-
Bug
-
Resolution: Fixed
-
P3
-
1.4.0
-
1.0.3
-
generic
-
generic
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2110144 | 1.4.0 | Andreas Sterbenz | P3 | Resolved | Fixed | beta3 |
RandomCookie: GMT: 997754762 bytes =
{ 87, 213, 242, 107, 101, 225, 130, 60, 85, 219,
29, 171, 75, 166, 97, 179, 140, 5, 40, 132, 93,
227, 197, 2, 84, 113, 37, 255 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 3B 79 88 8A 57 D5 F2 6B 65 E1 ...7..;y..W..ke.
0010: 82 3C 55 DB 1D AB 4B A6 61 B3 8C 05 28 84 5D E3 .<U...K.a...(.].
0020: C5 02 54 71 25 FF 00 00 10 00 05 00 04 00 09 00 ..Tq%...........
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 3B 79 88 .............;y.
0030: 8A 57 D5 F2 6B 65 E1 82 3C 55 DB 1D AB 4B A6 61 .W..ke..<U...K.a
0040: B3 8C 05 28 84 5D E3 C5 02 54 71 25 FF ...(.]...Tq%.
main, WRITE: SSL v2, contentType = 22, translated length = 16310
main, READ: SSL v3.0 Handshake, length = 3055
*** ServerHello, v3.0
RandomCookie: GMT: 9591 bytes =
{ 129, 191, 1, 34, 218, 123, 133, 183, 44, 8, 84, 178, 150, 144, 156,
86, 40, 92, 248, 222, 26, 193, 100, 1, 175, 96, 68, 159 }
Session ID:
{43, 221, 138, 145, 25, 92, 188, 104, 40, 27, 65, 115, 251, 222, 9,
125, 113, 237, 251, 177, 13, 17, 78, 176, 217, 167, 177, 171, 207, 90, 174, 48}
Cipher Suite: { 0, 4 }
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 00 00 00 25 77 81 BF 01 22 DA 7B ...F....%w..."..
0010: 85 B7 2C 08 54 B2 96 90 9C 56 28 5C F8 DE 1A C1 ..,.T....V(\....
0020: 64 01 AF 60 44 9F 20 2B DD 8A 91 19 5C BC 68 28 d..`D. +....\.h(
0030: 1B 41 73 FB DE 09 7D 71 ED FB B1 0D 11 4E B0 D9 .As....q.....N..
0040: A7 B1 AB CF 5A AE 30 00 04 00 ....Z.0...
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=www.foliofn.com, OU=Operations-Server 3,
O=FolioFN, L=Vienna, ST=Virginia, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@22cdb6
Validity: [From: Thu Jan 25 16:00:00 PST 2001,
To: Sat Jan 26 15:59:59 PST 2002]
Issuer:
OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign,
OU=VeriSign International Server CA - Class 3, OU="VeriSign, Inc.",
O=VeriSign Trust Network
SerialNumber: [ 4b8c7820 6710cbe7 61b3554e 380ae9f1 ]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
]
[2]: ObjectId: 2.5.29.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 82 02 16 30 82 02 12 30 82 02 0E 30 82 02 0A ....0...0...0...
0010: 06 0B 60 86 48 01 86 F8 45 01 07 01 01 30 82 01 ..`.H...E....0..
0020: F9 16 82 01 A7 54 68 69 73 20 63 65 72 74 69 66 .....This certif
0030: 69 63 61 74 65 20 69 6E 63 6F 72 70 6F 72 61 74 icate incorporat
0040: 65 73 20 62 79 20 72 65 66 65 72 65 6E 63 65 2C es by reference,
0050: 20 61 6E 64 20 69 74 73 20 75 73 65 20 69 73 20 and its use is
0060: 73 74 72 69 63 74 6C 79 20 73 75 62 6A 65 63 74 strictly subject
0070: 20 74 6F 2C 20 74 68 65 20 56 65 72 69 53 69 67 to, the VeriSig
0080: 6E 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 n Certification
0090: 50 72 61 63 74 69 63 65 20 53 74 61 74 65 6D 65 Practice Stateme
00A0: 6E 74 20 28 43 50 53 29 2C 20 61 76 61 69 6C 61 nt (CPS), availa
00B0: 62 6C 65 20 61 74 3A 20 68 74 74 70 73 3A 2F 2F ble at: https://
00C0: 77 77 77 2E 76 65 72 69 73 69 67 6E 2E 63 6F 6D www.verisign.com
00D0: 2F 43 50 53 3B 20 62 79 20 45 2D 6D 61 69 6C 20 /CPS; by E-mail
00E0: 61 74 20 43 50 53 2D 72 65 71 75 65 73 74 73 40 at CPS-requests@
00F0: 76 65 72 69 73 69 67 6E 2E 63 6F 6D 3B 20 6F 72 verisign.com; or
0100: 20 62 79 20 6D 61 69 6C 20 61 74 20 56 65 72 69 by mail at Veri
0110: 53 69 67 6E 2C 20 49 6E 63 2E 2C 20 32 35 39 33 Sign, Inc., 2593
0120: 20 43 6F 61 73 74 20 41 76 65 2E 2C 20 4D 6F 75 Coast Ave., Mou
0130: 6E 74 61 69 6E 20 56 69 65 77 2C 20 43 41 20 39 ntain View, CA 9
0140: 34 30 34 33 20 55 53 41 20 54 65 6C 2E 20 2B 31 4043 USA Tel. +1
0150: 20 28 34 31 35 29 20 39 36 31 2D 38 38 33 30 20 (415) 961-8830
0160: 43 6F 70 79 72 69 67 68 74 20 28 63 29 20 31 39 Copyright (c) 19
0170: 39 36 20 56 65 72 69 53 69 67 6E 2C 20 49 6E 63 96 VeriSign, Inc
0180: 2E 20 20 41 6C 6C 20 52 69 67 68 74 73 20 52 65 . All Rights Re
0190: 73 65 72 76 65 64 2E 20 43 45 52 54 41 49 4E 20 served. CERTAIN
01A0: 57 41 52 52 41 4E 54 49 45 53 20 44 49 53 43 4C WARRANTIES DISCL
01B0: 41 49 4D 45 44 20 61 6E 64 20 4C 49 41 42 49 4C AIMED and LIABIL
01C0: 49 54 59 20 4C 49 4D 49 54 45 44 2E A0 0E 06 0C ITY LIMITED.....
01D0: 60 86 48 01 86 F8 45 01 07 01 01 01 A1 0E 06 0C `.H...E.........
01E0: 60 86 48 01 86 F8 45 01 07 01 01 02 30 2C 30 2A `.H...E.....0,0*
01F0: 16 28 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 .(https://www.ve
0200: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 65 70 6F 73 risign.com/repos
0210: 69 74 6F 72 79 2F 43 50 53 20 itory/CPS
[3]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[2.16.840.1.113730.4.1]
]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 14 AC 35 E2 45 64 CE 38 FC F6 85 5A 9E AD 44 6B ..5.Ed.8...Z..Dk
0010: BB BD 7A E9 06 A4 66 8C CF F5 50 D9 61 28 90 4F ..z...f...P.a(.O
0020: 54 C8 01 A9 65 05 1C DA E6 1B 52 55 38 3F 41 48 T...e.....RU8?AH
0030: 6B D8 B6 07 85 12 24 EF 74 4C 6E 79 D2 EF 2A 1B k.....$.tLny..*.
