/data/app/jdk8/bin/java -agentlib:jdwp=transport=dt_socket,address=127.0.0.1:43799,suspend=y,server=n -Dfile.encoding=UTF-8 -classpath /data/app/jdk8/jre/lib/charsets.jar:/data/app/jdk8/jre/lib/deploy.jar:/data/app/jdk8/jre/lib/ext/cldrdata.jar:/data/app/jdk8/jre/lib/ext/dnsns.jar:/data/app/jdk8/jre/lib/ext/jaccess.jar:/data/app/jdk8/jre/lib/ext/jfxrt.jar:/data/app/jdk8/jre/lib/ext/localedata.jar:/data/app/jdk8/jre/lib/ext/nashorn.jar:/data/app/jdk8/jre/lib/ext/sunec.jar:/data/app/jdk8/jre/lib/ext/sunjce_provider.jar:/data/app/jdk8/jre/lib/ext/sunpkcs11.jar:/data/app/jdk8/jre/lib/ext/zipfs.jar:/data/app/jdk8/jre/lib/javaws.jar:/data/app/jdk8/jre/lib/jce.jar:/data/app/jdk8/jre/lib/jfr.jar:/data/app/jdk8/jre/lib/jfxswt.jar:/data/app/jdk8/jre/lib/jsse.jar:/data/app/jdk8/jre/lib/management-agent.jar:/data/app/jdk8/jre/lib/plugin.jar:/data/app/jdk8/jre/lib/resources.jar:/data/app/jdk8/jre/lib/rt.jar:/home/isc-hoa/git_checkout/sysp-2020/messaging-service/target/test-classes:/home/isc-hoa/git_checkout/sysp-2020/messaging-service/target/classes:/data/mavenrepo/ejpd-webservice-resources/sysp/sysp-messaging/sysp-messaging-v3-wslib/3.0.4/sysp-messaging-v3-wslib-3.0.4.jar:/data/mavenrepo/org/jvnet/jaxb2_commons/jaxb2-commons-lang/2.3/jaxb2-commons-lang-2.3.jar:/data/mavenrepo/isc-ejpd-library/ejpd-serverlib/6.025/ejpd-serverlib-6.025.jar:/data/mavenrepo/ejpd-webservice-resources/jfa/jfa-service-v2-wslib/2.100.0/jfa-service-v2-wslib-2.100.0.jar:/data/mavenrepo/org/apache/commons/commons-pool2/2.4.3/commons-pool2-2.4.3.jar:/home/isc-hoa/git_checkout/sysp-2020/security-lib/target/classes:/data/mavenrepo/org/slf4j/slf4j-api/1.7.25/slf4j-api-1.7.25.jar:/data/mavenrepo/org/apache/santuario/xmlsec/2.0.8/xmlsec-2.0.8.jar:/data/mavenrepo/org/codehaus/woodstox/woodstox-core-asl/4.4.1/woodstox-core-asl-4.4.1.jar:/data/mavenrepo/javax/xml/stream/stax-api/1.0-2/stax-api-1.0-2.jar:/data/mavenrepo/org/codehaus/woodstox/stax2-api/3.1.4/stax2-api-3.1.4.jar:/data/mavenrepo/commons-codec/commons-codec/1.10/commons-codec-1.10.jar:/home/isc-hoa/git_checkout/sysp-2020/service-lib/target/classes:/data/mavenrepo/ejpd-base-resources/ejpd-base-servicetest-resources-v1/1.0.4.0/ejpd-base-servicetest-resources-v1-1.0.4.0.jar:/data/mavenrepo/ejpd-base-resources/ejpd-base-webservice-commons-resources-v1/1.3.2/ejpd-base-webservice-commons-resources-v1-1.3.2.jar:/data/mavenrepo/ejpd-webservice-resources/jfa/jfa-portalservice-v1-wslib/1.0-SNAPSHOT/jfa-portalservice-v1-wslib-1.0-20180118.145547-16.jar:/data/mavenrepo/com/migesok/jaxb-java-time-adapters/1.1.3/jaxb-java-time-adapters-1.1.3.jar:/data/mavenrepo/org/jvnet/jaxb2_commons/jaxb2-basics-runtime/1.11.1/jaxb2-basics-runtime-1.11.1.jar:/data/mavenrepo/isc-ejpd-library/ejpd-lib-spring-boot/0.99.0-SNAPSHOT/ejpd-lib-spring-boot-0.99.0-20180306.112411-96.jar:/data/mavenrepo/isc-ejpd-library/ejpd-security-spring-boot-starter/0.99.0-SNAPSHOT/ejpd-security-spring-boot-starter-0.99.0-20180305.153306-55.jar:/data/mavenrepo/adnovum/jcan-commons/1.0.3.0/jcan-commons-1.0.3.0.jar:/data/mavenrepo/adnovum/jcan-sectoken/1.2.4.0/jcan-sectoken-1.2.4.0.jar:/data/mavenrepo/org/springframework/spring-context-support/4.3.13.RELEASE/spring-context-support-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-security/1.5.10.RELEASE/spring-boot-starter-security-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-actuator/1.5.10.RELEASE/spring-boot-starter-actuator-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-actuator/1.5.10.RELEASE/spring-boot-actuator-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/spring-webmvc/4.3.13.RELEASE/spring-webmvc-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-aop/4.3.13.RELEASE/spring-aop-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-beans/4.3.13.RELEASE/spring-beans-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-context/4.3.13.RELEASE/spring-context-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-expression/4.3.13.RELEASE/spring-expression-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-tx/4.3.13.RELEASE/spring-tx-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/security/spring-security-core/4.2.3.RELEASE/spring-security-core-4.2.3.RELEASE.jar:/data/mavenrepo/aopalliance/aopalliance/1.0/aopalliance-1.0.jar:/data/mavenrepo/org/springframework/data/spring-data-commons/1.13.9.RELEASE/spring-data-commons-1.13.9.RELEASE.jar:/data/mavenrepo/org/slf4j/jcl-over-slf4j/1.7.25/jcl-over-slf4j-1.7.25.jar:/data/mavenrepo/javax/inject/javax.inject/1/javax.inject-1.jar:/data/mavenrepo/org/springframework/retry/spring-retry/1.2.2.RELEASE/spring-retry-1.2.2.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-aop/1.5.10.RELEASE/spring-boot-starter-aop-1.5.10.RELEASE.jar:/data/mavenrepo/org/aspectj/aspectjweaver/1.8.13/aspectjweaver-1.8.13.jar:/data/mavenrepo/com/fasterxml/jackson/datatype/jackson-datatype-hibernate5/2.8.10/jackson-datatype-hibernate5-2.8.10.jar:/data/mavenrepo/com/fasterxml/jackson/core/jackson-core/2.8.10/jackson-core-2.8.10.jar:/data/mavenrepo/javax/transaction/jta/1.1/jta-1.1.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-graphite/3.1.5/metrics-graphite-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-core/3.1.5/metrics-core-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-jvm/3.1.5/metrics-jvm-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-servlet/3.1.5/metrics-servlet-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-servlets/3.1.5/metrics-servlets-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-healthchecks/3.1.5/metrics-healthchecks-3.1.5.jar:/data/mavenrepo/io/dropwizard/metrics/metrics-json/3.1.5/metrics-json-3.1.5.jar:/data/mavenrepo/com/ryantenney/metrics/metrics-spring/3.0.3/metrics-spring-3.0.3.jar:/data/mavenrepo/com/codahale/metrics/metrics-core/3.0.2/metrics-core-3.0.2.jar:/data/mavenrepo/com/codahale/metrics/metrics-healthchecks/3.0.2/metrics-healthchecks-3.0.2.jar:/data/mavenrepo/com/codahale/metrics/metrics-annotation/3.0.2/metrics-annotation-3.0.2.jar:/data/mavenrepo/fr/ippon/spark/metrics/metrics-spark-reporter/1.2/metrics-spark-reporter-1.2.jar:/data/mavenrepo/com/zaxxer/HikariCP/2.5.1/HikariCP-2.5.1.jar:/data/mavenrepo/org/apache/commons/commons-lang3/3.5/commons-lang3-3.5.jar:/data/mavenrepo/org/apache/httpcomponents/httpclient/4.5.5/httpclient-4.5.5.jar:/data/mavenrepo/org/apache/httpcomponents/httpcore/4.4.9/httpcore-4.4.9.jar:/data/mavenrepo/org/hibernate/hibernate-core/5.0.12.Final/hibernate-core-5.0.12.Final.jar:/data/mavenrepo/org/hibernate/javax/persistence/hibernate-jpa-2.1-api/1.0.0.Final/hibernate-jpa-2.1-api-1.0.0.Final.jar:/data/mavenrepo/org/javassist/javassist/3.21.0-GA/javassist-3.21.0-GA.jar:/data/mavenrepo/antlr/antlr/2.7.7/antlr-2.7.7.jar:/data/mavenrepo/org/apache/geronimo/specs/geronimo-jta_1.1_spec/1.1.1/geronimo-jta_1.1_spec-1.1.1.jar:/data/mavenrepo/org/jboss/jandex/2.0.0.Final/jandex-2.0.0.Final.jar:/data/mavenrepo/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar:/data/mavenrepo/org/hibernate/common/hibernate-commons-annotations/5.0.1.Final/hibernate-commons-annotations-5.0.1.Final.jar:/data/mavenrepo/org/hibernate/hibernate-validator/5.3.6.Final/hibernate-validator-5.3.6.Final.jar:/data/mavenrepo/javax/validation/validation-api/1.1.0.Final/validation-api-1.1.0.Final.jar:/data/mavenrepo/com/fasterxml/classmate/1.3.4/classmate-1.3.4.jar:/data/mavenrepo/org/apache/tomcat/embed/tomcat-embed-core/8.5.27/tomcat-embed-core-8.5.27.jar:/data/mavenrepo/org/apache/tomcat/tomcat-annotations-api/8.5.27/tomcat-annotations-api-8.5.27.jar:/data/mavenrepo/org/springframework/security/extensions/spring-security-saml2-core/1.0.3.RELEASE/spring-security-saml2-core-1.0.3.RELEASE.jar:/data/mavenrepo/org/opensaml/opensaml/2.6.6/opensaml-2.6.6.jar:/data/mavenrepo/org/opensaml/openws/1.5.6/openws-1.5.6.jar:/data/mavenrepo/org/opensaml/xmltooling/1.4.6/xmltooling-1.4.6.jar:/data/mavenrepo/ca/juliusdavies/not-yet-commons-ssl/0.3.9/not-yet-commons-ssl-0.3.9.jar:/data/mavenrepo/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar:/data/mavenrepo/org/apache/velocity/velocity/1.7/velocity-1.7.jar:/data/mavenrepo/org/owasp/esapi/esapi/2.0.1/esapi-2.0.1.jar:/data/mavenrepo/org/slf4j/jul-to-slf4j/1.7.25/jul-to-slf4j-1.7.25.jar:/data/mavenrepo/org/springframework/security/spring-security-config/4.2.3.RELEASE/spring-security-config-4.2.3.RELEASE.jar:/data/mavenrepo/org/springframework/security/spring-security-web/4.2.4.RELEASE/spring-security-web-4.2.4.RELEASE.jar:/data/mavenrepo/xml-apis/xml-apis/1.4.01/xml-apis-1.4.01.jar:/data/mavenrepo/com/google/guava/guava/18.0/guava-18.0.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter-config/1.3.4.RELEASE/spring-cloud-starter-config-1.3.4.RELEASE.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-config-client/1.3.4.RELEASE/spring-cloud-config-client-1.3.4.RELEASE.jar:/data/mavenrepo/com/fasterxml/jackson/core/jackson-annotations/2.8.0/jackson-annotations-2.8.0.jar:/data/mavenrepo/com/fasterxml/jackson/core/jackson-databind/2.8.11/jackson-databind-2.8.11.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter-eureka/1.3.6.RELEASE/spring-cloud-starter-eureka-1.3.6.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-web/1.5.10.RELEASE/spring-boot-starter-web-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-tomcat/1.5.10.RELEASE/spring-boot-starter-tomcat-1.5.10.RELEASE.jar:/data/mavenrepo/org/apache/tomcat/embed/tomcat-embed-el/8.5.27/tomcat-embed-el-8.5.27.jar:/data/mavenrepo/org/apache/tomcat/embed/tomcat-embed-websocket/8.5.27/tomcat-embed-websocket-8.5.27.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-netflix-core/1.3.6.RELEASE/spring-cloud-netflix-core-1.3.6.RELEASE.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-netflix-eureka-client/1.3.6.RELEASE/spring-cloud-netflix-eureka-client-1.3.6.RELEASE.jar:/data/mavenrepo/com/netflix/eureka/eureka-client/1.6.2/eureka-client-1.6.2.jar:/data/mavenrepo/org/codehaus/jettison/jettison/1.3.7/jettison-1.3.7.jar:/data/mavenrepo/stax/stax-api/1.0.1/stax-api-1.0.1.jar:/data/mavenrepo/com/netflix/netflix-commons/netflix-eventbus/0.3.0/netflix-eventbus-0.3.0.jar:/data/mavenrepo/com/netflix/netflix-commons/netflix-infix/0.3.0/netflix-infix-0.3.0.jar:/data/mavenrepo/commons-jxpath/commons-jxpath/1.3/commons-jxpath-1.3.jar:/data/mavenrepo/org/antlr/antlr-runtime/3.4/antlr-runtime-3.4.jar:/data/mavenrepo/org/antlr/stringtemplate/3.2.1/stringtemplate-3.2.1.jar:/data/mavenrepo/com/google/code/gson/gson/2.8.2/gson-2.8.2.jar:/data/mavenrepo/org/apache/commons/commons-math/2.2/commons-math-2.2.jar:/data/mavenrepo/com/netflix/archaius/archaius-core/0.7.4/archaius-core-0.7.4.jar:/data/mavenrepo/javax/ws/rs/jsr311-api/1.1.1/jsr311-api-1.1.1.jar:/data/mavenrepo/com/netflix/servo/servo-core/0.10.1/servo-core-0.10.1.jar:/data/mavenrepo/com/netflix/servo/servo-internal/0.10.1/servo-internal-0.10.1.jar:/data/mavenrepo/com/sun/jersey/jersey-core/1.19.1/jersey-core-1.19.1.jar:/data/mavenrepo/com/sun/jersey/jersey-client/1.19.1/jersey-client-1.19.1.jar:/data/mavenrepo/com/sun/jersey/contribs/jersey-apache-client4/1.19.1/jersey-apache-client4-1.19.1.jar:/data/mavenrepo/com/google/inject/guice/4.1.0/guice-4.1.0.jar:/data/mavenrepo/com/netflix/eureka/eureka-core/1.6.2/eureka-core-1.6.2.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter-archaius/1.3.6.RELEASE/spring-cloud-starter-archaius-1.3.6.RELEASE.jar:/data/mavenrepo/commons-configuration/commons-configuration/1.8/commons-configuration-1.8.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter-ribbon/1.3.6.RELEASE/spring-cloud-starter-ribbon-1.3.6.RELEASE.jar:/data/mavenrepo/com/netflix/ribbon/ribbon/2.2.2/ribbon-2.2.2.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-transport/2.2.2/ribbon-transport-2.2.2.jar:/data/mavenrepo/io/reactivex/rxnetty-contexts/0.4.9/rxnetty-contexts-0.4.9.jar:/data/mavenrepo/io/reactivex/rxnetty-servo/0.4.9/rxnetty-servo-0.4.9.jar:/data/mavenrepo/com/netflix/hystrix/hystrix-core/1.5.12/hystrix-core-1.5.12.jar:/data/mavenrepo/org/hdrhistogram/HdrHistogram/2.1.9/HdrHistogram-2.1.9.jar:/data/mavenrepo/io/reactivex/rxnetty/0.4.20/rxnetty-0.4.20.jar:/data/mavenrepo/io/netty/netty-codec-http/4.1.5.Final/netty-codec-http-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-codec/4.1.5.Final/netty-codec-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-handler/4.1.5.Final/netty-handler-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-buffer/4.1.5.Final/netty-buffer-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-transport/4.1.5.Final/netty-transport-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-resolver/4.1.5.Final/netty-resolver-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-transport-native-epoll/4.1.5.Final/netty-transport-native-epoll-4.1.5.Final.jar:/data/mavenrepo/io/netty/netty-common/4.1.5.Final/netty-common-4.1.5.Final.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-core/2.2.2/ribbon-core-2.2.2.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-httpclient/2.2.2/ribbon-httpclient-2.2.2.jar:/data/mavenrepo/com/netflix/netflix-commons/netflix-commons-util/0.1.1/netflix-commons-util-0.1.1.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-loadbalancer/2.2.2/ribbon-loadbalancer-2.2.2.jar:/data/mavenrepo/com/netflix/netflix-commons/netflix-statistics/0.1.1/netflix-statistics-0.1.1.jar:/data/mavenrepo/io/reactivex/rxjava/1.1.10/rxjava-1.1.10.jar:/data/mavenrepo/com/netflix/ribbon/ribbon-eureka/2.2.2/ribbon-eureka-2.2.2.jar:/data/mavenrepo/com/thoughtworks/xstream/xstream/1.4.9/xstream-1.4.9.jar:/data/mavenrepo/xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar:/data/mavenrepo/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar:/data/mavenrepo/de/codecentric/spring-boot-admin-starter-client/1.5.5/spring-boot-admin-starter-client-1.5.5.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter/1.5.10.RELEASE/spring-boot-starter-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-logging/1.5.10.RELEASE/spring-boot-starter-logging-1.5.10.RELEASE.jar:/data/mavenrepo/ch/qos/logback/logback-classic/1.1.11/logback-classic-1.1.11.jar:/data/mavenrepo/ch/qos/logback/logback-core/1.1.11/logback-core-1.1.11.jar:/data/mavenrepo/org/slf4j/log4j-over-slf4j/1.7.25/log4j-over-slf4j-1.7.25.jar:/data/mavenrepo/org/yaml/snakeyaml/1.17/snakeyaml-1.17.jar:/data/mavenrepo/org/springframework/spring-web/4.3.13.RELEASE/spring-web-4.3.13.RELEASE.jar:/data/mavenrepo/org/jolokia/jolokia-core/1.3.7/jolokia-core-1.3.7.jar:/data/mavenrepo/com/googlecode/json-simple/json-simple/1.1.1/json-simple-1.1.1.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-starter/1.2.5.RELEASE/spring-cloud-starter-1.2.5.RELEASE.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-context/1.2.5.RELEASE/spring-cloud-context-1.2.5.RELEASE.jar:/data/mavenrepo/org/springframework/security/spring-security-crypto/4.2.3.RELEASE/spring-security-crypto-4.2.3.RELEASE.jar:/data/mavenrepo/org/springframework/cloud/spring-cloud-commons/1.2.5.RELEASE/spring-cloud-commons-1.2.5.RELEASE.jar:/data/mavenrepo/org/springframework/security/spring-security-rsa/1.0.3.RELEASE/spring-security-rsa-1.0.3.RELEASE.jar:/data/mavenrepo/org/bouncycastle/bcpkix-jdk15on/1.55/bcpkix-jdk15on-1.55.jar:/data/mavenrepo/org/bouncycastle/bcprov-jdk15on/1.55/bcprov-jdk15on-1.55.