/data/app/jdk8/bin/java -agentlib:jdwp=transport=dt_socket,address=127.0.0.1:49576,suspend=y,server=n -Dfile.encoding=UTF-8 -classpath /data/app/jdk8/jre/lib/charsets.jar:/data/app/jdk8/jre/lib/deploy.jar:/data/app/jdk8/jre/lib/ext/cldrdata.jar:/data/app/jdk8/jre/lib/ext/dnsns.jar:/data/app/jdk8/jre/lib/ext/jaccess.jar:/data/app/jdk8/jre/lib/ext/jfxrt.jar:/data/app/jdk8/jre/lib/ext/localedata.jar:/data/app/jdk8/jre/lib/ext/nashorn.jar:/data/app/jdk8/jre/lib/ext/sunec.jar:/data/app/jdk8/jre/lib/ext/sunjce_provider.jar:/data/app/jdk8/jre/lib/ext/sunpkcs11.jar:/data/app/jdk8/jre/lib/ext/zipfs.jar:/data/app/jdk8/jre/lib/javaws.jar:/data/app/jdk8/jre/lib/jce.jar:/data/app/jdk8/jre/lib/jfr.jar:/data/app/jdk8/jre/lib/jfxswt.jar:/data/app/jdk8/jre/lib/jsse.jar:/data/app/jdk8/jre/lib/management-agent.jar:/data/app/jdk8/jre/lib/plugin.jar:/data/app/jdk8/jre/lib/resources.jar:/data/app/jdk8/jre/lib/rt.jar:/home/isc-hoa/git_checkout/sysp-2020/messaging-service/target/test-classes:/home/isc-hoa/git_checkout/sysp-2020/messaging-service/target/classes:/data/mavenrepo/ejpd-webservice-resources/sysp/sysp-messaging/sysp-messaging-v3-wslib/3.0.4/sysp-messaging-v3-wslib-3.0.4.jar:/data/mavenrepo/org/jvnet/jaxb2_commons/jaxb2-commons-lang/2.3/jaxb2-commons-lang-2.3.jar:/data/mavenrepo/isc-ejpd-library/ejpd-serverlib/6.025/ejpd-serverlib-6.025.jar:/data/mavenrepo/ejpd-webservice-resources/jfa/jfa-service-v2-wslib/2.100.0/jfa-service-v2-wslib-2.100.0.jar:/data/mavenrepo/org/apache/commons/commons-pool2/2.4.3/commons-pool2-2.4.3.jar:/home/isc-hoa/git_checkout/sysp-2020/security-lib/target/classes:/data/mavenrepo/org/slf4j/slf4j-api/1.7.25/slf4j-api-1.7.25.jar:/data/mavenrepo/org/apache/santuario/xmlsec/2.0.8/xmlsec-2.0.8.jar:/data/mavenrepo/org/codehaus/woodstox/woodstox-core-asl/4.4.1/woodstox-core-asl-4.4.1.jar:/data/mavenrepo/javax/xml/stream/stax-api/1.0-2/stax-api-1.0-2.jar:/data/mavenrepo/org/codehaus/woodstox/stax2-api/3.1.4/stax2-api-3.1.4.jar:/data/mavenrepo/commons-codec/commons-codec/1.10/commons-codec-1.10.jar:/home/isc-hoa/git_checkout/sysp-2020/service-lib/target/classes:/data/mavenrepo/ejpd-base-resources/ejpd-base-servicetest-resources-v1/1.0.4.0/ejpd-base-servicetest-resources-v1-1.0.4.0.jar:/data/mavenrepo/ejpd-base-resources/ejpd-base-webservice-commons-resources-v1/1.3.2/ejpd-base-webservice-commons-resources-v1-1.3.2.jar:/data/mavenrepo/ejpd-webservice-resources/jfa/jfa-portalservice-v1-wslib/1.0-SNAPSHOT/jfa-portalservice-v1-wslib-1.0-20180118.145547-16.jar:/data/mavenrepo/com/migesok/jaxb-java-time-adapters/1.1.3/jaxb-java-time-adapters-1.1.3.jar:/data/mavenrepo/org/jvnet/jaxb2_commons/jaxb2-basics-runtime/1.11.1/jaxb2-basics-runtime-1.11.1.jar:/data/mavenrepo/isc-ejpd-library/ejpd-lib-spring-boot/0.99.0-SNAPSHOT/ejpd-lib-spring-boot-0.99.0-20180306.112411-96.jar:/data/mavenrepo/isc-ejpd-library/ejpd-security-spring-boot-starter/0.99.0-SNAPSHOT/ejpd-security-spring-boot-starter-0.99.0-20180305.153306-55.jar:/data/mavenrepo/adnovum/jcan-commons/1.0.3.0/jcan-commons-1.0.3.0.jar:/data/mavenrepo/adnovum/jcan-sectoken/1.2.4.0/jcan-sectoken-1.2.4.0.jar:/data/mavenrepo/org/springframework/spring-context-support/4.3.13.RELEASE/spring-context-support-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-security/1.5.10.RELEASE/spring-boot-starter-security-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-actuator/1.5.10.RELEASE/spring-boot-starter-actuator-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-actuator/1.5.10.RELEASE/spring-boot-actuator-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/spring-webmvc/4.3.13.RELEASE/spring-webmvc-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-aop/4.3.13.RELEASE/spring-aop-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-beans/4.3.13.RELEASE/spring-beans-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-context/4.3.13.RELEASE/spring-context-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-expression/4.3.13.RELEASE/spring-expression-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-tx/4.3.13.RELEASE/spring-tx-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/security/spring-security-core/4.2.3.RELEASE/spring-security-core-4.2.3.RELEASE.jar:/data/mavenrepo/aopalliance/aopalliance/1.0/aopalliance-1.0.jar:/data/mavenrepo/org/springframework/data/spring-data-commons/1.13.9.RELEASE/spring-data-commons-1.13.9.RELEASE.jar:/data/mavenrepo/org/slf4j/jcl-over-slf4j/1.7.25/jcl-over-slf4j-1.7.25.jar:/data/mavenrepo/javax/inject/javax.inject/1/javax.inject-1.jar:/data/mavenrepo/org/springframework/retry/spring-retry/1.2.2.RELEASE/spring-retry-1.2.2.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-aop/1.5.10.RELEASE/spring-boot-starter-aop-1.5.10.RELEASE.jar:/data/mavenrepo/org/aspectj/aspectjweaver/1.8.13/aspectjweaver-1.8.13.jar:/data/mavenrepo/com/fasterxml/jackson/datatype/jackson-datatype-hibernate5/2.8.10/jackson-datatype-hibernate5-2.8.10.jar:/data/mavenrepo/com/fasterxml/jackson/core/jackson-core/2.8.10/jackson-core-2.8.10.jar:/data/mavenrepo/javax/transaction/jta/1.1/jta-1.1.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-graphite/3.1.5/metrics-graphite-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-core/3.1.5/metrics-core-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-jvm/3.1.5/metrics-jvm-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-servlet/3.1.5/metrics-servlet-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-servlets/3.1.5/metrics-servlets-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-healthchecks/3.1.5/metrics-healthchecks-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-json/3.1.5/metrics-json-3.1.5.jar:/data/mavenrepo/com/ryantenney/metrics/metrics-spring/3.0.3/metrics-spring-3.0.3.jar:/data/mavenrepo/com/codahale/metrics/metrics-core/3.0.2/metrics-core-3.0.2.jar:/data/mavenrepo/com/codahale/metrics/metrics-healthchecks/3.0.2/metrics-healthchecks-3.0.2.jar:/data/mavenrepo/com/codahale/metrics/metrics-annotation/3.0.2/metrics-annotation-3.0.2.jar:/data/mavenrepo/fr/ippon/spark/metrics/metrics-spark-reporter/1.2/metrics-spark-reporter-1.2.jar:/data/mavenrepo/com/zaxxer/HikariCP/2.5.1/HikariCP-2.5.1.jar:/data/mavenrepo/org/apache/commons/commons-lang3/3.5/commons-lang3-3.5.jar:/data/mavenrepo/org/apache/httpcomponents/httpclient/4.5.5/httpclient-4.5.5.jar:/data/mavenrepo/org/apache/httpcomponents/httpcore/4.4.9/httpcore-4.4.9.jar:/data/mavenrepo/org/hibernate/hibernate-core/5.0.12.Final/hibernate-core-5.0.12.Final.jar:/data/mavenrepo/org/hibernate/javax/persistence/hibernate-jpa-2.1-api/1.0.0.Final/hibernate-jpa-2.1-api-1.0.0.Final.jar:/data/mavenrepo/org/javassist/javassist/3.21.0-GA/javassist-3.21.0-GA.jar:/data/mavenrepo/antlr/antlr/2.7.7/antlr-2.7.7.jar:/data/mavenrepo/org/apache/geronimo/specs/geronimo-jta_1.1_spec/1.1.1/geronimo-jta_1.1_spec-1.1.1.jar:/data/mavenrepo/org/jboss/jandex/2.0.0.Final/jandex-2.0.0.Final.jar:/data/mavenrepo/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar:/data/mavenrepo/org/hibernate/common/hibernate-commons-annotations/5.0.1.Final/hibernate-commons-annotations-5.0.1.Final.jar:/data/mavenrepo/org/hibernate/hibernate-validator/5.3.6.Final/hibernate-validator-5.3.6.Final.jar:/data/mavenrepo/javax/validation/validation-api/1.1.0.Final/validation-api-1.1.0.Final.jar:/data/mavenrepo/com/fasterxml/classmate/1.3.4/classmate-1.3.4.jar:/data/mavenrepo/org/apache/tomcat/embed/tomcat-embed-core/8.5.27/tomcat-embed-core-8.5.27.jar:/data/mavenrepo/org/apache/tomcat/tomcat-annotations-api/8.5.27/tomcat-annotations-api-8.5.27.jar:/data/mavenrepo/org/springframework/security/extensions/spring-security-saml2-core/1.0.3.RELEASE/spring-security-saml2-core-1.0.3.RELEASE.jar:/data/mavenrepo/org/opensaml/opensaml/2.6.6/opensaml-2.6.6.jar:/data/mavenrepo/org/opensaml/openws/1.5.6/openws-1.5.6.jar:/data/mavenrepo/org/opensaml/xmltooling/1.4.6/xmltooling-1.4.6.jar:/data/mavenrepo/ca/juliusdavies/not-yet-commons-ssl/0.3.9/not-yet-commons-ssl-0.3.9.jar:/data/mavenrepo/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar:/data/mavenrepo/org/apache/velocity/velocity/1.7/velocity-1.7.jar:/data/mavenrepo/org/owasp/esapi/esapi/2.0.1/esapi-2.0.1.jar:/data/mavenrepo/org/slf4j/jul-to-slf4j/1.7.25/jul-to-slf4j-1.7.25.jar:/data/mavenrepo/org/springframework/security/spring-security-config/4.2.3.RELEASE/spring-security-config-4.2.3.RELEASE.jar:/data/mavenrepo/org/springframework/security/spring-security-web/4.2.4.RELEASE/spring-security-web-4.2.4.RELEASE.jar:/data/mavenrepo/xml-apis/xml-apis/1.4.01/xml-apis-1.4.01.jar:/data/mavenrepo/com/google/guava/guava/18.0/guava-18.0.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter-config/1.3.4.RELEASE/spring-cloud-starter-config-1.3.4.RELEASE.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-config-client/1.3.4.RELEASE/spring-cloud-config-client-1.3.4.RELEASE.jar:/data/mavenrepo/com/fasterxml/jackson/core/jackson-annotations/2.8.0/jackson-annotations-2.8.0.jar:/data/mavenrepo/com/fasterxml/jackson/core/jackson-databind/2.8.11/jackson-databind-2.8.11.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter-eureka/1.3.6.RELEASE/spring-cloud-starter-eureka-1.3.6.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-web/1.5.10.RELEASE/spring-boot-starter-web-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-tomcat/1.5.10.RELEASE/spring-boot-starter-tomcat-1.5.10.RELEASE.jar:/data/mavenrepo/org/apache/tomcat/embed/tomcat-embed-el/8.5.27/tomcat-embed-el-8.5.27.jar:/data/mavenrepo/org/apache/tomcat/embed/tomcat-embed-websocket/8.5.27/tomcat-embed-websocket-8.5.27.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-netflix-core/1.3.6.RELEASE/spring-cloud-netflix-core-1.3.6.RELEASE.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-netflix-eureka-client/1.3.6.RELEASE/spring-cloud-netflix-eureka-client-1.3.6.RELEASE.jar:/data/mavenrepo/com/netflix/eureka/eureka-client/1.6.2/eureka-client-1.6.2.jar:/data/mavenrepo/org/codehaus/jettison/jettison/1.3.7/jettison-1.3.7.jar:/data/mavenrepo/stax/stax-api/1.0.1/stax-api-1.0.1.jar:/data/mavenrepo/com/netflix/netflix-commons/netflix-eventbus/0.3.0/netflix-eventbus-0.3.0.jar:/data/mavenrepo/com/netflix/netflix-commons/netflix-infix/0.3.0/netflix-infix-0.3.0.jar:/data/mavenrepo/commons-jxpath/commons-jxpath/1.3/commons-jxpath-1.3.jar:/data/mavenrepo/org/antlr/antlr-runtime/3.4/antlr-runtime-3.4.jar:/data/mavenrepo/org/antlr/stringtemplate/3.2.1/stringtemplate-3.2.1.jar:/data/mavenrepo/com/google/code/gson/gson/2.8.2/gson-2.8.2.jar:/data/mavenrepo/org/apache/commons/commons-math/2.2/commons-math-2.2.jar:/data/mavenrepo/com/netflix/archaius/archaius-core/0.7.4/archaius-core-0.7.4.jar:/data/mavenrepo/javax/ws/rs/jsr311-api/1.1.1/jsr311-api-1.1.1.jar:/data/mavenrepo/com/netflix/servo/servo-core/0.10.1/servo-core-0.10.1.jar:/data/mavenrepo/com/netflix/servo/servo-internal/0.10.1/servo-internal-0.10.1.jar:/data/mavenrepo/com/sun/jersey/jersey-core/1.19.1/jersey-core-1.19.1.jar:/data/mavenrepo/com/sun/jersey/jersey-client/1.19.1/jersey-client-1.19.1.jar:/data/mavenrepo/com/sun/jersey/contribs/jersey-apache-client4/1.19.1/jersey-apache-client4-1.19.1.jar:/data/mavenrepo/com/google/inject/guice/4.1.0/guice-4.1.0.jar:/data/mavenrepo/com/netflix/eureka/eureka-core/1.6.2/eureka-core-1.6.2.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter-archaius/1.3.6.RELEASE/spring-cloud-starter-archaius-1.3.6.RELEASE.jar:/data/mavenrepo/commons-configuration/commons-configuration/1.8/commons-configuration-1.8.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter-ribbon/1.3.6.RELEASE/spring-cloud-starter-ribbon-1.3.6.RELEASE.jar:/data/mavenrepo/com/netflix/ribbon/ribbon/2.2.2/ribbon-2.2.2.