0040: 45 4A AA 3B 6B C3 77 64 5B FA F7 5C E2 76 DF D5 EJ.;k.wd[..\.v..
0050: 7E 7F C0 C4 9D C3 F0 81 37 E1 9C 1E 43 42 42 7F ........7...CBB.
0060: E3 7D 1D B4 6D 34 16 91 0E 87 0F 27 AD 38 0A 33 ....m4.....'.8.3
0070: E6 6F 09 6C 2B F9 DB 26 1A B6 CE 4A C5 D1 C4 CE .o.l+..&...J....
]
chain [1] = [
[
Version: V3
Subject: OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97
VeriSign, OU=VeriSign International Server CA - Class 3, OU="VeriSign, Inc.",
O=VeriSign Trust Network
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@3ecfff
Validity: [From: Wed Apr 16 17:00:00 PDT 1997,
To: Wed Jan 07 15:59:59 PST 2004]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 236c971e 2bc60d0b f97460de f108c3c3 ]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
]
[2]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76
65 ..https://www.ve
0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 43 50 53 risign.com/CPS
], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 D9 30 15 16 0E 56 65 72 69 53 69 67 6E 2C
0..0...VeriSign,
0010: 20 49 6E 63 2E 30 03 02 01 01 1A 81 BF 56 65 72 Inc.0.......Ver
0020: 69 53 69 67 6E 27 73 20 43 65 72 74 69 66 69 63 iSign's Certific
0030: 61 74 69 6F 6E 20 50 72 61 63 74 69 63 65 20 53 ation Practice S
0040: 74 61 74 65 6D 65 6E 74 2C 20 77 77 77 2E 76 65 tatement, www.ve
0050: 72 69 73 69 67 6E 2E 63 6F 6D 2F 43 50 53 2C 20 risign.com/CPS,
0060: 67 6F 76 65 72 6E 73 20 74 68 69 73 20 63 65 72 governs this cer
0070: 74 69 66 69 63 61 74 65 20 26 20 69 73 20 69 6E tificate & is in
0080: 63 6F 72 70 6F 72 61 74 65 64 20 62 79 20 72 65 corporated by re
0090: 66 65 72 65 6E 63 65 20 68 65 72 65 69 6E 2E 20 ference herein.
00A0: 53 4F 4D 45 20 57 41 52 52 41 4E 54 49 45 53 20 SOME WARRANTIES
00B0: 44 49 53 43 4C 41 49 4D 45 44 20 26 20 4C 49 41 DISCLAIMED & LIA
00C0: 42 49 4C 49 54 59 20 4C 54 44 2E 20 28 63 29 31 BILITY LTD. (c)1
00D0: 39 39 37 20 56 65 72 69 53 69 67 6E 997 VeriSign
]] ]
]
[3]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[2.16.840.1.113733.1.8.1, 2.16.840.1.113730.4.1]]
[4]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
[5]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:0
]
]
Algorithm: [MD2withRSA]
Signature:
0000: B8 8C 98 C3 2B 48 F5 72 CD 68 0D 1A B3 74 63 BB ....+H.r.h...tc.
0010: B1 58 B6 98 45 22 EC 11 8D C7 4E 33 8B 62 5A 21 .X..E"....N3.bZ!
0020: 24 6C 9A C0 42 B4 45 A9 3A FB 67 F0 91 BE 18 1F $l..B.E.:.g.....
0030: D5 48 19 93 6B 8D CB 37 4B 86 E6 7D 9B FD 8C 78 .H..k..7K......x
0040: 99 FF 83 C2 FC D9 55 06 9E 31 66 46 7D 1B 78 60 ......U..1fF..x`
0050: F4 55 D4 6C 55 C8 69 62 70 7C 4D B6 89 06 05 9B .U.lU.ibp.M.....
0060: C8 43 8E CC 0C 28 D5 D1 8C CD 46 50 E3 31 96 66 .C...(....FP.1.f
0070: 92 11 24 1E 4A 5B 4B 66 5E 65 55 1E 5F 37 9A AE ..$.J[Kf^eU._7..
]
chain [2] = [
[
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@65a77f
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Tue Aug 01 16:59:59 PDT 2028]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 70bae41d 10d92934 b638ca7b 03ccbabf ]
]
Algorithm: [MD2withRSA]
Signature:
0000: BB 4C 12 2B CF 2C 26 00 4F 14 13 DD A6 FB FC 0A .L.+.,&.O.......
0010: 11 84 8C F3 28 1C 67 92 2F 7C B6 C5 FA DF F0 E8 ....(.g./.......
0020: 95 BC 1D 8F 6C 2C A8 51 CC 73 D8 A4 C0 53 F0 4E ....l,.Q.s...S.N
0030: D6 26 C0 76 01 57 81 92 5E 21 F1 D1 B1 FF E7 D0 .&.v.W..^!......
0040: 21 58 CD 69 17 E3 44 1C 9C 19 44 39 89 5C DC 9C !X.i..D...D9.\..
0050: 00 0F 56 8D 02 99 ED A2 90 45 4C E4 BB 10 A4 3D ..V......EL....=
0060: F0 32 03 0E F1 CE F8 E8 C9 51 8C E6 62 9F E6 9F .2.......Q..b...
0070: C0 7D B7 72 9C C9 36 3A 6B 9F 4E A8 FF 64 0D 64 ...r..6:k.N..d.d
]
***
main, SEND SSL v3.0 ALERT: fatal, description = certificate_unknown
main, WRITE: SSL v3.0 Alert, length = 2
javax.net.ssl.SSLHandshakeException: untrusted server cert chain
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-
120198])
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-
V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-
120198])
at java.io.OutputStream.write(OutputStream.java:61)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-
V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.d([DashoPro-
V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-
V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-
V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect
([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream
([DashoPro-V1.2-120198])
at java.net.URL.openStream(URL.java:851)
at URLReader.main(URLReader.java:57)
Exception in thread "main"
-------------------------------------------------------------------------------
(Review ID: 130042)
======================================================================
Name: bsC130419 Date: 08/15/2001
% java -version
java version "1.4.0-beta"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-beta-b65)
Java HotSpot(TM) Client VM (build 1.4.0-beta-b65, mixed mode)
Connection fails with a V3 certificate if attachment key usage is not defined
The following URLReader.java program was used to produce this problem.
Jeff Harris (###@###.###) offered the following analysis of this problem:
It looks like the cert does not have key usage defined in it. Changing the
fields in IE doesn't actually change the cert, since the signature would
break. This appears to be a bug in Sun's verification. I'm not sure if
it can be fixed with using sun's JSSE libraries.