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-data-jpa/1.5.10.RELEASE/spring-boot-starter-data-jpa-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-jdbc/1.5.10.RELEASE/spring-boot-starter-jdbc-1.5.10.RELEASE.jar:/data/mavenrepo/org/apache/tomcat/tomcat-jdbc/8.5.27/tomcat-jdbc-8.5.27.jar:/data/mavenrepo/org/apache/tomcat/tomcat-juli/8.5.27/tomcat-juli-8.5.27.jar:/data/mavenrepo/org/springframework/spring-jdbc/4.3.13.RELEASE/spring-jdbc-4.3.13.RELEASE.jar:/data/mavenrepo/org/hibernate/hibernate-entitymanager/5.0.12.Final/hibernate-entitymanager-5.0.12.Final.jar:/data/mavenrepo/javax/transaction/javax.transaction-api/1.2/javax.transaction-api-1.2.jar:/data/mavenrepo/org/springframework/data/spring-data-jpa/1.11.9.RELEASE/spring-data-jpa-1.11.9.RELEASE.jar:/data/mavenrepo/org/springframework/spring-orm/4.3.13.RELEASE/spring-orm-4.3.13.RELEASE.jar:/data/mavenrepo/org/springframework/spring-aspects/4.3.13.RELEASE/spring-aspects-4.3.13.RELEASE.jar:/data/mavenrepo/mysql/mysql-connector-java/5.1.45/mysql-connector-java-5.1.45.jar:/data/mavenrepo/org/flywaydb/flyway-core/3.2.1/flyway-core-3.2.1.jar:/data/mavenrepo/oracle/jdbc/ojdbc8/12.2.0.1.0/ojdbc8-12.2.0.1.0.jar:/data/mavenrepo/org/jadira/usertype/usertype.core/5.0.0.GA/usertype.core-5.0.0.GA.jar:/data/mavenrepo/org/jadira/usertype/usertype.spi/5.0.0.GA/usertype.spi-5.0.0.GA.jar:/data/mavenrepo/org/hibernate/hibernate-java8/5.0.12.Final/hibernate-java8-5.0.12.Final.jar:/data/mavenrepo/org/jboss/logging/jboss-logging/3.3.1.Final/jboss-logging-3.3.1.Final.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-frontend-jaxws/3.2.1/cxf-rt-frontend-jaxws-3.2.1.jar:/data/mavenrepo/xml-resolver/xml-resolver/1.2/xml-resolver-1.2.jar:/data/mavenrepo/org/ow2/asm/asm/5.2/asm-5.2.jar:/data/mavenrepo/org/apache/cxf/cxf-core/3.2.1/cxf-core-3.2.1.jar:/data/mavenrepo/com/fasterxml/woodstox/woodstox-core/5.0.3/woodstox-core-5.0.3.jar:/data/mavenrepo/org/apache/ws/xmlschema/xmlschema-core/2.2.2/xmlschema-core-2.2.2.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-bindings-soap/3.2.1/cxf-rt-bindings-soap-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-wsdl/3.2.1/cxf-rt-wsdl-3.2.1.jar:/data/mavenrepo/wsdl4j/wsdl4j/1.6.3/wsdl4j-1.6.3.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-databinding-jaxb/3.2.1/cxf-rt-databinding-jaxb-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-bindings-xml/3.2.1/cxf-rt-bindings-xml-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-frontend-simple/3.2.1/cxf-rt-frontend-simple-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-ws-addr/3.2.1/cxf-rt-ws-addr-3.2.1.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-ws-policy/3.2.1/cxf-rt-ws-policy-3.2.1.jar:/data/mavenrepo/org/apache/neethi/neethi/3.1.0/neethi-3.1.0.jar:/data/mavenrepo/org/apache/cxf/cxf-rt-transports-http/3.2.1/cxf-rt-transports-http-3.2.1.jar:/data/mavenrepo/commons-io/commons-io/2.5/commons-io-2.5.jar:/home/isc-hoa/git_checkout/sysp-2020/project-resources/sysp-biometrics-enrolment-types-v1/target/classes:/data/mavenrepo/commons-lang/commons-lang/2.6/commons-lang-2.6.jar:/data/mavenrepo/joda-time/joda-time/2.9.9/joda-time-2.9.9.jar:/data/mavenrepo/org/springframework/boot/spring-boot-devtools/1.5.10.RELEASE/spring-boot-devtools-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot/1.5.10.RELEASE/spring-boot-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-autoconfigure/1.5.10.RELEASE/spring-boot-autoconfigure-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-starter-test/1.5.10.RELEASE/spring-boot-starter-test-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-test/1.5.10.RELEASE/spring-boot-test-1.5.10.RELEASE.jar:/data/mavenrepo/org/springframework/boot/spring-boot-test-autoconfigure/1.5.10.RELEASE/spring-boot-test-autoconfigure-1.5.10.RELEASE.jar:/data/mavenrepo/com/jayway/jsonpath/json-path/2.2.0/json-path-2.2.0.jar:/data/mavenrepo/net/minidev/json-smart/2.2.1/json-smart-2.2.1.jar:/data/mavenrepo/net/minidev/accessors-smart/1.1/accessors-smart-1.1.jar:/data/mavenrepo/org/assertj/assertj-core/2.6.0/assertj-core-2.6.0.jar:/data/mavenrepo/org/mockito/mockito-core/2.12.0/mockito-core-2.12.0.jar:/data/mavenrepo/net/bytebuddy/byte-buddy/1.7.9/byte-buddy-1.7.9.jar:/data/mavenrepo/net/bytebuddy/byte-buddy-agent/1.7.9/byte-buddy-agent-1.7.9.jar:/data/mavenrepo/org/objenesis/objenesis/2.6/objenesis-2.6.jar:/data/mavenrepo/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar:/data/mavenrepo/org/hamcrest/hamcrest-library/1.3/hamcrest-library-1.3.jar:/data/mavenrepo/org/skyscreamer/jsonassert/1.4.0/jsonassert-1.4.0.jar:/data/mavenrepo/com/vaadin/external/google/android-json/0.0.20131108.vaadin1/android-json-0.0.20131108.vaadin1.jar:/data/mavenrepo/org/springframework/spring-core/4.3.14.RELEASE/spring-core-4.3.14.RELEASE.jar:/data/mavenrepo/org/springframework/spring-test/4.3.13.RELEASE/spring-test-4.3.13.RELEASE.jar:/data/mavenrepo/org/hsqldb/hsqldb/2.3.5/hsqldb-2.3.5.jar:/data/mavenrepo/org/dbunit/dbunit/2.4.9/dbunit-2.4.9.jar:/data/mavenrepo/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar:/data/mavenrepo/junit/junit/4.12/junit-4.12.jar:/home/isc-hoa/idea-IU-162.1121.32/lib/idea_rt.jar ch.ejpd.sysp.messaging.TLSTester Connected to the target VM, address: '127.0.0.1:43799', transport: 'socket' >>> Run 0 trustStore is: /data/app/jdk8/jre/lib/security/cacerts trustStore type is : jks trustStore provider is : init truststore adding as trusted cert: Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US Algorithm: RSA; Serial number: 0xc3517 Valid from Mon Jun 21 06:00:00 CEST 1999 until Mon Jun 22 06:00:00 CEST 2020 adding as trusted cert: Subject: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US Issuer: CN=Entrust Root Certification Authority - EC1, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US Algorithm: EC; Serial number: 0xa68b79290000000050d091f9 Valid from Tue Dec 18 16:25:36 CET 2012 until Fri Dec 18 16:55:36 CET 2037 adding as trusted cert: Subject: CN=SecureTrust CA, O=SecureTrust Corporation, C=US Issuer: CN=SecureTrust CA, O=SecureTrust Corporation, C=US Algorithm: RSA; Serial number: 0xcf08e5c0816a5ad427ff0eb271859d0 Valid from Tue Nov 07 20:31:18 CET 2006 until Mon Dec 31 20:40:55 CET 2029 adding as trusted cert: Subject: CN=Swiss Government Regular CA 01, OU=Certification Authorities, OU=Services, O=Admin, C=CH Issuer: CN=Swiss Government Root CA II, OU=Certification Authorities, OU=Services, O=The Federal Authorities of the Swiss Confederation, C=CH Algorithm: RSA; Serial number: 0x915a3c407822c0fb6f37b63d0b8d74e7 Valid from Wed Feb 16 10:00:00 CET 2011 until Sun Feb 16 09:59:59 CET 2025 adding as trusted cert: Subject: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP Issuer: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 30 06:20:49 CEST 2003 until Sat Sep 30 06:20:49 CEST 2023 adding as trusted cert: Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a Valid from Fri Nov 10 01:00:00 CET 2006 until Mon Nov 10 01:00:00 CET 2031 adding as trusted cert: Subject: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x445734245b81899b35f2ceb82b3b5ba726f07528 Valid from Thu Jan 12 19:59:32 CET 2012 until Sun Jan 12 19:59:32 CET 2042 adding as trusted cert: Subject: CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0x59b1b579e8e2132e23907bda777755c Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 adding as trusted cert: Subject: CN=Swiss Government SSL CA 01, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Issuer: CN=Swiss Government Root CA II, OU=Certification Authorities, OU=Services, O=The Federal Authorities of the Swiss Confederation, C=CH Algorithm: RSA; Serial number: 0x25b924cbbd7a6dc0eed745854d4660de Valid from Thu Jun 05 15:07:38 CEST 2014 until Tue Jun 05 15:07:38 CEST 2029 adding as trusted cert: Subject: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US Algorithm: RSA; Serial number: 0x18acb56afd69b6153a636cafdafac4a1 Valid from Mon Nov 27 01:00:00 CET 2006 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP Issuer: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP Algorithm: RSA; Serial number: 0x0 Valid from Fri May 29 07:00:39 CEST 2009 until Tue May 29 07:00:39 CEST 2029 adding as trusted cert: Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6 Valid from Mon May 18 02:00:00 CEST 1998 until Wed Aug 02 01:59:59 CEST 2028 adding as trusted cert: Subject: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW Issuer: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW Algorithm: RSA; Serial number: 0x15c8bd65475cafb897005ee406d2bc9d Valid from Mon Dec 20 03:31:27 CET 2004 until Wed Dec 20 03:31:27 CET 2034 adding as trusted cert: Subject: CN=AffirmTrust Commercial, O=AffirmTrust, C=US Issuer: CN=AffirmTrust Commercial, O=AffirmTrust, C=US Algorithm: RSA; Serial number: 0x7777062726a9b17c Valid from Fri Jan 29 15:06:06 CET 2010 until Tue Dec 31 15:06:06 CET 2030 adding as trusted cert: Subject: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL Issuer: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL Algorithm: RSA; Serial number: 0x444c0 Valid from Wed Oct 22 14:07:37 CEST 2008 until Mon Dec 31 13:07:37 CET 2029 adding as trusted cert: Subject: CN=XRamp Global Certification Authority, O=XRamp Security Services Inc, OU=www.xrampsecurity.com, C=US Issuer: CN=XRamp Global Certification Authority, O=XRamp Security Services Inc, OU=www.xrampsecurity.com, C=US Algorithm: RSA; Serial number: 0x50946cec18ead59c4dd597ef758fa0ad Valid from Mon Nov 01 18:14:04 CET 2004 until Mon Jan 01 06:37:19 CET 2035 adding as trusted cert: Subject: CN=Sonera Class2 CA, O=Sonera, C=FI Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI Algorithm: RSA; Serial number: 0x1d Valid from Fri Apr 06 09:29:40 CEST 2001 until Tue Apr 06 09:29:40 CEST 2021 adding as trusted cert: Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US Algorithm: RSA; Serial number: 0x1 Valid from Tue May 28 08:00:00 CEST 2002 until Thu Nov 19 21:43:00 CET 2037 adding as trusted cert: Subject: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US Algorithm: EC; Serial number: 0x3cb2f4480a00e2feeb243b5e603ec36b Valid from Mon Nov 05 01:00:00 CET 2007 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US Algorithm: RSA; Serial number: 0x35def4cf Valid from Sat Aug 22 18:41:51 CEST 1998 until Wed Aug 22 18:41:51 CEST 2018 adding as trusted cert: Subject: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Issuer: CN=COMODO ECC Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Algorithm: EC; Serial number: 0x1f47afaa62007050544c019e9b63992a Valid from Thu Mar 06 01:00:00 CET 2008 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=ISRG Root X1, O=Internet Security Research Group, C=US Issuer: CN=ISRG Root X1, O=Internet Security Research Group, C=US Algorithm: RSA; Serial number: 0x8210cfb0d240e3594463e0bb63828b00 Valid from Thu Jun 04 13:04:38 CEST 2015 until Mon Jun 04 13:04:38 CEST 2035 adding as trusted cert: Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577 Valid from Fri Nov 10 01:00:00 CET 2006 until Mon Nov 10 01:00:00 CET 2031 adding as trusted cert: Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH Algorithm: RSA; Serial number: 0x51fc89492b4968c09ec3216076b65663 Valid from Wed May 11 10:36:42 CEST 2016 until Sun May 11 10:36:42 CEST 2031 adding as trusted cert: Subject: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US Algorithm: RSA; Serial number: 0x1 Valid from Thu Mar 04 06:00:00 CET 2004 until Sun Mar 04 06:00:00 CET 2029 adding as trusted cert: Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3 Algorithm: RSA; Serial number: 0x4000000000121585308a2 Valid from Wed Mar 18 11:00:00 CET 2009 until Sun Mar 18 11:00:00 CET 2029 adding as trusted cert: Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE Algorithm: RSA; Serial number: 0x20000b9 Valid from Fri May 12 20:46:00 CEST 2000 until Tue May 13 01:59:00 CEST 2025 adding as trusted cert: Subject: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA Issuer: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA Algorithm: RSA; Serial number: 0x67c8e1e8e3be1cbdfc913b8ea6238749 Valid from Wed Jan 01 01:00:00 CET 1997 until Sat Jan 02 00:59:59 CET 2021 adding as trusted cert: Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB Algorithm: RSA; Serial number: 0x1 Valid from Thu Jan 01 01:00:00 CET 2004 until Mon Jan 01 00:59:59 CET 2029 adding as trusted cert: Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Jun 29 19:39:16 CEST 2004 until Thu Jun 29 19:39:16 CEST 2034 adding as trusted cert: Subject: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU Issuer: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 30 18:13:43 CEST 2003 until Wed Sep 30 18:13:44 CEST 2037 adding as trusted cert: Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd Valid from Fri Jul 09 20:10:42 CEST 1999 until Tue Jul 09 20:19:22 CEST 2019 adding as trusted cert: Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57 Valid from Fri Oct 01 02:00:00 CEST 1999 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE Algorithm: RSA; Serial number: 0x40000000001154b5ac394 Valid from Tue Sep 01 14:00:00 CEST 1998 until Fri Jan 28 13:00:00 CET 2028 adding as trusted cert: Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b Valid from Fri Jul 09 20:31:20 CEST 1999 until Tue Jul 09 20:40:36 CEST 2019 adding as trusted cert: Subject: CN=AffirmTrust Networking, O=AffirmTrust, C=US Issuer: CN=AffirmTrust Networking, O=AffirmTrust, C=US Algorithm: RSA; Serial number: 0x7c4f04391cd4992d Valid from Fri Jan 29 15:08:24 CET 2010 until Tue Dec 31 15:08:24 CET 2030 adding as trusted cert: Subject: CN=AffirmTrust Premium, O=AffirmTrust, C=US Issuer: CN=AffirmTrust Premium, O=AffirmTrust, C=US Algorithm: RSA; Serial number: 0x6d8c1446b1a60aee Valid from Fri Jan 29 15:10:36 CET 2010 until Mon Dec 31 15:10:36 CET 2040 adding as trusted cert: Subject: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH Algorithm: RSA; Serial number: 0xfb1f0b422ba8413e57d1ee2a6e5a4fbb Valid from Fri Apr 15 09:00:00 CEST 2016 until Mon Apr 15 08:59:59 CEST 2041 adding as trusted cert: Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE Algorithm: RSA; Serial number: 0x20000bf Valid from Wed May 17 16:01:00 CEST 2000 until Sun May 18 01:59:00 CEST 2025 adding as trusted cert: Subject: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US Issuer: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US Algorithm: RSA; Serial number: 0x1 Valid from Tue May 28 08:00:00 CEST 2002 until Tue Sep 29 16:08:00 CEST 2037 adding as trusted cert: Subject: CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU Issuer: CN=LuxTrust Global Root, O=LuxTrust s.a., C=LU Algorithm: RSA; Serial number: 0xbb8 Valid from Thu Mar 17 10:51:37 CET 2011 until Wed Mar 17 10:51:37 CET 2021 adding as trusted cert: Subject: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US Algorithm: RSA; Serial number: 0x15ac6e9419b2794b41f627a9c3180f1f Valid from Wed Apr 02 02:00:00 CEST 2008 until Wed Dec 02 00:59:59 CET 2037 adding as trusted cert: Subject: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU Issuer: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU Algorithm: RSA; Serial number: 0xa3da427ea4b1aeda Valid from Fri Aug 01 14:29:50 CEST 2008 until Sat Jul 31 14:29:50 CEST 2038 adding as trusted cert: Subject: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH Issuer: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH Algorithm: RSA; Serial number: 0x4f1bd42f54bb2f4b Valid from Wed Oct 25 10:32:46 CEST 2006 until Sat Oct 25 10:32:46 CEST 2036 adding as trusted cert: Subject: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US Issuer: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US Algorithm: RSA; Serial number: 0x4a538c28 Valid from Tue Jul 07 19:25:54 CEST 2009 until Sat Dec 07 18:55:54 CET 2030 adding as trusted cert: Subject: CN=eap0012_CA, OU=EJPD, O=Admin, C=CH Issuer: CN=eap0012_CA, OU=EJPD, O=Admin, C=CH Algorithm: RSA; Serial number: 0xd1f5afe6d47d5f89 Valid from Fri May 13 11:24:45 CEST 2016 until Thu May 08 11:24:45 CEST 2036 adding as trusted cert: Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039 Valid from Fri Nov 10 01:00:00 CET 2006 until Mon Nov 10 01:00:00 CET 2031 adding as trusted cert: Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Jun 29 19:06:20 CEST 2004 until Thu Jun 29 19:06:20 CEST 2034 adding as trusted cert: Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE Algorithm: RSA; Serial number: 0x1 Valid from Tue May 30 12:48:38 CEST 2000 until Sat May 30 12:48:38 CEST 2020 adding as trusted cert: Subject: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE Issuer: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE Algorithm: RSA; Serial number: 0x1 Valid from Wed Oct 01 12:29:56 CEST 2008 until Sun Oct 02 01:59:59 CEST 2033 adding as trusted cert: Subject: CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: EC; Serial number: 0x55556bcf25ea43535c3a40fd5ab4572 Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 adding as trusted cert: Subject: CN=Admin-CC-Root01, O=admin, C=ch Issuer: CN=Admin-CC-Root01, O=admin, C=ch Algorithm: RSA; Serial number: 0x6ffcffac88cb9b34454e628858b0fc2 Valid from Thu Nov 29 11:26:03 CET 2012 until Sat Nov 29 11:36:01 CET 2042 adding as trusted cert: Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989 Valid from Fri Jul 09 19:28:50 CEST 1999 until Tue Jul 09 19:36:58 CEST 2019 adding as trusted cert: Subject: CN=Class 2 Primary CA, O=Certplus, C=FR Issuer: CN=Class 2 Primary CA, O=Certplus, C=FR Algorithm: RSA; Serial number: 0x85bd4bf3d8dae369f694d75fc3a54423 Valid from Wed Jul 07 19:05:00 CEST 1999 until Sun Jul 07 01:59:59 CEST 2019 adding as trusted cert: Subject: CN=Swiss Government Root CA II, OU=Certification Authorities, OU=Services, O=The Federal Authorities of the Swiss Confederation, C=CH Issuer: CN=Swiss Government Root CA II, OU=Certification Authorities, OU=Services, O=The Federal Authorities of the Swiss Confederation, C=CH Algorithm: RSA; Serial number: 0xe9f1799a5b13d9ccbec06eba3f00e69 Valid from Wed Feb 16 10:00:00 CET 2011 until Fri Feb 16 09:59:59 CET 2035 adding as trusted cert: Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US Algorithm: RSA; Serial number: 0x23456 Valid from Tue May 21 06:00:00 CEST 2002 until Sat May 21 06:00:00 CEST 2022 adding as trusted cert: Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH Algorithm: RSA; Serial number: 0x4eb200670c035d4f Valid from Wed Oct 25 10:36:00 CEST 2006 until Sat Oct 25 10:36:00 CEST 2036 adding as trusted cert: Subject: CN=Admin-CCE-Intra01, DC=intra, DC=admin, DC=ch Issuer: CN=Admin-CC-Root01, O=admin, C=ch Algorithm: RSA; Serial number: 0x6132de9c000000000002 Valid from Thu Nov 29 14:57:23 CET 2012 until Mon Nov 29 15:07:23 CET 2027 adding as trusted cert: Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5 Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R5 Algorithm: EC; Serial number: 0x605949e0262ebb55f90a778a71f94ad86c Valid from Tue Nov 13 01:00:00 CET 2012 until Tue Jan 19 04:14:07 CET 2038 adding as trusted cert: Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a Valid from Fri Oct 01 02:00:00 CEST 1999 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Issuer: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 01 02:00:00 CEST 2009 until Fri Jan 01 00:59:59 CET 2038 adding as trusted cert: Subject: CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US Issuer: CN=IdenTrust Public Sector Root CA 1, O=IdenTrust, C=US Algorithm: RSA; Serial number: 0xa0142800000014523cf467c00000002 Valid from Thu Jan 16 18:53:32 CET 2014 until Mon Jan 16 18:53:32 CET 2034 adding as trusted cert: Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net Algorithm: RSA; Serial number: 0x3863def8 Valid from Fri Dec 24 18:50:51 CET 1999 until Tue Jul 24 16:15:12 CEST 2029 adding as trusted cert: Subject: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US Issuer: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US Algorithm: RSA; Serial number: 0x344ed55720d5edec49f42fce37db2b6d Valid from Fri Nov 17 01:00:00 CET 2006 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 01 02:00:00 CEST 2009 until Fri Jan 01 00:59:59 CET 2038 adding as trusted cert: Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4 Valid from Fri Oct 01 02:00:00 CEST 1999 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: EC; Serial number: 0x2f80fe238c0e220f486712289187acb3 Valid from Mon Nov 05 01:00:00 CET 2007 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US Issuer: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US Algorithm: RSA; Serial number: 0x456b5054 Valid from Mon Nov 27 21:23:42 CET 2006 until Fri Nov 27 21:53:42 CET 2026 adding as trusted cert: Subject: CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Assured ID Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0xb931c3ad63967ea6723bfc3af9af44b Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 adding as trusted cert: Subject: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL Issuer: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL Algorithm: RSA; Serial number: 0x10020 Valid from Tue Jun 11 12:46:39 CEST 2002 until Fri Jun 11 12:46:39 CEST 2027 adding as trusted cert: Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE Algorithm: RSA; Serial number: 0x1 Valid from Tue May 30 12:44:50 CEST 2000 until Sat May 30 12:44:50 CEST 2020 adding as trusted cert: Subject: CN=DST Root CA X3, O=Digital Signature Trust Co. Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co. Algorithm: RSA; Serial number: 0x44afb080d6a327ba893039862ef8406b Valid from Sat Sep 30 23:12:19 CEST 2000 until Thu Sep 30 16:01:15 CEST 2021 adding as trusted cert: Subject: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO Issuer: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO Algorithm: RSA; Serial number: 0x2 Valid from Tue Oct 26 10:38:03 CEST 2010 until Fri Oct 26 10:38:03 CEST 2040 adding as trusted cert: Subject: CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE Issuer: CN=D-TRUST Root Class 3 CA 2 EV 2009, O=D-Trust GmbH, C=DE Algorithm: RSA; Serial number: 0x983f4 Valid from Thu Nov 05 09:50:46 CET 2009 until Mon Nov 05 09:50:46 CET 2029 adding as trusted cert: Subject: CN=DigiCert Assured ID Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Assured ID Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: EC; Serial number: 0xba15afa1ddfa0b54944afcd24a06cec Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 adding as trusted cert: Subject: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH Issuer: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH Algorithm: RSA; Serial number: 0xbb401c43f55e4fb0 Valid from Wed Oct 25 10:30:35 CEST 2006 until Sat Oct 25 10:30:35 CEST 2036 adding as trusted cert: Subject: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Issuer: CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Algorithm: EC; Serial number: 0x5c8b99c55a94c5d27156decd8980cc26 Valid from Mon Feb 01 01:00:00 CET 2010 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US Issuer: CN=IdenTrust Commercial Root CA 1, O=IdenTrust, C=US Algorithm: RSA; Serial number: 0xa0142800000014523c844b500000002 Valid from Thu Jan 16 19:12:23 CET 2014 until Mon Jan 16 19:12:23 CET 2034 adding as trusted cert: Subject: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x509 Valid from Fri Nov 24 19:27:00 CET 2006 until Mon Nov 24 19:23:33 CET 2031 adding as trusted cert: Subject: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE Issuer: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE Algorithm: RSA; Serial number: 0x26 Valid from Fri Jul 09 14:11:00 CEST 1999 until Wed Jul 10 01:59:00 CEST 2019 adding as trusted cert: Subject: CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE Issuer: CN=D-TRUST Root Class 3 CA 2 2009, O=D-Trust GmbH, C=DE Algorithm: RSA; Serial number: 0x983f3 Valid from Thu Nov 05 09:35:58 CET 2009 until Mon Nov 05 09:35:58 CET 2029 adding as trusted cert: Subject: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x78585f2ead2c194be3370735341328b596d46593 Valid from Thu Jan 12 18:27:44 CET 2012 until Sun Jan 12 18:27:44 CET 2042 adding as trusted cert: Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x3f691e819cf09a4af373ffb948a2e4dd Valid from Mon Jan 29 01:00:00 CET 1996 until Thu Aug 03 01:59:59 CEST 2028 adding as trusted cert: Subject: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Issuer: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US Algorithm: RSA; Serial number: 0x1fd6d30fca3ca51a81bbc640e35032d Valid from Mon Feb 01 01:00:00 CET 2010 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf Valid from Mon May 18 02:00:00 CEST 1998 until Wed Aug 02 01:59:59 CEST 2028 adding as trusted cert: Subject: C=CH, O=Admin, OU=EJPD, CN=EJPDIDMCA Issuer: C=CH, O=Admin, OU=EJPD, CN=EJPDIDMCA Algorithm: RSA; Serial number: 0x4519c5ebc4ce5470 Valid from Wed Aug 07 17:55:49 CEST 2013 until Thu Dec 31 16:55:49 CET 2037 adding as trusted cert: Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2 Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2 Algorithm: RSA; Serial number: 0x400000000010f8626e60d Valid from Fri Dec 15 09:00:00 CET 2006 until Wed Dec 15 09:00:00 CET 2021 adding as trusted cert: Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x18dad19e267de8bb4a2158cdcc6b3b4a Valid from Wed Nov 08 01:00:00 CET 2006 until Thu Jul 17 01:59:59 CEST 2036 adding as trusted cert: Subject: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x5c6 Valid from Fri Nov 24 20:11:23 CET 2006 until Mon Nov 24 20:06:44 CET 2031 adding as trusted cert: Subject: CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Issuer: CN=Starfield Services Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US Algorithm: RSA; Serial number: 0x0 Valid from Tue Sep 01 02:00:00 CEST 2009 until Fri Jan 01 00:59:59 CET 2038 adding as trusted cert: Subject: CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch Issuer: CN=Swisscom Root CA 2, OU=Digital Certificate Services, O=Swisscom, C=ch Algorithm: RSA; Serial number: 0x1e9e28e848f2e5efc37c4a1e5a1867b6 Valid from Fri Jun 24 10:38:14 CEST 2011 until Wed Jun 25 09:38:14 CEST 2031 adding as trusted cert: Subject: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x2ef59b0228a7db7affd5a3a9eebd03a0cf126a1d Valid from Thu Jan 12 21:26:32 CET 2012 until Sun Jan 12 21:26:32 CET 2042 adding as trusted cert: Subject: CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan, C=IT Issuer: CN=Actalis Authentication Root CA, O=Actalis S.p.A./03358520967, L=Milan, C=IT Algorithm: RSA; Serial number: 0x570a119742c4e3cc Valid from Thu Sep 22 13:22:02 CEST 2011 until Sun Sep 22 13:22:02 CEST 2030 adding as trusted cert: Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be Valid from Mon Jan 29 01:00:00 CET 1996 until Thu Aug 03 01:59:59 CEST 2028 adding as trusted cert: Subject: CN=Swiss Government Public Trust EV CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH Algorithm: RSA; Serial number: 0x638b4bd14277a667fc4a80afe96a95ba Valid from Wed May 11 13:33:59 CEST 2016 until Sun May 11 13:33:59 CEST 2031 adding as trusted cert: Subject: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM Issuer: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM Algorithm: RSA; Serial number: 0x3ab6508b Valid from Mon Mar 19 19:33:33 CET 2001 until Wed Mar 17 19:33:33 CET 2021 adding as trusted cert: Subject: CN=Class 3P Primary CA, O=Certplus, C=FR Issuer: CN=Class 3P Primary CA, O=Certplus, C=FR Algorithm: RSA; Serial number: 0xbf5cdbb6f21c6ec04deb7a023b36e879 Valid from Wed Jul 07 19:10:00 CEST 1999 until Sun Jul 07 01:59:59 CEST 2019 adding as trusted cert: Subject: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO Issuer: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO Algorithm: RSA; Serial number: 0x2 Valid from Tue Oct 26 10:28:58 CEST 2010 until Fri Oct 26 10:28:58 CEST 2040 adding as trusted cert: Subject: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP Issuer: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP Algorithm: RSA; Serial number: 0x0 Valid from Wed Jun 06 04:12:32 CEST 2007 until Sat Jun 06 04:12:32 CEST 2037 adding as trusted cert: Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US Algorithm: RSA; Serial number: 0x59e3 Valid from Mon Jun 21 06:00:00 CEST 1999 until Mon Jun 22 06:00:00 CEST 2020 adding as trusted cert: Subject: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US Issuer: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US Algorithm: EC; Serial number: 0x35fc265cd9844fc93d263d579baed756 Valid from Mon Nov 05 01:00:00 CET 2007 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Issuer: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x401ac46421b31321030ebbe4121ac51d Valid from Wed Apr 02 02:00:00 CEST 2008 until Wed Dec 02 00:59:59 CET 2037 adding as trusted cert: Subject: C=CH, O=Admin, OU=EJPD, CN=EJPDIDMCA2 Issuer: C=CH, O=Admin, OU=EJPD, CN=EJPDIDMCA2 Algorithm: RSA; Serial number: 0x11c8972e8409b941 Valid from Thu Dec 17 16:22:18 CET 2015 until Tue Dec 01 16:22:18 CET 2037 adding as trusted cert: Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE Algorithm: RSA; Serial number: 0x1 Valid from Tue May 30 12:38:31 CEST 2000 until Sat May 30 12:38:31 CEST 2020 adding as trusted cert: Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4 Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign ECC Root CA - R4 Algorithm: EC; Serial number: 0x2a38a41c960a04de42b228a50be8349802 Valid from Tue Nov 13 01:00:00 CET 2012 until Tue Jan 19 04:14:07 CET 2038 adding as trusted cert: Subject: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU Issuer: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU Algorithm: RSA; Serial number: 0xc9cdd3e9d57d23ce Valid from Fri Aug 01 14:31:40 CEST 2008 until Sat Jul 31 14:31:40 CEST 2038 adding as trusted cert: Subject: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US Issuer: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US Algorithm: RSA; Serial number: 0x600197b746a7eab4b49ad64b2ff790fb Valid from Wed Apr 02 02:00:00 CEST 2008 until Wed Dec 02 00:59:59 CET 2037 adding as trusted cert: Subject: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Issuer: CN=COMODO RSA Certification Authority, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB Algorithm: RSA; Serial number: 0x4caaf9cadb636fe01ff74ed85b03869d Valid from Tue Jan 19 01:00:00 CET 2010 until Tue Jan 19 00:59:59 CET 2038 adding as trusted cert: Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US Algorithm: RSA; Serial number: 0x1a5 Valid from Thu Aug 13 02:29:00 CEST 1998 until Tue Aug 14 01:59:00 CEST 2018 adding as trusted cert: Subject: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA Issuer: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA Algorithm: RSA; Serial number: 0x36122296c5e338a520a1d25f4cd70954 Valid from Thu Aug 01 02:00:00 CEST 1996 until Sat Jan 02 00:59:59 CET 2021 adding as trusted cert: Subject: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US Issuer: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US Algorithm: EC; Serial number: 0x7497258ac73f7a54 Valid from Fri Jan 29 15:20:24 CET 2010 until Mon Dec 31 15:20:24 CET 2040 adding as trusted cert: Subject: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE Issuer: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE Algorithm: RSA; Serial number: 0x1 Valid from Wed Oct 01 12:40:14 CEST 2008 until Sun Oct 02 01:59:59 CEST 2033 adding as trusted cert: Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192 Valid from Mon May 18 02:00:00 CEST 1998 until Wed Aug 02 01:59:59 CEST 2028 adding as trusted cert: Subject: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR Issuer: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR Algorithm: RSA; Serial number: 0x1121bc276c5547af584eefd4ced629b2a285 Valid from Tue May 26 02:00:00 CEST 2009 until Tue May 26 02:00:00 CEST 2020 adding as trusted cert: Subject: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US Algorithm: RSA; Serial number: 0x33af1e6a711a9a0bb2864b11d09fae5 Valid from Thu Aug 01 14:00:00 CEST 2013 until Fri Jan 15 13:00:00 CET 2038 keyStore is : /data/app/sysp/localconfig/clientAuthKeystore.jks keyStore type is : jks keyStore provider is : init keystore init keymanager of type SunX509 *** found key for : tuser-sysp-scu0000a chain [0] = [ [ Version: V3 Subject: CN=TUSER-SYSP-SCU0000A, OU=Systemplattform eDokumente, O=Admin, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 25027028182467694683913544237864432927282293074107818818807877030342847025279370734421683740554850424603261221390884946917720650812037177195092324408255542817305102504561912559357382998882681995977594048854862774935856446333282718263266097364335331528566453171905299121492184294388240012767009265273349666578909993284706766338539099718470792098345416589669101833977550740610552957432532910777688674819680872156485206333249722165631496690963418223753492714815880450556778994104167461657295422152540978158216242899021588749185064992353328162973038301095198406145123154145338064733148394967347800016877457018421517446681 public exponent: 65537 Validity: [From: Fri Jan 20 10:59:40 CET 2017, To: Mon Jan 20 10:59:40 CET 2020] Issuer: CN=Swiss Government Regular CA 01, OU=Certification Authorities, OU=Services, O=Admin, C=CH SerialNumber: [ 4ea774a2 4ec4163f 3d3681d4 83eca550] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RegularCA01.