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-transport/2.2.2/ribbon-transport-2.2.2.jar:/data/mavenrepo/io/reactivex/rxnetty-contexts/0.4.9/rxnetty-contexts-0.4.9.jar:/data/mavenrepo/io/reactivex/rxnetty-servo/0.4.9/rxnetty-servo-0.4.9.jar:/data/mavenrepo/com/netflix/hystrix/hystrix-core/1.5.12/hystrix-core-1.5.12.jar:/data/mavenrepo/org/hdrhistogram/HdrHistogram/2.1.9/HdrHistogram-2.1.9.jar:/data/mavenrepo/io/reactivex/rxnetty/0.4.20/rxnetty-0.4.20.jar:/data/mavenrepo/io/netty/netty-codec-http/4.1.5.Final/netty-codec-http-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-codec/4.1.5.Final/netty-codec-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-handler/4.1.5.Final/netty-handler-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-buffer/4.1.5.Final/netty-buffer-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-transport/4.1.5.Final/netty-transport-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-resolver/4.1.5.Final/netty-resolver-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-transport-native-epoll/4.1.5.Final/netty-transport-native-epoll-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-common/4.1.5.Final/netty-common-4.1.5.Final.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-core/2.2.2/ribbon-core-2.2.2.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-httpclient/2.2.2/ribbon-httpclient-2.2.2.jar:/data/mavenrepo/com/netflix/netflix-commons/netflix-commons-util/0.1.1/netflix-commons-util-0.1.1.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-loadbalancer/2.2.2/ribbon-loadbalancer-2.2.2.jar:/data/mavenrepo/com/netflix/netflix-commons/netflix-statistics/0.1.1/netflix-statistics-0.1.1.jar:/data/mavenrepo/io/reactivex/rxjava/1.1.10/rxjava-1.1.10.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-eureka/2.2.2/ribbon-eureka-2.2.2.jar:/data/mavenrepo/com/thoughtworks/xstream/xstream/1.4.9/xstream-1.4.9.jar:/data/mavenrepo/xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar:/data/mavenrepo/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar:/data/mavenrepo/de/codecentric/spring-boot-admin-starter-client/1.5.5/spring-boot-admin-starter-client-1.5.5.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter/1.5.10.RELEASE/spring-boot-starter-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-logging/1.5.10.RELEASE/spring-boot-starter-logging-1.5.10.RELEASE.jar:/data/mavenrepo/ch/qos/logback/logback-classic/1.1.11/logback-classic-1.1.11.jar:/data/mavenrepo/ch/qos/logback/logback-core/1.1.11/logback-core-1.1.11.jar:/data/mavenrepo/org/slf4j/log4j-over-slf4j/1.7.25/log4j-over-slf4j-1.7.25.jar:/data/mavenrepo/org/yaml/snakeyaml/1.17/snakeyaml-1.17.jar:/data/mavenrepo/org/springframework/spring-web/4.3.13.RELEASE/spring-web-4.3.13.RELEASE.jar:/data/mavenrepo/org/jolokia/jolokia-core/1.3.7/jolokia-core-1.3.7.jar:/data/mavenrepo/com/googlecode/json-simple/json-simple/1.1.1/json-simple-1.1.1.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter/1.2.5.RELEASE/spring-cloud-starter-1.2.5.RELEASE.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-context/1.2.5.RELEASE/spring-cloud-context-1.2.5.RELEASE.jar:/data/mavenrepo/org/springframework/security/spring-security-crypto/4.2.3.RELEASE/spring-security-crypto-4.2.3.RELEASE.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-commons/1.2.5.RELEASE/spring-cloud-commons-1.2.5.RELEASE.jar:/data/mavenrepo/org/springframework/security/spring-security-rsa/1.0.3.RELEASE/spring-security-rsa-1.0.3.RELEASE.jar:/data/mavenrepo/org/bouncycastle/bcpkix-jdk15on/1.55/bcpkix-jdk15on-1.55.jar:/data/mavenrepo/org/bouncycastle/bcprov-jdk15on/1.55/bcprov-jdk15on-1.55.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-data-jpa/1.5.10.RELEASE/spring-boot-starter-data-jpa-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-jdbc/1.5.10.RELEASE/spring-boot-starter-jdbc-1.5.10.RELEASE.jar:/data/mavenrepo/org/apache/tomcat/tomcat-jdbc/8.5.27/tomcat-jdbc-8.5.27.jar:/data/mavenrepo/org/apache/tomcat/tomcat-juli/8.5.27/tomcat-juli-8.5.27.jar:/data/mavenrepo/org/springframework/spring-jdbc/4.3.13.RELEASE/spring-jdbc-4.3.13.RELEASE.jar:/data/mavenrepo/org/hibernate/hibernate-entitymanager/5.0.12.Final/hibernate-entitymanager-5.0.12.Final.jar:/data/mavenrepo/javax/transaction/javax.transaction-api/1.2/javax.transaction-api-1.2.jar:/data/mavenrepo/org/springframework/data/spring-data-jpa/1.11.9.RELEASE/spring-data-jpa-1.11.9.RELEASE.jar:/data/mavenrepo/org/springframework/spring-orm/4.3.13.RELEASE/spring-orm-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-aspects/4.3.13.RELEASE/spring-aspects-4.3.13.RELEASE.jar:/data/mavenrepo/mysql/mysql-connector-java/5.1.45/mysql-connector-java-5.1.45.jar:/data/mavenrepo/org/flywaydb/flyway-core/3.2.1/flyway-core-3.2.1.jar:/data/mavenrepo/oracle/jdbc/ojdbc8/12.2.0.1.0/ojdbc8-12.2.0.1.0.jar:/data/mavenrepo/org/jadira/usertype/usertype.core/5.0.0.GA/usertype.core-5.0.0.GA.jar:/data/mavenrepo/org/jadira/usertype/usertype.spi/5.0.0.GA/usertype.spi-5.0.0.GA.jar:/data/mavenrepo/org/hibernate/hibernate-java8/5.0.12.Final/hibernate-java8-5.0.12.Final.jar:/data/mavenrepo/org/jboss/logging/jboss-logging/3.3.1.Final/jboss-logging-3.3.1.Final.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-frontend-jaxws/3.2.1/cxf-rt-frontend-jaxws-3.2.1.jar:/data/mavenrepo/xml-resolver/xml-resolver/1.2/xml-resolver-1.2.jar:/data/mavenrepo/org/ow2/asm/asm/5.2/asm-5.2.jar:/data/mavenrepo/org/apache/cxf/cxf-core/3.2.1/cxf-core-3.2.1.jar:/data/mavenrepo/com/fasterxml/woodstox/woodstox-core/5.0.3/woodstox-core-5.0.3.jar:/data/mavenrepo/org/apache/ws/xmlschema/xmlschema-core/2.2.2/xmlschema-core-2.2.2.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-bindings-soap/3.2.1/cxf-rt-bindings-soap-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-wsdl/3.2.1/cxf-rt-wsdl-3.2.1.jar:/data/mavenrepo/wsdl4j/wsdl4j/1.6.3/wsdl4j-1.6.3.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-databinding-jaxb/3.2.1/cxf-rt-databinding-jaxb-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-bindings-xml/3.2.1/cxf-rt-bindings-xml-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-frontend-simple/3.2.1/cxf-rt-frontend-simple-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-ws-addr/3.2.1/cxf-rt-ws-addr-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-ws-policy/3.2.1/cxf-rt-ws-policy-3.2.1.jar:/data/mavenrepo/org/apache/neethi/neethi/3.1.0/neethi-3.1.0.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-transports-http/3.2.1/cxf-rt-transports-http-3.2.1.jar:/data/mavenrepo/commons-io/commons-io/2.5/commons-io-2.5.jar:/home/isc-hoa/git_checkout/sysp-2020/project-resources/sysp-biometrics-enrolment-types-v1/target/classes:/data/mavenrepo/commons-lang/commons-lang/2.6/commons-lang-2.6.jar:/data/mavenrepo/joda-time/joda-time/2.9.9/joda-time-2.9.9.jar:/data/mavenrepo/org/springframework/boot/spring-boot-devtools/1.5.10.RELEASE/spring-boot-devtools-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot/1.5.10.RELEASE/spring-boot-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-autoconfigure/1.5.10.RELEASE/spring-boot-autoconfigure-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-test/1.5.10.RELEASE/spring-boot-starter-test-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-test/1.5.10.RELEASE/spring-boot-test-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-test-autoconfigure/1.5.10.RELEASE/spring-boot-test-autoconfigure-1.5.10.RELEASE.jar:/data/mavenrepo/com/jayway/jsonpath/json-path/2.2.0/json-path-2.2.0.jar:/data/mavenrepo/net/minidev/json-smart/2.2.1/json-smart-2.2.1.jar:/data/mavenrepo/net/minidev/accessors-smart/1.1/accessors-smart-1.1.jar:/data/mavenrepo/org/assertj/assertj-core/2.6.0/assertj-core-2.6.0.jar:/data/mavenrepo/org/mockito/mockito-core/2.12.0/mockito-core-2.12.0.jar:/data/mavenrepo/net/bytebuddy/byte-buddy/1.7.9/byte-buddy-1.7.9.jar:/data/mavenrepo/net/bytebuddy/byte-buddy-agent/1.7.9/byte-buddy-agent-1.7.9.jar:/data/mavenrepo/org/objenesis/objenesis/2.6/objenesis-2.6.jar:/data/mavenrepo/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar:/data/mavenrepo/org/hamcrest/hamcrest-library/1.3/hamcrest-library-1.3.jar:/data/mavenrepo/org/skyscreamer/jsonassert/1.4.0/jsonassert-1.4.0.jar:/data/mavenrepo/com/vaadin/external/google/android-json/0.0.20131108.vaadin1/android-json-0.0.20131108.vaadin1.jar:/data/mavenrepo/org/springframework/spring-core/4.3.14.RELEASE/spring-core-4.3.14.RELEASE.jar:/data/mavenrepo/org/springframework/spring-test/4.3.13.RELEASE/spring-test-4.3.13.RELEASE.jar:/data/mavenrepo/org/hsqldb/hsqldb/2.3.5/hsqldb-2.3.5.jar:/data/mavenrepo/org/dbunit/dbunit/2.4.9/dbunit-2.4.9.jar:/data/mavenrepo/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar:/data/mavenrepo/junit/junit/4.12/junit-4.12.jar:/home/isc-hoa/idea-IU-162.1121.32/lib/idea_rt.jar ch.ejpd.sysp.messaging.TLSTester Connected to the target VM, address: '127.0.0.1:49576', transport: 'socket' >>> Run 0 trustStore is: /data/app/jdk8/jre/lib/security/cacerts trustStore type is : jks trustStore provider is : init truststore adding as trusted cert: Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US Algorithm: RSA; Serial number: 0xc3517 Valid from Mon Jun 21 06:00:00 CEST 1999 until Mon Jun 22 06:00:00 CEST 2020 adding as trusted cert: Subject: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US Issuer: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US Algorithm: EC; Serial number: 0xa68b79290000000050d091f9 Valid from Tue Dec 18 16:25:36 CET 2012 until Fri Dec 18 16:55:36 CET 2037 adding as trusted cert: Subject: CN=SecureTrust CA, O=SecureTrust Corporation, C=US Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US Algorithm: RSA; Serial number: 0xcf08e5c0816a5ad427ff0eb271859d0 Valid from Tue Nov 07 20:31:18 CET 2006 until Mon Dec 31 20:40:55 CET 2029 adding as trusted cert: Subject: CN=Swiss Government Regular CA 01, OU=Certification Authorities, OU=Services, O=Admin, C=CH Issuer: CN=Swiss Government Root CA II, OU=Certification Authorities, OU=Services, O=The Federal Authorities of the Swiss Confederation, C=CH Algorithm: RSA; Serial number: 0x915a3c407822c0fb6f37b63d0b8d74e7 Valid from Wed Feb 16 10:00:00 CET 2011 until Sun Feb 16 09:59:59 CET 2025 adding as trusted cert: Subject: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP Issuer: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 30 06:20:49 CEST 2003 until Sat Sep 30 06:20:49 CEST 2023 adding as trusted cert: Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a Valid from Fri Nov 10 01:00:00 CET 2006 until Mon Nov 10 01:00:00 CET 2031 adding as trusted cert: Subject: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x445734245b81899b35f2ceb82b3b5ba726f07528 Valid from Thu Jan 12 19:59:32 CET 2012 until Sun Jan 12 19:59:32 CET 2042 adding as trusted cert: Subject: CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0x59b1b579e8e2132e23907bda777755c Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 adding as trusted cert: Subject: CN=Swiss Government SSL CA 01, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Issuer: CN=Swiss Government Root CA II, OU=Certification Authorities, OU=Services, O=The Federal Authorities of the Swiss Confederation, C=CH Algorithm: RSA; Serial number: 0x25b924cbbd7a6dc0eed745854d4660de Valid from Thu Jun 05 15:07:38 CEST 2014 until Tue Jun 05 15:07:38 CEST 2029 adding as trusted cert: Subject: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US Algorithm: RSA; Serial number: 0x18acb56afd69b6153a636cafdafac4a1 Valid from Mon Nov 27 01:00:00 CET 2006 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP Issuer: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP Algorithm: RSA; Serial number: 0x0 Valid from Fri May 29 07:00:39 CEST 2009 until Tue May 29 07:00:39 CEST 2029 adding as trusted cert: Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6 Valid from Mon May 18 02:00:00 CEST 1998 until Wed Aug 02 01:59:59 CEST 2028 adding as trusted cert: Subject: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW Issuer: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW Algorithm: RSA; Serial number: 0x15c8bd65475cafb897005ee406d2bc9d Valid from Mon Dec 20 03:31:27 CET 2004 until Wed Dec 20 03:31:27 CET 2034 adding as trusted cert: Subject: CN=AffirmTrust Commercial, O=AffirmTrust, C=US Issuer: CN=AffirmTrust Commercial, O=AffirmTrust, C=US Algorithm: RSA; Serial number: 0x7777062726a9b17c Valid from Fri Jan 29 15:06:06 CET 2010 until Tue Dec 31 15:06:06 CET 2030 adding as trusted cert: Subject: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL Issuer: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL Algorithm: RSA; Serial number: 0x444c0 Valid from Wed Oct 22 14:07:37 CEST 2008 until Mon Dec 31 13:07:37 CET 2029 adding as trusted cert: Subject: CN=XRamp Global Certification Authority, O=XRamp Security Services Inc, OU=www.xrampsecurity.com, C=US Issuer: CN=XRamp Global Certification Authority, O=XRamp Security Services Inc, OU=www.xrampsecurity.com, C=US Algorithm: RSA; Serial number: 0x50946cec18ead59c4dd597ef758fa0ad Valid from Mon Nov 01 18:14:04 CET 2004 until Mon Jan 01 06:37:19 CET 2035 adding as trusted cert: Subject: CN=Sonera Class2 CA, O=Sonera, C=FI Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI Algorithm: RSA; Serial number: 0x1d Valid from Fri Apr 06 09:29:40 CEST 2001 until Tue Apr 06 09:29:40 CEST 2021 adding as trusted cert: Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US Algorithm: RSA; Serial number: 0x1 Valid from Tue May 28 08:00:00 CEST 2002 until Thu Nov 19 21:43:00 CET 2037 adding as trusted cert: Subject: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US Algorithm: EC; Serial number: 0x3cb2f4480a00e2feeb243b5e603ec36b Valid from Mon Nov 05 01:00:00 CET 2007 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US Algorithm: RSA; Serial number: 0x35def4cf Valid from Sat Aug 22 18:41:51 CEST 1998 until Wed Aug 22 18:41:51 CEST 2018 adding as trusted cert: Subject: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Issuer: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Algorithm: EC; Serial number: 0x1f47afaa62007050544c019e9b63992a Valid from Thu Mar 06 01:00:00 CET 2008 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=ISRG Root X1, O=Internet Security Research Group, C=US Issuer: CN=ISRG Root X1, O=Internet Security Research Group, C=US Algorithm: RSA; Serial number: 0x8210cfb0d240e3594463e0bb63828b00 Valid from Thu Jun 04 13:04:38 CEST 2015 until Mon Jun 04 13:04:38 CEST 2035 adding as trusted cert: Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577 Valid from Fri Nov 10 01:00:00 CET 2006 until Mon Nov 10 01:00:00 CET 2031 adding as trusted cert: Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH Algorithm: RSA; Serial number: 0x51fc89492b4968c09ec3216076b65663 Valid from Wed May 11 10:36:42 CEST 2016 until Sun May 11 10:36:42 CEST 2031 adding as trusted cert: Subject: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US Algorithm: RSA; Serial number: 0x1 Valid from Thu Mar 04 06:00:00 CET 2004 until Sun Mar 04 06:00:00 CET 2029 adding as trusted cert: Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 Algorithm: RSA; Serial number: 0x4000000000121585308a2 Valid from Wed Mar 18 11:00:00 CET 2009 until Sun Mar 18 11:00:00 CET 2029 adding as trusted cert: Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE Algorithm: RSA; Serial number: 0x20000b9 Valid from Fri May 12 20:46:00 CEST 2000 until Tue May 13 01:59:00 CEST 2025 adding as trusted cert: Subject: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA Issuer: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA Algorithm: RSA; Serial number: 0x67c8e1e8e3be1cbdfc913b8ea6238749 Valid from Wed Jan 01 01:00:00 CET 1997 until Sat Jan 02 00:59:59 CET 2021 adding as trusted cert: Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB Algorithm: RSA; Serial number: 0x1 Valid from Thu Jan 01 01:00:00 CET 2004 until Mon Jan 01 00:59:59 CET 2029 adding as trusted cert: Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Jun 29 19:39:16 CEST 2004 until Thu Jun 29 19:39:16 CEST 2034 adding as trusted cert: Subject: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU Issuer: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 30 18:13:43 CEST 2003 until Wed Sep 30 18:13:44 CEST 2037 adding as trusted cert: Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd Valid from Fri Jul 09 20:10:42 CEST 1999 until Tue Jul 09 20:19:22 CEST 2019 adding as trusted cert: Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57 Valid from Fri Oct 01 02:00:00 CEST 1999 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE Algorithm: RSA; Serial number: 0x40000000001154b5ac394 Valid from Tue Sep 01 14:00:00 CEST 1998 until Fri Jan 28 13:00:00 CET 2028 adding as trusted cert: Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b Valid from Fri Jul 09 20:31:20 CEST 1999 until Tue Jul 09 20:40:36 CEST 2019 adding as trusted cert: Subject: CN=AffirmTrust Networking, O=AffirmTrust, C=US Issuer: CN=AffirmTrust Networking, O=AffirmTrust, C=US Algorithm: RSA; Serial number: 0x7c4f04391cd4992d Valid from Fri Jan 29 15:08:24 CET 2010 until Tue Dec 31 15:08:24 CET 2030 adding as trusted cert: Subject: CN=AffirmTrust Premium, O=AffirmTrust, C=US Issuer: CN=AffirmTrust Premium, O=AffirmTrust, C=US Algorithm: RSA; Serial number: 0x6d8c1446b1a60aee Valid from Fri Jan 29 15:10:36 CET 2010 until Mon Dec 31 15:10:36 CET 2040 adding as trusted cert: Subject: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH Algorithm: RSA; Serial number: 0xfb1f0b422ba8413e57d1ee2a6e5a4fbb Valid from Fri Apr 15 09:00:00 CEST 2016 until Mon Apr 15 08:59:59 CEST 2041 adding as trusted cert: Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE Algorithm: RSA; Serial number: 0x20000bf Valid from Wed May 17 16:01:00 CEST 2000 until Sun May 18 01:59:00 CEST 2025 adding as trusted cert: Subject: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US Issuer: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US Algorithm: RSA; Serial number: 0x1 Valid from Tue May 28 08:00:00 CEST 2002 until Tue Sep 29 16:08:00 CEST 2037 adding as trusted cert: Subject: CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU Issuer: CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU Algorithm: RSA; Serial number: 0xbb8 Valid from Thu Mar 17 10:51:37 CET 2011 until Wed Mar 17 10:51:37 CET 2021 adding as trusted cert: Subject: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US Algorithm: RSA; Serial number: 0x15ac6e9419b2794b41f627a9c3180f1f Valid from Wed Apr 02 02:00:00 CEST 2008 until Wed Dec 02 00:59:59 CET 2037 adding as trusted cert: Subject: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU Issuer: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU Algorithm: RSA; Serial number: 0xa3da427ea4b1aeda Valid from Fri Aug 01 14:29:50 CEST 2008 until Sat Jul 31 14:29:50 CEST 2038 adding as trusted cert: Subject: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH Issuer: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH Algorithm: RSA; Serial number: 0x4f1bd42f54bb2f4b Valid from Wed Oct 25 10:32:46 CEST 2006 until Sat Oct 25 10:32:46 CEST 2036 adding as trusted cert: Subject: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US Issuer: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US Algorithm: RSA; Serial number: 0x4a538c28 Valid from Tue Jul 07 19:25:54 CEST 2009 until Sat Dec 07 18:55:54 CET 2030 adding as trusted cert: Subject: CN=eap0012_CA, OU=EJPD, O=Admin, C=CH Issuer: CN=eap0012_CA, OU=EJPD, O=Admin, C=CH Algorithm: RSA; Serial number: 0xd1f5afe6d47d5f89 Valid from Fri May 13 11:24:45 CEST 2016 until Thu May 08 11:24:45 CEST 2036 adding as trusted cert: Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039 Valid from Fri Nov 10 01:00:00 CET 2006 until Mon Nov 10 01:00:00 CET 2031 adding as trusted cert: Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Jun 29 19:06:20 CEST 2004 until Thu Jun 29 19:06:20 CEST 2034 adding as trusted cert: Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE Algorithm: RSA; Serial number: 0x1 Valid from Tue May 30 12:48:38 CEST 2000 until Sat May 30 12:48:38 CEST 2020 adding as trusted cert: Subject: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE Issuer: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE Algorithm: RSA; Serial number: 0x1 Valid from Wed Oct 01 12:29:56 CEST 2008 until Sun Oct 02 01:59:59 CEST 2033 adding as trusted cert: Subject: CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: EC; Serial number: 0x55556bcf25ea43535c3a40fd5ab4572 Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 adding as trusted cert: Subject: CN=Admin-CC-Root01, O=admin, C=ch Issuer: CN=Admin-CC-Root01, O=admin, C=ch Algorithm: RSA; Serial number: 0x6ffcffac88cb9b34454e628858b0fc2 Valid from Thu Nov 29 11:26:03 CET 2012 until Sat Nov 29 11:36:01 CET 2042 adding as trusted cert: Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989 Valid from Fri Jul 09 19:28:50 CEST 1999 until Tue Jul 09 19:36:58 CEST 2019 adding as trusted cert: Subject: CN=Class 2 Primary CA, O=Certplus, C=FR Issuer: CN=Class 2 Primary CA, O=Certplus, C=FR Algorithm: RSA; Serial number: 0x85bd4bf3d8dae369f694d75fc3a54423 Valid from Wed Jul 07 19:05:00 CEST 1999 until Sun Jul 07 01:59:59 CEST 2019 adding as trusted cert: Subject: CN=Swiss Government Root CA II, OU=Certification Authorities, OU=Services, O=The Federal Authorities of the Swiss Confederation, C=CH Issuer: CN=Swiss Government Root CA II, OU=Certification Authorities, OU=Services, O=The Federal Authorities of the Swiss Confederation, C=CH Algorithm: RSA; Serial number: 0xe9f1799a5b13d9ccbec06eba3f00e69 Valid from Wed Feb 16 10:00:00 CET 2011 until Fri Feb 16 09:59:59 CET 2035 adding as trusted cert: Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US Algorithm: RSA; Serial number: 0x23456 Valid from Tue May 21 06:00:00 CEST 2002 until Sat May 21 06:00:00 CEST 2022 adding as trusted cert: Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH Algorithm: RSA; Serial number: 0x4eb200670c035d4f Valid from Wed Oct 25 10:36:00 CEST 2006 until Sat Oct 25 10:36:00 CEST 2036 adding as trusted cert: Subject: CN=Admin-CCE-Intra01, DC=intra, DC=admin, DC=ch Issuer: CN=Admin-CC-Root01, O=admin, C=ch Algorithm: RSA; Serial number: 0x6132de9c000000000002 Valid from Thu Nov 29 14:57:23 CET 2012 until Mon Nov 29 15:07:23 CET 2027 adding as trusted cert: Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5 Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5 Algorithm: EC; Serial number: 0x605949e0262ebb55f90a778a71f94ad86c Valid from Tue Nov 13 01:00:00 CET 2012 until Tue Jan 19 04:14:07 CET 2038 adding as trusted cert: Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a Valid from Fri Oct 01 02:00:00 CEST 1999 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Issuer: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 01 02:00:00 CEST 2009 until Fri Jan 01 00:59:59 CET 2038 adding as trusted cert: Subject: CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US Issuer: CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US Algorithm: RSA; Serial number: 0xa0142800000014523cf467c00000002 Valid from Thu Jan 16 18:53:32 CET 2014 until Mon Jan 16 18:53:32 CET 2034 adding as trusted cert: Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net Algorithm: RSA; Serial number: 0x3863def8 Valid from Fri Dec 24 18:50:51 CET 1999 until Tue Jul 24 16:15:12 CEST 2029 adding as trusted cert: Subject: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US Issuer: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US Algorithm: RSA; Serial number: 0x344ed55720d5edec49f42fce37db2b6d Valid from Fri Nov 17 01:00:00 CET 2006 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 01 02:00:00 CEST 2009 until Fri Jan 01 00:59:59 CET 2038 adding as trusted cert: Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4 Valid from Fri Oct 01 02:00:00 CEST 1999 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: EC; Serial number: 0x2f80fe238c0e220f486712289187acb3 Valid from Mon Nov 05 01:00:00 CET 2007 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US Issuer: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US Algorithm: RSA; Serial number: 0x456b5054 Valid from Mon Nov 27 21:23:42 CET 2006 until Fri Nov 27 21:53:42 CET 2026 adding as trusted cert: Subject: CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0xb931c3ad63967ea6723bfc3af9af44b Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 adding as trusted cert: Subject: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL Issuer: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL Algorithm: RSA; Serial number: 0x10020 Valid from Tue Jun 11 12:46:39 CEST 2002 until Fri Jun 11 12:46:39 CEST 2027 adding as trusted cert: Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE Algorithm: RSA; Serial number: 0x1 Valid from Tue May 30 12:44:50 CEST 2000 until Sat May 30 12:44:50 CEST 2020 adding as trusted cert: Subject: CN=DST Root CA X3, O=Digital Signature Trust Co. Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co. Algorithm: RSA; Serial number: 0x44afb080d6a327ba893039862ef8406b Valid from Sat Sep 30 23:12:19 CEST 2000 until Thu Sep 30 16:01:15 CEST 2021 adding as trusted cert: Subject: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO Issuer: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO Algorithm: RSA; Serial number: 0x2 Valid from Tue Oct 26 10:38:03 CEST 2010 until Fri Oct 26 10:38:03 CEST 2040 adding as trusted cert: Subject: CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE Issuer: CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE Algorithm: RSA; Serial number: 0x983f4 Valid from Thu Nov 05 09:50:46 CET 2009 until Mon Nov 05 09:50:46 CET 2029 adding as trusted cert: Subject: CN=DigiCert Assured ID Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Assured ID Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: EC; Serial number: 0xba15afa1ddfa0b54944afcd24a06cec Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 adding as trusted cert: Subject: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH Issuer: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH Algorithm: RSA; Serial number: 0xbb401c43f55e4fb0 Valid from Wed Oct 25 10:30:35 CEST 2006 until Sat Oct 25 10:30:35 CEST 2036 adding as trusted cert: Subject: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Issuer: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Algorithm: EC; Serial number: 0x5c8b99c55a94c5d27156decd8980cc26 Valid from Mon Feb 01 01:00:00 CET 2010 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US Issuer: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US Algorithm: RSA; Serial number: 0xa0142800000014523c844b500000002 Valid from Thu Jan 16 19:12:23 CET 2014 until Mon Jan 16 19:12:23 CET 2034 adding as trusted cert: Subject: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x509 Valid from Fri Nov 24 19:27:00 CET 2006 until Mon Nov 24 19:23:33 CET 2031 adding as trusted cert: Subject: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE Issuer: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE Algorithm: RSA; Serial number: 0x26 Valid from Fri Jul 09 14:11:00 CEST 1999 until Wed Jul 10 01:59:00 CEST 2019 adding as trusted cert: Subject: CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE Issuer: CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE Algorithm: RSA; Serial number: 0x983f3 Valid from Thu Nov 05 09:35:58 CET 2009 until Mon Nov 05 09:35:58 CET 2029 adding as trusted cert: Subject: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x78585f2ead2c194be3370735341328b596d46593 Valid from Thu Jan 12 18:27:44 CET 2012 until Sun Jan 12 18:27:44 CET 2042 adding as trusted cert: Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x3f691e819cf09a4af373ffb948a2e4dd Valid from Mon Jan 29 01:00:00 CET 1996 until Thu Aug 03 01:59:59 CEST 2028 adding as trusted cert: Subject: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Issuer: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Algorithm: RSA; Serial number: 0x1fd6d30fca3ca51a81bbc640e35032d Valid from Mon Feb 01 01:00:00 CET 2010 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf Valid from Mon May 18 02:00:00 CEST 1998 until Wed Aug 02 01:59:59 CEST 2028 adding as trusted cert: Subject: C=CH, O=Admin, OU=EJPD, CN=EJPDIDMCA Issuer: C=CH, O=Admin, OU=EJPD, CN=EJPDIDMCA Algorithm: RSA; Serial number: 0x4519c5ebc4ce5470 Valid from Wed Aug 07 17:55:49 CEST 2013 until Thu Dec 31 16:55:49 CET 2037 adding as trusted cert: Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2 Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2 Algorithm: RSA; Serial number: 0x400000000010f8626e60d Valid from Fri Dec 15 09:00:00 CET 2006 until Wed Dec 15 09:00:00 CET 2021 adding as trusted cert: Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x18dad19e267de8bb4a2158cdcc6b3b4a Valid from Wed Nov 08 01:00:00 CET 2006 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x5c6 Valid from Fri Nov 24 20:11:23 CET 2006 until Mon Nov 24 20:06:44 CET 2031 adding as trusted cert: Subject: CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Issuer: CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 01 02:00:00 CEST 2009 until Fri Jan 01 00:59:59 CET 2038 adding as trusted cert: Subject: CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch Issuer: CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch Algorithm: RSA; Serial number: 0x1e9e28e848f2e5efc37c4a1e5a1867b6 Valid from Fri Jun 24 10:38:14 CEST 2011 until Wed Jun 25 09:38:14 CEST 2031 adding as trusted cert: Subject: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x2ef59b0228a7db7affd5a3a9eebd03a0cf126a1d Valid from Thu Jan 12 21:26:32 CET 2012 until Sun Jan 12 21:26:32 CET 2042 adding as trusted cert: Subject: CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan, C=IT Issuer: CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan, C=IT Algorithm: RSA; Serial number: 0x570a119742c4e3cc Valid from Thu Sep 22 13:22:02 CEST 2011 until Sun Sep 22 13:22:02 CEST 2030 adding as trusted cert: Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be Valid from Mon Jan 29 01:00:00 CET 1996 until Thu Aug 03 01:59:59 CEST 2028 adding as trusted cert: Subject: CN=Swiss Government Public Trust EV CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH Algorithm: RSA; Serial number: 0x638b4bd14277a667fc4a80afe96a95ba Valid from Wed May 11 13:33:59 CEST 2016 until Sun May 11 13:33:59 CEST 2031 adding as trusted cert: Subject: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x3ab6508b Valid from Mon Mar 19 19:33:33 CET 2001 until Wed Mar 17 19:33:33 CET 2021 adding as trusted cert: Subject: CN=Class 3P Primary CA, O=Certplus, C=FR Issuer: CN=Class 3P Primary CA, O=Certplus, C=FR Algorithm: RSA; Serial number: 0xbf5cdbb6f21c6ec04deb7a023b36e879 Valid from Wed Jul 07 19:10:00 CEST 1999 until Sun Jul 07 01:59:59 CEST 2019 adding as trusted cert: Subject: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO Issuer: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO Algorithm: RSA; Serial number: 0x2 Valid from Tue Oct 26 10:28:58 CEST 2010 until Fri Oct 26 10:28:58 CEST 2040 adding as trusted cert: Subject: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP Issuer: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP Algorithm: RSA; Serial number: 0x0 Valid from Wed Jun 06 04:12:32 CEST 2007 until Sat Jun 06 04:12:32 CEST 2037 adding as trusted cert: Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US Algorithm: RSA; Serial number: 0x59e3 Valid from Mon Jun 21 06:00:00 CEST 1999 until Mon Jun 22 06:00:00 CEST 2020 adding as trusted cert: Subject: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US Issuer: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US Algorithm: EC; Serial number: 0x35fc265cd9844fc93d263d579baed756 Valid from Mon Nov 05 01:00:00 CET 2007 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x401ac46421b31321030ebbe4121ac51d Valid from Wed Apr 02 02:00:00 CEST 2008 until Wed Dec 02 00:59:59 CET 2037 adding as trusted cert: Subject: C=CH, O=Admin, OU=EJPD, CN=EJPDIDMCA2 Issuer: C=CH, O=Admin, OU=EJPD, CN=EJPDIDMCA2 Algorithm: RSA; Serial number: 0x11c8972e8409b941 Valid from Thu Dec 17 16:22:18 CET 2015 until Tue Dec 01 16:22:18 CET 2037 adding as trusted cert: Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE Algorithm: RSA; Serial number: 0x1 Valid from Tue May 30 12:38:31 CEST 2000 until Sat May 30 12:38:31 CEST 2020 adding as trusted cert: Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4 Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4 Algorithm: EC; Serial number: 0x2a38a41c960a04de42b228a50be8349802 Valid from Tue Nov 13 01:00:00 CET 2012 until Tue Jan 19 04:14:07 CET 2038 adding as trusted cert: Subject: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU Issuer: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU Algorithm: RSA; Serial number: 0xc9cdd3e9d57d23ce Valid from Fri Aug 01 14:31:40 CEST 2008 until Sat Jul 31 14:31:40 CEST 2038 adding as trusted cert: Subject: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US Issuer: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US Algorithm: RSA; Serial number: 0x600197b746a7eab4b49ad64b2ff790fb Valid from Wed Apr 02 02:00:00 CEST 2008 until Wed Dec 02 00:59:59 CET 2037 adding as trusted cert: Subject: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Issuer: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Algorithm: RSA; Serial number: 0x4caaf9cadb636fe01ff74ed85b03869d Valid from Tue Jan 19 01:00:00 CET 2010 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US Algorithm: RSA; Serial number: 0x1a5 Valid from Thu Aug 13 02:29:00 CEST 1998 until Tue Aug 14 01:59:00 CEST 2018 adding as trusted cert: Subject: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA Issuer: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA Algorithm: RSA; Serial number: 0x36122296c5e338a520a1d25f4cd70954 Valid from Thu Aug 01 02:00:00 CEST 1996 until Sat Jan 02 00:59:59 CET 2021 adding as trusted cert: Subject: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US Issuer: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US Algorithm: EC; Serial number: 0x7497258ac73f7a54 Valid from Fri Jan 29 15:20:24 CET 2010 until Mon Dec 31 15:20:24 CET 2040 adding as trusted cert: Subject: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE Issuer: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE Algorithm: RSA; Serial number: 0x1 Valid from Wed Oct 01 12:40:14 CEST 2008 until Sun Oct 02 01:59:59 CEST 2033 adding as trusted cert: Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192 Valid from Mon May 18 02:00:00 CEST 1998 until Wed Aug 02 01:59:59 CEST 2028 adding as trusted cert: Subject: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR Issuer: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR Algorithm: RSA; Serial number: 0x1121bc276c5547af584eefd4ced629b2a285 Valid from Tue May 26 02:00:00 CEST 2009 until Tue May 26 02:00:00 CEST 2020 adding as trusted cert: Subject: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0x33af1e6a711a9a0bb2864b11d09fae5 Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 keyStore is : /data/app/sysp/localconfig/clientAuthKeystore.jks keyStore type is : jks keyStore provider is : init keystore init keymanager of type SunX509 *** found key for : tuser-sysp-scu0000a chain [0] = [ [ Version: V3 Subject: CN=TUSER-SYSP-SCU0000A, OU=Systemplattform eDokumente, O=Admin, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 25027028182467694683913544237864432927282293074107818818807877030342847025279370734421683740554850424603261221390884946917720650812037177195092324408255542817305102504561912559357382998882681995977594048854862774935856446333282718263266097364335331528566453171905299121492184294388240012767009265273349666578909993284706766338539099718470792098345416589669101833977550740610552957432532910777688674819680872156485206333249722165631496690963418223753492714815880450556778994104167461657295422152540978158216242899021588749185064992353328162973038301095198406145123154145338064733148394967347800016877457018421517446681 public exponent: 65537 Validity: [From: Fri Jan 20 10:59:40 CET 2017, To: Mon Jan 20 10:59:40 CET 2020] Issuer: CN=Swiss Government Regular CA 01, OU=Certification Authorities, OU=Services, O=Admin, C=CH SerialNumber: [ 4ea774a2 4ec4163f 3d3681d4 83eca550] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RegularCA01.