------------------------------------------------------------------------------
import java.net.*;
import java.io.*;
import java.security.*;
public class URLReader {
public static void main(String[] args) throws Exception {
URL url = new URL("https://www.foliofn.com/servlets/ProcessAction?identifier=loginFormEntry&buildFrame=t");
System.setProperty( "java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider() );
BufferedReader in = new BufferedReader(
new InputStreamReader(
url.openStream()));
String inputLine;
while ((inputLine = in.readLine()) != null) {
System.out.println(inputLine);
}
System.out.println("WORKED!");
in.close();
}
}
-------------------------------------------------------------------------------
The command line used to compile:
javac URLReader.java
-------------------------------------------------------------------------------
The command line used to run the program:
java -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -
Djavax.net.debug=ssl,trustmanager,certpath URLReader
-------------------------------------------------------------------------------
The trace showing the failure:
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: d:\jdk1.4\jre\lib\security\cacerts
trustStore type is : jks
init truststore
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Personal
Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@70eed6
Validity: [From: Sun Dec 31 16:00:00 PST 1995,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Personal
Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: C7 EC 92 7E 4E F8 F5 96 A5 67 62 2A A4 F0 4D 11 ....N....gb*..M.
0010: 60 D0 6F 8D 60 58 61 AC 26 BB 52 35 5C 08 CF 30 `.o.`Xa.&.R5\..0
0020: FB A8 4A 96 8A 1F 62 42 23 8C 17 0F F4 BA 64 9C ..J...bB#.....d.
0030: 17 AC 47 29 DF 9D 98 5E D2 6C 60 71 5C A2 AC DC ..G)...^.l`q\...
0040: 79 E3 E7 6E 00 47 1F B5 0D 28 E8 02 9D E4 9A FD y..n.G...(......
0050: 13 F4 A6 D9 7C B1 F8 DC 5F 23 26 09 91 80 73 D0 ........_#&...s.
0060: 14 1B DE 43 A9 83 25 F2 E6 9C 2F 15 CA FE A6 AB ...C..%.../.....
0070: 8A 07 75 8B 0C DD 51 84 6B E4 F8 D1 CE 77 A2 81 ..u...Q.k....w..
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Personal Basic
CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@453dce
Validity: [From: Sun Dec 31 16:00:00 PST 1995,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Personal Basic CA,
OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 2D E2 99 6B B0 3D 7A 89 D7 59 A2 94 01 1F 2B DD -..k.=z..Y....+.
0010: 12 4B 53 C2 AD 7F AA A7 00 5C 91 40 57 25 4A 38 .KS......\.@W%J8
0020: AA 84 70 B9 D9 80 0F A5 7B 5C FB 73 C6 BD D7 8A ..p......\.s....
0030: 61 5C 03 E3 2D 27 A8 17 E0 84 85 42 DC 5E 9B C6 a\..-'.....B.^..
0040: B7 B2 6D BB 74 AF E4 3F CB A7 B7 B0 E0 5D BE 78 ..m.t..?.....].x
0050: 83 25 94 D2 DB 81 0F 79 07 6D 4F F4 39 15 5A 52 .%.....y.mO.9.ZR
0060: 01 7B DE 32 D6 4D 38 F6 12 5C 06 50 DF 05 5B BD ...2.M8..\.P..[.
0070: 14 4B A1 DF 29 BA 3B 41 8D F7 63 56 A1 DF 22 B1 .K..).;A..cV..".
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@7c9944
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Wed Jan 07 15:59:59 PST 2004]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ e49efdf3 3ae80ecf a5113e19 a4240232 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 61 70 EC 2F 3F 9E FD 2B E6 68 54 21 B0 67 79 08 ap./?..+.hT!.gy.
0010: 0C 20 96 31 8A 0D 7A BE B6 26 DF 79 2C 22 69 49 . .1..z..&.y,"iI
0020: 36 E3 97 77 62 61 A2 32 D7 7A 54 21 36 BA 02 C9 6..wba.2.zT!6...
0030: 34 E7 25 DA 44 35 B0 D2 5C 80 5D B3 94 F8 F9 AC 4.%.D5..\.].....
0040: EE A4 60 75 2A 1F 95 49 23 B1 4A 7C F4 B3 47 72 ..`u*..I#.J...Gr
0050: 21 5B 7E 97 AB 54 AC 62 E7 5D EC AE 9B D2 C9 B2 ![...T.b.]......
0060: 24 FB 82 AD E9 67 15 4B BA AA A6 F0 97 A0 F6 B0 $....g.K........
0070: 97 57 00 C8 0C 3C 09 A0 82 04 BA 41 DA F7 99 A4 .W...<.....A....
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Personal
Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@b819f
Validity: [From: Sun Dec 31 16:00:00 PST 1995,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Personal Premium
CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 69 36 89 F7 34 2A 33 72 2F 6D 3B D4 22 B2 B8 6F i6..4*3r/m;."..o
0010: 9A C5 36 66 0E 1B 3C A1 B1 75 5A E6 FD 35 D3 F8 ..6f..<..uZ..5..
0020: A8 F2 07 6F 85 67 8E DE 2B B9 E2 17 B0 3A A0 F0 ...o.g..+....:..
0030: 0E A2 00 9A DF F3 14 15 6E BB C8 85 5A 98 80 F9 ........n...Z...
0040: FF BE 74 1D 3D F3 FE 30 25 D1 37 34 67 FA A5 71 ..t.=..0%.74g..q
0050: 79 30 61 29 72 C0 E0 2C 4C FB 56 E4 3A A8 6F E5 y0a)r..,L.V.:.o.
0060: 32 59 52 DB 75 28 50 59 0C F8 0B 19 E4 AC D9 AF 2YR.u(PY........
0070: 96 8D 2F 50 DB 07 C3 EA 1F AB 33 E0 F5 2B 31 89 ../P......3..+1.
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@f73c1
Validity: [From: Wed Jul 31 17:00:00 PDT 1996,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 01]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 07 FA 4C 69 5C FB 95 CC 46 EE 85 83 4D 21 30 8E ..Li\...F...M!0.
0010: CA D9 A8 6F 49 1A E6 DA 51 E3 60 70 6C 84 61 11 ...oI...Q.`pl.a.
0020: A1 1A C8 48 3E 59 43 7D 4F 95 3D A1 8B B7 0B 62 ...H>YC.O.=....b
0030: 98 7A 75 8A DD 88 4E 4E 9E 40 DB A8 CC 32 74 B9 .zu...NN.@...2t.
0040: 6F 0D C6 E3 B3 44 0B D9 8A 6F 9A 29 9B 99 18 28 o....D...o.)...(
0050: 3B D1 E3 40 28 9A 5A 3C D5 B5 E7 20 1B 8B CA A4 ;..@(.Z<... ....
0060: AB 8D E9 51 D9 E2 4C 2C 59 A9 DA B9 B2 75 1B F6 ...Q..L,Y....u..