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 4D 77 B5 E4 EF 6D 9C C3 9B A0 3A 87 E1 A6 EE 08 Mw...m....:..... 0010: A7 39 E7 8B .9.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RegularCA01.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Regular%20CA%2001,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.22.23] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 32 31 5F 31 2E 70 64 66 3_21_1.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 B0 1A 81 AD 54 68 65 20 70 75 72 70 6F 73 0.....The purpos 0010: 65 20 6F 66 20 74 68 69 73 20 63 65 72 74 69 66 e of this certif 0020: 69 63 61 74 65 20 69 73 20 73 6F 6C 65 6C 79 20 icate is solely 0030: 69 6E 74 65 6E 64 65 64 20 66 6F 72 20 73 79 73 intended for sys 0040: 74 65 6D 20 70 6C 61 74 66 6F 72 6D 20 65 44 6F tem platform eDo 0050: 6B 75 6D 65 6E 74 65 20 61 70 70 6C 69 63 61 74 kumente applicat 0060: 69 6F 6E 20 75 73 61 67 65 73 2E 20 54 68 65 20 ion usages. The 0070: 73 75 62 6A 65 63 74 20 69 73 20 61 20 74 65 63 subject is a tec 0080: 68 6E 69 63 61 6C 20 75 73 65 72 20 72 65 66 65 hnical user refe 0090: 72 65 6E 63 65 64 20 69 6E 20 74 68 65 20 64 61 renced in the da 00A0: 74 61 62 61 73 65 20 6F 66 20 49 53 43 2D 45 4A tabase of ISC-EJ 00B0: 50 44 2E PD. ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ emailProtection clientAuth 1.3.6.1.4.1.311.20.2.2 1.3.6.1.4.1.311.10.3.4 ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ RFC822Name: juerg.blaser@isc-ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: E1 88 99 91 11 01 56 40 8D F1 E6 AE 0D F5 96 6E ......V@.......n 0010: A7 87 4F 18 ..O. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 5E 6D 26 5C 80 B1 22 63 63 09 F2 1A 73 72 24 E9 ^m&\.."cc...sr$. 0010: 1A 0D 78 A9 6E 93 D0 32 32 75 70 00 51 58 60 0D ..x.n..22up.QX`. 0020: 62 3D AE F8 89 30 C6 4C 37 C1 E9 56 A9 B6 9C 97 b=...0.L7..V.... 0030: F4 46 2E 82 7E C2 F4 8E E4 08 0E B9 E3 89 62 40 .F............b@ 0040: EC D1 B3 B3 FB 14 0C 48 AD B3 02 B2 4D A4 D5 3A .......H....M..: 0050: 21 63 0B C9 E1 E1 E8 87 A0 49 22 2E 4D D1 89 CA !c.......I".M... 0060: 97 CA DD A2 94 DC D0 F8 EA 3C 11 84 E1 58 C2 4A .........<...X.J 0070: A0 6E 16 2E 0D 0E 32 CC 91 72 39 B1 79 E0 B4 3B .n....2..r9.y..; 0080: 6B 68 B5 18 D0 CE B1 CA 1A 45 43 D2 C0 90 BA 94 kh.......EC..... 0090: 85 24 36 0C D9 1A 60 05 E2 78 ED 53 BF 8B 42 FD .$6...`..x.S..B. 00A0: 0B 9F 88 3C 5F 5B 04 17 68 D9 70 04 DE 29 3A 8D ...<_[..h.p..):. 00B0: 4B E6 D5 4F 5C 16 C2 ED EC C3 EF 3E E4 D2 94 7B K..O\......>.... 00C0: 18 50 78 60 DF 67 6C 7C 18 76 8C 8C 9B E7 A7 5C .Px`.gl..v.....\ 00D0: AC 4D 31 A8 17 C6 48 CE 46 9A D0 23 F7 B6 3F 74 .M1...H.F..#..?t 00E0: 76 CC FE 86 32 E2 0C B6 DF 91 72 19 B6 C3 1E 90 v...2.....r..... 00F0: 44 33 74 62 83 86 82 9F 51 72 84 31 43 7D 5D 9F D3tb....Qr.1C.]. 0100: C4 9F 22 71 79 FE D9 B9 31 C7 EB F8 74 BB 98 64 .."qy...1...t..d 0110: 80 34 03 A4 D1 06 1F 3D 94 3B 62 BC 94 01 E0 57 .4.....=.;b....W 0120: 4C 69 EB 3E 2A 43 18 AF A5 82 8B 6C 07 59 21 41 Li.>*C.....l.Y!A 0130: F1 7D 1C 16 51 31 DC 39 EA 4C 0A 08 BA A3 BD A8 ....Q1.9.L...... 0140: 16 61 E4 10 D2 5C 58 D8 C1 1E 71 E6 22 F8 8F 84 .a...\X...q."... 0150: BB 2E E4 86 E8 5A C4 CA 43 66 7D F4 9E DF CB 74 .....Z..Cf.....t 0160: AD 6A 36 00 D8 58 D4 4F 00 20 AD 50 33 69 68 80 .j6..X.O. .P3ih. 0170: E3 9D 74 8A 67 0D EA 2C FA 86 52 85 B1 EC 72 39 ..t.g..,..R...r9 0180: C8 7B A9 03 FC BF DF 00 FD 57 E5 61 E3 75 49 83 .........W.a.uI. 0190: B7 29 A0 5D 15 72 C5 EA 0D EE EF 43 D5 A6 68 E9 .).].r.....C..h. 01A0: EC 37 22 DF A6 F4 75 5F 64 E7 F4 87 04 0C 79 FB .7"...u_d.....y. 01B0: FB F5 D7 89 36 DB 77 C8 F7 04 CE 2C 16 3D 89 E0 ....6.w....,.=.. 01C0: 71 57 7C 04 47 84 36 26 5C F6 60 20 BB 9B 95 9C qW..G.6&\.` .... 01D0: F0 AE AE 9F 65 BE F7 A8 00 52 2A 16 9E 78 D5 67 ....e....R*..x.g 01E0: 75 4B BB CF 1A DD 30 CC 78 2B BE E0 0B C5 12 8B uK....0.x+...... 01F0: F1 8C 12 AE A7 C0 FF 26 0E 49 33 2C 42 79 32 37 .......&.I3,By27 ] *** trigger seeding of SecureRandom done seeding SecureRandom Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false main, setSoTimeout(0) called main, the previous server name in SNI (type=host_name (0), value=portal-test.ejpd.admin.ch) was replaced with (type=host_name (0), value=portal-test.ejpd.admin.ch) Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% No cached client session *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069421 bytes = { 111, 211, 114, 34, 54, 6, 105, 54, 250, 4, 75, 239, 58, 204, 134, 129, 73, 27, 101, 127, 63, 96, 37, 221, 211, 92, 125, 127 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension extended_master_secret Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] *** main, WRITE: TLSv1.2 Handshake, length = 247 main, READ: TLSv1.2 Handshake, length = 93 *** ServerHello, TLSv1.2 RandomCookie: GMT: 1223611035 bytes = { 145, 112, 104, 54, 155, 19, 30, 239, 47, 171, 202, 74, 52, 171, 157, 135, 248, 70, 231, 128, 111, 41, 132, 23, 96, 100, 100, 133 } Session ID: {112, 195, 252, 162, 3, 198, 113, 199, 212, 130, 244, 129, 57, 61, 142, 115, 84, 101, 221, 49, 84, 78, 224, 8, 98, 19, 60, 30, 105, 199, 140, 161} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension server_name, server_name: Extension renegotiation_info, renegotiated_connection: Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] *** %% Initialized: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 main, READ: TLSv1.2 Handshake, length = 2020 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=portal-test.ejpd.admin.ch, OU=Servers, O=Bundesamt fuer Informatik und Telekommunikation, L=Bern, ST=BE, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24109167904437433945253508844342763413441845728208183254647005819933868198780296728577640607958357822408250558015383202085282842403482866361947874340498940788692215286838967482023754570995759820949362508793327877831065057670470861041451731272193094175058185897869086760581452374585244852633837402338192501727415524341078979419280212850657629638907508258572452503360478646158645100860112882483193416936550820627048860062106314761897031068761917793776773387785924043891026693008945863920194239795211639452716392625588820439122532450621258878585060338342149673355731074965264742710524889861054322551199697492763878869543 public exponent: 65537 Validity: [From: Mon Dec 04 15:45:32 CET 2017, To: Wed Dec 04 15:45:32 CET 2019] Issuer: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH SerialNumber: [ 63255dbd 2700e2fc f19dec0a 7578d0f0] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/PTSTCA02BC.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/bcocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/PTSTCA02.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Public%20Trust%20Standard%20CA%2002,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.62.14] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 0C 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: portal-test.ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: B0 40 07 04 E3 74 03 59 AA 66 52 78 D3 8F CE 73 .@...t.Y.fRx...s 0010: 21 8E 02 79 !..y ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 0A 2D 6F 0F 55 C2 C4 3A 59 40 A2 81 B4 7C 44 A9 .-o.U..:Y@....D. 0010: F6 62 76 2F A1 0D 8D 4B 28 DC 58 D6 99 AD A1 38 .bv/...K(.X....8 0020: 91 A6 33 8F 9B C6 D2 8D 98 A7 4B 58 46 33 DA 2F ..3.......KXF3./ 0030: 34 BC 32 C8 A0 DF 28 EE C3 08 B6 78 07 5D B3 27 4.2...(....x.].' 0040: 48 F7 C9 C4 96 29 5A 10 E7 BB 80 D0 D5 7C CB 13 H....)Z......... 0050: 1E 54 CC 24 1B E1 F0 A6 FF 02 80 FD D4 88 21 D9 .T.$..........!. 0060: 36 E1 4C 18 EB 65 6A 25 23 1F 83 A7 55 61 82 C9 6.L..ej%#...Ua.. 0070: 1F E8 48 50 27 91 46 21 A3 58 F0 D4 FB 25 17 59 ..HP'.F!.X...%.Y 0080: 40 95 C0 CC 83 51 F7 DF 5F 7F D2 00 D6 F7 51 FB @....Q.._.....Q. 0090: 38 C4 8A D3 64 A5 0E AB F2 A1 29 A5 99 BB A8 C0 8...d.....)..... 00A0: 2D 14 ED E5 74 34 5C 8F 7B 70 F2 19 2E 17 76 62 -...t4\..p....vb 00B0: 29 71 91 46 6E AD FE 4F 13 B7 F3 C0 D4 0A 48 7A )q.Fn..O......Hz 00C0: 3D 6E A5 0E 00 DB CD 0F 66 C4 19 99 92 3A DA 62 =n......f....:.b 00D0: 42 79 17 1C 95 C2 AC 2E C0 05 38 75 45 7A AE 50 By........8uEz.P 00E0: 8E CF D3 55 B5 95 FD 07 B4 23 C2 67 C1 15 9C C2 ...U.....#.g.... 00F0: 43 B9 21 6D 1A C8 F1 E2 2E 3E 40 AC A3 E1 4E 42 C.!m.....>@...NB 0100: 31 CB CA 85 4A 9B F5 21 95 20 29 72 04 6E AE 1A 1...J..!. )r.n.. 0110: E9 04 D2 9E 16 9A 54 A0 E5 6F AA 67 6B 1E 89 7C ......T..o.gk... 0120: D9 0F 5B 82 56 17 06 78 0E 2B 8C 66 6F A2 74 13 ..[.V..x.+.fo.t. 0130: D2 14 37 D1 D1 DA 57 8C 3B 48 67 19 3D A2 AF 76 ..7...W.;Hg.=..v 0140: BD AB 62 FB A3 1B 1E 35 18 EC 72 03 80 9A 11 13 ..b....5..r..... 0150: 3C 2A D9 5F 0D 47 60 32 BA F1 96 45 3A E3 E2 D5 <*._.G`2...E:... 0160: CD 38 AC 81 21 8F 06 B6 BB C4 37 36 DF A0 11 BA .8..!.....76.... 0170: 4D D8 61 B3 4F AF E4 04 F6 5E B1 99 53 28 3D B7 M.a.O....^..S(=. 0180: 40 A1 EA 6B 54 F0 76 58 18 C7 0B 8B BF 52 0A D0 @..kT.vX.....R.. 0190: 9F 25 B3 0D 5B 33 C8 9D 20 9F DA 02 EA CF 12 82 .%..[3.. ....... 01A0: 82 18 6A D9 2B 51 AA BC 2E 5E 22 AB 7F 76 F7 D7 ..j.+Q...^"..v.. 01B0: 52 EF 06 03 47 D7 0B 43 4E 83 88 A7 33 54 71 9C R...G..CN...3Tq. 01C0: 5E 2F 3D E3 09 BF 54 66 94 37 22 3B 28 AA 75 F4 ^/=...Tf.7";(.u. 01D0: B6 4C F3 9F ED 4E 58 83 75 74 34 13 C9 B3 A0 08 .L...NX.ut4..... 01E0: 76 0E 18 72 DA FB C5 38 2E A5 20 B8 79 AD E0 26 v..r...8.. .y..& 01F0: 51 21 08 5B 32 1F E9 90 FB 3B 51 15 54 D5 22 8A Q!.[2....;Q.T.". ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 685030365976306227664770318750740055344262204363356489255200488126509027249780393480152864502079712591299086481583066718124997413065144941016976402995248841742873018338953833528091501640845003736986907323199933259442382032249941471222721298593830087627421951904142281784859991606199159436034251871128659464076704777826812850206320977942118734271613656876323197005486810160880335083703267372132894769474408886144461152404934157789579323380315204238874948052404550618414408891460786661785789722427748773630869667116014075529961288790262968939130590039393639686046124007735970521753063559612996046877550099638496160209002222125707394509436944658283310622941479773678664893840600319520931184326211910170022464891782188982820354161664578519645213143561901957585895416676721122741278086311046678867348741779914605643877086173379061840301443047017125731495367225812341965936171706393997817947465533551378079508519071245733796893538104510192433803881855625212534567419601711885984431423964482738786349536277691205661351201444074718234290357888994049445157777862216444875206522897011987932465352506151147605745946036172958308441499991951459951730459222349606464989902606719302708618175148080051476456284218863757216853990487613420598444880511 public exponent: 65537 Validity: [From: Wed May 11 10:36:42 CEST 2016, To: Sun May 11 10:36:42 CEST 2031] Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH SerialNumber: [ 51fc8949 2b4968c0 9ec32160 76b65663] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RootCAIII.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 07 EB 8E AA 71 CB 27 A5 BB C7 31 60 BE ED 1F CF ....q.'...1`.... 0010: A0 33 C4 E6 .3.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RootCAIII.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Root%20CA%20III,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.61.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 1A 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 75 22 F0 9D 51 C2 83 18 E7 FF 92 50 2F 0E A6 2E u"..Q......P/... 0010: C4 21 A5 F4 26 36 DC FB 1E DB CC 65 2A 7B D8 25 .!..&6.....e*..% 0020: 52 AF 04 79 77 34 80 4B BA CB 93 81 14 BF 7B 4F R..yw4.K.......O 0030: 71 14 EE E9 A8 13 36 74 83 1F EA D7 4A 56 1F F5 q.....6t....JV.. 0040: BE 0D 4F D2 04 A6 EE BF 16 F1 89 2A 67 A4 FA B4 ..O........*g... 0050: 2B 7C 1F 66 4D 26 C0 A0 D0 84 82 C2 62 3F 05 D0 +..fM&......b?.. 0060: 55 67 DB 18 9F 1F 7D DD 91 42 96 7A 83 94 8F 1F Ug.......B.z.... 0070: E0 49 2F AD 15 5A 18 89 45 30 17 6A D2 A4 35 F5 .I/..Z..E0.j..5. 0080: C2 DE 9A 3A B3 1A 89 A0 38 46 FA CD D7 6C F5 8A ...:....8F...l.. 0090: 60 40 64 E5 93 AD 01 24 6C AF 96 1D DC BD 37 29 `@d....$l.....7) 00A0: 1B F0 66 E0 52 17 26 F5 AC 4A FB B0 1C CB 4B 7C ..f.R.&..J....K. 00B0: C8 C7 03 0D 87 72 FF 6B 72 58 32 E7 E7 25 15 C3 .....r.krX2..%.. 00C0: 57 39 8E A2 1D 8F 97 6F 46 99 67 67 C3 36 38 9A W9.....oF.gg.68. 00D0: 5C E1 ED 9F FC 3E 99 23 AF 98 AB 4F C2 C8 C7 8D \....>.#...O.... 00E0: 96 C4 CE F5 2E 65 C3 61 8F B3 0E 64 38 D9 C2 6F .....e.a...d8..o 00F0: E7 14 40 E0 3E 3E CA 46 9F F5 E6 55 04 A6 5C FF ..@.>>.F...U..\. 0100: 02 B8 DA 39 09 00 75 36 50 86 E6 A9 D2 A3 E1 A1 ...9..u6P....... 0110: 2A 33 50 3C 13 D4 C7 0E E5 6F D2 A1 C4 A8 41 8E *3P<.....o....A. 0120: A8 67 E3 64 3E 8A 39 99 5D D7 D3 26 70 C5 8D 2F .g.d>.9.]..&p../ 0130: 9F AE 16 4D 80 AA 30 EF 57 7F 1D CF 9F 84 D8 1A ...M..0.W....... 0140: F3 A2 24 16 69 3B 8F DE A0 8D 48 26 A0 61 C4 B7 ..$.i;....H&.a.. 0150: E7 93 74 D3 80 12 0A 3F 9D 79 C0 74 EB 3C 27 6F ..t....?.y.t.<'o 0160: E5 3B 47 53 14 84 D4 A2 BE 85 02 97 59 53 B5 EA .;GS........YS.. 0170: 06 00 62 1B 90 C8 AC A8 99 A4 E0 C7 CF EA A8 F6 ..b............. 0180: EB 3E 85 AC B7 89 EF BA A5 64 1A F3 1A 0E 12 EA .>.......d...... 0190: F9 9A 48 5C AC 51 DB 23 98 FA AC 6B 60 08 D0 A5 ..H\.Q.#...k`... 01A0: EE 20 A1 30 CB 57 B9 A8 C9 7E BC 4D 0D 74 14 11 . .0.W.....M.t.. 01B0: 8B 9D 1B B0 05 C8 FF 7B 81 86 F2 1E 3D 8F F6 EA ............=... 01C0: 2A EF 0E BF 8B 68 5C 7A 0E 75 7B 26 0F 69 D1 29 *....h\z.u.&.i.) 01D0: C2 97 7F E2 88 0C C9 02 AD D9 26 11 EE BB 66 90 ..........&...f. 01E0: C2 49 19 4A F2 30 52 9C 6B 72 A7 7F BF CE 90 8D .I.J.0R.kr...... 01F0: B4 C3 F4 2D 3A 07 35 DB 35 57 1E 8C 96 2A 27 FF ...-:.5.5W...*'. ] main, READ: TLSv1.2 Handshake, length = 333 *** ECDH ServerKeyExchange Signature Algorithm SHA512withRSA Server key: Sun EC public key, 256 bits public x coord: 66451749169157457623068456857739641944345444268809947502031846954494926881010 public y coord: 56079722187883175143386866460734254879295212052788222249724131353450234900124 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) main, READ: TLSv1.2 Handshake, length = 4 *** ServerHelloDone *** ECDHClientKeyExchange ECDH Public value: { 4, 132, 206, 173, 206, 42, 171, 176, 159, 140, 214, 151, 81, 128, 85, 163, 245, 65, 159, 224, 204, 247, 84, 237, 212, 158, 151, 91, 51, 92, 31, 89, 80, 173, 230, 88, 21, 140, 200, 54, 230, 252, 97, 33, 70, 39, 202, 122, 76, 78, 106, 213, 201, 152, 73, 79, 244, 242, 210, 92, 152, 193, 55, 131, 79 } main, WRITE: TLSv1.2 Handshake, length = 70 SESSION KEYGEN: PreMaster Secret: 0000: 6E BF E9 95 91 25 78 8D 83 3D BC 71 D3 4C 9F 0B n....%x..=.q.L.. 0010: 24 77 7C 53 99 9E 64 31 86 FD 1B 36 95 29 FF 59 $w.S..d1...6.).Y CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 47 2D 6F D3 72 22 36 06 69 36 FA 04 4B EF Z.G-o.r"6.i6..K. 0010: 3A CC 86 81 49 1B 65 7F 3F 60 25 DD D3 5C 7D 7F :...I.e.?`%..\.. Server Nonce: 0000: 49 EF D3 9B 91 70 68 36 9B 13 1E EF 2F AB CA 4A I....ph6..../..J 0010: 34 AB 9D 87 F8 46 E7 80 6F 29 84 17 60 64 64 85 4....F..o)..