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 4D 77 B5 E4 EF 6D 9C C3 9B A0 3A 87 E1 A6 EE 08 Mw...m....:..... 0010: A7 39 E7 8B .9.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RegularCA01.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Regular%20CA%2001,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.22.23] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 32 31 5F 31 2E 70 64 66 3_21_1.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 B0 1A 81 AD 54 68 65 20 70 75 72 70 6F 73 0.....The purpos 0010: 65 20 6F 66 20 74 68 69 73 20 63 65 72 74 69 66 e of this certif 0020: 69 63 61 74 65 20 69 73 20 73 6F 6C 65 6C 79 20 icate is solely 0030: 69 6E 74 65 6E 64 65 64 20 66 6F 72 20 73 79 73 intended for sys 0040: 74 65 6D 20 70 6C 61 74 66 6F 72 6D 20 65 44 6F tem platform eDo 0050: 6B 75 6D 65 6E 74 65 20 61 70 70 6C 69 63 61 74 kumente applicat 0060: 69 6F 6E 20 75 73 61 67 65 73 2E 20 54 68 65 20 ion usages. The 0070: 73 75 62 6A 65 63 74 20 69 73 20 61 20 74 65 63 subject is a tec 0080: 68 6E 69 63 61 6C 20 75 73 65 72 20 72 65 66 65 hnical user refe 0090: 72 65 6E 63 65 64 20 69 6E 20 74 68 65 20 64 61 renced in the da 00A0: 74 61 62 61 73 65 20 6F 66 20 49 53 43 2D 45 4A tabase of ISC-EJ 00B0: 50 44 2E PD. ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ emailProtection clientAuth 1.3.6.1.4.1.311.20.2.2 1.3.6.1.4.1.311.10.3.4 ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ RFC822Name: juerg.blaser@isc-ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: E1 88 99 91 11 01 56 40 8D F1 E6 AE 0D F5 96 6E ......V@.......n 0010: A7 87 4F 18 ..O. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 5E 6D 26 5C 80 B1 22 63 63 09 F2 1A 73 72 24 E9 ^m&\.."cc...sr$. 0010: 1A 0D 78 A9 6E 93 D0 32 32 75 70 00 51 58 60 0D ..x.n..22up.QX`. 0020: 62 3D AE F8 89 30 C6 4C 37 C1 E9 56 A9 B6 9C 97 b=...0.L7..V.... 0030: F4 46 2E 82 7E C2 F4 8E E4 08 0E B9 E3 89 62 40 .F............b@ 0040: EC D1 B3 B3 FB 14 0C 48 AD B3 02 B2 4D A4 D5 3A .......H....M..: 0050: 21 63 0B C9 E1 E1 E8 87 A0 49 22 2E 4D D1 89 CA !c.......I".M... 0060: 97 CA DD A2 94 DC D0 F8 EA 3C 11 84 E1 58 C2 4A .........<...X.J 0070: A0 6E 16 2E 0D 0E 32 CC 91 72 39 B1 79 E0 B4 3B .n....2..r9.y..; 0080: 6B 68 B5 18 D0 CE B1 CA 1A 45 43 D2 C0 90 BA 94 kh.......EC..... 0090: 85 24 36 0C D9 1A 60 05 E2 78 ED 53 BF 8B 42 FD .$6...`..x.S..B. 00A0: 0B 9F 88 3C 5F 5B 04 17 68 D9 70 04 DE 29 3A 8D ...<_[..h.p..):. 00B0: 4B E6 D5 4F 5C 16 C2 ED EC C3 EF 3E E4 D2 94 7B K..O\......>.... 00C0: 18 50 78 60 DF 67 6C 7C 18 76 8C 8C 9B E7 A7 5C .Px`.gl..v.....\ 00D0: AC 4D 31 A8 17 C6 48 CE 46 9A D0 23 F7 B6 3F 74 .M1...H.F..#..?t 00E0: 76 CC FE 86 32 E2 0C B6 DF 91 72 19 B6 C3 1E 90 v...2.....r..... 00F0: 44 33 74 62 83 86 82 9F 51 72 84 31 43 7D 5D 9F D3tb....Qr.1C.]. 0100: C4 9F 22 71 79 FE D9 B9 31 C7 EB F8 74 BB 98 64 .."qy...1...t..d 0110: 80 34 03 A4 D1 06 1F 3D 94 3B 62 BC 94 01 E0 57 .4.....=.;b....W 0120: 4C 69 EB 3E 2A 43 18 AF A5 82 8B 6C 07 59 21 41 Li.>*C.....l.Y!A 0130: F1 7D 1C 16 51 31 DC 39 EA 4C 0A 08 BA A3 BD A8 ....Q1.9.L...... 0140: 16 61 E4 10 D2 5C 58 D8 C1 1E 71 E6 22 F8 8F 84 .a...\X...q."... 0150: BB 2E E4 86 E8 5A C4 CA 43 66 7D F4 9E DF CB 74 .....Z..Cf.....t 0160: AD 6A 36 00 D8 58 D4 4F 00 20 AD 50 33 69 68 80 .j6..X.O. .P3ih. 0170: E3 9D 74 8A 67 0D EA 2C FA 86 52 85 B1 EC 72 39 ..t.g..,..R...r9 0180: C8 7B A9 03 FC BF DF 00 FD 57 E5 61 E3 75 49 83 .........W.a.uI. 0190: B7 29 A0 5D 15 72 C5 EA 0D EE EF 43 D5 A6 68 E9 .).].r.....C..h. 01A0: EC 37 22 DF A6 F4 75 5F 64 E7 F4 87 04 0C 79 FB .7"...u_d.....y. 01B0: FB F5 D7 89 36 DB 77 C8 F7 04 CE 2C 16 3D 89 E0 ....6.w....,.=.. 01C0: 71 57 7C 04 47 84 36 26 5C F6 60 20 BB 9B 95 9C qW..G.6&\.` .... 01D0: F0 AE AE 9F 65 BE F7 A8 00 52 2A 16 9E 78 D5 67 ....e....R*..x.g 01E0: 75 4B BB CF 1A DD 30 CC 78 2B BE E0 0B C5 12 8B uK....0.x+...... 01F0: F1 8C 12 AE A7 C0 FF 26 0E 49 33 2C 42 79 32 37 .......&.I3,By27 ] *** trigger seeding of SecureRandom done seeding SecureRandom Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false main, setSoTimeout(0) called main, the previous server name in SNI (type=host_name (0), value=portal-test.ejpd.admin.ch) was replaced with (type=host_name (0), value=portal-test.ejpd.admin.ch) Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% No cached client session *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069544 bytes = { 159, 155, 9, 187, 253, 152, 190, 55, 161, 46, 11, 43, 189, 221, 97, 143, 187, 241, 79, 131, 57, 67, 140, 58, 184, 142, 54, 121 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension extended_master_secret Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] *** main, WRITE: TLSv1.2 Handshake, length = 247 main, READ: TLSv1.2 Handshake, length = 93 *** ServerHello, TLSv1.2 RandomCookie: GMT: -993879435 bytes = { 29, 234, 68, 55, 218, 188, 221, 221, 2, 39, 40, 163, 221, 113, 135, 172, 8, 134, 179, 70, 101, 129, 222, 170, 7, 38, 2, 84 } Session ID: {114, 246, 243, 106, 60, 14, 75, 181, 99, 110, 242, 223, 53, 244, 159, 16, 104, 28, 244, 158, 55, 77, 62, 125, 129, 92, 222, 24, 18, 216, 80, 122} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension server_name, server_name: Extension renegotiation_info, renegotiated_connection: Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] *** %% Initialized: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 main, READ: TLSv1.2 Handshake, length = 2020 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=portal-test.ejpd.admin.ch, OU=Servers, O=Bundesamt fuer Informatik und Telekommunikation, L=Bern, ST=BE, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24109167904437433945253508844342763413441845728208183254647005819933868198780296728577640607958357822408250558015383202085282842403482866361947874340498940788692215286838967482023754570995759820949362508793327877831065057670470861041451731272193094175058185897869086760581452374585244852633837402338192501727415524341078979419280212850657629638907508258572452503360478646158645100860112882483193416936550820627048860062106314761897031068761917793776773387785924043891026693008945863920194239795211639452716392625588820439122532450621258878585060338342149673355731074965264742710524889861054322551199697492763878869543 public exponent: 65537 Validity: [From: Mon Dec 04 15:45:32 CET 2017, To: Wed Dec 04 15:45:32 CET 2019] Issuer: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH SerialNumber: [ 63255dbd 2700e2fc f19dec0a 7578d0f0] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/PTSTCA02BC.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/bcocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/PTSTCA02.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Public%20Trust%20Standard%20CA%2002,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.62.14] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 0C 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: portal-test.ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: B0 40 07 04 E3 74 03 59 AA 66 52 78 D3 8F CE 73 .@...t.Y.fRx...s 0010: 21 8E 02 79 !..y ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 0A 2D 6F 0F 55 C2 C4 3A 59 40 A2 81 B4 7C 44 A9 .-o.U..:Y@....D. 0010: F6 62 76 2F A1 0D 8D 4B 28 DC 58 D6 99 AD A1 38 .bv/...K(.X....8 0020: 91 A6 33 8F 9B C6 D2 8D 98 A7 4B 58 46 33 DA 2F ..3.......KXF3./ 0030: 34 BC 32 C8 A0 DF 28 EE C3 08 B6 78 07 5D B3 27 4.2...(....x.].' 0040: 48 F7 C9 C4 96 29 5A 10 E7 BB 80 D0 D5 7C CB 13 H....)Z......... 0050: 1E 54 CC 24 1B E1 F0 A6 FF 02 80 FD D4 88 21 D9 .T.$..........!. 0060: 36 E1 4C 18 EB 65 6A 25 23 1F 83 A7 55 61 82 C9 6.L..ej%#...Ua.. 0070: 1F E8 48 50 27 91 46 21 A3 58 F0 D4 FB 25 17 59 ..HP'.F!.X...%.Y 0080: 40 95 C0 CC 83 51 F7 DF 5F 7F D2 00 D6 F7 51 FB @....Q.._.....Q. 0090: 38 C4 8A D3 64 A5 0E AB F2 A1 29 A5 99 BB A8 C0 8...d.....)..... 00A0: 2D 14 ED E5 74 34 5C 8F 7B 70 F2 19 2E 17 76 62 -...t4\..p....vb 00B0: 29 71 91 46 6E AD FE 4F 13 B7 F3 C0 D4 0A 48 7A )q.Fn..O......Hz 00C0: 3D 6E A5 0E 00 DB CD 0F 66 C4 19 99 92 3A DA 62 =n......f....:.b 00D0: 42 79 17 1C 95 C2 AC 2E C0 05 38 75 45 7A AE 50 By........8uEz.P 00E0: 8E CF D3 55 B5 95 FD 07 B4 23 C2 67 C1 15 9C C2 ...U.....#.g.... 00F0: 43 B9 21 6D 1A C8 F1 E2 2E 3E 40 AC A3 E1 4E 42 C.!m.....>@...NB 0100: 31 CB CA 85 4A 9B F5 21 95 20 29 72 04 6E AE 1A 1...J..!. )r.n.. 0110: E9 04 D2 9E 16 9A 54 A0 E5 6F AA 67 6B 1E 89 7C ......T..o.gk... 0120: D9 0F 5B 82 56 17 06 78 0E 2B 8C 66 6F A2 74 13 ..[.V..x.+.fo.t. 0130: D2 14 37 D1 D1 DA 57 8C 3B 48 67 19 3D A2 AF 76 ..7...W.;Hg.=..v 0140: BD AB 62 FB A3 1B 1E 35 18 EC 72 03 80 9A 11 13 ..b....5..r..... 0150: 3C 2A D9 5F 0D 47 60 32 BA F1 96 45 3A E3 E2 D5 <*._.G`2...E:... 0160: CD 38 AC 81 21 8F 06 B6 BB C4 37 36 DF A0 11 BA .8..!.....76.... 0170: 4D D8 61 B3 4F AF E4 04 F6 5E B1 99 53 28 3D B7 M.a.O....^..S(=. 0180: 40 A1 EA 6B 54 F0 76 58 18 C7 0B 8B BF 52 0A D0 @..kT.vX.....R.. 0190: 9F 25 B3 0D 5B 33 C8 9D 20 9F DA 02 EA CF 12 82 .%..[3.. ....... 01A0: 82 18 6A D9 2B 51 AA BC 2E 5E 22 AB 7F 76 F7 D7 ..j.+Q...^"..v.. 01B0: 52 EF 06 03 47 D7 0B 43 4E 83 88 A7 33 54 71 9C R...G..CN...3Tq. 01C0: 5E 2F 3D E3 09 BF 54 66 94 37 22 3B 28 AA 75 F4 ^/=...Tf.7";(.u. 01D0: B6 4C F3 9F ED 4E 58 83 75 74 34 13 C9 B3 A0 08 .L...NX.ut4..... 01E0: 76 0E 18 72 DA FB C5 38 2E A5 20 B8 79 AD E0 26 v..r...8.. .y..& 01F0: 51 21 08 5B 32 1F E9 90 FB 3B 51 15 54 D5 22 8A Q!.[2....;Q.T.". ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 685030365976306227664770318750740055344262204363356489255200488126509027249780393480152864502079712591299086481583066718124997413065144941016976402995248841742873018338953833528091501640845003736986907323199933259442382032249941471222721298593830087627421951904142281784859991606199159436034251871128659464076704777826812850206320977942118734271613656876323197005486810160880335083703267372132894769474408886144461152404934157789579323380315204238874948052404550618414408891460786661785789722427748773630869667116014075529961288790262968939130590039393639686046124007735970521753063559612996046877550099638496160209002222125707394509436944658283310622941479773678664893840600319520931184326211910170022464891782188982820354161664578519645213143561901957585895416676721122741278086311046678867348741779914605643877086173379061840301443047017125731495367225812341965936171706393997817947465533551378079508519071245733796893538104510192433803881855625212534567419601711885984431423964482738786349536277691205661351201444074718234290357888994049445157777862216444875206522897011987932465352506151147605745946036172958308441499991951459951730459222349606464989902606719302708618175148080051476456284218863757216853990487613420598444880511 public exponent: 65537 Validity: [From: Wed May 11 10:36:42 CEST 2016, To: Sun May 11 10:36:42 CEST 2031] Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH SerialNumber: [ 51fc8949 2b4968c0 9ec32160 76b65663] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RootCAIII.