0070: 42 F2 EF C7 F2 18 F9 89 BC A3 FF 8A 23 2E 70 47 B...........#.pG
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Class 4 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@789144
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Fri Dec 31 15:59:59 PST 1999]
Issuer: OU=Class 4 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 02a60000 01]
]
Algorithm: [MD2withRSA]
Signature:
0000: 53 DD D3 F0 9C 24 7E 40 AA E2 FC 00 1A D7 DA 0C S....$.@........
0010: FC 32 61 B8 15 0D 96 F3 FA 57 1B 7F 33 7C AF E9 .2a......W..3...
0020: 98 9A 61 C8 7A B3 B7 FF B1 DC 99 83 DC AC 12 FC ..a.z...........
0030: 70 C9 1F 38 42 ED 44 F6 80 2E 5B 6B 33 69 AC 9C p..8B.D...[k3i..
0040: D3 5C E7 5F 5A 18 C7 B1 2D 79 04 96 41 91 99 41 .\._Z...-y..A..A
0050: B1 3C 0D BA 84 39 C6 3B 97 F0 26 C9 8E EE BD CC .<...9.;..&.....
0060: 42 95 FF 1E C7 02 3F 54 0C 78 F5 BC AA 60 7C 02 B.....?T.x...`..
0070: 69 E8 DC AC E2 02 76 61 C4 3E 03 EA D2 8A 24 D1 i.....va.>....$.
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@6c6b2
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Tue Jan 07 15:59:59 PST 2020]
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 325033cf 50d156f3 5c81ad65 5c4fc825 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 4B 44 66 60 68 64 E4 98 1B F3 B0 72 E6 95 89 7C KDf`hd.....r....
0010: DD 7B B3 95 C0 1D 2E D8 D8 19 D0 2D 34 3D C6 50 ...........-4=.P
0020: 9A 10 86 8C AA 3F 3B A8 04 FC 37 52 95 C3 D9 C9 .....?;...7R....
0030: DB CD F2 86 06 C4 B1 1B F0 82 88 30 42 8E 17 50 ...........0B..P
0040: 1C 64 7A B8 3E 99 49 74 97 FC AC 02 43 FB 96 0C .dz.>.It....C...
0050: 56 04 25 0C 7C 7C 87 9D 24 A7 D8 F0 32 29 B5 A4 V.%.....$...2)..
0060: DF 5D A2 4C C5 16 32 A8 42 F6 45 A6 B6 36 B9 E0 .].L..2.B.E..6..
0070: BF 65 36 93 C2 D2 D7 6B DC DE 59 D6 A2 35 F8 45 .e6....k..Y..5.E
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Secure Server Certification Authority, O="RSA Data Security,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@329f3d
Validity: [From: Tue Nov 08 16:00:00 PST 1994,
To: Thu Jan 07 15:59:59 PST 2010]
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security,
Inc.", C=US
SerialNumber: [ 02ad667e 4e45fe5e 576f3c98 195eddc0 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 65 DD 7E E1 B2 EC B0 E2 3A E0 EC 71 46 9A 19 11 e.......:..qF...
0010: B8 D3 C7 A0 B4 03 40 26 02 3E 09 9C E1 12 B3 D1 ......@&.>......
0020: 5A F6 37 A5 B7 61 03 B6 5B 16 69 3B C6 44 08 0C Z.7..a..[.i;.D..
0030: 88 53 0C 6B 97 49 C7 3E 35 DC 6C B9 BB AA DF 5C .S.k.I.>5.l....0040: BB 3A 2F 93 60 B6 A9 4B 4D F2 20 F7 CD 5F 7F 64 .:/.`..KM. .._.d
0050: 7B 8E DC 00 5C D7 FA 77 CA 39 16 59 6F 0E EA D3 ....\..w.9.Yo...
0060: B5 83 7F 4D 4D 42 56 76 B4 C9 5F 04 F8 38 F8 EB ...MMBVv.._..8..
0070: D2 5F 75 5F CD 7B FC E5 8E 80 7C FC 50 ._u_........P
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@749757
Validity: [From: Wed Jul 31 17:00:00 PDT 1996,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 01]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 26 48 2C 16 C2 58 FA E8 16 74 0C AA AA 5F 54 3F &H,..X...t..._T?
0010: F2 D7 C9 78 60 5E 5E 6E 37 63 22 77 36 7E B2 17 ...x`^^n7c"w6...
0020: C4 34 B9 F5 08 85 FC C9 01 38 FF 4D BE F2 16 42 .4.......8.M...B
0030: 43 E7 BB 5A 46 FB C1 C6 11 1F F1 4A B0 28 46 C9 C..ZF......J.(F.
0040: C3 C4 42 7D BC FA AB 59 6E D5 B7 51 88 11 E3 A4 ..B....Yn..Q....
0050: 85 19 6B 82 4C A4 0C 12 AD E9 A4 AE 3F F1 C3 49 ..k.L.......?..I
0060: 65 9A 8C C5 C8 3E 25 B7 94 99 BB 92 32 71 07 F0 e....>%.....2q..
0070: 86 5E ED 50 27 A6 0D A6 23 F9 BB CB A6 07 14 42 .^.P'...#......B
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@7bd6a1
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Wed Jan 07 15:59:59 PST 2004]
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ ba5ac94c 053b92d6 a7b6df4e d053920d ]
]
Algorithm: [MD2withRSA]
Signature:
0000: B6 00 1F 93 57 A4 07 A7 40 CE 65 40 3F 55 5E ED ....W...@.e@?U^.
0010: EF FA 54 49 A5 30 D6 21 7C 61 87 EE 83 93 0B BF ..TI.0.!.a......
0020: B4 33 F2 98 AC 9F 06 BF 4E A8 CE 14 81 4C CB 04 .3......N....L..
0030: 4E 58 C3 CF 5F EE 7C D7 9A 6F CB 41 8A B7 7F 81 NX.._....o.A....
0040: B8 FF 84 61 C6 27 43 65 1D 0C EC B1 00 0A DD 1B ...a.'Ce........
0050: A4 BB C7 78 20 28 B2 A2 DD 36 95 2E E1 54 4F BF ...x (...6...TO.
0060: 60 B9 77 68 11 99 23 E8 EA 52 E8 AA 00 4E 67 4E `.wh..#..R...NgN
0070: BB 90 B5 45 9B 46 EB 8E 16 EF C4 33 5B 33 3D D5 ...E.F.....3[3=.
]
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
{ 87, 213, 242, 107, 101, 225, 130, 60, 85, 219,
29, 171, 75, 166, 97, 179, 140, 5, 40, 132, 93,
227, 197, 2, 84, 113, 37, 255 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 3B 79 88 8A 57 D5 F2 6B 65 E1 ...7..;y..W..ke.
0010: 82 3C 55 DB 1D AB 4B A6 61 B3 8C 05 28 84 5D E3 .<U...K.a...(.].
0020: C5 02 54 71 25 FF 00 00 10 00 05 00 04 00 09 00 ..Tq%...........