`dd. Master Secret: 0000: 37 AB 7E 65 41 BB 6C 59 3B 6C 98 54 F1 95 99 90 7..eA.lY;l.T.... 0010: 4E 44 45 BF EB D7 09 4E 2F 73 6D A6 90 2B B7 E3 NDE....N/sm..+.. 0020: 74 9B B0 A4 9C 34 02 AA A2 02 14 FC 34 10 D5 14 t....4......4... ... no MAC keys used for this cipher Client write key: 0000: 9B C4 23 C0 7D 3D 98 8B 46 E4 A6 BC F7 A8 2A 78 ..#..=..F.....*x 0010: BF 0F 6F E0 0B 7D 6C 07 16 42 37 09 7E 84 A9 84 ..o...l..B7..... Server write key: 0000: 59 A4 4C 08 B2 4A F5 89 01 C6 31 E8 D4 0C 52 39 Y.L..J....1...R9 0010: AD 24 24 75 7C 0C 2B B1 FF 80 FC 57 76 6A 77 60 .$$u..+....Wvjw` Client write IV: 0000: D2 2A B1 B1 .*.. Server write IV: 0000: 85 CC FF 1F .... main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished verify_data: { 88, 171, 45, 59, 65, 140, 238, 73, 136, 228, 58, 188 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, READ: TLSv1.2 Change Cipher Spec, length = 1 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 136, 145, 72, 183, 70, 229, 9, 112, 101, 179, 92, 1 } *** %% Cached client session: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, WRITE: TLSv1.2 Application Data, length = 209 main, READ: TLSv1.2 Handshake, length = 28 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: false Is secure renegotiation: true Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 *** HelloRequest (empty) %% Client cached [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069421 bytes = { 104, 33, 115, 40, 39, 214, 60, 163, 232, 117, 249, 204, 103, 211, 168, 203, 234, 8, 217, 239, 134, 166, 196, 191, 35, 7, 159, 176 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension extended_master_secret Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] Extension renegotiation_info, renegotiated_connection: 58:ab:2d:3b:41:8c:ee:49:88:e4:3a:bc *** main, WRITE: TLSv1.2 Handshake, length = 286 main, READ: TLSv1.2 Handshake, length = 141 *** ServerHello, TLSv1.2 RandomCookie: GMT: 1384996557 bytes = { 149, 32, 88, 151, 67, 135, 30, 119, 168, 206, 150, 109, 216, 224, 23, 25, 11, 37, 150, 115, 4, 99, 38, 251, 191, 70, 143, 83 } Session ID: {13, 29, 168, 73, 38, 230, 136, 26, 48, 250, 136, 22, 82, 181, 136, 252, 194, 80, 67, 229, 190, 176, 84, 32, 9, 252, 244, 235, 45, 50, 217, 9} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension server_name, server_name: Extension renegotiation_info, renegotiated_connection: 58:ab:2d:3b:41:8c:ee:49:88:e4:3a:bc:88:91:48:b7:46:e5:09:70:65:b3:5c:01 Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] *** %% Initialized: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 main, READ: TLSv1.2 Handshake, length = 2044 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=portal-test.ejpd.admin.ch, OU=Servers, O=Bundesamt fuer Informatik und Telekommunikation, L=Bern, ST=BE, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24109167904437433945253508844342763413441845728208183254647005819933868198780296728577640607958357822408250558015383202085282842403482866361947874340498940788692215286838967482023754570995759820949362508793327877831065057670470861041451731272193094175058185897869086760581452374585244852633837402338192501727415524341078979419280212850657629638907508258572452503360478646158645100860112882483193416936550820627048860062106314761897031068761917793776773387785924043891026693008945863920194239795211639452716392625588820439122532450621258878585060338342149673355731074965264742710524889861054322551199697492763878869543 public exponent: 65537 Validity: [From: Mon Dec 04 15:45:32 CET 2017, To: Wed Dec 04 15:45:32 CET 2019] Issuer: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH SerialNumber: [ 63255dbd 2700e2fc f19dec0a 7578d0f0] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/PTSTCA02BC.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/bcocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/PTSTCA02.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Public%20Trust%20Standard%20CA%2002,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.62.14] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 0C 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: portal-test.ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: B0 40 07 04 E3 74 03 59 AA 66 52 78 D3 8F CE 73 .@...t.Y.fRx...s 0010: 21 8E 02 79 !..y ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 0A 2D 6F 0F 55 C2 C4 3A 59 40 A2 81 B4 7C 44 A9 .-o.U..:Y@....D. 0010: F6 62 76 2F A1 0D 8D 4B 28 DC 58 D6 99 AD A1 38 .bv/...K(.X....8 0020: 91 A6 33 8F 9B C6 D2 8D 98 A7 4B 58 46 33 DA 2F ..3.......KXF3./ 0030: 34 BC 32 C8 A0 DF 28 EE C3 08 B6 78 07 5D B3 27 4.2...(....x.].' 0040: 48 F7 C9 C4 96 29 5A 10 E7 BB 80 D0 D5 7C CB 13 H....)Z......... 0050: 1E 54 CC 24 1B E1 F0 A6 FF 02 80 FD D4 88 21 D9 .T.$..........!. 0060: 36 E1 4C 18 EB 65 6A 25 23 1F 83 A7 55 61 82 C9 6.L..ej%#...Ua.. 0070: 1F E8 48 50 27 91 46 21 A3 58 F0 D4 FB 25 17 59 ..HP'.F!.X...%.Y 0080: 40 95 C0 CC 83 51 F7 DF 5F 7F D2 00 D6 F7 51 FB @....Q.._.....Q. 0090: 38 C4 8A D3 64 A5 0E AB F2 A1 29 A5 99 BB A8 C0 8...d.....)..... 00A0: 2D 14 ED E5 74 34 5C 8F 7B 70 F2 19 2E 17 76 62 -...t4\..p....vb 00B0: 29 71 91 46 6E AD FE 4F 13 B7 F3 C0 D4 0A 48 7A )q.Fn..O......Hz 00C0: 3D 6E A5 0E 00 DB CD 0F 66 C4 19 99 92 3A DA 62 =n......f....:.b 00D0: 42 79 17 1C 95 C2 AC 2E C0 05 38 75 45 7A AE 50 By........8uEz.P 00E0: 8E CF D3 55 B5 95 FD 07 B4 23 C2 67 C1 15 9C C2 ...U.....#.g.... 00F0: 43 B9 21 6D 1A C8 F1 E2 2E 3E 40 AC A3 E1 4E 42 C.!m.....>@...NB 0100: 31 CB CA 85 4A 9B F5 21 95 20 29 72 04 6E AE 1A 1...J..!. )r.n.. 0110: E9 04 D2 9E 16 9A 54 A0 E5 6F AA 67 6B 1E 89 7C ......T..o.gk... 0120: D9 0F 5B 82 56 17 06 78 0E 2B 8C 66 6F A2 74 13 ..[.V..x.+.fo.t. 0130: D2 14 37 D1 D1 DA 57 8C 3B 48 67 19 3D A2 AF 76 ..7...W.;Hg.=..v 0140: BD AB 62 FB A3 1B 1E 35 18 EC 72 03 80 9A 11 13 ..b....5..r..... 0150: 3C 2A D9 5F 0D 47 60 32 BA F1 96 45 3A E3 E2 D5 <*._.G`2...E:... 0160: CD 38 AC 81 21 8F 06 B6 BB C4 37 36 DF A0 11 BA .8..!.....76.... 0170: 4D D8 61 B3 4F AF E4 04 F6 5E B1 99 53 28 3D B7 M.a.O....^..S(=. 0180: 40 A1 EA 6B 54 F0 76 58 18 C7 0B 8B BF 52 0A D0 @..kT.vX.....R.. 0190: 9F 25 B3 0D 5B 33 C8 9D 20 9F DA 02 EA CF 12 82 .%..[3.. ....... 01A0: 82 18 6A D9 2B 51 AA BC 2E 5E 22 AB 7F 76 F7 D7 ..j.+Q...^"..v.. 01B0: 52 EF 06 03 47 D7 0B 43 4E 83 88 A7 33 54 71 9C R...G..CN...3Tq. 01C0: 5E 2F 3D E3 09 BF 54 66 94 37 22 3B 28 AA 75 F4 ^/=...Tf.7";(.u. 01D0: B6 4C F3 9F ED 4E 58 83 75 74 34 13 C9 B3 A0 08 .L...NX.ut4..... 01E0: 76 0E 18 72 DA FB C5 38 2E A5 20 B8 79 AD E0 26 v..r...8.. .y..& 01F0: 51 21 08 5B 32 1F E9 90 FB 3B 51 15 54 D5 22 8A Q!.[2....;Q.T.". ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 685030365976306227664770318750740055344262204363356489255200488126509027249780393480152864502079712591299086481583066718124997413065144941016976402995248841742873018338953833528091501640845003736986907323199933259442382032249941471222721298593830087627421951904142281784859991606199159436034251871128659464076704777826812850206320977942118734271613656876323197005486810160880335083703267372132894769474408886144461152404934157789579323380315204238874948052404550618414408891460786661785789722427748773630869667116014075529961288790262968939130590039393639686046124007735970521753063559612996046877550099638496160209002222125707394509436944658283310622941479773678664893840600319520931184326211910170022464891782188982820354161664578519645213143561901957585895416676721122741278086311046678867348741779914605643877086173379061840301443047017125731495367225812341965936171706393997817947465533551378079508519071245733796893538104510192433803881855625212534567419601711885984431423964482738786349536277691205661351201444074718234290357888994049445157777862216444875206522897011987932465352506151147605745946036172958308441499991951459951730459222349606464989902606719302708618175148080051476456284218863757216853990487613420598444880511 public exponent: 65537 Validity: [From: Wed May 11 10:36:42 CEST 2016, To: Sun May 11 10:36:42 CEST 2031] Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH SerialNumber: [ 51fc8949 2b4968c0 9ec32160 76b65663] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RootCAIII.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 07 EB 8E AA 71 CB 27 A5 BB C7 31 60 BE ED 1F CF ....q.'...1`.... 0010: A0 33 C4 E6 .3.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RootCAIII.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Root%20CA%20III,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.61.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 1A 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 75 22 F0 9D 51 C2 83 18 E7 FF 92 50 2F 0E A6 2E u"..Q......P/... 0010: C4 21 A5 F4 26 36 DC FB 1E DB CC 65 2A 7B D8 25 .!..&6.....e*..% 0020: 52 AF 04 79 77 34 80 4B BA CB 93 81 14 BF 7B 4F R..yw4.K.......O 0030: 71 14 EE E9 A8 13 36 74 83 1F EA D7 4A 56 1F F5 q.....6t....JV.. 0040: BE 0D 4F D2 04 A6 EE BF 16 F1 89 2A 67 A4 FA B4 ..O........*g... 0050: 2B 7C 1F 66 4D 26 C0 A0 D0 84 82 C2 62 3F 05 D0 +..fM&......b?.. 0060: 55 67 DB 18 9F 1F 7D DD 91 42 96 7A 83 94 8F 1F Ug.......B.z.... 0070: E0 49 2F AD 15 5A 18 89 45 30 17 6A D2 A4 35 F5 .I/..Z..E0.j..5. 0080: C2 DE 9A 3A B3 1A 89 A0 38 46 FA CD D7 6C F5 8A ...:....8F...l.. 0090: 60 40 64 E5 93 AD 01 24 6C AF 96 1D DC BD 37 29 `@d....$l.....7) 00A0: 1B F0 66 E0 52 17 26 F5 AC 4A FB B0 1C CB 4B 7C ..f.R.&..J....K. 00B0: C8 C7 03 0D 87 72 FF 6B 72 58 32 E7 E7 25 15 C3 .....r.krX2..%.. 00C0: 57 39 8E A2 1D 8F 97 6F 46 99 67 67 C3 36 38 9A W9.....oF.gg.68. 00D0: 5C E1 ED 9F FC 3E 99 23 AF 98 AB 4F C2 C8 C7 8D \....>.#...O.... 00E0: 96 C4 CE F5 2E 65 C3 61 8F B3 0E 64 38 D9 C2 6F .....e.a...d8..o 00F0: E7 14 40 E0 3E 3E CA 46 9F F5 E6 55 04 A6 5C FF ..@.>>.F...U..\. 0100: 02 B8 DA 39 09 00 75 36 50 86 E6 A9 D2 A3 E1 A1 ...9..u6P....... 0110: 2A 33 50 3C 13 D4 C7 0E E5 6F D2 A1 C4 A8 41 8E *3P<.....o....A. 0120: A8 67 E3 64 3E 8A 39 99 5D D7 D3 26 70 C5 8D 2F .g.d>.9.]..&p../ 0130: 9F AE 16 4D 80 AA 30 EF 57 7F 1D CF 9F 84 D8 1A ...M..0.W....... 0140: F3 A2 24 16 69 3B 8F DE A0 8D 48 26 A0 61 C4 B7 ..$.i;....H&.a.. 0150: E7 93 74 D3 80 12 0A 3F 9D 79 C0 74 EB 3C 27 6F ..t....?.y.t.<'o 0160: E5 3B 47 53 14 84 D4 A2 BE 85 02 97 59 53 B5 EA .;GS........YS.. 0170: 06 00 62 1B 90 C8 AC A8 99 A4 E0 C7 CF EA A8 F6 ..b............. 0180: EB 3E 85 AC B7 89 EF BA A5 64 1A F3 1A 0E 12 EA .>.......d...... 0190: F9 9A 48 5C AC 51 DB 23 98 FA AC 6B 60 08 D0 A5 ..H\.Q.#...k`... 01A0: EE 20 A1 30 CB 57 B9 A8 C9 7E BC 4D 0D 74 14 11 . .0.W.....M.t.. 01B0: 8B 9D 1B B0 05 C8 FF 7B 81 86 F2 1E 3D 8F F6 EA ............=... 01C0: 2A EF 0E BF 8B 68 5C 7A 0E 75 7B 26 0F 69 D1 29 *....h\z.u.&.i.) 01D0: C2 97 7F E2 88 0C C9 02 AD D9 26 11 EE BB 66 90 ..........&...f. 01E0: C2 49 19 4A F2 30 52 9C 6B 72 A7 7F BF CE 90 8D .I.J.0R.kr...... 01F0: B4 C3 F4 2D 3A 07 35 DB 35 57 1E 8C 96 2A 27 FF ...-:.5.5W...*'. ] main, READ: TLSv1.2 Handshake, length = 357 *** ECDH ServerKeyExchange Signature Algorithm SHA512withRSA Server key: Sun EC public key, 256 bits public x coord: 2979867722007293405485580951956206991183289193982912087285817043028941882591 public y coord: 68159553690745041352864563101522281100470683377350973112548101535779653731210 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) main, READ: TLSv1.2 Handshake, length = 1149 *** CertificateRequest Cert Types: RSA, DSS, ECDSA Supported Signature Algorithms: SHA512withRSA, Unknown (hash:0x6, signature:0x2), SHA512withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA, SHA256withRSA, SHA256withDSA, SHA256withECDSA, SHA224withRSA, SHA224withDSA, SHA224withECDSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA Cert Authorities:

*** ServerHelloDone matching alias: tuser-sysp-scu0000a *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=TUSER-SYSP-SCU0000A, OU=Systemplattform eDokumente, O=Admin, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 25027028182467694683913544237864432927282293074107818818807877030342847025279370734421683740554850424603261221390884946917720650812037177195092324408255542817305102504561912559357382998882681995977594048854862774935856446333282718263266097364335331528566453171905299121492184294388240012767009265273349666578909993284706766338539099718470792098345416589669101833977550740610552957432532910777688674819680872156485206333249722165631496690963418223753492714815880450556778994104167461657295422152540978158216242899021588749185064992353328162973038301095198406145123154145338064733148394967347800016877457018421517446681 public exponent: 65537 Validity: [From: Fri Jan 20 10:59:40 CET 2017, To: Mon Jan 20 10:59:40 CET 2020] Issuer: CN=Swiss Government Regular CA 01, OU=Certification Authorities, OU=Services, O=Admin, C=CH SerialNumber: [ 4ea774a2 4ec4163f 3d3681d4 83eca550] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RegularCA01.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 4D 77 B5 E4 EF 6D 9C C3 9B A0 3A 87 E1 A6 EE 08 Mw...m....:..... 0010: A7 39 E7 8B .9.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RegularCA01.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Regular%20CA%2001,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.22.23] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 32 31 5F 31 2E 70 64 66 3_21_1.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 B0 1A 81 AD 54 68 65 20 70 75 72 70 6F 73 0.....The purpos 0010: 65 20 6F 66 20 74 68 69 73 20 63 65 72 74 69 66 e of this certif 0020: 69 63 61 74 65 20 69 73 20 73 6F 6C 65 6C 79 20 icate is solely 0030: 69 6E 74 65 6E 64 65 64 20 66 6F 72 20 73 79 73 intended for sys 0040: 74 65 6D 20 70 6C 61 74 66 6F 72 6D 20 65 44 6F tem platform eDo 0050: 6B 75 6D 65 6E 74 65 20 61 70 70 6C 69 63 61 74 kumente applicat 0060: 69 6F 6E 20 75 73 61 67 65 73 2E 20 54 68 65 20 ion usages. The 0070: 73 75 62 6A 65 63 74 20 69 73 20 61 20 74 65 63 subject is a tec 0080: 68 6E 69 63 61 6C 20 75 73 65 72 20 72 65 66 65 hnical user refe 0090: 72 65 6E 63 65 64 20 69 6E 20 74 68 65 20 64 61 renced in the da 00A0: 74 61 62 61 73 65 20 6F 66 20 49 53 43 2D 45 4A tabase of ISC-EJ 00B0: 50 44 2E PD. ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ emailProtection clientAuth 1.3.6.1.4.1.311.20.2.2 1.3.6.1.4.1.311.10.3.4 ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ RFC822Name: juerg.blaser@isc-ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: E1 88 99 91 11 01 56 40 8D F1 E6 AE 0D F5 96 6E ......V@.......n 0010: A7 87 4F 18 ..O. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 5E 6D 26 5C 80 B1 22 63 63 09 F2 1A 73 72 24 E9 ^m&\.."cc...sr$. 0010: 1A 0D 78 A9 6E 93 D0 32 32 75 70 00 51 58 60 0D ..x.n..22up.QX`. 0020: 62 3D AE F8 89 30 C6 4C 37 C1 E9 56 A9 B6 9C 97 b=...0.L7..V.... 0030: F4 46 2E 82 7E C2 F4 8E E4 08 0E B9 E3 89 62 40 .F............b@ 0040: EC D1 B3 B3 FB 14 0C 48 AD B3 02 B2 4D A4 D5 3A .......H....M..: 0050: 21 63 0B C9 E1 E1 E8 87 A0 49 22 2E 4D D1 89 CA !c.......I".M... 0060: 97 CA DD A2 94 DC D0 F8 EA 3C 11 84 E1 58 C2 4A .........<...X.J 0070: A0 6E 16 2E 0D 0E 32 CC 91 72 39 B1 79 E0 B4 3B .n....2..r9.y..; 0080: 6B 68 B5 18 D0 CE B1 CA 1A 45 43 D2 C0 90 BA 94 kh.......EC..... 0090: 85 24 36 0C D9 1A 60 05 E2 78 ED 53 BF 8B 42 FD .$6...`..x.S..B. 00A0: 0B 9F 88 3C 5F 5B 04 17 68 D9 70 04 DE 29 3A 8D ...<_[..h.p..):. 00B0: 4B E6 D5 4F 5C 16 C2 ED EC C3 EF 3E E4 D2 94 7B K..O\......>.... 00C0: 18 50 78 60 DF 67 6C 7C 18 76 8C 8C 9B E7 A7 5C .Px`.gl..v.....\ 00D0: AC 4D 31 A8 17 C6 48 CE 46 9A D0 23 F7 B6 3F 74 .M1...H.F..#..?t 00E0: 76 CC FE 86 32 E2 0C B6 DF 91 72 19 B6 C3 1E 90 v...2.....r..... 00F0: 44 33 74 62 83 86 82 9F 51 72 84 31 43 7D 5D 9F D3tb....Qr.1C.]. 0100: C4 9F 22 71 79 FE D9 B9 31 C7 EB F8 74 BB 98 64 .."qy...1...t..d 0110: 80 34 03 A4 D1 06 1F 3D 94 3B 62 BC 94 01 E0 57 .4.....=.;b....W 0120: 4C 69 EB 3E 2A 43 18 AF A5 82 8B 6C 07 59 21 41 Li.>*C.....l.Y!A 0130: F1 7D 1C 16 51 31 DC 39 EA 4C 0A 08 BA A3 BD A8 ....Q1.9.L...... 0140: 16 61 E4 10 D2 5C 58 D8 C1 1E 71 E6 22 F8 8F 84 .a...\X...q."... 