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 07 EB 8E AA 71 CB 27 A5 BB C7 31 60 BE ED 1F CF ....q.'...1`.... 0010: A0 33 C4 E6 .3.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RootCAIII.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Root%20CA%20III,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.61.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 1A 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 75 22 F0 9D 51 C2 83 18 E7 FF 92 50 2F 0E A6 2E u"..Q......P/... 0010: C4 21 A5 F4 26 36 DC FB 1E DB CC 65 2A 7B D8 25 .!..&6.....e*..% 0020: 52 AF 04 79 77 34 80 4B BA CB 93 81 14 BF 7B 4F R..yw4.K.......O 0030: 71 14 EE E9 A8 13 36 74 83 1F EA D7 4A 56 1F F5 q.....6t....JV.. 0040: BE 0D 4F D2 04 A6 EE BF 16 F1 89 2A 67 A4 FA B4 ..O........*g... 0050: 2B 7C 1F 66 4D 26 C0 A0 D0 84 82 C2 62 3F 05 D0 +..fM&......b?.. 0060: 55 67 DB 18 9F 1F 7D DD 91 42 96 7A 83 94 8F 1F Ug.......B.z.... 0070: E0 49 2F AD 15 5A 18 89 45 30 17 6A D2 A4 35 F5 .I/..Z..E0.j..5. 0080: C2 DE 9A 3A B3 1A 89 A0 38 46 FA CD D7 6C F5 8A ...:....8F...l.. 0090: 60 40 64 E5 93 AD 01 24 6C AF 96 1D DC BD 37 29 `@d....$l.....7) 00A0: 1B F0 66 E0 52 17 26 F5 AC 4A FB B0 1C CB 4B 7C ..f.R.&..J....K. 00B0: C8 C7 03 0D 87 72 FF 6B 72 58 32 E7 E7 25 15 C3 .....r.krX2..%.. 00C0: 57 39 8E A2 1D 8F 97 6F 46 99 67 67 C3 36 38 9A W9.....oF.gg.68. 00D0: 5C E1 ED 9F FC 3E 99 23 AF 98 AB 4F C2 C8 C7 8D \....>.#...O.... 00E0: 96 C4 CE F5 2E 65 C3 61 8F B3 0E 64 38 D9 C2 6F .....e.a...d8..o 00F0: E7 14 40 E0 3E 3E CA 46 9F F5 E6 55 04 A6 5C FF ..@.>>.F...U..\. 0100: 02 B8 DA 39 09 00 75 36 50 86 E6 A9 D2 A3 E1 A1 ...9..u6P....... 0110: 2A 33 50 3C 13 D4 C7 0E E5 6F D2 A1 C4 A8 41 8E *3P<.....o....A. 0120: A8 67 E3 64 3E 8A 39 99 5D D7 D3 26 70 C5 8D 2F .g.d>.9.]..&p../ 0130: 9F AE 16 4D 80 AA 30 EF 57 7F 1D CF 9F 84 D8 1A ...M..0.W....... 0140: F3 A2 24 16 69 3B 8F DE A0 8D 48 26 A0 61 C4 B7 ..$.i;....H&.a.. 0150: E7 93 74 D3 80 12 0A 3F 9D 79 C0 74 EB 3C 27 6F ..t....?.y.t.<'o 0160: E5 3B 47 53 14 84 D4 A2 BE 85 02 97 59 53 B5 EA .;GS........YS.. 0170: 06 00 62 1B 90 C8 AC A8 99 A4 E0 C7 CF EA A8 F6 ..b............. 0180: EB 3E 85 AC B7 89 EF BA A5 64 1A F3 1A 0E 12 EA .>.......d...... 0190: F9 9A 48 5C AC 51 DB 23 98 FA AC 6B 60 08 D0 A5 ..H\.Q.#...k`... 01A0: EE 20 A1 30 CB 57 B9 A8 C9 7E BC 4D 0D 74 14 11 . .0.W.....M.t.. 01B0: 8B 9D 1B B0 05 C8 FF 7B 81 86 F2 1E 3D 8F F6 EA ............=... 01C0: 2A EF 0E BF 8B 68 5C 7A 0E 75 7B 26 0F 69 D1 29 *....h\z.u.&.i.) 01D0: C2 97 7F E2 88 0C C9 02 AD D9 26 11 EE BB 66 90 ..........&...f. 01E0: C2 49 19 4A F2 30 52 9C 6B 72 A7 7F BF CE 90 8D .I.J.0R.kr...... 01F0: B4 C3 F4 2D 3A 07 35 DB 35 57 1E 8C 96 2A 27 FF ...-:.5.5W...*'. ] main, READ: TLSv1.2 Handshake, length = 333 *** ECDH ServerKeyExchange Signature Algorithm SHA512withRSA Server key: Sun EC public key, 256 bits public x coord: 76260520549071264743439548014734450596516462925646538669547752818552757407556 public y coord: 103075346199838213943949364858438846678915946773655230601568391206280114893976 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) main, READ: TLSv1.2 Handshake, length = 4 *** ServerHelloDone *** ECDHClientKeyExchange ECDH Public value: { 4, 22, 103, 167, 21, 90, 91, 44, 206, 139, 184, 3, 68, 138, 188, 95, 109, 211, 208, 9, 157, 192, 140, 15, 194, 71, 7, 81, 28, 110, 215, 192, 59, 105, 225, 187, 81, 115, 123, 111, 106, 50, 6, 97, 130, 24, 210, 4, 210, 170, 42, 239, 164, 51, 71, 137, 72, 20, 55, 132, 124, 34, 183, 254, 141 } main, WRITE: TLSv1.2 Handshake, length = 70 SESSION KEYGEN: PreMaster Secret: 0000: 98 75 59 AE CD 12 59 9B 30 CC 8A D5 37 33 D6 B4 .uY...Y.0...73.. 0010: 35 F8 9D 6D 03 78 0D C7 DD 47 29 92 B8 9B 7D 85 5..m.x...G)..... CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 48 A8 9F 9B 09 BB FD 98 BE 37 A1 2E 0B 2B Z.H........7...+ 0010: BD DD 61 8F BB F1 4F 83 39 43 8C 3A B8 8E 36 79 ..a...O.9C.:..6y Server Nonce: 0000: C5 C3 9A 75 1D EA 44 37 DA BC DD DD 02 27 28 A3 ...u..D7.....'(. 0010: DD 71 87 AC 08 86 B3 46 65 81 DE AA 07 26 02 54 .q.....Fe....&.T Master Secret: 0000: 3C 11 6E 2D 0C FA 95 88 56 92 63 C7 80 3D 6F D9 <.n-....V.c..=o. 0010: 24 B9 D5 32 70 D2 11 EB C1 BF B9 47 8E E0 BE 83 $..2p......G.... 0020: 9B 56 56 1B FA 2B BC D0 41 83 79 50 FE 95 A5 2F .VV..+..A.yP.../ ... no MAC keys used for this cipher Client write key: 0000: 0C 29 CA 94 21 2D 31 E3 FB D6 3B C9 A1 29 22 E1 .)..!-1...;..)". 0010: 8B 7C 74 8D D1 96 72 C5 78 F1 99 D3 0F 46 04 13 ..t...r.x....F.. Server write key: 0000: 6D 26 28 12 A8 A0 E3 1A 3E 9E 66 60 79 13 21 3C m&(.....>.f`y.!< 0010: 10 3A F3 6B 23 55 AA F0 AB C4 9D 2B 62 E5 D0 3A .:.k#U.....+b..: Client write IV: 0000: B3 07 8A 4A ...J Server write IV: 0000: BF 8D 70 D1 ..p. main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished verify_data: { 35, 182, 148, 234, 181, 81, 242, 249, 28, 214, 159, 156 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, READ: TLSv1.2 Change Cipher Spec, length = 1 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 72, 77, 233, 148, 255, 241, 117, 11, 229, 22, 240, 82 } *** %% Cached client session: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, WRITE: TLSv1.2 Application Data, length = 209 main, READ: TLSv1.2 Handshake, length = 28 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: false Is secure renegotiation: true Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 *** HelloRequest (empty) %% Client cached [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] %% Try resuming [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] from port 45625 *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069544 bytes = { 93, 109, 146, 9, 116, 34, 253, 36, 14, 15, 54, 211, 135, 210, 128, 82, 202, 168, 80, 21, 144, 214, 232, 114, 106, 4, 15, 37 } Session ID: {114, 246, 243, 106, 60, 14, 75, 181, 99, 110, 242, 223, 53, 244, 159, 16, 104, 28, 244, 158, 55, 77, 62, 125, 129, 92, 222, 24, 18, 216, 80, 122} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] Extension renegotiation_info, renegotiated_connection: 23:b6:94:ea:b5:51:f2:f9:1c:d6:9f:9c *** main, WRITE: TLSv1.2 Handshake, length = 314 main, READ: TLSv1.2 Handshake, length = 141 *** ServerHello, TLSv1.2 RandomCookie: GMT: -1150298893 bytes = { 183, 120, 10, 79, 55, 43, 168, 93, 134, 20, 180, 97, 128, 184, 47, 165, 99, 87, 253, 69, 229, 225, 240, 234, 137, 127, 102, 187 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension server_name, server_name: Extension renegotiation_info, renegotiated_connection: 23:b6:94:ea:b5:51:f2:f9:1c:d6:9f:9c:48:4d:e9:94:ff:f1:75:0b:e5:16:f0:52 Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] *** %% Initialized: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 main, READ: TLSv1.2 Handshake, length = 2044 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=portal-test.ejpd.admin.ch, OU=Servers, O=Bundesamt fuer Informatik und Telekommunikation, L=Bern, ST=BE, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24109167904437433945253508844342763413441845728208183254647005819933868198780296728577640607958357822408250558015383202085282842403482866361947874340498940788692215286838967482023754570995759820949362508793327877831065057670470861041451731272193094175058185897869086760581452374585244852633837402338192501727415524341078979419280212850657629638907508258572452503360478646158645100860112882483193416936550820627048860062106314761897031068761917793776773387785924043891026693008945863920194239795211639452716392625588820439122532450621258878585060338342149673355731074965264742710524889861054322551199697492763878869543 public exponent: 65537 Validity: [From: Mon Dec 04 15:45:32 CET 2017, To: Wed Dec 04 15:45:32 CET 2019] Issuer: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH SerialNumber: [ 63255dbd 2700e2fc f19dec0a 7578d0f0] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/PTSTCA02BC.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/bcocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/PTSTCA02.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Public%20Trust%20Standard%20CA%2002,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.62.14] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 0C 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: portal-test.ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: B0 40 07 04 E3 74 03 59 AA 66 52 78 D3 8F CE 73 .@...t.Y.fRx...s 0010: 21 8E 02 79 !..y ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 0A 2D 6F 0F 55 C2 C4 3A 59 40 A2 81 B4 7C 44 A9 .-o.U..:Y@....D. 0010: F6 62 76 2F A1 0D 8D 4B 28 DC 58 D6 99 AD A1 38 .bv/...K(.X....8 0020: 91 A6 33 8F 9B C6 D2 8D 98 A7 4B 58 46 33 DA 2F ..3.......KXF3./ 0030: 34 BC 32 C8 A0 DF 28 EE C3 08 B6 78 07 5D B3 27 4.2...(....x.].' 0040: 48 F7 C9 C4 96 29 5A 10 E7 BB 80 D0 D5 7C CB 13 H....)Z......... 0050: 1E 54 CC 24 1B E1 F0 A6 FF 02 80 FD D4 88 21 D9 .T.$..........!. 0060: 36 E1 4C 18 EB 65 6A 25 23 1F 83 A7 55 61 82 C9 6.L..ej%#...Ua.. 0070: 1F E8 48 50 27 91 46 21 A3 58 F0 D4 FB 25 17 59 ..HP'.F!.X...%.Y 0080: 40 95 C0 CC 83 51 F7 DF 5F 7F D2 00 D6 F7 51 FB @....Q.._.....Q. 0090: 38 C4 8A D3 64 A5 0E AB F2 A1 29 A5 99 BB A8 C0 8...d.....)..... 00A0: 2D 14 ED E5 74 34 5C 8F 7B 70 F2 19 2E 17 76 62 -...t4\..p....vb 00B0: 29 71 91 46 6E AD FE 4F 13 B7 F3 C0 D4 0A 48 7A )q.Fn..O......Hz 00C0: 3D 6E A5 0E 00 DB CD 0F 66 C4 19 99 92 3A DA 62 =n......f....:.b 00D0: 42 79 17 1C 95 C2 AC 2E C0 05 38 75 45 7A AE 50 By........8uEz.P 00E0: 8E CF D3 55 B5 95 FD 07 B4 23 C2 67 C1 15 9C C2 ...U.....#.g.... 00F0: 43 B9 21 6D 1A C8 F1 E2 2E 3E 40 AC A3 E1 4E 42 C.!m.....>@...NB 0100: 31 CB CA 85 4A 9B F5 21 95 20 29 72 04 6E AE 1A 1...J..!. )r.n.. 0110: E9 04 D2 9E 16 9A 54 A0 E5 6F AA 67 6B 1E 89 7C ......T..o.gk... 0120: D9 0F 5B 82 56 17 06 78 0E 2B 8C 66 6F A2 74 13 ..[.V..x.+.fo.t. 0130: D2 14 37 D1 D1 DA 57 8C 3B 48 67 19 3D A2 AF 76 ..7...W.;Hg.=..v 0140: BD AB 62 FB A3 1B 1E 35 18 EC 72 03 80 9A 11 13 ..b....5..r..... 0150: 3C 2A D9 5F 0D 47 60 32 BA F1 96 45 3A E3 E2 D5 <*._.G`2...E:... 0160: CD 38 AC 81 21 8F 06 B6 BB C4 37 36 DF A0 11 BA .8..!.....76.... 0170: 4D D8 61 B3 4F AF E4 04 F6 5E B1 99 53 28 3D B7 M.a.O....^..S(=. 0180: 40 A1 EA 6B 54 F0 76 58 18 C7 0B 8B BF 52 0A D0 @..kT.vX.....R.. 0190: 9F 25 B3 0D 5B 33 C8 9D 20 9F DA 02 EA CF 12 82 .%..[3.. ....... 01A0: 82 18 6A D9 2B 51 AA BC 2E 5E 22 AB 7F 76 F7 D7 ..j.+Q...^"..v.. 01B0: 52 EF 06 03 47 D7 0B 43 4E 83 88 A7 33 54 71 9C R...G..CN...3Tq. 01C0: 5E 2F 3D E3 09 BF 54 66 94 37 22 3B 28 AA 75 F4 ^/=...Tf.7";(.u. 01D0: B6 4C F3 9F ED 4E 58 83 75 74 34 13 C9 B3 A0 08 .L...NX.ut4..... 01E0: 76 0E 18 72 DA FB C5 38 2E A5 20 B8 79 AD E0 26 v..r...8.. .y..& 01F0: 51 21 08 5B 32 1F E9 90 FB 3B 51 15 54 D5 22 8A Q!.[2....;Q.T.". ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 685030365976306227664770318750740055344262204363356489255200488126509027249780393480152864502079712591299086481583066718124997413065144941016976402995248841742873018338953833528091501640845003736986907323199933259442382032249941471222721298593830087627421951904142281784859991606199159436034251871128659464076704777826812850206320977942118734271613656876323197005486810160880335083703267372132894769474408886144461152404934157789579323380315204238874948052404550618414408891460786661785789722427748773630869667116014075529961288790262968939130590039393639686046124007735970521753063559612996046877550099638496160209002222125707394509436944658283310622941479773678664893840600319520931184326211910170022464891782188982820354161664578519645213143561901957585895416676721122741278086311046678867348741779914605643877086173379061840301443047017125731495367225812341965936171706393997817947465533551378079508519071245733796893538104510192433803881855625212534567419601711885984431423964482738786349536277691205661351201444074718234290357888994049445157777862216444875206522897011987932465352506151147605745946036172958308441499991951459951730459222349606464989902606719302708618175148080051476456284218863757216853990487613420598444880511 public exponent: 65537 Validity: [From: Wed May 11 10:36:42 CEST 2016, To: Sun May 11 10:36:42 CEST 2031] Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH SerialNumber: [ 51fc8949 2b4968c0 9ec32160 76b65663] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RootCAIII.