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 3B 79 88 .............;y.
0030: 8A 57 D5 F2 6B 65 E1 82 3C 55 DB 1D AB 4B A6 61 .W..ke..<U...K.a
0040: B3 8C 05 28 84 5D E3 C5 02 54 71 25 FF ...(.]...Tq%.
main, WRITE: SSL v2, contentType = 22, translated length = 16310
main, READ: SSL v3.0 Handshake, length = 3055
*** ServerHello, v3.0
RandomCookie: GMT: 9591 bytes =
{ 129, 191, 1, 34, 218, 123, 133, 183, 44, 8, 84, 178, 150, 144, 156,
86, 40, 92, 248, 222, 26, 193, 100, 1, 175, 96, 68, 159 }
Session ID:
{43, 221, 138, 145, 25, 92, 188, 104, 40, 27, 65, 115, 251, 222, 9,
125, 113, 237, 251, 177, 13, 17, 78, 176, 217, 167, 177, 171, 207, 90, 174, 48}
Cipher Suite: { 0, 4 }
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 74
0000: 02 00 00 46 03 00 00 00 25 77 81 BF 01 22 DA 7B ...F....%w..."..
0010: 85 B7 2C 08 54 B2 96 90 9C 56 28 5C F8 DE 1A C1 ..,.T....V(\....
0020: 64 01 AF 60 44 9F 20 2B DD 8A 91 19 5C BC 68 28 d..`D. +....\.h(
0030: 1B 41 73 FB DE 09 7D 71 ED FB B1 0D 11 4E B0 D9 .As....q.....N..
0040: A7 B1 AB CF 5A AE 30 00 04 00 ....Z.0...
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=www.foliofn.com, OU=Operations-Server 3,
O=FolioFN, L=Vienna, ST=Virginia, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@22cdb6
Validity: [From: Thu Jan 25 16:00:00 PST 2001,
To: Sat Jan 26 15:59:59 PST 2002]
Issuer:
OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign,
OU=VeriSign International Server CA - Class 3, OU="VeriSign, Inc.",
O=VeriSign Trust Network
SerialNumber: [ 4b8c7820 6710cbe7 61b3554e 380ae9f1 ]
Certificate Extensions: 4
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
]
[2]: ObjectId: 2.5.29.3 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 82 02 16 30 82 02 12 30 82 02 0E 30 82 02 0A ....0...0...0...
0010: 06 0B 60 86 48 01 86 F8 45 01 07 01 01 30 82 01 ..`.H...E....0..
0020: F9 16 82 01 A7 54 68 69 73 20 63 65 72 74 69 66 .....This certif
0030: 69 63 61 74 65 20 69 6E 63 6F 72 70 6F 72 61 74 icate incorporat
0040: 65 73 20 62 79 20 72 65 66 65 72 65 6E 63 65 2C es by reference,
0050: 20 61 6E 64 20 69 74 73 20 75 73 65 20 69 73 20 and its use is
0060: 73 74 72 69 63 74 6C 79 20 73 75 62 6A 65 63 74 strictly subject
0070: 20 74 6F 2C 20 74 68 65 20 56 65 72 69 53 69 67 to, the VeriSig
0080: 6E 20 43 65 72 74 69 66 69 63 61 74 69 6F 6E 20 n Certification
0090: 50 72 61 63 74 69 63 65 20 53 74 61 74 65 6D 65 Practice Stateme
00A0: 6E 74 20 28 43 50 53 29 2C 20 61 76 61 69 6C 61 nt (CPS), availa
00B0: 62 6C 65 20 61 74 3A 20 68 74 74 70 73 3A 2F 2F ble at: https://
00C0: 77 77 77 2E 76 65 72 69 73 69 67 6E 2E 63 6F 6D www.verisign.com
00D0: 2F 43 50 53 3B 20 62 79 20 45 2D 6D 61 69 6C 20 /CPS; by E-mail
00E0: 61 74 20 43 50 53 2D 72 65 71 75 65 73 74 73 40 at CPS-requests@
00F0: 76 65 72 69 73 69 67 6E 2E 63 6F 6D 3B 20 6F 72 verisign.com; or
0100: 20 62 79 20 6D 61 69 6C 20 61 74 20 56 65 72 69 by mail at Veri
0110: 53 69 67 6E 2C 20 49 6E 63 2E 2C 20 32 35 39 33 Sign, Inc., 2593
0120: 20 43 6F 61 73 74 20 41 76 65 2E 2C 20 4D 6F 75 Coast Ave., Mou
0130: 6E 74 61 69 6E 20 56 69 65 77 2C 20 43 41 20 39 ntain View, CA 9
0140: 34 30 34 33 20 55 53 41 20 54 65 6C 2E 20 2B 31 4043 USA Tel. +1
0150: 20 28 34 31 35 29 20 39 36 31 2D 38 38 33 30 20 (415) 961-8830
0160: 43 6F 70 79 72 69 67 68 74 20 28 63 29 20 31 39 Copyright (c) 19
0170: 39 36 20 56 65 72 69 53 69 67 6E 2C 20 49 6E 63 96 VeriSign, Inc
0180: 2E 20 20 41 6C 6C 20 52 69 67 68 74 73 20 52 65 . All Rights Re
0190: 73 65 72 76 65 64 2E 20 43 45 52 54 41 49 4E 20 served. CERTAIN
01A0: 57 41 52 52 41 4E 54 49 45 53 20 44 49 53 43 4C WARRANTIES DISCL
01B0: 41 49 4D 45 44 20 61 6E 64 20 4C 49 41 42 49 4C AIMED and LIABIL
01C0: 49 54 59 20 4C 49 4D 49 54 45 44 2E A0 0E 06 0C ITY LIMITED.....
01D0: 60 86 48 01 86 F8 45 01 07 01 01 01 A1 0E 06 0C `.H...E.........
01E0: 60 86 48 01 86 F8 45 01 07 01 01 02 30 2C 30 2A `.H...E.....0,0*
01F0: 16 28 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76 65 .(https://www.ve
0200: 72 69 73 69 67 6E 2E 63 6F 6D 2F 72 65 70 6F 73 risign.com/repos
0210: 69 74 6F 72 79 2F 43 50 53 20 itory/CPS
[3]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[2.16.840.1.113730.4.1]
]
[4]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 14 AC 35 E2 45 64 CE 38 FC F6 85 5A 9E AD 44 6B ..5.Ed.8...Z..Dk
0010: BB BD 7A E9 06 A4 66 8C CF F5 50 D9 61 28 90 4F ..z...f...P.a(.O
0020: 54 C8 01 A9 65 05 1C DA E6 1B 52 55 38 3F 41 48 T...e.....RU8?AH
0030: 6B D8 B6 07 85 12 24 EF 74 4C 6E 79 D2 EF 2A 1B k.....$.tLny..*.
0040: 45 4A AA 3B 6B C3 77 64 5B FA F7 5C E2 76 DF D5 EJ.;k.wd[..\.v..
