C0: 64 AD 4D 56 39 CB 96 18   50 9B 99 43 80 0A 39 A5  d.MV9...P..C..9.
> 00D0: 13 7A 6E C5 25 E0 95 4A   92 E5 A8 8B EE 03 49 B4  .zn.%..J......I.
> 00E0: D9 7C 00 E3 F0 3B A7 BA   40 30 CC 89 55 C6 97 93  .....;[email protected]...
> 00F0: B5 15 F6 62 D3 B1 74 9C   0B 80 2B 8A D4 03 84 A0  ...b..t...+.....
>
> ]
> ***
> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for
> TLSv1.1
> 5A C281, https-jsse-nio-8443-exec-6, RECV TLSv1.2 ALERT:  warning,
> close_notify
> 210, 61, 65, 243, 90, 104, 18, 96, 28, 113, 196, 45, 144, 243, 58, 106,
> 169, 94, 72, 94, 240, 76, 113, 253, 130, 8, 5, 184, 63, 94, 56, 3, 237, 54,
> 186, 215, 56, 73, 143, 221, 7, 192, 57, 62, 102, 229, 124, 182, 82, 22,
> 166, 26, 178, 49, 228, 247, 66, 122, 56, 56, 145, 115, 4, 254, 173, 207,
> 236, 153, 164, 248, 22, 136, 81, 255, 249, 14, 239, 167, 16, 76, 191, 30,
> 97, 119, 156, 249, 123, 175, 67, 219, 182, 80, 213, 154, 58, 80, 26, 125,
> 234, 22, 46, 190, 158, 136, 128, 230, 85, 235, 253, 252, 7, 121, 53, 173,
> 192, 154, 10, 250 }
>  65 CB D3 3B F6 53   4C 70 97 C9 BF 3F C6 61  Z.e..;.SLp...?.a
> *** Diffie-Hellman ServerKeyExchange
> https-jsse-nio-8443-exec-2, READ: TLSv1 Handshake, length = 512
> https-jsse-nio-8443-exec-1, READ: TLSv1.2 Handshake, length = 40
> 228, 19, 111, 132, 5, 153, 164, 197, 51, 211, 40, 81, 12*** Finished
> verify_data:  { *** ClientHello, TLSv1.2
> RandomCookie:  DH Modulus:  { 255, 255, 255, 255, 255, 255, 255, 255, 201,
> 15, 218, 162, 33, 104, 194, 52, 196, 198, 98, 139, 128, 220, 28, 209, 41,
> 2, 78, 8, 138, 103, 204, 116, 2, 11, 190, 166, 59, 19, 155, 34, 81, 74, 8,
> 121, 142, 52, 4, 221, 239, 149, 25, 179, 205, 58, 67, 27, 48, 43, 10, 109,
> 242, 95, 20, 55, 79, 225, 53, 109, 109, 81, 194, 69, 228, 133, 181, 118,
> 98, 94, 126, 198, 244, 76, 66, 233, 166, 55, 237, 107, 11, 255, 92, 182,
> 244, 6, 183, 237, 238, 56, 107, 251, 90, 137, 159, 165, 174, 159, 36, 17,
> 124, 75, 31, 230, 73, 40, 102, 81, 236, 230, 83, 129, 255, 255, 255, 255,
> 255, 255, 255, 255 }
> 0DH Base:  { 2 }
> Server DH Public Key:  { 225, 196, 9, 203, 159, 36, 70, 130, 168, 179, 12,
> 214, 43, 37, 14, 184, 16, 20, 34, 219, 146, 253, 158, 33, 160, 120, 135,
> 180, 43, 238, 142, 126, 36, 52, 94, 43, 92, 95, 237, 49, 47, 215, 84, 215,
> 14, 2, 27, 175, 213, 51, 70, 8, 201, 149, 240, 185, 233, 245, 136, 127, 10,
> 169, 220, 37, 118, 74, 127, 187, 232, 33, 189, 146, 233, 207, 195, 33, 253,
> 253, 142, 255, 173, 36, 104, 218, 71, 145, 83, 227, 131, 161, 114, 147,