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 07 EB 8E AA 71 CB 27 A5 BB C7 31 60 BE ED 1F CF ....q.'...1`.... 0010: A0 33 C4 E6 .3.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RootCAIII.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Root%20CA%20III,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.61.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 1A 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 75 22 F0 9D 51 C2 83 18 E7 FF 92 50 2F 0E A6 2E u"..Q......P/... 0010: C4 21 A5 F4 26 36 DC FB 1E DB CC 65 2A 7B D8 25 .!..&6.....e*..% 0020: 52 AF 04 79 77 34 80 4B BA CB 93 81 14 BF 7B 4F R..yw4.K.......O 0030: 71 14 EE E9 A8 13 36 74 83 1F EA D7 4A 56 1F F5 q.....6t....JV.. 0040: BE 0D 4F D2 04 A6 EE BF 16 F1 89 2A 67 A4 FA B4 ..O........*g... 0050: 2B 7C 1F 66 4D 26 C0 A0 D0 84 82 C2 62 3F 05 D0 +..fM&......b?.. 0060: 55 67 DB 18 9F 1F 7D DD 91 42 96 7A 83 94 8F 1F Ug.......B.z.... 0070: E0 49 2F AD 15 5A 18 89 45 30 17 6A D2 A4 35 F5 .I/..Z..E0.j..5. 0080: C2 DE 9A 3A B3 1A 89 A0 38 46 FA CD D7 6C F5 8A ...:....8F...l.. 0090: 60 40 64 E5 93 AD 01 24 6C AF 96 1D DC BD 37 29 `@d....$l.....7) 00A0: 1B F0 66 E0 52 17 26 F5 AC 4A FB B0 1C CB 4B 7C ..f.R.&..J....K. 00B0: C8 C7 03 0D 87 72 FF 6B 72 58 32 E7 E7 25 15 C3 .....r.krX2..%.. 00C0: 57 39 8E A2 1D 8F 97 6F 46 99 67 67 C3 36 38 9A W9.....oF.gg.68. 00D0: 5C E1 ED 9F FC 3E 99 23 AF 98 AB 4F C2 C8 C7 8D \....>.#...O.... 00E0: 96 C4 CE F5 2E 65 C3 61 8F B3 0E 64 38 D9 C2 6F .....e.a...d8..o 00F0: E7 14 40 E0 3E 3E CA 46 9F F5 E6 55 04 A6 5C FF ..@.>>.F...U..\. 0100: 02 B8 DA 39 09 00 75 36 50 86 E6 A9 D2 A3 E1 A1 ...9..u6P....... 0110: 2A 33 50 3C 13 D4 C7 0E E5 6F D2 A1 C4 A8 41 8E *3P<.....o....A. 0120: A8 67 E3 64 3E 8A 39 99 5D D7 D3 26 70 C5 8D 2F .g.d>.9.]..&p../ 0130: 9F AE 16 4D 80 AA 30 EF 57 7F 1D CF 9F 84 D8 1A ...M..0.W....... 0140: F3 A2 24 16 69 3B 8F DE A0 8D 48 26 A0 61 C4 B7 ..$.i;....H&.a.. 0150: E7 93 74 D3 80 12 0A 3F 9D 79 C0 74 EB 3C 27 6F ..t....?.y.t.<'o 0160: E5 3B 47 53 14 84 D4 A2 BE 85 02 97 59 53 B5 EA .;GS........YS.. 0170: 06 00 62 1B 90 C8 AC A8 99 A4 E0 C7 CF EA A8 F6 ..b............. 0180: EB 3E 85 AC B7 89 EF BA A5 64 1A F3 1A 0E 12 EA .>.......d...... 0190: F9 9A 48 5C AC 51 DB 23 98 FA AC 6B 60 08 D0 A5 ..H\.Q.#...k`... 01A0: EE 20 A1 30 CB 57 B9 A8 C9 7E BC 4D 0D 74 14 11 . .0.W.....M.t.. 01B0: 8B 9D 1B B0 05 C8 FF 7B 81 86 F2 1E 3D 8F F6 EA ............=... 01C0: 2A EF 0E BF 8B 68 5C 7A 0E 75 7B 26 0F 69 D1 29 *....h\z.u.&.i.) 01D0: C2 97 7F E2 88 0C C9 02 AD D9 26 11 EE BB 66 90 ..........&...f. 01E0: C2 49 19 4A F2 30 52 9C 6B 72 A7 7F BF CE 90 8D .I.J.0R.kr...... 01F0: B4 C3 F4 2D 3A 07 35 DB 35 57 1E 8C 96 2A 27 FF ...-:.5.5W...*'. ] main, READ: TLSv1.2 Handshake, length = 357 *** ECDH ServerKeyExchange Signature Algorithm SHA512withRSA Server key: Sun EC public key, 256 bits public x coord: 23277956067645963756996260064221070903187037399850505754691306703770744308026 public y coord: 36510440093522957258401521756862170303506364289788808299584760459221449537691 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) main, READ: TLSv1.2 Handshake, length = 1149 *** CertificateRequest Cert Types: RSA, DSS, ECDSA Supported Signature Algorithms: SHA512withRSA, Unknown (hash:0x6, signature:0x2), SHA512withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA, SHA256withRSA, SHA256withDSA, SHA256withECDSA, SHA224withRSA, SHA224withDSA, SHA224withECDSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA Cert Authorities:

*** ServerHelloDone matching alias: tuser-sysp-scu0000a *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=TUSER-SYSP-SCU0000A, OU=Systemplattform eDokumente, O=Admin, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 25027028182467694683913544237864432927282293074107818818807877030342847025279370734421683740554850424603261221390884946917720650812037177195092324408255542817305102504561912559357382998882681995977594048854862774935856446333282718263266097364335331528566453171905299121492184294388240012767009265273349666578909993284706766338539099718470792098345416589669101833977550740610552957432532910777688674819680872156485206333249722165631496690963418223753492714815880450556778994104167461657295422152540978158216242899021588749185064992353328162973038301095198406145123154145338064733148394967347800016877457018421517446681 public exponent: 65537 Validity: [From: Fri Jan 20 10:59:40 CET 2017, To: Mon Jan 20 10:59:40 CET 2020] Issuer: CN=Swiss Government Regular CA 01, OU=Certification Authorities, OU=Services, O=Admin, C=CH SerialNumber: [ 4ea774a2 4ec4163f 3d3681d4 83eca550] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RegularCA01.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 4D 77 B5 E4 EF 6D 9C C3 9B A0 3A 87 E1 A6 EE 08 Mw...m....:..... 0010: A7 39 E7 8B .9.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RegularCA01.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Regular%20CA%2001,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.22.23] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 32 31 5F 31 2E 70 64 66 3_21_1.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 B0 1A 81 AD 54 68 65 20 70 75 72 70 6F 73 0.....The purpos 0010: 65 20 6F 66 20 74 68 69 73 20 63 65 72 74 69 66 e of this certif 0020: 69 63 61 74 65 20 69 73 20 73 6F 6C 65 6C 79 20 icate is solely 0030: 69 6E 74 65 6E 64 65 64 20 66 6F 72 20 73 79 73 intended for sys 0040: 74 65 6D 20 70 6C 61 74 66 6F 72 6D 20 65 44 6F tem platform eDo 0050: 6B 75 6D 65 6E 74 65 20 61 70 70 6C 69 63 61 74 kumente applicat 0060: 69 6F 6E 20 75 73 61 67 65 73 2E 20 54 68 65 20 ion usages. The 0070: 73 75 62 6A 65 63 74 20 69 73 20 61 20 74 65 63 subject is a tec 0080: 68 6E 69 63 61 6C 20 75 73 65 72 20 72 65 66 65 hnical user refe 0090: 72 65 6E 63 65 64 20 69 6E 20 74 68 65 20 64 61 renced in the da 00A0: 74 61 62 61 73 65 20 6F 66 20 49 53 43 2D 45 4A tabase of ISC-EJ 00B0: 50 44 2E PD. ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ emailProtection clientAuth 1.3.6.1.4.1.311.20.2.2 1.3.6.1.4.1.311.10.3.4 ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ RFC822Name: juerg.blaser@isc-ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: E1 88 99 91 11 01 56 40 8D F1 E6 AE 0D F5 96 6E ......V@.......n 0010: A7 87 4F 18 ..O. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 5E 6D 26 5C 80 B1 22 63 63 09 F2 1A 73 72 24 E9 ^m&\.."cc...sr$. 0010: 1A 0D 78 A9 6E 93 D0 32 32 75 70 00 51 58 60 0D ..x.n..22up.QX`. 0020: 62 3D AE F8 89 30 C6 4C 37 C1 E9 56 A9 B6 9C 97 b=...0.L7..V.... 0030: F4 46 2E 82 7E C2 F4 8E E4 08 0E B9 E3 89 62 40 .F............b@ 0040: EC D1 B3 B3 FB 14 0C 48 AD B3 02 B2 4D A4 D5 3A .......H....M..: 0050: 21 63 0B C9 E1 E1 E8 87 A0 49 22 2E 4D D1 89 CA !c.......I".M... 0060: 97 CA DD A2 94 DC D0 F8 EA 3C 11 84 E1 58 C2 4A .........<...X.J 0070: A0 6E 16 2E 0D 0E 32 CC 91 72 39 B1 79 E0 B4 3B .n....2..r9.y..; 0080: 6B 68 B5 18 D0 CE B1 CA 1A 45 43 D2 C0 90 BA 94 kh.......EC..... 0090: 85 24 36 0C D9 1A 60 05 E2 78 ED 53 BF 8B 42 FD .$6...`..x.S..B. 00A0: 0B 9F 88 3C 5F 5B 04 17 68 D9 70 04 DE 29 3A 8D ...<_[..h.p..):. 00B0: 4B E6 D5 4F 5C 16 C2 ED EC C3 EF 3E E4 D2 94 7B K..O\......>.... 00C0: 18 50 78 60 DF 67 6C 7C 18 76 8C 8C 9B E7 A7 5C .Px`.gl..v.....\ 00D0: AC 4D 31 A8 17 C6 48 CE 46 9A D0 23 F7 B6 3F 74 .M1...H.F..#..?t 00E0: 76 CC FE 86 32 E2 0C B6 DF 91 72 19 B6 C3 1E 90 v...2.....r..... 00F0: 44 33 74 62 83 86 82 9F 51 72 84 31 43 7D 5D 9F D3tb....Qr.1C.]. 0100: C4 9F 22 71 79 FE D9 B9 31 C7 EB F8 74 BB 98 64 .."qy...1...t..d 0110: 80 34 03 A4 D1 06 1F 3D 94 3B 62 BC 94 01 E0 57 .4.....=.;b....W 0120: 4C 69 EB 3E 2A 43 18 AF A5 82 8B 6C 07 59 21 41 Li.>*C.....l.Y!A 0130: F1 7D 1C 16 51 31 DC 39 EA 4C 0A 08 BA A3 BD A8 ....Q1.9.L...... 0140: 16 61 E4 10 D2 5C 58 D8 C1 1E 71 E6 22 F8 8F 84 .a...\X...q."... 0150: BB 2E E4 86 E8 5A C4 CA 43 66 7D F4 9E DF CB 74 .....Z..Cf.....t 0160: AD 6A 36 00 D8 58 D4 4F 00 20 AD 50 33 69 68 80 .j6..X.O. .P3ih. 0170: E3 9D 74 8A 67 0D EA 2C FA 86 52 85 B1 EC 72 39 ..t.g..,..R...r9 0180: C8 7B A9 03 FC BF DF 00 FD 57 E5 61 E3 75 49 83 .........W.a.uI. 0190: B7 29 A0 5D 15 72 C5 EA 0D EE EF 43 D5 A6 68 E9 .).].r.....C..h. 01A0: EC 37 22 DF A6 F4 75 5F 64 E7 F4 87 04 0C 79 FB .7"...u_d.....y. 01B0: FB F5 D7 89 36 DB 77 C8 F7 04 CE 2C 16 3D 89 E0 ....6.w....,.=.. 01C0: 71 57 7C 04 47 84 36 26 5C F6 60 20 BB 9B 95 9C qW..G.6&\.` .... 01D0: F0 AE AE 9F 65 BE F7 A8 00 52 2A 16 9E 78 D5 67 ....e....R*..x.g 01E0: 75 4B BB CF 1A DD 30 CC 78 2B BE E0 0B C5 12 8B uK....0.x+...... 01F0: F1 8C 12 AE A7 C0 FF 26 0E 49 33 2C 42 79 32 37 .......&.I3,By27 ] *** *** ECDHClientKeyExchange ECDH Public value: { 4, 214, 241, 210, 63, 197, 184, 40, 22, 146, 183, 148, 3, 151, 39, 103, 131, 104, 76, 134, 32, 117, 148, 124, 84, 191, 24, 166, 166, 248, 155, 23, 182, 141, 71, 48, 154, 32, 20, 141, 139, 103, 120, 184, 59, 74, 171, 51, 151, 82, 240, 64, 92, 170, 101, 149, 247, 90, 233, 42, 1, 162, 98, 186, 224 } main, WRITE: TLSv1.2 Handshake, length = 2051 SESSION KEYGEN: PreMaster Secret: 0000: 2B 81 60 0C 8E 71 E1 36 0D 90 FE 87 14 84 B3 6A +.`..q.6.......j 0010: 62 CD B5 7B D3 12 B9 26 75 0F 97 00 BA 72 21 ED b......&u....r!. CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 48 A8 5D 6D 92 09 74 22 FD 24 0E 0F 36 D3 Z.H.]m..t".$..6. 0010: 87 D2 80 52 CA A8 50 15 90 D6 E8 72 6A 04 0F 25 ...R..P....rj..% Server Nonce: 0000: BB 70 D5 F3 B7 78 0A 4F 37 2B A8 5D 86 14 B4 61 .p...x.O7+.]...a 0010: 80 B8 2F A5 63 57 FD 45 E5 E1 F0 EA 89 7F 66 BB ../.cW.E......f. Master Secret: 0000: B7 A6 2E DE 28 DB 1D 09 0F BA 02 CF A6 62 D9 B2 ....(........b.. 0010: 78 74 56 0A 39 18 D2 AD 94 82 D4 44 BB F3 9C 45 xtV.9......D...E 0020: 97 05 EC 6B 75 21 A4 4F C0 AE 15 92 68 59 E2 1E ...ku!.O....hY.. ... no MAC keys used for this cipher Client write key: 0000: DE 9A A9 10 87 C9 6F 42 83 DC D7 F5 69 D0 C7 70 ......oB....i..p 0010: B7 B0 6A E9 36 69 DA 99 F0 00 33 98 FB 2E B7 3D ..j.6i....3....= Server write key: 0000: 0B 14 2E D3 4A F5 84 29 CE D6 C1 9B CC 36 8D BB ....J..).....6.. 0010: 81 9C 7A 5B F7 C1 76 8C 0A 6E 17 99 5D BD F7 4C ..z[..v..n..]