0050: 7E 7F C0 C4 9D C3 F0 81 37 E1 9C 1E 43 42 42 7F ........7...CBB.
0060: E3 7D 1D B4 6D 34 16 91 0E 87 0F 27 AD 38 0A 33 ....m4.....'.8.3
0070: E6 6F 09 6C 2B F9 DB 26 1A B6 CE 4A C5 D1 C4 CE .o.l+..&...J....
]
chain [1] = [
[
Version: V3
Subject: OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97
VeriSign, OU=VeriSign International Server CA - Class 3, OU="VeriSign, Inc.",
O=VeriSign Trust Network
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@3ecfff
Validity: [From: Wed Apr 16 17:00:00 PDT 1997,
To: Wed Jan 07 15:59:59 PST 2004]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 236c971e 2bc60d0b f97460de f108c3c3 ]
Certificate Extensions: 5
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
]
[2]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.1.1]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 77 77 77 2E 76
65 ..https://www.ve
0010: 72 69 73 69 67 6E 2E 63 6F 6D 2F 43 50 53 risign.com/CPS
], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 D9 30 15 16 0E 56 65 72 69 53 69 67 6E 2C
0..0...VeriSign,
0010: 20 49 6E 63 2E 30 03 02 01 01 1A 81 BF 56 65 72 Inc.0.......Ver
0020: 69 53 69 67 6E 27 73 20 43 65 72 74 69 66 69 63 iSign's Certific
0030: 61 74 69 6F 6E 20 50 72 61 63 74 69 63 65 20 53 ation Practice S
0040: 74 61 74 65 6D 65 6E 74 2C 20 77 77 77 2E 76 65 tatement, www.ve
0050: 72 69 73 69 67 6E 2E 63 6F 6D 2F 43 50 53 2C 20 risign.com/CPS,
0060: 67 6F 76 65 72 6E 73 20 74 68 69 73 20 63 65 72 governs this cer
0070: 74 69 66 69 63 61 74 65 20 26 20 69 73 20 69 6E tificate & is in
0080: 63 6F 72 70 6F 72 61 74 65 64 20 62 79 20 72 65 corporated by re
0090: 66 65 72 65 6E 63 65 20 68 65 72 65 69 6E 2E 20 ference herein.
00A0: 53 4F 4D 45 20 57 41 52 52 41 4E 54 49 45 53 20 SOME WARRANTIES
00B0: 44 49 53 43 4C 41 49 4D 45 44 20 26 20 4C 49 41 DISCLAIMED & LIA
00C0: 42 49 4C 49 54 59 20 4C 54 44 2E 20 28 63 29 31 BILITY LTD. (c)1
00D0: 39 39 37 20 56 65 72 69 53 69 67 6E 997 VeriSign
]] ]
]
[3]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
[2.16.840.1.113733.1.8.1, 2.16.840.1.113730.4.1]]
[4]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
[5]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:0
]
]
Algorithm: [MD2withRSA]
Signature:
0000: B8 8C 98 C3 2B 48 F5 72 CD 68 0D 1A B3 74 63 BB ....+H.r.h...tc.
0010: B1 58 B6 98 45 22 EC 11 8D C7 4E 33 8B 62 5A 21 .X..E"....N3.bZ!
0020: 24 6C 9A C0 42 B4 45 A9 3A FB 67 F0 91 BE 18 1F $l..B.E.:.g.....
0030: D5 48 19 93 6B 8D CB 37 4B 86 E6 7D 9B FD 8C 78 .H..k..7K......x
0040: 99 FF 83 C2 FC D9 55 06 9E 31 66 46 7D 1B 78 60 ......U..1fF..x`
0050: F4 55 D4 6C 55 C8 69 62 70 7C 4D B6 89 06 05 9B .U.lU.ibp.M.....
0060: C8 43 8E CC 0C 28 D5 D1 8C CD 46 50 E3 31 96 66 .C...(....FP.1.f
0070: 92 11 24 1E 4A 5B 4B 66 5E 65 55 1E 5F 37 9A AE ..$.J[Kf^eU._7..
]
chain [2] = [
[
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@65a77f
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Tue Aug 01 16:59:59 PDT 2028]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 70bae41d 10d92934 b638ca7b 03ccbabf ]
]
Algorithm: [MD2withRSA]
Signature:
0000: BB 4C 12 2B CF 2C 26 00 4F 14 13 DD A6 FB FC 0A .L.+.,&.O.......
0010: 11 84 8C F3 28 1C 67 92 2F 7C B6 C5 FA DF F0 E8 ....(.g./.......
0020: 95 BC 1D 8F 6C 2C A8 51 CC 73 D8 A4 C0 53 F0 4E ....l,.Q.s...S.N
0030: D6 26 C0 76 01 57 81 92 5E 21 F1 D1 B1 FF E7 D0 .&.v.W..^!......
0040: 21 58 CD 69 17 E3 44 1C 9C 19 44 39 89 5C DC 9C !X.i..D...D9.\..
0050: 00 0F 56 8D 02 99 ED A2 90 45 4C E4 BB 10 A4 3D ..V......EL....=
0060: F0 32 03 0E F1 CE F8 E8 C9 51 8C E6 62 9F E6 9F .2.......Q..b...
0070: C0 7D B7 72 9C C9 36 3A 6B 9F 4E A8 FF 64 0D 64 ...r..6:k.N..d.d
]
***
main, SEND SSL v3.0 ALERT: fatal, description = certificate_unknown
main, WRITE: SSL v3.0 Alert, length = 2
javax.net.ssl.SSLHandshakeException: untrusted server cert chain
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.ClientHandshaker.a([DashoPro-V1.2-
120198])
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.Handshaker.process_record([DashoPro-
V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.ssl.AppOutputStream.write([DashoPro-V1.2-
120198])
at java.io.OutputStream.write(OutputStream.java:61)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake([DashoPro-
V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.doConnect
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.NetworkClient.openServer
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.d([DashoPro-
V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpClient.<init>
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.<init>
([DashoPro-V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-
V1.2-120198])
at com.sun.net.ssl.internal.www.protocol.https.HttpsClient.a([DashoPro-
V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect
([DashoPro-V1.2-120198])
at
com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnection.getInputStream
([DashoPro-V1.2-120198])
at java.net.URL.openStream(URL.java:851)
at URLReader.main(URLReader.java:57)
Exception in thread "main"
-------------------------------------------------------------------------------
(Review ID: 130042)
======================================================================
Name: bsC130419 Date: 08/15/2001
% java -version
java version "1.4.0-beta"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-beta-b65)
Java HotSpot(TM) Client VM (build 1.4.0-beta-b65, mixed mode)
Connection fails with a V3 certificate if attachment key usage is not defined
The following URLReader.java program was used to produce this problem.
Jeff Harris (###@###.###) offered the following analysis of this problem:
It looks like the cert does not have key usage defined in it. Changing the
fields in IE doesn't actually change the cert, since the signature would
break. This appears to be a bug in Sun's verification. I'm not sure if
it can be fixed with using sun's JSSE libraries.