0150: BB 2E E4 86 E8 5A C4 CA 43 66 7D F4 9E DF CB 74 .....Z..Cf.....t 0160: AD 6A 36 00 D8 58 D4 4F 00 20 AD 50 33 69 68 80 .j6..X.O. .P3ih. 0170: E3 9D 74 8A 67 0D EA 2C FA 86 52 85 B1 EC 72 39 ..t.g..,..R...r9 0180: C8 7B A9 03 FC BF DF 00 FD 57 E5 61 E3 75 49 83 .........W.a.uI. 0190: B7 29 A0 5D 15 72 C5 EA 0D EE EF 43 D5 A6 68 E9 .).].r.....C..h. 01A0: EC 37 22 DF A6 F4 75 5F 64 E7 F4 87 04 0C 79 FB .7"...u_d.....y. 01B0: FB F5 D7 89 36 DB 77 C8 F7 04 CE 2C 16 3D 89 E0 ....6.w....,.=.. 01C0: 71 57 7C 04 47 84 36 26 5C F6 60 20 BB 9B 95 9C qW..G.6&\.` .... 01D0: F0 AE AE 9F 65 BE F7 A8 00 52 2A 16 9E 78 D5 67 ....e....R*..x.g 01E0: 75 4B BB CF 1A DD 30 CC 78 2B BE E0 0B C5 12 8B uK....0.x+...... 01F0: F1 8C 12 AE A7 C0 FF 26 0E 49 33 2C 42 79 32 37 .......&.I3,By27 ] *** *** ECDHClientKeyExchange ECDH Public value: { 4, 128, 70, 24, 254, 19, 10, 139, 63, 100, 118, 44, 124, 115, 243, 158, 134, 110, 42, 102, 14, 204, 24, 226, 128, 113, 247, 39, 146, 125, 19, 50, 46, 216, 197, 116, 94, 88, 26, 209, 6, 92, 178, 142, 164, 165, 102, 199, 155, 240, 72, 37, 61, 125, 217, 190, 5, 210, 4, 36, 217, 6, 12, 50, 16 } main, WRITE: TLSv1.2 Handshake, length = 2051 SESSION KEYGEN: PreMaster Secret: 0000: EA 80 58 F0 F8 E7 C3 62 8A 65 99 19 04 64 79 C8 ..X....b.e...dy. 0010: B0 6E E1 1C E1 13 A9 18 D2 E6 12 04 35 D1 32 3E .n..........5.2> CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 47 2D 68 21 73 28 27 D6 3C A3 E8 75 F9 CC Z.G-h!s('.<..u.. 0010: 67 D3 A8 CB EA 08 D9 EF 86 A6 C4 BF 23 07 9F B0 g...........#... Server Nonce: 0000: 53 8D 5F CD 95 20 58 97 43 87 1E 77 A8 CE 96 6D S._.. X.C..w...m 0010: D8 E0 17 19 0B 25 96 73 04 63 26 FB BF 46 8F 53 .....%.s.c&..F.S Master Secret: 0000: 73 5E 9B 83 2C 8C 7C E7 5D 09 F9 AE 1A 96 32 26 s^..,...].....2& 0010: BB 09 51 C8 3D 17 8C CD 84 82 2D E2 C5 A1 A7 93 ..Q.=.....-..... 0020: 32 5B 42 7C A9 50 2F DB 0E B0 C6 24 1B E9 4D 20 2[B..P/....$..M ... no MAC keys used for this cipher Client write key: 0000: DA A4 3B 5F 09 28 5E 6A AF 25 96 28 6E 96 67 99 ..;_.(^j.%.(n.g. 0010: 39 09 60 40 BF 05 CE BF 62 E2 E9 B2 9A 60 D3 3C 9.`@....b....`.< Server write key: 0000: 3E 14 CD 42 49 2B 5E 1E DD 20 75 BC 01 0B 89 5F >..BI+^.. u...._ 0010: 5C 8B 84 17 D6 38 F6 FD E5 68 01 49 9A 54 6A 20 \....8...h.I.Tj Client write IV: 0000: 77 CB 83 44 w..D Server write IV: 0000: 83 46 77 13 .Fw. *** CertificateVerify Signature Algorithm SHA512withRSA main, WRITE: TLSv1.2 Handshake, length = 288 main, WRITE: TLSv1.2 Change Cipher Spec, length = 25 *** Finished verify_data: { 92, 28, 213, 129, 183, 210, 198, 102, 6, 216, 120, 0 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, READ: TLSv1.2 Change Cipher Spec, length = 25 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 28, 176, 83, 158, 184, 15, 173, 142, 139, 120, 134, 64 } *** %% Cached client session: [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, READ: TLSv1.2 Application Data, length = 676 >>> Response Code: 200 main, READ: TLSv1.2 Application Data, length = 6683 Keep-Alive-Timer, called close() Keep-Alive-Timer, called closeInternal(true) Keep-Alive-Timer, SEND TLSv1.2 ALERT: warning, description = close_notify Keep-Alive-Timer, WRITE: TLSv1.2 Alert, length = 26 Keep-Alive-Timer, called closeSocket(true) >>> Run 1 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false main, setSoTimeout(0) called main, the previous server name in SNI (type=host_name (0), value=portal-test.ejpd.admin.ch) was replaced with (type=host_name (0), value=portal-test.ejpd.admin.ch) Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% Client cached [Session-2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069431 bytes = { 56, 68, 75, 160, 69, 244, 226, 85, 180, 183, 32, 195, 56, 72, 184, 20, 249, 193, 53, 199, 147, 60, 238, 230, 250, 70, 28, 61 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension extended_master_secret Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] *** main, WRITE: TLSv1.2 Handshake, length = 247 main, READ: TLSv1.2 Handshake, length = 93 *** ServerHello, TLSv1.2 RandomCookie: GMT: 582869057 bytes = { 73, 116, 52, 86, 171, 36, 9, 166, 202, 60, 104, 67, 48, 130, 236, 224, 63, 1, 66, 51, 20, 42, 177, 82, 46, 59, 189, 161 } Session ID: {216, 118, 40, 203, 79, 164, 247, 151, 28, 122, 134, 238, 237, 204, 166, 49, 167, 177, 119, 104, 143, 135, 37, 54, 63, 115, 141, 39, 7, 230, 240, 251} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension server_name, server_name: Extension renegotiation_info, renegotiated_connection: Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] *** %% Initialized: [Session-3, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 main, READ: TLSv1.2 Handshake, length = 2020 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=portal-test.ejpd.admin.ch, OU=Servers, O=Bundesamt fuer Informatik und Telekommunikation, L=Bern, ST=BE, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24109167904437433945253508844342763413441845728208183254647005819933868198780296728577640607958357822408250558015383202085282842403482866361947874340498940788692215286838967482023754570995759820949362508793327877831065057670470861041451731272193094175058185897869086760581452374585244852633837402338192501727415524341078979419280212850657629638907508258572452503360478646158645100860112882483193416936550820627048860062106314761897031068761917793776773387785924043891026693008945863920194239795211639452716392625588820439122532450621258878585060338342149673355731074965264742710524889861054322551199697492763878869543 public exponent: 65537 Validity: [From: Mon Dec 04 15:45:32 CET 2017, To: Wed Dec 04 15:45:32 CET 2019] Issuer: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH SerialNumber: [ 63255dbd 2700e2fc f19dec0a 7578d0f0] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/PTSTCA02BC.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/bcocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/PTSTCA02.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Public%20Trust%20Standard%20CA%2002,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.62.14] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 0C 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: portal-test.ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: B0 40 07 04 E3 74 03 59 AA 66 52 78 D3 8F CE 73 .@...t.Y.fRx...s 0010: 21 8E 02 79 !..y ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 0A 2D 6F 0F 55 C2 C4 3A 59 40 A2 81 B4 7C 44 A9 .-o.U..:Y@....D. 0010: F6 62 76 2F A1 0D 8D 4B 28 DC 58 D6 99 AD A1 38 .bv/...K(.X....8 0020: 91 A6 33 8F 9B C6 D2 8D 98 A7 4B 58 46 33 DA 2F ..3.......KXF3./ 0030: 34 BC 32 C8 A0 DF 28 EE C3 08 B6 78 07 5D B3 27 4.2...(....x.].' 0040: 48 F7 C9 C4 96 29 5A 10 E7 BB 80 D0 D5 7C CB 13 H....)Z......... 0050: 1E 54 CC 24 1B E1 F0 A6 FF 02 80 FD D4 88 21 D9 .T.$..........!. 0060: 36 E1 4C 18 EB 65 6A 25 23 1F 83 A7 55 61 82 C9 6.L..ej%#...Ua.. 0070: 1F E8 48 50 27 91 46 21 A3 58 F0 D4 FB 25 17 59 ..HP'.F!.X...%.Y 0080: 40 95 C0 CC 83 51 F7 DF 5F 7F D2 00 D6 F7 51 FB @....Q.._.....Q. 0090: 38 C4 8A D3 64 A5 0E AB F2 A1 29 A5 99 BB A8 C0 8...d.....)..... 00A0: 2D 14 ED E5 74 34 5C 8F 7B 70 F2 19 2E 17 76 62 -...t4\..p....vb 00B0: 29 71 91 46 6E AD FE 4F 13 B7 F3 C0 D4 0A 48 7A )q.Fn..O......Hz 00C0: 3D 6E A5 0E 00 DB CD 0F 66 C4 19 99 92 3A DA 62 =n......f....:.b 00D0: 42 79 17 1C 95 C2 AC 2E C0 05 38 75 45 7A AE 50 By........8uEz.P 00E0: 8E CF D3 55 B5 95 FD 07 B4 23 C2 67 C1 15 9C C2 ...U.....#.g.... 00F0: 43 B9 21 6D 1A C8 F1 E2 2E 3E 40 AC A3 E1 4E 42 C.!m.....>@...NB 0100: 31 CB CA 85 4A 9B F5 21 95 20 29 72 04 6E AE 1A 1...J..!. )r.n.. 0110: E9 04 D2 9E 16 9A 54 A0 E5 6F AA 67 6B 1E 89 7C ......T..o.gk... 0120: D9 0F 5B 82 56 17 06 78 0E 2B 8C 66 6F A2 74 13 ..[.V..x.+.fo.t. 0130: D2 14 37 D1 D1 DA 57 8C 3B 48 67 19 3D A2 AF 76 ..7...W.;Hg.=..v 0140: BD AB 62 FB A3 1B 1E 35 18 EC 72 03 80 9A 11 13 ..b....5..r..... 0150: 3C 2A D9 5F 0D 47 60 32 BA F1 96 45 3A E3 E2 D5 <*._.G`2...E:... 0160: CD 38 AC 81 21 8F 06 B6 BB C4 37 36 DF A0 11 BA .8..!.....76.... 0170: 4D D8 61 B3 4F AF E4 04 F6 5E B1 99 53 28 3D B7 M.a.O....^..S(=. 0180: 40 A1 EA 6B 54 F0 76 58 18 C7 0B 8B BF 52 0A D0 @..kT.vX.....R.. 0190: 9F 25 B3 0D 5B 33 C8 9D 20 9F DA 02 EA CF 12 82 .%..[3.. ....... 01A0: 82 18 6A D9 2B 51 AA BC 2E 5E 22 AB 7F 76 F7 D7 ..j.+Q...^"..v.. 01B0: 52 EF 06 03 47 D7 0B 43 4E 83 88 A7 33 54 71 9C R...G..CN...3Tq. 01C0: 5E 2F 3D E3 09 BF 54 66 94 37 22 3B 28 AA 75 F4 ^/=...Tf.7";(.u. 01D0: B6 4C F3 9F ED 4E 58 83 75 74 34 13 C9 B3 A0 08 .L...NX.ut4..... 01E0: 76 0E 18 72 DA FB C5 38 2E A5 20 B8 79 AD E0 26 v..r...8.. .y..& 01F0: 51 21 08 5B 32 1F E9 90 FB 3B 51 15 54 D5 22 8A Q!.[2....;Q.T.". ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 685030365976306227664770318750740055344262204363356489255200488126509027249780393480152864502079712591299086481583066718124997413065144941016976402995248841742873018338953833528091501640845003736986907323199933259442382032249941471222721298593830087627421951904142281784859991606199159436034251871128659464076704777826812850206320977942118734271613656876323197005486810160880335083703267372132894769474408886144461152404934157789579323380315204238874948052404550618414408891460786661785789722427748773630869667116014075529961288790262968939130590039393639686046124007735970521753063559612996046877550099638496160209002222125707394509436944658283310622941479773678664893840600319520931184326211910170022464891782188982820354161664578519645213143561901957585895416676721122741278086311046678867348741779914605643877086173379061840301443047017125731495367225812341965936171706393997817947465533551378079508519071245733796893538104510192433803881855625212534567419601711885984431423964482738786349536277691205661351201444074718234290357888994049445157777862216444875206522897011987932465352506151147605745946036172958308441499991951459951730459222349606464989902606719302708618175148080051476456284218863757216853990487613420598444880511 public exponent: 65537 Validity: [From: Wed May 11 10:36:42 CEST 2016, To: Sun May 11 10:36:42 CEST 2031] Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH SerialNumber: [ 51fc8949 2b4968c0 9ec32160 76b65663] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RootCAIII.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 07 EB 8E AA 71 CB 27 A5 BB C7 31 60 BE ED 1F CF ....q.'...1`.... 0010: A0 33 C4 E6 .3.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RootCAIII.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Root%20CA%20III,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.61.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 1A 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 75 22 F0 9D 51 C2 83 18 E7 FF 92 50 2F 0E A6 2E u"..Q......P/... 0010: C4 21 A5 F4 26 36 DC FB 1E DB CC 65 2A 7B D8 25 .!..&6.....e*..% 0020: 52 AF 04 79 77 34 80 4B BA CB 93 81 14 BF 7B 4F R..yw4.K.......O 0030: 71 14 EE E9 A8 13 36 74 83 1F EA D7 4A 56 1F F5 q.....6t....JV.. 0040: BE 0D 4F D2 04 A6 EE BF 16 F1 89 2A 67 A4 FA B4 ..O........*g... 0050: 2B 7C 1F 66 4D 26 C0 A0 D0 84 82 C2 62 3F 05 D0 +..fM&......b?.. 0060: 55 67 DB 18 9F 1F 7D DD 91 42 96 7A 83 94 8F 1F Ug.......B.z.... 0070: E0 49 2F AD 15 5A 18 89 45 30 17 6A D2 A4 35 F5 .I/..Z..E0.j..5. 0080: C2 DE 9A 3A B3 1A 89 A0 38 46 FA CD D7 6C F5 8A ...:....8F...l.. 0090: 60 40 64 E5 93 AD 01 24 6C AF 96 1D DC BD 37 29 `@d....$l.....7) 00A0: 1B F0 66 E0 52 17 26 F5 AC 4A FB B0 1C CB 4B 7C ..f.R.&..J....K. 00B0: C8 C7 03 0D 87 72 FF 6B 72 58 32 E7 E7 25 15 C3 .....r.krX2..%.. 00C0: 57 39 8E A2 1D 8F 97 6F 46 99 67 67 C3 36 38 9A W9.....oF.gg.68. 00D0: 5C E1 ED 9F FC 3E 99 23 AF 98 AB 4F C2 C8 C7 8D \....>.#...O.... 00E0: 96 C4 CE F5 2E 65 C3 61 8F B3 0E 64 38 D9 C2 6F .....e.a...d8..o 00F0: E7 14 40 E0 3E 3E CA 46 9F F5 E6 55 04 A6 5C FF ..@.>>.F...U..\. 0100: 02 B8 DA 39 09 00 75 36 50 86 E6 A9 D2 A3 E1 A1 ...9..u6P....... 0110: 2A 33 50 3C 13 D4 C7 0E E5 6F D2 A1 C4 A8 41 8E *3P<.....o....A. 0120: A8 67 E3 64 3E 8A 39 99 5D D7 D3 26 70 C5 8D 2F .g.d>.9.]..&p../ 0130: 9F AE 16 4D 80 AA 30 EF 57 7F 1D CF 9F 84 D8 1A ...M..0.W....... 0140: F3 A2 24 16 69 3B 8F DE A0 8D 48 26 A0 61 C4 B7 ..$.i;....H&.a.. 0150: E7 93 74 D3 80 12 0A 3F 9D 79 C0 74 EB 3C 27 6F ..t....?.y.t.<'o 0160: E5 3B 47 53 14 84 D4 A2 BE 85 02 97 59 53 B5 EA .;GS........YS.. 0170: 06 00 62 1B 90 C8 AC A8 99 A4 E0 C7 CF EA A8 F6 ..b............. 0180: EB 3E 85 AC B7 89 EF BA A5 64 1A F3 1A 0E 12 EA .>.......d...... 0190: F9 9A 48 5C AC 51 DB 23 98 FA AC 6B 60 08 D0 A5 ..H\.Q.#...k`... 01A0: EE 20 A1 30 CB 57 B9 A8 C9 7E BC 4D 0D 74 14 11 . .0.W.....M.t.. 01B0: 8B 9D 1B B0 05 C8 FF 7B 81 86 F2 1E 3D 8F F6 EA ............=... 01C0: 2A EF 0E BF 8B 68 5C 7A 0E 75 7B 26 0F 69 D1 29 *....h\z.u.&.i.) 01D0: C2 97 7F E2 88 0C C9 02 AD D9 26 11 EE BB 66 90 ..........&...f. 01E0: C2 49 19 4A F2 30 52 9C 6B 72 A7 7F BF CE 90 8D .I.J.0R.kr...... 01F0: B4 C3 F4 2D 3A 07 35 DB 35 57 1E 8C 96 2A 27 FF ...-:.5.5W...*'. ] main, READ: TLSv1.2 Handshake, length = 333 *** ECDH ServerKeyExchange Signature Algorithm SHA512withRSA Server key: Sun EC public key, 256 bits public x coord: 82064688491484660762623458861060003756733118919887472412397294856252429637354 public y coord: 82038118428367917100542388743470159664289720419503891669309318962467989606454 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) main, READ: TLSv1.2 Handshake, length = 4 *** ServerHelloDone *** ECDHClientKeyExchange ECDH Public value: { 4, 251, 124, 95, 157, 51, 228, 92, 161, 240, 84, 45, 42, 2, 134, 51, 60, 81, 178, 135, 215, 35, 131, 210, 194, 0, 86, 135, 19, 78, 135, 109, 54, 222, 67, 167, 69, 46, 250, 21, 246, 154, 117, 117, 138, 17, 209, 80, 80, 225, 233, 151, 201, 205, 55, 177, 90, 119, 205, 227, 149, 196, 53, 246, 10 } main, WRITE: TLSv1.2 Handshake, length = 70 SESSION KEYGEN: PreMaster Secret: 0000: 14 25 50 0C E8 EB 6E 29 80 2E 3D 7E 2C 55 B6 94 .%P...n)..=.,U.. 0010: FD 8F 8A CE 51 42 90 B1 A5 91 C3 43 63 8C 89 40 ....QB.....Cc..@ CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 47 37 38 44 4B A0 45 F4 E2 55 B4 B7 20 C3 Z.G78DK.E..U.. . 0010: 38 48 B8 14 F9 C1 35 C7 93 3C EE E6 FA 46 1C 3D 8H....5..<...F.= Server Nonce: 0000: 23 BE E0 41 49 74 34 56 AB 24 09 A6 CA 3C 68 43 #..AIt4V.$...@...NB 0100: 31 CB CA 85 4A 9B F5 21 95 20 29 72 04 6E AE 1A 1...J..!. )r.n.. 0110: E9 04 D2 9E 16 9A 54 A0 E5 6F AA 67 6B 1E 89 7C ......T..o.gk... 0120: D9 0F 5B 82 56 17 06 78 0E 2B 8C 66 6F A2 74 13 ..[.V..x.+.fo.t. 0130: D2 14 37 D1 D1 DA 57 8C 3B 48 67 19 3D A2 AF 76 ..7...W.;Hg.=..v 0140: BD AB 62 FB A3 1B 1E 35 18 EC 72 03 80 9A 11 13 ..b....5..r..... 0150: 3C 2A D9 5F 0D 47 60 32 BA F1 96 45 3A E3 E2 D5 <*._.G`2...E:... 0160: CD 38 AC 81 21 8F 06 B6 BB C4 37 36 DF A0 11 BA .8..!.....76.... 0170: 4D D8 61 B3 4F AF E4 04 F6 5E B1 99 53 28 3D B7 M.a.O....^..S(=. 0180: 40 A1 EA 6B 54 F0 76 58 18 C7 0B 8B BF 52 0A D0 @..kT.vX.....R.. 0190: 9F 25 B3 0D 5B 33 C8 9D 20 9F DA 02 EA CF 12 82 .%..[3.. ....... 01A0: 82 18 6A D9 2B 51 AA BC 2E 5E 22 AB 7F 76 F7 D7 ..j.+Q...^"..v.. 01B0: 52 EF 06 03 47 D7 0B 43 4E 83 88 A7 33 54 71 9C R...G..CN...3Tq. 01C0: 5E 2F 3D E3 09 BF 54 66 94 37 22 3B 28 AA 75 F4 ^/=...Tf.7";(.u. 01D0: B6 4C F3 9F ED 4E 58 83 75 74 34 13 C9 B3 A0 08 .L...NX.ut4..... 01E0: 76 0E 18 72 DA FB C5 38 2E A5 20 B8 79 AD E0 26 v..r...8.. .y..& 01F0: 51 21 08 5B 32 1F E9 90 FB 3B 51 15 54 D5 22 8A Q!.[2....;Q.T.". ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 685030365976306227664770318750740055344262204363356489255200488126509027249780393480152864502079712591299086481583066718124997413065144941016976402995248841742873018338953833528091501640845003736986907323199933259442382032249941471222721298593830087627421951904142281784859991606199159436034251871128659464076704777826812850206320977942118734271613656876323197005486810160880335083703267372132894769474408886144461152404934157789579323380315204238874948052404550618414408891460786661785789722427748773630869667116014075529961288790262968939130590039393639686046124007735970521753063559612996046877550099638496160209002222125707394509436944658283310622941479773678664893840600319520931184326211910170022464891782188982820354161664578519645213143561901957585895416676721122741278086311046678867348741779914605643877086173379061840301443047017125731495367225812341965936171706393997817947465533551378079508519071245733796893538104510192433803881855625212534567419601711885984431423964482738786349536277691205661351201444074718234290357888994049445157777862216444875206522897011987932465352506151147605745946036172958308441499991951459951730459222349606464989902606719302708618175148080051476456284218863757216853990487613420598444880511 public exponent: 65537 Validity: [From: Wed May 11 10:36:42 CEST 2016, To: Sun May 11 10:36:42 CEST 2031] Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH SerialNumber: [ 51fc8949 2b4968c0 9ec32160 76b65663] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RootCAIII.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 07 EB 8E AA 71 CB 27 A5 BB C7 31 60 BE ED 1F CF ....q.'...1`.... 0010: A0 33 C4 E6 .3.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RootCAIII.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Root%20CA%20III,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.61.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 1A 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 75 22 F0 9D 51 C2 83 18 E7 FF 92 50 2F 0E A6 2E u"..Q......P/... 0010: C4 21 A5 F4 26 36 DC FB 1E DB CC 65 2A 7B D8 25 .!..&6.....e*..% 0020: 52 AF 04 79 77 34 80 4B BA CB 93 81 14 BF 7B 4F R..yw4.K.......O 0030: 71 14 EE E9 A8 13 36 74 83 1F EA D7 4A 56 1F F5 q.....6t....JV.. 0040: BE 0D 4F D2 04 A6 EE BF 16 F1 89 2A 67 A4 FA B4 ..O........*g... 0050: 2B 7C 1F 66 4D 26 C0 A0 D0 84 82 C2 62 3F 05 D0 +..fM&......b?.. 0060: 55 67 DB 18 9F 1F 7D DD 91 42 96 7A 83 94 8F 1F Ug.......B.z.... 0070: E0 49 2F AD 15 5A 18 89 45 30 17 6A D2 A4 35 F5 .I/..Z..E0.j..5. 0080: C2 DE 9A 3A B3 1A 89 A0 38 46 FA CD D7 6C F5 8A ...:....8F...l.. 0090: 60 40 64 E5 93 AD 01 24 6C AF 96 1D DC BD 37 29 `@d....$l.....7) 00A0: 1B F0 66 E0 52 17 26 F5 AC 4A FB B0 1C CB 4B 7C ..f.R.&..J....K. 00B0: C8 C7 03 0D 87 72 FF 6B 72 58 32 E7 E7 25 15 C3 .....r.krX2..%.. 00C0: 57 39 8E A2 1D 8F 97 6F 46 99 67 67 C3 36 38 9A W9.....oF.gg.68. 00D0: 5C E1 ED 9F FC 3E 99 23 AF 98 AB 4F C2 C8 C7 8D \....>.#...O.... 00E0: 96 C4 CE F5 2E 65 C3 61 8F B3 0E 64 38 D9 C2 6F .....e.a...d8..o 00F0: E7 14 40 E0 3E 3E CA 46 9F F5 E6 55 04 A6 5C FF ..@.>>.F...U..\. 0100: 02 B8 DA 39 09 00 75 36 50 86 E6 A9 D2 A3 E1 A1 ...9..u6P....... 0110: 2A 33 50 3C 13 D4 C7 0E E5 6F D2 A1 C4 A8 41 8E *3P<.....o....A. 0120: A8 67 E3 64 3E 8A 39 99 5D D7 D3 26 70 C5 8D 2F .g.d>.9.]..&p../ 0130: 9F AE 16 4D 80 AA 30 EF 57 7F 1D CF 9F 84 D8 1A ...M..0.W....... 0140: F3 A2 24 16 69 3B 8F DE A0 8D 48 26 A0 61 C4 B7 ..$.i;....H&.a.. 0150: E7 93 74 D3 80 12 0A 3F 9D 79 C0 74 EB 3C 27 6F ..t....?.y.t.<'o 0160: E5 3B 47 53 14 84 D4 A2 BE 85 02 97 59 53 B5 EA .;GS........YS.. 0170: 06 00 62 1B 90 C8 AC A8 99 A4 E0 C7 CF EA A8 F6 ..b............. 0180: EB 3E 85 AC B7 89 EF BA A5 64 1A F3 1A 0E 12 EA .>.......d...... 0190: F9 9A 48 5C AC 51 DB 23 98 FA AC 6B 60 08 D0 A5 ..H\.Q.#...k`... 01A0: EE 20 A1 30 CB 57 B9 A8 C9 7E BC 4D 0D 74 14 11 . .0.W.....M.t.. 01B0: 8B 9D 1B B0 05 C8 FF 7B 81 86 F2 1E 3D 8F F6 EA ............=... 01C0: 2A EF 0E BF 8B 68 5C 7A 0E 75 7B 26 0F 69 D1 29 *....h\z.u.&.i.) 01D0: C2 97 7F E2 88 0C C9 02 AD D9 26 11 EE BB 66 90 ..........&...f. 01E0: C2 49 19 4A F2 30 52 9C 6B 72 A7 7F BF CE 90 8D .I.J.0R.kr...... 01F0: B4 C3 F4 2D 3A 07 35 DB 35 57 1E 8C 96 2A 27 FF ...-:.5.5W...*'. ] main, READ: TLSv1.2 Handshake, length = 357 *** ECDH ServerKeyExchange Signature Algorithm SHA512withRSA Server key: Sun EC public key, 256 bits public x coord: 71030614167685601852579305413245764426047331194112397605632125646709911689963 public y coord: 17590274359260020731741454831676726117935932081686738052735978193189448030790 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) main, READ: TLSv1.2 Handshake, length = 1149 *** CertificateRequest Cert Types: RSA, DSS, ECDSA Supported Signature Algorithms: SHA512withRSA, Unknown (hash:0x6, signature:0x2), SHA512withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA, SHA256withRSA, SHA256withDSA, SHA256withECDSA, SHA224withRSA, SHA224withDSA, SHA224withECDSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA Cert Authorities:

*** ServerHelloDone matching alias: tuser-sysp-scu0000a *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=TUSER-SYSP-SCU0000A, OU=Systemplattform eDokumente, O=Admin, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 25027028182467694683913544237864432927282293074107818818807877030342847025279370734421683740554850424603261221390884946917720650812037177195092324408255542817305102504561912559357382998882681995977594048854862774935856446333282718263266097364335331528566453171905299121492184294388240012767009265273349666578909993284706766338539099718470792098345416589669101833977550740610552957432532910777688674819680872156485206333249722165631496690963418223753492714815880450556778994104167461657295422152540978158216242899021588749185064992353328162973038301095198406145123154145338064733148394967347800016877457018421517446681 public exponent: 65537 Validity: [From: Fri Jan 20 10:59:40 CET 2017, To: Mon Jan 20 10:59:40 CET 2020] Issuer: CN=Swiss Government Regular CA 01, OU=Certification Authorities, OU=Services, O=Admin, C=CH SerialNumber: [ 4ea774a2 4ec4163f 3d3681d4 83eca550] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RegularCA01.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 4D 77 B5 E4 EF 6D 9C C3 9B A0 3A 87 E1 A6 EE 08 Mw...m....:..... 0010: A7 39 E7 8B .9.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RegularCA01.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Regular%20CA%2001,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.22.23] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 32 31 5F 31 2E 70 64 66 3_21_1.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 B0 1A 81 AD 54 68 65 20 70 75 72 70 6F 73 0.....The purpos 0010: 65 20 6F 66 20 74 68 69 73 20 63 65 72 74 69 66 e of this certif 0020: 69 63 61 74 65 20 69 73 20 73 6F 6C 65 6C 79 20 icate is solely 0030: 69 6E 74 65 6E 64 65 64 20 66 6F 72 20 73 79 73 intended for sys 0040: 74 65 6D 20 70 6C 61 74 66 6F 72 6D 20 65 44 6F tem platform eDo 0050: 6B 75 6D 65 6E 74 65 20 61 70 70 6C 69 63 61 74 kumente applicat 0060: 69 6F 6E 20 75 73 61 67 65 73 2E 20 54 68 65 20 ion usages. The 0070: 73 75 62 6A 65 63 74 20 69 73 20 61 20 74 65 63 subject is a tec 0080: 68 6E 69 63 61 6C 20 75 73 65 72 20 72 65 66 65 hnical user refe 0090: 72 65 6E 63 65 64 20 69 6E 20 74 68 65 20 64 61 renced in the da 00A0: 74 61 62 61 73 65 20 6F 66 20 49 53 43 2D 45 4A tabase of ISC-EJ 00B0: 50 44 2E PD. ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ emailProtection clientAuth 1.3.6.1.4.1.311.20.2.2 1.3.6.1.4.1.311.10.3.4 ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ RFC822Name: juerg.blaser@isc-ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: E1 88 99 91 11 01 56 40 8D F1 E6 AE 0D F5 96 6E ......V@.......n 0010: A7 87 4F 18 ..O. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 5E 6D 26 5C 80 B1 22 63 63 09 F2 1A 73 72 24 E9 ^m&\.."cc...sr$. 0010: 1A 0D 78 A9 6E 93 D0 32 32 75 70 00 51 58 60 0D ..x.n..22up.QX`. 0020: 62 3D AE F8 89 30 C6 4C 37 C1 E9 56 A9 B6 9C 97 b=...0.L7..V.... 0030: F4 46 2E 82 7E C2 F4 8E E4 08 0E B9 E3 89 62 40 .F............b@ 0040: EC D1 B3 B3 FB 14 0C 48 AD B3 02 B2 4D A4 D5 3A .......H....M..: 0050: 21 63 0B C9 E1 E1 E8 87 A0 49 22 2E 4D D1 89 CA !c.......I".M... 0060: 97 CA DD A2 94 DC D0 F8 EA 3C 11 84 E1 58 C2 4A .........<...X.J 0070: A0 6E 16 2E 0D 0E 32 CC 91 72 39 B1 79 E0 B4 3B .n....2..r9.y..; 0080: 6B 68 B5 18 D0 CE B1 CA 1A 45 43 D2 C0 90 BA 94 kh.......EC..... 0090: 85 24 36 0C D9 1A 60 05 E2 78 ED 53 BF 8B 42 FD .$6...`..x.S..B. 00A0: 0B 9F 88 3C 5F 5B 04 17 68 D9 70 04 DE 29 3A 8D ...<_[..h.p..):. 00B0: 4B E6 D5 4F 5C 16 C2 ED EC C3 EF 3E E4 D2 94 7B K..O\......>.... 00C0: 18 50 78 60 DF 67 6C 7C 18 76 8C 8C 9B E7 A7 5C .Px`.gl..v.....\ 00D0: AC 4D 31 A8 17 C6 48 CE 46 9A D0 23 F7 B6 3F 74 .M1...H.F..#..?t 00E0: 76 CC FE 86 32 E2 0C B6 DF 91 72 19 B6 C3 1E 90 v...2.....r..... 00F0: 44 33 74 62 83 86 82 9F 51 72 84 31 43 7D 5D 9F D3tb....Qr.1C.]. 0100: C4 9F 22 71 79 FE D9 B9 31 C7 EB F8 74 BB 98 64 .."qy...1...t..d 0110: 80 34 03 A4 D1 06 1F 3D 94 3B 62 BC 94 01 E0 57 .4.....=.;b....W 0120: 4C 69 EB 3E 2A 43 18 AF A5 82 8B 6C 07 59 21 41 Li.>*C.....l.Y!A 0130: F1 7D 1C 16 51 31 DC 39 EA 4C 0A 08 BA A3 BD A8 ....Q1.9.L...... 0140: 16 61 E4 10 D2 5C 58 D8 C1 1E 71 E6 22 F8 8F 84 .a...\X...q."... 0150: BB 2E E4 86 E8 5A C4 CA 43 66 7D F4 9E DF CB 74 .....Z..Cf.....t 0160: AD 6A 36 00 D8 58 D4 4F 00 20 AD 50 33 69 68 80 .j6..X.O. .P3ih. 0170: E3 9D 74 8A 67 0D EA 2C FA 86 52 85 B1 EC 72 39 ..t.g..,..R...r9 0180: C8 7B A9 03 FC BF DF 00 FD 57 E5 61 E3 75 49 83 .........W.a.uI. 0190: B7 29 A0 5D 15 72 C5 EA 0D EE EF 43 D5 A6 68 E9 .).].r.....C..h. 01A0: EC 37 22 DF A6 F4 75 5F 64 E7 F4 87 04 0C 79 FB .7"...u_d.....y. 01B0: FB F5 D7 89 36 DB 77 C8 F7 04 CE 2C 16 3D 89 E0 ....6.w....,.=.. 01C0: 71 57 7C 04 47 84 36 26 5C F6 60 20 BB 9B 95 9C qW..G.6&\.` .... 01D0: F0 AE AE 9F 65 BE F7 A8 00 52 2A 16 9E 78 D5 67 ....e....R*..x.g 01E0: 75 4B BB CF 1A DD 30 CC 78 2B BE E0 0B C5 12 8B uK....0.x+...... 01F0: F1 8C 12 AE A7 C0 FF 26 0E 49 33 2C 42 79 32 37 .......&.I3,By27 ] *** *** ECDHClientKeyExchange ECDH Public value: { 4, 218, 124, 33, 73, 162, 207, 28, 122, 56, 229, 204, 250, 85, 228, 193, 75, 46, 9, 35, 134, 12, 107, 37, 111, 245, 217, 21, 228, 209, 115, 97, 124, 111, 239, 51, 154, 211, 41, 57, 73, 122, 29, 189, 103, 74, 45, 33, 105, 48, 149, 122, 78, 215, 151, 188, 192, 153, 198, 70, 154, 187, 186, 227, 67 } main, WRITE: TLSv1.2 Handshake, length = 2051 SESSION KEYGEN: PreMaster Secret: 0000: 0B 84 20 11 CA D6 70 7D 18 01 EB F6 31 54 CB 2A .. ...p.....1T.* 0010: ED EA F0 09 69 CF D6 FC A4 CD 1C 5B AB 88 13 4C ....i......[...L CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 47 37 02 87 47 D2 05 75 E7 04 DE 43 F3 41 Z.G7..G..u...C.A 0010: 08 84 87 83 C9 5C 7B 21 85 09 C2 2A 2D C3 58 59 .....\.!...*-.XY Server Nonce: 0000: 61 EB 80 B6 51 9E 07 E5 6A 32 4E 4C DC 37 80 DD a...Q...j2NL.7.. 0010: 6F D4 E3 DD F6 C6 2C 8D B5 BC 32 5A 94 0F 28 89 o.....,...2Z..(. Master Secret: 0000: 9B 8D 22 3B 00 05 03 19 7E 88 B3 D1 A1 15 FB 6D ..";...........m 0010: EE 75 63 EB 40 75 A9 F1 6A DF C4 11 CF C0 15 CB .uc.@u..j....... 0020: 05 15 58 1B 84 2D 29 D2 61 86 9C 06 10 54 45 5F ..X..-).a....TE_ ... no MAC keys used for this cipher Client write key: 0000: A2 16 AF 74 89 E1 2B DD E9 F6 32 CD 94 CD 57 FE ...t..+...2...W. 0010: 7F 84 D2 4A D6 62 E4 F7 6C 97 A3 C4 71 4D AE 60 ...J.b..l...qM.` Server write key: 0000: 94 33 C7 8D E6 64 B0 05 3B DC 92 5E 92 5D 8C D4 .3...d..;..^.].. 0010: C1 EB 13 4C 80 73 DE 18 4E 81 0E 9A B8 12 23 F8 ...L.s..N.....#. Client write IV: 0000: 10 E4 19 B9 .... Server write IV: 0000: 22 31 B9 72 "1.r *** CertificateVerify Signature Algorithm SHA512withRSA main, WRITE: TLSv1.2 Handshake, length = 288 main, WRITE: TLSv1.2 Change Cipher Spec, length = 25 *** Finished verify_data: { 139, 228, 81, 35, 93, 250, 18, 38, 65, 3, 67, 171 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, READ: TLSv1.2 Change Cipher Spec, length = 25 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 174, 20, 121, 65, 134, 7, 31, 89, 4, 253, 45, 243 } *** %% Cached client session: [Session-4, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, READ: TLSv1.2 Application Data, length = 676 >>> Response Code: 200 main, READ: TLSv1.2 Application Data, length = 6683 Keep-Alive-Timer, called close() Keep-Alive-Timer, called closeInternal(true) Keep-Alive-Timer, SEND TLSv1.2 ALERT: warning, description = close_notify Keep-Alive-Timer, WRITE: TLSv1.2 Alert, length = 26 Keep-Alive-Timer, called closeSocket(true) >>> Run 2 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false main, setSoTimeout(0) called main, the previous server name in SNI (type=host_name (0), value=portal-test.ejpd.admin.ch) was replaced with (type=host_name (0), value=portal-test.ejpd.admin.ch) Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% Client cached [Session-4, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069442 bytes = { 30, 200, 5, 114, 6, 43, 25, 142, 22, 206, 243, 96, 65, 208, 99, 131, 50, 75, 80, 253, 128, 180, 191, 180, 245, 83, 254, 254 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension extended_master_secret Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] *** main, WRITE: TLSv1.2 Handshake, length = 247 main, READ: TLSv1.2 Handshake, length = 93 *** ServerHello, TLSv1.2 RandomCookie: GMT: -1964463793 bytes = { 219, 164, 71, 0, 158, 189, 157, 210, 247, 20, 63, 62, 58, 112, 255, 137, 23, 238, 113, 120, 246, 6, 17, 92, 244, 11, 100, 89 } Session ID: {236, 240, 20, 95, 163, 201, 129, 90, 97, 64, 197, 59, 54, 240, 163, 137, 165, 79, 177, 19, 49, 17, 132, 139, 176, 148, 190, 209, 12, 66, 220, 241} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension server_name, server_name: Extension renegotiation_info, renegotiated_connection: Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] *** %% Initialized: [Session-5, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 main, READ: TLSv1.2 Handshake, length = 2020 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=portal-test.ejpd.admin.ch, OU=Servers, O=Bundesamt fuer Informatik und Telekommunikation, L=Bern, ST=BE, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24109167904437433945253508844342763413441845728208183254647005819933868198780296728577640607958357822408250558015383202085282842403482866361947874340498940788692215286838967482023754570995759820949362508793327877831065057670470861041451731272193094175058185897869086760581452374585244852633837402338192501727415524341078979419280212850657629638907508258572452503360478646158645100860112882483193416936550820627048860062106314761897031068761917793776773387785924043891026693008945863920194239795211639452716392625588820439122532450621258878585060338342149673355731074965264742710524889861054322551199697492763878869543 public exponent: 65537 Validity: [From: Mon Dec 04 15:45:32 CET 2017, To: Wed Dec 04 15:45:32 CET 2019] Issuer: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH SerialNumber: [ 63255dbd 2700e2fc f19dec0a 7578d0f0] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/PTSTCA02BC.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/bcocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/PTSTCA02.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Public%20Trust%20Standard%20CA%2002,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.62.14] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 0C 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: portal-test.ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: B0 40 07 04 E3 74 03 59 AA 66 52 78 D3 8F CE 73 .@...t.Y.fRx...s 0010: 21 8E 02 79 !..y ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 0A 2D 6F 0F 55 C2 C4 3A 59 40 A2 81 B4 7C 44 A9 .-o.U..:Y@....D. 0010: F6 62 76 2F A1 0D 8D 4B 28 DC 58 D6 99 AD A1 38 .bv/...K(.X....8 0020: 91 A6 33 8F 9B C6 D2 8D 98 A7 4B 58 46 33 DA 2F ..3.......KXF3./ 0030: 34 BC 32 C8 A0 DF 28 EE C3 08 B6 78 07 5D B3 27 4.2...(....x.].' 0040: 48 F7 C9 C4 96 29 5A 10 E7 BB 80 D0 D5 7C CB 13 H....)Z......... 0050: 1E 54 CC 24 1B E1 F0 A6 FF 02 80 FD D4 88 21 D9 .T.$..........!. 0060: 36 E1 4C 18 EB 65 6A 25 23 1F 83 A7 55 61 82 C9 6.L..ej%#...Ua.. 0070: 1F E8 48 50 27 91 46 21 A3 58 F0 D4 FB 25 17 59 ..HP'.F!.X...%.Y 0080: 40 95 C0 CC 83 51 F7 DF 5F 7F D2 00 D6 F7 51 FB @....Q.._.....Q. 0090: 38 C4 8A D3 64 A5 0E AB F2 A1 29 A5 99 BB A8 C0 8...d.....)..... 