> 204, 167, 94, 16, 138, 48, 160, 196, 62, 163, 91, 149, 192, 13, 119, 174,
> 17, 195, 246, 173, 41, 105, 89, 10, 173, 117, 66, 142, 117, 109, 170, 166,
> 222, 236, 75, 24 }
> https-jsse-nio-8443-exec-6, closeInboundInternal()
> Signature Algorithm SHA256withRSA
> Signed with a DSA or RSA public key
> 0GMT: 915489528 bytes = { 180, 177, 67, 45, 220, 94, 41, 31, 176, 92, 88,
> 131, 209, 94, 66, 79, 36, 219, 209, 125, 40, 70, 151, 96, 157, 186, 199,
> 228, 116, 209, 49, 40 }
> ***
> , 62, 227, 215, 145, 41, 40, 31, 84, 13, 129, 91, 164, 94, 141, 87, 230,
> 255, 230, 207, 161, 249, 85, 134, 235, 51, 51, 15, 120, 225, 102, 48, 88,
> 37, 12, 39, 198https-jsse-nio-8443-exec-1, WRITE: TLSv1.2 Change Cipher
> Spec, length = 1
> 24, 173, 223, 211, 185, 225, 136, 207 }
> Session ID:  *** ServerHelloDone
> https-jsse-nio-8443-exec-7, WRITE: TLSv1.2 Handshake, length = 1697
> SESSION KEYGEN:
> PreMaster Secret:
> 0000: EC 84 E2 AF 4B 91 CF 27   ED FC C7 B8 66 24 4A 45  ....K..'....f$JE
> 0010: 58 83 59 28 AE DE 2A FC   3F 52 C8 48 B4 86 8C EF  X.Y(..*.?R.H....
> 0020: 96 1C 7B 8A C8 57 D9 73   9E EE 4D 9A FD 59 C1 46  .....W.s..M..Y.F
> 0030: 34 67 31 EA CC DA F8 16   4D 7C 23 F6 F2 78 D7 9B  4g1.....M.#..x..
> 0040: 6D 1B 29 26 CA 2C DC E5   C8 AA E9 3C 9A D3 1C 75  m.)&.,.....<...u
> 0050: 80 A6 38 9B 54 5D A5 30   00 3F 62 36 6A 1C 25 69  ..8.T].0.?b6j.%i
> 0060: CE E1 F5 5D 26 62 D5 9F   CB 23 66 C6 DC DB FA D0  ...]&b...#f.....
> 0070: 9F 04 50 0E F6 6B BE BC   69 54 D4 1A 9A C9 DD B2  ..P..k..iT......
> CONNECTION KEYGEN:
> Client Nonce:
> 0000: 38 DB AB 52 AE 54 3F 8E   83 67 62 A6 37 28 FF D0  8..R.T?..gb.7(..
> 0010: BA 9D B6 5B D5 FE AD 5E   77 37 4A 33 80 10 1B 7F  ...[...^w7J3....
> Server Nonce:
> 0000: 5C 7D 0F F7 BD 58 EC C3   10 14 9B EB D4 5E 9A 6B  \....X.......^.k
> 0010: E8 89 3F 7B 9C BC E5 08   E1 D8 F6 5F 86 01 C0 1E  ..?........_....
> Master Secret:
> 0000: 35 9F E4 FF 5D CB EE 25   07 42 86 BD 40 41 54 47  5...]..%.B..@ATG
> 0010: 22 C5 90 43 E2 3F 8D 62   5C EF C8 9B 99 6B 3C A5  "..C.?.b\....k<.
> 0020: 01 56 09 F5 59 81 B6 69   DD 6F 70 56 27 D1 BB A9  .V..Y..i.opV'...
> ... no MAC keys used for this cipher
> Client write key:
> 0000: F6 28 16 6D F2 29 14 FD   CB 09 E9 7D 62 1A 90 18  .(.m.)......b...
> 0010: E5 9E E5 0F 77 CB 78 E5   22 79 25 5D 3E D1 11 74  ....w.x."y%]>..t
> Server write key:
> 0000: 07 51 6B A8 67 B8 A1 01   9B 54 97 E4 79 CC E8 AD  .Qk.g....T..y...
> 0010: 0C DE 7C EC BB 2B 9B 4C   22 8F D3 B1 F8 19 BA 88  .....+.L".......