------------------------------------------------------------------------------
import java.net.*;
import java.io.*;
import java.security.*;
public class URLReader {
public static void main(String[] args) throws Exception {
URL url = new URL("https://www.foliofn.com/servlets/ProcessAction?identifier=loginFormEntry&buildFrame=t");
System.setProperty( "java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
Security.addProvider( new com.sun.net.ssl.internal.ssl.Provider() );
BufferedReader in = new BufferedReader(
new InputStreamReader(
url.openStream()));
String inputLine;
while ((inputLine = in.readLine()) != null) {
System.out.println(inputLine);
}
System.out.println("WORKED!");
in.close();
}
}
-------------------------------------------------------------------------------
The command line used to compile:
javac URLReader.java
-------------------------------------------------------------------------------
The command line used to run the program:
java -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol -
Djavax.net.debug=ssl,trustmanager,certpath URLReader
-------------------------------------------------------------------------------
The trace showing the failure:
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: d:\jdk1.4\jre\lib\security\cacerts
trustStore type is : jks
init truststore
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Personal
Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@70eed6
Validity: [From: Sun Dec 31 16:00:00 PST 1995,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Personal
Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: C7 EC 92 7E 4E F8 F5 96 A5 67 62 2A A4 F0 4D 11 ....N....gb*..M.
0010: 60 D0 6F 8D 60 58 61 AC 26 BB 52 35 5C 08 CF 30 `.o.`Xa.&.R5\..0
0020: FB A8 4A 96 8A 1F 62 42 23 8C 17 0F F4 BA 64 9C ..J...bB#.....d.
0030: 17 AC 47 29 DF 9D 98 5E D2 6C 60 71 5C A2 AC DC ..G)...^.l`q\...
0040: 79 E3 E7 6E 00 47 1F B5 0D 28 E8 02 9D E4 9A FD y..n.G...(......
0050: 13 F4 A6 D9 7C B1 F8 DC 5F 23 26 09 91 80 73 D0 ........_#&...s.
0060: 14 1B DE 43 A9 83 25 F2 E6 9C 2F 15 CA FE A6 AB ...C..%.../.....
0070: 8A 07 75 8B 0C DD 51 84 6B E4 F8 D1 CE 77 A2 81 ..u...Q.k....w..
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Personal Basic
CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@453dce
Validity: [From: Sun Dec 31 16:00:00 PST 1995,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Personal Basic CA,
OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 2D E2 99 6B B0 3D 7A 89 D7 59 A2 94 01 1F 2B DD -..k.=z..Y....+.
0010: 12 4B 53 C2 AD 7F AA A7 00 5C 91 40 57 25 4A 38 .KS......\.@W%J8
0020: AA 84 70 B9 D9 80 0F A5 7B 5C FB 73 C6 BD D7 8A ..p......\.s....
0030: 61 5C 03 E3 2D 27 A8 17 E0 84 85 42 DC 5E 9B C6 a\..-'.....B.^..
0040: B7 B2 6D BB 74 AF E4 3F CB A7 B7 B0 E0 5D BE 78 ..m.t..?.....].x
0050: 83 25 94 D2 DB 81 0F 79 07 6D 4F F4 39 15 5A 52 .%.....y.mO.9.ZR
0060: 01 7B DE 32 D6 4D 38 F6 12 5C 06 50 DF 05 5B BD ...2.M8..\.P..[.
0070: 14 4B A1 DF 29 BA 3B 41 8D F7 63 56 A1 DF 22 B1 .K..).;A..cV..".
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@7c9944
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Wed Jan 07 15:59:59 PST 2004]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ e49efdf3 3ae80ecf a5113e19 a4240232 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 61 70 EC 2F 3F 9E FD 2B E6 68 54 21 B0 67 79 08 ap./?..+.hT!.gy.
0010: 0C 20 96 31 8A 0D 7A BE B6 26 DF 79 2C 22 69 49 . .1..z..&.y,"iI
0020: 36 E3 97 77 62 61 A2 32 D7 7A 54 21 36 BA 02 C9 6..wba.2.zT!6...
0030: 34 E7 25 DA 44 35 B0 D2 5C 80 5D B3 94 F8 F9 AC 4.%.D5..\.].....
0040: EE A4 60 75 2A 1F 95 49 23 B1 4A 7C F4 B3 47 72 ..`u*..I#.J...Gr
0050: 21 5B 7E 97 AB 54 AC 62 E7 5D EC AE 9B D2 C9 B2 ![...T.b.]......
0060: 24 FB 82 AD E9 67 15 4B BA AA A6 F0 97 A0 F6 B0 $....g.K........
0070: 97 57 00 C8 0C 3C 09 A0 82 04 BA 41 DA F7 99 A4 .W...<.....A....
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Personal
Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@b819f
Validity: [From: Sun Dec 31 16:00:00 PST 1995,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Personal Premium
CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 69 36 89 F7 34 2A 33 72 2F 6D 3B D4 22 B2 B8 6F i6..4*3r/m;."..o
0010: 9A C5 36 66 0E 1B 3C A1 B1 75 5A E6 FD 35 D3 F8 ..6f..<..uZ..5..
0020: A8 F2 07 6F 85 67 8E DE 2B B9 E2 17 B0 3A A0 F0 ...o.g..+....:..
0030: 0E A2 00 9A DF F3 14 15 6E BB C8 85 5A 98 80 F9 ........n...Z...
0040: FF BE 74 1D 3D F3 FE 30 25 D1 37 34 67 FA A5 71 ..t.=..0%.74g..q
0050: 79 30 61 29 72 C0 E0 2C 4C FB 56 E4 3A A8 6F E5 y0a)r..,L.V.:.o.
0060: 32 59 52 DB 75 28 50 59 0C F8 0B 19 E4 AC D9 AF 2YR.u(PY........
0070: 96 8D 2F 50 DB 07 C3 EA 1F AB 33 E0 F5 2B 31 89 ../P......3..+1.
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@f73c1
Validity: [From: Wed Jul 31 17:00:00 PDT 1996,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 01]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 07 FA 4C 69 5C FB 95 CC 46 EE 85 83 4D 21 30 8E ..Li\...F...M!0.
0010: CA D9 A8 6F 49 1A E6 DA 51 E3 60 70 6C 84 61 11 ...oI...Q.`pl.a.
0020: A1 1A C8 48 3E 59 43 7D 4F 95 3D A1 8B B7 0B 62 ...H>YC.O.=....b
0030: 98 7A 75 8A DD 88 4E 4E 9E 40 DB A8 CC 32 74 B9 .zu...NN.@...2t.
0040: 6F 0D C6 E3 B3 44 0B D9 8A 6F 9A 29 9B 99 18 28 o....D...o.)...(
0050: 3B D1 E3 40 28 9A 5A 3C D5 B5 E7 20 1B 8B CA A4 ;..@(.Z<... ....
0060: AB 8D E9 51 D9 E2 4C 2C 59 A9 DA B9 B2 75 1B F6 ...Q..L,Y....u..