..L Client write IV: 0000: B8 32 02 4C .2.L Server write IV: 0000: 18 A6 F2 44 ...D *** CertificateVerify Signature Algorithm SHA512withRSA main, WRITE: TLSv1.2 Handshake, length = 288 main, WRITE: TLSv1.2 Change Cipher Spec, length = 25 *** Finished verify_data: { 203, 139, 175, 173, 43, 92, 213, 165, 68, 152, 12, 139 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, READ: TLSv1.2 Change Cipher Spec, length = 25 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 20, 14, 39, 35, 22, 248, 13, 195, 39, 162, 45, 175 } *** %% Cached client session: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, READ: TLSv1.2 Application Data, length = 676 >>> Response Code: 200 main, READ: TLSv1.2 Application Data, length = 6683 >>> Run 1 main, called close() main, called closeInternal(true) main, SEND TLSv1.2 ALERT: warning, description = close_notify main, WRITE: TLSv1.2 Alert, length = 26 main, called closeSocket(true) Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false main, setSoTimeout(0) called main, the previous server name in SNI (type=host_name (0), value=portal-test.ejpd.admin.ch) was replaced with (type=host_name (0), value=portal-test.ejpd.admin.ch) Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% Client cached [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] %% Try resuming [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] from port 45626 *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069554 bytes = { 110, 176, 82, 146, 142, 178, 228, 15, 57, 55, 155, 113, 92, 9, 197, 13, 97, 110, 17, 250, 182, 180, 229, 82, 84, 38, 41, 188 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] *** main, WRITE: TLSv1.2 Handshake, length = 275 main, READ: TLSv1.2 Handshake, length = 81 *** ServerHello, TLSv1.2 RandomCookie: GMT: 1381653209 bytes = { 195, 169, 198, 226, 243, 226, 96, 186, 33, 145, 154, 155, 91, 242, 10, 158, 78, 169, 204, 123, 119, 68, 206, 121, 179, 129, 4, 169 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension renegotiation_info, renegotiated_connection: *** CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 48 B2 6E B0 52 92 8E B2 E4 0F 39 37 9B 71 Z.H.n.R.....97.q 0010: 5C 09 C5 0D 61 6E 11 FA B6 B4 E5 52 54 26 29 BC \...an.....RT&). Server Nonce: 0000: 52 5A 5B D9 C3 A9 C6 E2 F3 E2 60 BA 21 91 9A 9B RZ[.......`.!... 0010: 5B F2 0A 9E 4E A9 CC 7B 77 44 CE 79 B3 81 04 A9 [...N...wD.y.... Master Secret: 0000: B7 A6 2E DE 28 DB 1D 09 0F BA 02 CF A6 62 D9 B2 ....(........b.. 0010: 78 74 56 0A 39 18 D2 AD 94 82 D4 44 BB F3 9C 45 xtV.9......D...E 0020: 97 05 EC 6B 75 21 A4 4F C0 AE 15 92 68 59 E2 1E ...ku!.O....hY.. ... no MAC keys used for this cipher Client write key: 0000: 7B 1B C0 DE D8 84 BF 82 39 EE 1B 67 BE 29 A5 E4 ........9..g.).. 0010: 07 3C 31 BE 7D 04 F9 E6 FE 28 E4 FA 84 40 E9 5D .<1......(...@.] Server write key: 0000: 44 5E 0F 34 09 AC BA E7 88 83 35 09 5E 96 5A 14 D^.4......5.^.Z. 0010: BA BC AC DB 70 B6 63 B4 95 36 6C D9 75 D1 6D 62 ....p.c..6l.u.mb Client write IV: 0000: 99 46 45 24 .FE$ Server write IV: 0000: BC 5D 36 8C .]6. %% Server resumed [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, READ: TLSv1.2 Change Cipher Spec, length = 1 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 52, 31, 105, 236, 187, 30, 7, 135, 218, 244, 106, 43 } *** main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished verify_data: { 214, 73, 33, 63, 149, 133, 52, 77, 139, 34, 107, 177 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, WRITE: TLSv1.2 Application Data, length = 209 main, READ: TLSv1.2 Application Data, length = 676 >>> Response Code: 200 main, READ: TLSv1.2 Application Data, length = 6683 >>> Run 2 main, called close() main, called closeInternal(true) main, SEND TLSv1.2 ALERT: warning, description = close_notify main, WRITE: TLSv1.2 Alert, length = 26 main, called closeSocket(true) Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false main, setSoTimeout(0) called main, the previous server name in SNI (type=host_name (0), value=portal-test.ejpd.admin.ch) was replaced with (type=host_name (0), value=portal-test.ejpd.admin.ch) Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% Client cached [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] %% Try resuming [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] from port 45628 *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069564 bytes = { 129, 0, 181, 127, 71, 135, 165, 207, 178, 16, 59, 244, 239, 129, 103, 56, 186, 240, 66, 155, 83, 164, 209, 9, 218, 232, 88, 24 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] *** main, WRITE: TLSv1.2 Handshake, length = 275 main, READ: TLSv1.2 Handshake, length = 81 *** ServerHello, TLSv1.2 RandomCookie: GMT: 1296749702 bytes = { 48, 155, 122, 123, 129, 205, 235, 119, 105, 9, 222, 249, 53, 192, 38, 43, 247, 155, 49, 132, 28, 142, 30, 119, 94, 179, 11, 42 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension renegotiation_info, renegotiated_connection: *** CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 48 BC 81 00 B5 7F 47 87 A5 CF B2 10 3B F4 Z.H.....G.....;. 0010: EF 81 67 38 BA F0 42 9B 53 A4 D1 09 DA E8 58 18 ..g8..B.S.....X. Server Nonce: 0000: 4D 4B D5 86 30 9B 7A 7B 81 CD EB 77 69 09 DE F9 MK..0.z....wi... 0010: 35 C0 26 2B F7 9B 31 84 1C 8E 1E 77 5E B3 0B 2A 5.&+..1....w^..* Master Secret: 0000: B7 A6 2E DE 28 DB 1D 09 0F BA 02 CF A6 62 D9 B2 ....(........b.. 0010: 78 74 56 0A 39 18 D2 AD 94 82 D4 44 BB F3 9C 45 xtV.9......D...E 0020: 97 05 EC 6B 75 21 A4 4F C0 AE 15 92 68 59 E2 1E ...ku!.O....hY.. ... no MAC keys used for this cipher Client write key: 0000: 60 75 8F 1B 6A A8 AC C0 B6 E1 7D 3F 57 04 21 2F `u..j......?W.!/ 0010: E8 AE CA 9D 96 E4 83 9C B5 73 96 B4 A9 3D 14 4F .........s...=.O Server write key: 0000: B5 24 B0 61 96 06 AC 08 0D 71 DB 72 E1 FB 05 00 .$.a.....q.r.... 0010: C8 88 5E CB 87 55 3E 13 C0 66 13 F3 DB 3E 88 FF ..^..U>..f...>.. Client write IV: 0000: 0E 01 F7 44 ...D Server write IV: 0000: 2A B9 D8 D5 *... %% Server resumed [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, READ: TLSv1.2 Change Cipher Spec, length = 1 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 32, 163, 166, 32, 217, 103, 58, 115, 175, 205, 240, 85 } *** main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished verify_data: { 200, 89, 55, 191, 38, 71, 176, 31, 144, 38, 33, 110 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, WRITE: TLSv1.2 Application Data, length = 209 main, READ: TLSv1.2 Application Data, length = 676 >>> Response Code: 200 main, READ: TLSv1.2 Application Data, length = 6683 Keep-Alive-Timer, called close() Keep-Alive-Timer, called closeInternal(true) Keep-Alive-Timer, SEND TLSv1.2 ALERT: warning, description = close_notify Keep-Alive-Timer, WRITE: TLSv1.2 Alert, length = 26 Keep-Alive-Timer, called closeSocket(true) >>> Run 3 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false main, setSoTimeout(0) called main, the previous server name in SNI (type=host_name (0), value=portal-test.ejpd.admin.ch) was replaced with (type=host_name (0), value=portal-test.ejpd.admin.ch) Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% Client cached [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] %% Try resuming [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] from port 45629 *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069574 bytes = { 143, 117, 215, 235, 91, 240, 207, 208, 44, 93, 200, 48, 50, 159, 148, 144, 41, 4, 247, 198, 163, 224, 90, 179, 48, 32, 228, 252 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] *** main, WRITE: TLSv1.2 Handshake, length = 275 main, READ: TLSv1.2 Handshake, length = 81 *** ServerHello, TLSv1.2 RandomCookie: GMT: -1178551921 bytes = { 227, 49, 147, 186, 115, 46, 20, 248, 189, 153, 66, 191, 46, 235, 0, 235, 163, 22, 63, 119, 180, 63, 82, 88, 217, 184, 93, 68 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension renegotiation_info, renegotiated_connection: *** CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 48 C6 8F 75 D7 EB 5B F0 CF D0 2C 5D C8 30 Z.H..u..[...,].0 0010: 32 9F 94 90 29 04 F7 C6 A3 E0 5A B3 30 20 E4 FC 2...).....Z.0 .. Server Nonce: 0000: BA C1 BA 8F E3 31 93 BA 73 2E 14 F8 BD 99 42 BF .....1..s.....B. 0010: 2E EB 00 EB A3 16 3F 77 B4 3F 52 58 D9 B8 5D 44 ......?w.?RX..]D Master Secret: 0000: B7 A6 2E DE 28 DB 1D 09 0F BA 02 CF A6 62 D9 B2 ....(........b.. 0010: 78 74 56 0A 39 18 D2 AD 94 82 D4 44 BB F3 9C 45 xtV.9......D...E 0020: 97 05 EC 6B 75 21 A4 4F C0 AE 15 92 68 59 E2 1E ...ku!.O....hY.. ... no MAC keys used for this cipher Client write key: 0000: A3 D8 26 E2 0A F4 3F F5 9C 68 57 87 8B D1 23 E7 ..&...?..hW...#. 0010: D1 32 11 A1 6A FA 1A 0B F3 C2 A9 D4 63 98 3D 77 .2..j.......c.=w Server write key: 0000: DB 7B 8F 64 1A 16 8D 6E 81 CA 53 3C A3 54 AB 92 ...d...n..S<.T.. 0010: 2F 56 30 17 D2 A3 D3 C9 CC 65 1B 03 D7 6F 54 3D /V0......e...oT= Client write IV: 0000: C8 F7 6F 3A ..o: Server write IV: 0000: 1C 65 83 22 .e." %% Server resumed [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, READ: TLSv1.2 Change Cipher Spec, length = 1 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 145, 98, 218, 91, 17, 122, 241, 228, 45, 133, 204, 103 } *** main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished verify_data: { 82, 255, 147, 144, 203, 180, 225, 200, 65, 167, 222, 36 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, WRITE: TLSv1.2 Application Data, length = 209 main, READ: TLSv1.2 Application Data, length = 676 >>> Response Code: 200 main, READ: TLSv1.2 Application Data, length = 6683 >>> Run 4 main, called close() main, called closeInternal(true) main, SEND TLSv1.2 ALERT: warning, description = close_notify main, WRITE: TLSv1.2 Alert, length = 26 main, called closeSocket(true) Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false main, setSoTimeout(0) called main, the previous server name in SNI (type=host_name (0), value=portal-test.ejpd.admin.ch) was replaced with (type=host_name (0), value=portal-test.ejpd.admin.ch) Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% Client cached [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] %% Try resuming [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] from port 45631 *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069584 bytes = { 6, 158, 22, 144, 64, 210, 52, 210, 96, 156, 205, 29, 21, 224, 106, 51, 3, 93, 150, 58, 18, 117, 211, 76, 103, 84, 252, 86 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] *** main, WRITE: TLSv1.2 Handshake, length = 275 main, READ: TLSv1.2 Handshake, length = 81 *** ServerHello, TLSv1.2 RandomCookie: GMT: 209624712 bytes = { 163, 237, 118, 100, 208, 118, 205, 17, 81, 182, 107, 125, 119, 107, 47, 161, 231, 83, 189, 110, 0, 211, 43, 120, 23, 215, 227, 25 } Session ID: {51, 151, 167, 213, 207, 236, 4, 68, 127, 216, 105, 161, 125, 193, 95, 85, 219, 70, 236, 95, 153, 99, 17, 158, 218, 230, 249, 17, 93, 99, 205, 58} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension renegotiation_info, renegotiated_connection: *** CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 48 D0 06 9E 16 90 40 D2 34 D2 60 9C CD 1D Z.H.....@.4.`... 0010: 15 E0 6A 33 03 5D 96 3A 12 75 D3 4C 67 54 FC 56 ..j3.].:.u.LgT.V Server Nonce: 0000: 0C 7F 9F 88 A3 ED 76 64 D0 76 CD 11 51 B6 6B 7D ......vd.v..Q.k. 0010: 77 6B 2F A1 E7 53 BD 6E 00 D3 2B 78 17 D7 E3 19 wk/..S.n..+x.... Master Secret: 0000: B7 A6 2E DE 28 DB 1D 09 0F BA 02 CF A6 62 D9 B2 ....(........b.. 0010: 78 74 56 0A 39 18 D2 AD 94 82 D4 44 BB F3 9C 45 xtV.9......D...E 0020: 97 05 EC 6B 75 21 A4 4F C0 AE 15 92 68 59 E2 1E ...ku!.O....hY.. ... no MAC keys used for this cipher Client write key: 0000: C3 AB 02 88 B1 7E 9E AB 19 85 6F 1E 3A 45 E6 B4 ..........o.:E.. 0010: A5 28 16 FC EE 15 FD 08 A0 82 66 E8 30 74 62 7F .(........f.0tb. Server write key: 0000: 5B 66 5B D1 72 67 DC 33 02 51 5C D6 D3 C3 01 9A [f[.rg.3.Q\..... 0010: C8 A8 F1 E5 DB 93 6D 26 3E 3A 26 FD EE B0 3C C8 ......m&>:&...<. Client write IV: 0000: A2 C9 72 D2 ..r. Server write IV: 0000: 7C D3 51 4D ..QM %% Server resumed [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, READ: TLSv1.2 Change Cipher Spec, length = 1 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 181, 34, 68, 99, 109, 14, 239, 138, 101, 220, 39, 37 } *** main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished verify_data: { 104, 115, 74, 200, 115, 246, 160, 105, 192, 171, 114, 36 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, WRITE: TLSv1.2 Application Data, length = 209 main, READ: TLSv1.2 Application Data, length = 676 >>> Response Code: 200 main, READ: TLSv1.2 Application Data, length = 6683 Disconnected from the target VM, address: '127.0.0.1:49576', transport: 'socket' Process finished with exit code 130 (interrupted by signal 2: SIGINT)