> Client write IV:
> 0000: 10 9A BF 5B                                        ...[
> Server write IV:
> 0000: DF 04 1F 6C                                        ...l
> https-jsse-nio-8443-exec-6, closeOutboundInternal()
> https-jsse-nio-8443-exec-3, READ: TLSv1.2 Handshake, length = 134
> 1https-jsse-nio-8443-exec-4, READ: TLSv1.2 Change Cipher Spec, length = 1
> {92, 125, 15, 247, 242, 122, 131, 156, 80, 117, 217, 241, 196, 233, 43, 6,
> 10, 175, 226, 239, 82, 201, 190, 246, 213, 22, 177, 21, 148, 39, 43, 131}
> *** Finished
> Cipher Suites: [Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0x13:0x1,
> Unknown 0x13:0x4, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xa9, Unknown 0xc0:0xad, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0xac,
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, Unknown 0xcc:0xa8,
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
> Unknown 0xc0:0x9d, TLS_RSA_WITH_AES_256_CBC_SHA,
> TLS_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9c,
> TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, Unknown
> 0xcc:0xaa, Unknown 0xc0:0x9f, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xc0:0x9e,
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
> Compression Methods:  { 0https-jsse-nio-8443-exec-4, READ: TLSv1.2
> Handshake, length = 40
> , 231, 92, 16, 188, 236, 216, 59, 248, 130, 122, 175, 64, 140, 220, 165,
> 235, 54, 101, 249, 188, 70, 141, 22, 138, 208, 12, 114, 179, 69, 43, 173,
> 235, 228, 226, 133, 56, 228, 5, 248, 151, 65, 240, 46, 149, 66, 30, 101,
> 199, 252, 57, 235, 185, 122, 71, 60, 156, 67, 80, 118, 190, 192, 214, 11,
> 134, 120, 199 }
>  }
> Unsupported extension status_request, data: 01:00:00:00:00
> Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1,
> unknown curve 29, unknown curve 256, unknown curve 257, unknown curve 258,
> unknown curve 259, unknown curve 260}
> Extension ec_point_formats, formats: [uncompressed]
> Extension signature_algorithms, signature_algorithms: SHA256withRSA,
> Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0x4),
> SHA256withECDSA, Unknown (hash:0x8, signature:0x7), SHA384withRSA, Unknown
> (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0x5),
> SHA384withECDSA, SHA512withRSA, Unknown (hash:0x8, signature:0xb), Unknown
> (hash:0x8, signature:0x6), SHA512withECDSA, SHA1withRSA, SHA1withECDSA
> Unsupported extension type_35, data:
> Unsupported extension type_51, data:
> 00:69:00:17:00:41:04:e5:71:64:63:ab:d5:21:e5:e0:8f:5f:01:36:23:4c:11:7c:4e:ec:a0:36:e8:20:6a:19:d7:a6:96:f7:ae:8f:f0:75:6f:84:31:6c:d9:f5:7e:aa:9e:9d:2f:0d:0e:95:2f:00:64:06:ad:89:a8:91:09:cd:05:7d:22:27:04:f8:79:00:1d:00:20:7f:c9:a3:77:64:c6:cc:dc:c5:6c:ba:d9:df:4c:f2:a5:9b:41:52:eb:54:e7:81:e9:7a:f0:87:62:06:2a:9d:73
> Unsupported extension type_43, data: 08:03:04:03:03:03:02:03:01
> Extension renegotiation_info, renegotiated_connection: <empty>
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Unsupported extension type_45, data: 02:01:00
> Unsupported extension type_28, data: 40:00
> Unsupported extension type_21, data:
> 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
> ***
> %% Initialized:  [Session-17, SSL_NULL_WITH_NULL_NULL]
> SESSION KEYGEN:
> PreMaster Secret:
> 0000: 53 15 0E 57 81 D4 3F 72   C8 F3 EB 48 2A CE 87 89  S..W..?r...H*...
> 0010: F9 F3 27 EC 8A 3F 65 5D   13 EB 50 C4 3F 01 38 B5  ..'..?e]..P.?.8.
> 0020: FA A6 96 DC 2C FF B5 27   01 89 DF 30 D7 98 B0 FC  ....,..'...0....
> 0030: 11 6D AF FF 57 B7 70 FA   F2 21 C0 5B 6A 55 A1 05  .m..W.p..!.[jU..
> 0040: 61 52 CB EE EF 5C 32 F2   58 38 BD F3 8C 89 FB EA  aR...\2.X8......