0070: 42 F2 EF C7 F2 18 F9 89 BC A3 FF 8A 23 2E 70 47 B...........#.pG
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Class 4 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@789144
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Fri Dec 31 15:59:59 PST 1999]
Issuer: OU=Class 4 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 02a60000 01]
]
Algorithm: [MD2withRSA]
Signature:
0000: 53 DD D3 F0 9C 24 7E 40 AA E2 FC 00 1A D7 DA 0C S....$.@........
0010: FC 32 61 B8 15 0D 96 F3 FA 57 1B 7F 33 7C AF E9 .2a......W..3...
0020: 98 9A 61 C8 7A B3 B7 FF B1 DC 99 83 DC AC 12 FC ..a.z...........
0030: 70 C9 1F 38 42 ED 44 F6 80 2E 5B 6B 33 69 AC 9C p..8B.D...[k3i..
0040: D3 5C E7 5F 5A 18 C7 B1 2D 79 04 96 41 91 99 41 .\._Z...-y..A..A
0050: B1 3C 0D BA 84 39 C6 3B 97 F0 26 C9 8E EE BD CC .<...9.;..&.....
0060: 42 95 FF 1E C7 02 3F 54 0C 78 F5 BC AA 60 7C 02 B.....?T.x...`..
0070: 69 E8 DC AC E2 02 76 61 C4 3E 03 EA D2 8A 24 D1 i.....va.>....$.
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@6c6b2
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Tue Jan 07 15:59:59 PST 2020]
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 325033cf 50d156f3 5c81ad65 5c4fc825 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 4B 44 66 60 68 64 E4 98 1B F3 B0 72 E6 95 89 7C KDf`hd.....r....
0010: DD 7B B3 95 C0 1D 2E D8 D8 19 D0 2D 34 3D C6 50 ...........-4=.P
0020: 9A 10 86 8C AA 3F 3B A8 04 FC 37 52 95 C3 D9 C9 .....?;...7R....
0030: DB CD F2 86 06 C4 B1 1B F0 82 88 30 42 8E 17 50 ...........0B..P
0040: 1C 64 7A B8 3E 99 49 74 97 FC AC 02 43 FB 96 0C .dz.>.It....C...
0050: 56 04 25 0C 7C 7C 87 9D 24 A7 D8 F0 32 29 B5 A4 V.%.....$...2)..
0060: DF 5D A2 4C C5 16 32 A8 42 F6 45 A6 B6 36 B9 E0 .].L..2.B.E..6..
0070: BF 65 36 93 C2 D2 D7 6B DC DE 59 D6 A2 35 F8 45 .e6....k..Y..5.E
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Secure Server Certification Authority, O="RSA Data Security,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@329f3d
Validity: [From: Tue Nov 08 16:00:00 PST 1994,
To: Thu Jan 07 15:59:59 PST 2010]
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security,
Inc.", C=US
SerialNumber: [ 02ad667e 4e45fe5e 576f3c98 195eddc0 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 65 DD 7E E1 B2 EC B0 E2 3A E0 EC 71 46 9A 19 11 e.......:..qF...
0010: B8 D3 C7 A0 B4 03 40 26 02 3E 09 9C E1 12 B3 D1 ......@&.>......
0020: 5A F6 37 A5 B7 61 03 B6 5B 16 69 3B C6 44 08 0C Z.7..a..[.i;.D..
0030: 88 53 0C 6B 97 49 C7 3E 35 DC 6C B9 BB AA DF 5C .S.k.I.>5.l....0040: BB 3A 2F 93 60 B6 A9 4B 4D F2 20 F7 CD 5F 7F 64 .:/.`..KM. .._.d
0050: 7B 8E DC 00 5C D7 FA 77 CA 39 16 59 6F 0E EA D3 ....\..w.9.Yo...
0060: B5 83 7F 4D 4D 42 56 76 B4 C9 5F 04 F8 38 F8 EB ...MMBVv.._..8..
0070: D2 5F 75 5F CD 7B FC E5 8E 80 7C FC 50 ._u_........P
]
adding as trusted cert: [
[
Version: V3
Subject: EmailAddress=###@###.###, CN=Thawte Premium Server
CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@749757
Validity: [From: Wed Jul 31 17:00:00 PDT 1996,
To: Thu Dec 31 15:59:59 PST 2020]
Issuer: EmailAddress=###@###.###, CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 01]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 26 48 2C 16 C2 58 FA E8 16 74 0C AA AA 5F 54 3F &H,..X...t..._T?
0010: F2 D7 C9 78 60 5E 5E 6E 37 63 22 77 36 7E B2 17 ...x`^^n7c"w6...
0020: C4 34 B9 F5 08 85 FC C9 01 38 FF 4D BE F2 16 42 .4.......8.M...B
0030: 43 E7 BB 5A 46 FB C1 C6 11 1F F1 4A B0 28 46 C9 C..ZF......J.(F.
0040: C3 C4 42 7D BC FA AB 59 6E D5 B7 51 88 11 E3 A4 ..B....Yn..Q....
0050: 85 19 6B 82 4C A4 0C 12 AD E9 A4 AE 3F F1 C3 49 ..k.L.......?..I
0060: 65 9A 8C C5 C8 3E 25 B7 94 99 BB 92 32 71 07 F0 e....>%.....2q..
0070: 86 5E ED 50 27 A6 0D A6 23 F9 BB CB A6 07 14 42 .^.P'...#......B
]
adding as trusted cert: [
[
Version: V1
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@7bd6a1
Validity: [From: Sun Jan 28 16:00:00 PST 1996,
To: Wed Jan 07 15:59:59 PST 2004]
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ ba5ac94c 053b92d6 a7b6df4e d053920d ]
]
Algorithm: [MD2withRSA]
Signature:
0000: B6 00 1F 93 57 A4 07 A7 40 CE 65 40 3F 55 5E ED ....W...@.e@?U^.
0010: EF FA 54 49 A5 30 D6 21 7C 61 87 EE 83 93 0B BF ..TI.0.!.a......
0020: B4 33 F2 98 AC 9F 06 BF 4E A8 CE 14 81 4C CB 04 .3......N....L..
0030: 4E 58 C3 CF 5F EE 7C D7 9A 6F CB 41 8A B7 7F 81 NX.._....o.A....
0040: B8 FF 84 61 C6 27 43 65 1D 0C EC B1 00 0A DD 1B ...a.'Ce........
0050: A4 BB C7 78 20 28 B2 A2 DD 36 95 2E E1 54 4F BF ...x (...6...TO.
0060: 60 B9 77 68 11 99 23 E8 EA 52 E8 AA 00 4E 67 4E `.wh..#..R...NgN
0070: BB 90 B5 45 9B 46 EB 8E 16 EF C4 33 5B 33 3D D5 ...E.F.....3[3=.
]
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
- backported by
-
JDK-2110144 We should be replacing similar certs when verifying cert chains
-
- Resolved
-
- relates to
-
-
- Resolved
-