> 0050: 15 1E C5 BE A0 verify_data:  { 36, 140, 166, 251, 242, 132, 240, 1,
> 173, 233, 78, 233 }
> ***
> *** ClientKeyExchange, DH
> DH Public key:  { 183, 105, 72, 155, 174, 61, 85, 44, 148, 245, 41, 252,
> 1, 127, 50, 68, 236, 105, 47, 121, 185, 243, 220, 146, 158, 27, 2, 49, 162,
> 47, 102, 240, 49, 27, 26, 167, 147, 109, 146, 18, 83, 11, 141, 182, 182,
> 20, 168, 127, 48, 27, 96, 155, 76, 165, 183, 113, 231, 32, 47, 8, 129, 74,
> 221, 88, 102, 249, 151, 140, 201, 51, 130, 38, 8, 43, 47, 212, 51, 104,
> 107, 91, 9, 61, 100, 10, 84, 201, 180, 215, 231, 53, 114, 245, 86, 111,
> 190, 165, 240, 125, 20, 199, 70, 65, 228, 59, 113, 164, 148, 69, 54, 217,
> 103, 140, 119, 16, 79, 217, 2, 38, 134, 91, 160, 73, 57, 40, 84, 224, 138,
> 84 }
> 0: B2 F5 EF E4 EA EF B4 BB   B6 48 19 3F F6 0B BA 13  .........H.?....
> 0020: 68 F9 69 0D C5 EA A2 C1   B4 43 73 D3 98 96 E8 8F  h.i......Cs.....
> 0030: C1 2B 64 5D 8B 46 74 28   A9 01 60 8F 96 6F 13 0E  .+d].Ft(..`..o..
> 0040: 32 C3 3D A1 D1 4D 15 6E   DE 54 BA C4 1B 4B 16 8A  2.=..M.n.T...K..
> 0050: 25 79 21 F1 71 ED 5B D2   ED 8C 04 5B F0 5F EE F8  %y!.q.[....[._..
> 0060: F5 4D ED 8E BC 96 6E 23   A2 A0 8A 72 DE 59 28 50  .M....n#...r.Y(P
> 0070: AB AE E4 CF 4E 1D F2 B4   58 AE 49 0A 86 6A 79 48  ....N...X.I..jyH
> CONNECTION KEYGEN:
> Client Nonce:
> 0000: 35 22 15 5B 46 40 63 FC   FC F3 F7 3D 54 63 E1 16  5".[F@c....=Tc..
> 0010: C5 D9 E8 CC 53 DB 4D 60   D9 E0 24 10 4B FA 73 D2  ....S.M`..$.K.s.
> Server Nonce:
> 0000: 5C 7D 0F F7 54 39 9A 14   43 A1 7D 68 18 FD F9 AC  \...T9..C..h....
> 0010: 43 8A 2C A3 98 EE B5 EF   D9 17 31 95 79 0B 8E 7B  C.,.......1.y...
> Master Secret:
> 0000: 9E AD 80 A5 33 76 EF 56   2B 51 34 CC BE 6C 36 D8  ....3v.V+Q4..l6.
> 0010: 7F C7 F9 A8 E8 4C FA 92   EA E7 CC 30 41 25 FC 41  .....L.....0A%.A
> 0020: 47 19 CC 12 BD 35 15 A7   F5 77 42 F1 E7 18 96 67  G....5...wB....g
> ... no MAC keys used for this cipher
> Client write key:
> 0000: A5 AA 55 23 86 74 FF 71   D8 67 F7 BB AF 01 92 D5  ..U#.t.q.g......
> 0010: 76 FD 91 B8 65 B4 B6 AD   DA 02 02 71 BC 16 4B 8C  v...e......q..K.
> Server write key:
> 0000: 5F 12 55 DA CF 72 DD 2D   C7 64 25 48 44 C6 46 2E  _.U..r.-.d%HD.F.
> 0010: D6 AE F7 B1 2D 44 1F 8A   F9 64 6E 7F 66 FA 99 87  ....-D...dn.f...
> Client write IV:
> 0000: 2A 27 FD E9                                        *'..
> Server write IV:
> 0000: 61 C5 8A 36

Re: Updating SSL certificate version

Reply via email to