00A0: 2D 14 ED E5 74 34 5C 8F 7B 70 F2 19 2E 17 76 62 -...t4\..p....vb 00B0: 29 71 91 46 6E AD FE 4F 13 B7 F3 C0 D4 0A 48 7A )q.Fn..O......Hz 00C0: 3D 6E A5 0E 00 DB CD 0F 66 C4 19 99 92 3A DA 62 =n......f....:.b 00D0: 42 79 17 1C 95 C2 AC 2E C0 05 38 75 45 7A AE 50 By........8uEz.P 00E0: 8E CF D3 55 B5 95 FD 07 B4 23 C2 67 C1 15 9C C2 ...U.....#.g.... 00F0: 43 B9 21 6D 1A C8 F1 E2 2E 3E 40 AC A3 E1 4E 42 C.!m.....>@...NB 0100: 31 CB CA 85 4A 9B F5 21 95 20 29 72 04 6E AE 1A 1...J..!. )r.n.. 0110: E9 04 D2 9E 16 9A 54 A0 E5 6F AA 67 6B 1E 89 7C ......T..o.gk... 0120: D9 0F 5B 82 56 17 06 78 0E 2B 8C 66 6F A2 74 13 ..[.V..x.+.fo.t. 0130: D2 14 37 D1 D1 DA 57 8C 3B 48 67 19 3D A2 AF 76 ..7...W.;Hg.=..v 0140: BD AB 62 FB A3 1B 1E 35 18 EC 72 03 80 9A 11 13 ..b....5..r..... 0150: 3C 2A D9 5F 0D 47 60 32 BA F1 96 45 3A E3 E2 D5 <*._.G`2...E:... 0160: CD 38 AC 81 21 8F 06 B6 BB C4 37 36 DF A0 11 BA .8..!.....76.... 0170: 4D D8 61 B3 4F AF E4 04 F6 5E B1 99 53 28 3D B7 M.a.O....^..S(=. 0180: 40 A1 EA 6B 54 F0 76 58 18 C7 0B 8B BF 52 0A D0 @..kT.vX.....R.. 0190: 9F 25 B3 0D 5B 33 C8 9D 20 9F DA 02 EA CF 12 82 .%..[3.. ....... 01A0: 82 18 6A D9 2B 51 AA BC 2E 5E 22 AB 7F 76 F7 D7 ..j.+Q...^"..v.. 01B0: 52 EF 06 03 47 D7 0B 43 4E 83 88 A7 33 54 71 9C R...G..CN...3Tq. 01C0: 5E 2F 3D E3 09 BF 54 66 94 37 22 3B 28 AA 75 F4 ^/=...Tf.7";(.u. 01D0: B6 4C F3 9F ED 4E 58 83 75 74 34 13 C9 B3 A0 08 .L...NX.ut4..... 01E0: 76 0E 18 72 DA FB C5 38 2E A5 20 B8 79 AD E0 26 v..r...8.. .y..& 01F0: 51 21 08 5B 32 1F E9 90 FB 3B 51 15 54 D5 22 8A Q!.[2....;Q.T.". ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 685030365976306227664770318750740055344262204363356489255200488126509027249780393480152864502079712591299086481583066718124997413065144941016976402995248841742873018338953833528091501640845003736986907323199933259442382032249941471222721298593830087627421951904142281784859991606199159436034251871128659464076704777826812850206320977942118734271613656876323197005486810160880335083703267372132894769474408886144461152404934157789579323380315204238874948052404550618414408891460786661785789722427748773630869667116014075529961288790262968939130590039393639686046124007735970521753063559612996046877550099638496160209002222125707394509436944658283310622941479773678664893840600319520931184326211910170022464891782188982820354161664578519645213143561901957585895416676721122741278086311046678867348741779914605643877086173379061840301443047017125731495367225812341965936171706393997817947465533551378079508519071245733796893538104510192433803881855625212534567419601711885984431423964482738786349536277691205661351201444074718234290357888994049445157777862216444875206522897011987932465352506151147605745946036172958308441499991951459951730459222349606464989902606719302708618175148080051476456284218863757216853990487613420598444880511 public exponent: 65537 Validity: [From: Wed May 11 10:36:42 CEST 2016, To: Sun May 11 10:36:42 CEST 2031] Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH SerialNumber: [ 51fc8949 2b4968c0 9ec32160 76b65663] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RootCAIII.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 07 EB 8E AA 71 CB 27 A5 BB C7 31 60 BE ED 1F CF ....q.'...1`.... 0010: A0 33 C4 E6 .3.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RootCAIII.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Root%20CA%20III,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.61.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 1A 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 75 22 F0 9D 51 C2 83 18 E7 FF 92 50 2F 0E A6 2E u"..Q......P/... 0010: C4 21 A5 F4 26 36 DC FB 1E DB CC 65 2A 7B D8 25 .!..&6.....e*..% 0020: 52 AF 04 79 77 34 80 4B BA CB 93 81 14 BF 7B 4F R..yw4.K.......O 0030: 71 14 EE E9 A8 13 36 74 83 1F EA D7 4A 56 1F F5 q.....6t....JV.. 0040: BE 0D 4F D2 04 A6 EE BF 16 F1 89 2A 67 A4 FA B4 ..O........*g... 0050: 2B 7C 1F 66 4D 26 C0 A0 D0 84 82 C2 62 3F 05 D0 +..fM&......b?.. 0060: 55 67 DB 18 9F 1F 7D DD 91 42 96 7A 83 94 8F 1F Ug.......B.z.... 0070: E0 49 2F AD 15 5A 18 89 45 30 17 6A D2 A4 35 F5 .I/..Z..E0.j..5. 0080: C2 DE 9A 3A B3 1A 89 A0 38 46 FA CD D7 6C F5 8A ...:....8F...l.. 0090: 60 40 64 E5 93 AD 01 24 6C AF 96 1D DC BD 37 29 `@d....$l.....7) 00A0: 1B F0 66 E0 52 17 26 F5 AC 4A FB B0 1C CB 4B 7C ..f.R.&..J....K. 00B0: C8 C7 03 0D 87 72 FF 6B 72 58 32 E7 E7 25 15 C3 .....r.krX2..%.. 00C0: 57 39 8E A2 1D 8F 97 6F 46 99 67 67 C3 36 38 9A W9.....oF.gg.68. 00D0: 5C E1 ED 9F FC 3E 99 23 AF 98 AB 4F C2 C8 C7 8D \....>.#...O.... 00E0: 96 C4 CE F5 2E 65 C3 61 8F B3 0E 64 38 D9 C2 6F .....e.a...d8..o 00F0: E7 14 40 E0 3E 3E CA 46 9F F5 E6 55 04 A6 5C FF ..@.>>.F...U..\. 0100: 02 B8 DA 39 09 00 75 36 50 86 E6 A9 D2 A3 E1 A1 ...9..u6P....... 0110: 2A 33 50 3C 13 D4 C7 0E E5 6F D2 A1 C4 A8 41 8E *3P<.....o....A. 0120: A8 67 E3 64 3E 8A 39 99 5D D7 D3 26 70 C5 8D 2F .g.d>.9.]..&p../ 0130: 9F AE 16 4D 80 AA 30 EF 57 7F 1D CF 9F 84 D8 1A ...M..0.W....... 0140: F3 A2 24 16 69 3B 8F DE A0 8D 48 26 A0 61 C4 B7 ..$.i;....H&.a.. 0150: E7 93 74 D3 80 12 0A 3F 9D 79 C0 74 EB 3C 27 6F ..t....?.y.t.<'o 0160: E5 3B 47 53 14 84 D4 A2 BE 85 02 97 59 53 B5 EA .;GS........YS.. 0170: 06 00 62 1B 90 C8 AC A8 99 A4 E0 C7 CF EA A8 F6 ..b............. 0180: EB 3E 85 AC B7 89 EF BA A5 64 1A F3 1A 0E 12 EA .>.......d...... 0190: F9 9A 48 5C AC 51 DB 23 98 FA AC 6B 60 08 D0 A5 ..H\.Q.#...k`... 01A0: EE 20 A1 30 CB 57 B9 A8 C9 7E BC 4D 0D 74 14 11 . .0.W.....M.t.. 01B0: 8B 9D 1B B0 05 C8 FF 7B 81 86 F2 1E 3D 8F F6 EA ............=... 01C0: 2A EF 0E BF 8B 68 5C 7A 0E 75 7B 26 0F 69 D1 29 *....h\z.u.&.i.) 01D0: C2 97 7F E2 88 0C C9 02 AD D9 26 11 EE BB 66 90 ..........&...f. 01E0: C2 49 19 4A F2 30 52 9C 6B 72 A7 7F BF CE 90 8D .I.J.0R.kr...... 01F0: B4 C3 F4 2D 3A 07 35 DB 35 57 1E 8C 96 2A 27 FF ...-:.5.5W...*'. ] main, READ: TLSv1.2 Handshake, length = 333 *** ECDH ServerKeyExchange Signature Algorithm SHA512withRSA Server key: Sun EC public key, 256 bits public x coord: 36207083037211282415758869583390816410416530905644631267379210791825799069120 public y coord: 26198776874479939299403248169182971943397874652512572121014703683463695232363 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) main, READ: TLSv1.2 Handshake, length = 4 *** ServerHelloDone *** ECDHClientKeyExchange ECDH Public value: { 4, 69, 16, 78, 48, 217, 235, 226, 78, 144, 150, 152, 101, 27, 234, 152, 139, 25, 250, 223, 170, 210, 176, 160, 45, 101, 167, 89, 135, 227, 57, 74, 204, 15, 171, 234, 246, 197, 178, 112, 129, 220, 22, 119, 241, 170, 145, 241, 27, 173, 223, 193, 240, 84, 247, 16, 3, 150, 78, 88, 243, 71, 3, 77, 175 } main, WRITE: TLSv1.2 Handshake, length = 70 SESSION KEYGEN: PreMaster Secret: 0000: 83 A7 E7 C3 AD C8 0B 7D 2C C7 DD C4 15 1B A3 63 ........,......c 0010: 85 3D 24 BC 89 19 00 86 5B E0 44 4A C8 5B 8D F2 .=$.....[.DJ.[.. CONNECTION KEYGEN: Client Nonce: 0000: 5A A6 47 42 1E C8 05 72 06 2B 19 8E 16 CE F3 60 Z.GB...r.+.....` 0010: 41 D0 63 83 32 4B 50 FD 80 B4 BF B4 F5 53 FE FE A.c.2KP......S.. Server Nonce: 0000: 8B E9 A9 4F DB A4 47 00 9E BD 9D D2 F7 14 3F 3E ...O..G.......?> 0010: 3A 70 FF 89 17 EE 71 78 F6 06 11 5C F4 0B 64 59 :p....qx...\..dY Master Secret: 0000: 42 73 4B 6E DF 14 D0 D8 58 0C 39 1F 66 67 9D F7 BsKn....X.9.fg.. 0010: 33 28 96 66 69 E9 4A 0B B2 12 35 56 2D 73 5C C7 3(.fi.J...5V-s\. 0020: 60 7C DE 27 66 9B 22 56 17 68 F8 55 A8 A5 30 40 `..'f."V.h.U..0@ ... no MAC keys used for this cipher Client write key: 0000: A0 F6 04 49 65 F4 8A AA 57 47 69 6C 2B 38 0A FC ...Ie...WGil+8.. 0010: AC 00 88 1D C5 6C 89 39 BB 64 24 4A 87 48 70 84 .....l.9.d$J.Hp. Server write key: 0000: 5B 67 95 4D 87 BD FD 6B E0 B9 D1 79 85 29 3E E8 [g.M...k...y.)>. 0010: 03 BA D8 8A D8 F7 47 BC 5F 32 06 54 19 40 E0 67 ......G._2.T.@.g Client write IV: 0000: A8 92 46 28 ..F( Server write IV: 0000: 4F 62 6D CE Obm. main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished verify_data: { 49, 187, 165, 84, 172, 106, 70, 237, 130, 69, 48, 190 } *** main, WRITE: TLSv1.2 Handshake, length = 40 main, READ: TLSv1.2 Change Cipher Spec, length = 1 main, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 57, 201, 156, 83, 68, 16, 62, 96, 244, 14, 172, 82 } *** %% Cached client session: [Session-5, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] main, WRITE: TLSv1.2 Application Data, length = 209 main, READ: TLSv1.2 Handshake, length = 28 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: false Is secure renegotiation: true Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 *** HelloRequest (empty) %% Client cached [Session-5, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] *** ClientHello, TLSv1.2 RandomCookie: GMT: 1504069442 bytes = { 251, 158, 125, 226, 145, 28, 221, 67, 96, 50, 7, 115, 3, 158, 122, 22, 63, 68, 72, 61, 47, 78, 233, 249, 13, 208, 128, 87 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension extended_master_secret Extension server_name, server_name: [type=host_name (0), value=portal-test.ejpd.admin.ch] Extension renegotiation_info, renegotiated_connection: 31:bb:a5:54:ac:6a:46:ed:82:45:30:be *** main, WRITE: TLSv1.2 Handshake, length = 286 main, READ: TLSv1.2 Handshake, length = 141 *** ServerHello, TLSv1.2 RandomCookie: GMT: -564805755 bytes = { 58, 176, 128, 60, 184, 109, 247, 51, 248, 42, 147, 101, 3, 81, 154, 61, 93, 248, 19, 129, 222, 0, 208, 236, 161, 61, 3, 1 } Session ID: {119, 197, 166, 223, 138, 58, 159, 128, 104, 82, 101, 92, 79, 152, 50, 138, 175, 219, 32, 162, 39, 78, 174, 93, 113, 239, 214, 119, 41, 222, 78, 91} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension server_name, server_name: Extension renegotiation_info, renegotiated_connection: 31:bb:a5:54:ac:6a:46:ed:82:45:30:be:39:c9:9c:53:44:10:3e:60:f4:0e:ac:52 Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] *** %% Initialized: [Session-6, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 main, READ: TLSv1.2 Handshake, length = 2044 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=portal-test.ejpd.admin.ch, OU=Servers, O=Bundesamt fuer Informatik und Telekommunikation, L=Bern, ST=BE, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 24109167904437433945253508844342763413441845728208183254647005819933868198780296728577640607958357822408250558015383202085282842403482866361947874340498940788692215286838967482023754570995759820949362508793327877831065057670470861041451731272193094175058185897869086760581452374585244852633837402338192501727415524341078979419280212850657629638907508258572452503360478646158645100860112882483193416936550820627048860062106314761897031068761917793776773387785924043891026693008945863920194239795211639452716392625588820439122532450621258878585060338342149673355731074965264742710524889861054322551199697492763878869543 public exponent: 65537 Validity: [From: Mon Dec 04 15:45:32 CET 2017, To: Wed Dec 04 15:45:32 CET 2019] Issuer: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH SerialNumber: [ 63255dbd 2700e2fc f19dec0a 7578d0f0] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/PTSTCA02BC.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/bcocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/PTSTCA02.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Public%20Trust%20Standard%20CA%2002,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.62.14] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 0C 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: portal-test.ejpd.admin.ch ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: B0 40 07 04 E3 74 03 59 AA 66 52 78 D3 8F CE 73 .@...t.Y.fRx...s 0010: 21 8E 02 79 !..y ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 0A 2D 6F 0F 55 C2 C4 3A 59 40 A2 81 B4 7C 44 A9 .-o.U..:Y@....D. 0010: F6 62 76 2F A1 0D 8D 4B 28 DC 58 D6 99 AD A1 38 .bv/...K(.X....8 0020: 91 A6 33 8F 9B C6 D2 8D 98 A7 4B 58 46 33 DA 2F ..3.......KXF3./ 0030: 34 BC 32 C8 A0 DF 28 EE C3 08 B6 78 07 5D B3 27 4.2...(....x.].' 0040: 48 F7 C9 C4 96 29 5A 10 E7 BB 80 D0 D5 7C CB 13 H....)Z......... 0050: 1E 54 CC 24 1B E1 F0 A6 FF 02 80 FD D4 88 21 D9 .T.$..........!. 0060: 36 E1 4C 18 EB 65 6A 25 23 1F 83 A7 55 61 82 C9 6.L..ej%#...Ua.. 0070: 1F E8 48 50 27 91 46 21 A3 58 F0 D4 FB 25 17 59 ..HP'.F!.X...%.Y 0080: 40 95 C0 CC 83 51 F7 DF 5F 7F D2 00 D6 F7 51 FB @....Q.._.....Q. 0090: 38 C4 8A D3 64 A5 0E AB F2 A1 29 A5 99 BB A8 C0 8...d.....)..... 00A0: 2D 14 ED E5 74 34 5C 8F 7B 70 F2 19 2E 17 76 62 -...t4\..p....vb 00B0: 29 71 91 46 6E AD FE 4F 13 B7 F3 C0 D4 0A 48 7A )q.Fn..O......Hz 00C0: 3D 6E A5 0E 00 DB CD 0F 66 C4 19 99 92 3A DA 62 =n......f....:.b 00D0: 42 79 17 1C 95 C2 AC 2E C0 05 38 75 45 7A AE 50 By........8uEz.P 00E0: 8E CF D3 55 B5 95 FD 07 B4 23 C2 67 C1 15 9C C2 ...U.....#.g.... 00F0: 43 B9 21 6D 1A C8 F1 E2 2E 3E 40 AC A3 E1 4E 42 C.!m.....>@...NB 0100: 31 CB CA 85 4A 9B F5 21 95 20 29 72 04 6E AE 1A 1...J..!. )r.n.. 0110: E9 04 D2 9E 16 9A 54 A0 E5 6F AA 67 6B 1E 89 7C ......T..o.gk... 0120: D9 0F 5B 82 56 17 06 78 0E 2B 8C 66 6F A2 74 13 ..[.V..x.+.fo.t. 0130: D2 14 37 D1 D1 DA 57 8C 3B 48 67 19 3D A2 AF 76 ..7...W.;Hg.=..v 0140: BD AB 62 FB A3 1B 1E 35 18 EC 72 03 80 9A 11 13 ..b....5..r..... 0150: 3C 2A D9 5F 0D 47 60 32 BA F1 96 45 3A E3 E2 D5 <*._.G`2...E:... 0160: CD 38 AC 81 21 8F 06 B6 BB C4 37 36 DF A0 11 BA .8..!.....76.... 0170: 4D D8 61 B3 4F AF E4 04 F6 5E B1 99 53 28 3D B7 M.a.O....^..S(=. 0180: 40 A1 EA 6B 54 F0 76 58 18 C7 0B 8B BF 52 0A D0 @..kT.vX.....R.. 0190: 9F 25 B3 0D 5B 33 C8 9D 20 9F DA 02 EA CF 12 82 .%..[3.. ....... 01A0: 82 18 6A D9 2B 51 AA BC 2E 5E 22 AB 7F 76 F7 D7 ..j.+Q...^"..v.. 01B0: 52 EF 06 03 47 D7 0B 43 4E 83 88 A7 33 54 71 9C R...G..CN...3Tq. 01C0: 5E 2F 3D E3 09 BF 54 66 94 37 22 3B 28 AA 75 F4 ^/=...Tf.7";(.u. 01D0: B6 4C F3 9F ED 4E 58 83 75 74 34 13 C9 B3 A0 08 .L...NX.ut4..... 01E0: 76 0E 18 72 DA FB C5 38 2E A5 20 B8 79 AD E0 26 v..r...8.. .y..& 01F0: 51 21 08 5B 32 1F E9 90 FB 3B 51 15 54 D5 22 8A Q!.[2....;Q.T.". ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=Swiss Government Public Trust Standard CA 02, OU=Certification Authorities, OU=Services, O=Swiss Government PKI, C=CH Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 685030365976306227664770318750740055344262204363356489255200488126509027249780393480152864502079712591299086481583066718124997413065144941016976402995248841742873018338953833528091501640845003736986907323199933259442382032249941471222721298593830087627421951904142281784859991606199159436034251871128659464076704777826812850206320977942118734271613656876323197005486810160880335083703267372132894769474408886144461152404934157789579323380315204238874948052404550618414408891460786661785789722427748773630869667116014075529961288790262968939130590039393639686046124007735970521753063559612996046877550099638496160209002222125707394509436944658283310622941479773678664893840600319520931184326211910170022464891782188982820354161664578519645213143561901957585895416676721122741278086311046678867348741779914605643877086173379061840301443047017125731495367225812341965936171706393997817947465533551378079508519071245733796893538104510192433803881855625212534567419601711885984431423964482738786349536277691205661351201444074718234290357888994049445157777862216444875206522897011987932465352506151147605745946036172958308441499991951459951730459222349606464989902606719302708618175148080051476456284218863757216853990487613420598444880511 public exponent: 65537 Validity: [From: Wed May 11 10:36:42 CEST 2016, To: Sun May 11 10:36:42 CEST 2031] Issuer: CN=Swiss Government Root CA III, OU=www.pki.admin.ch, O=Swiss Government PKI, C=CH SerialNumber: [ 51fc8949 2b4968c0 9ec32160 76b65663] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://www.pki.admin.ch/aia/RootCAIII.crt , accessMethod: ocsp accessLocation: URIName: http://www.pki.admin.ch/aia/ocsp ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 07 EB 8E AA 71 CB 27 A5 BB C7 31 60 BE ED 1F CF ....q.'...1`.... 0010: A0 33 C4 E6 .3.. ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://www.pki.admin.ch/crl/RootCAIII.crl] , DistributionPoint: [URIName: ldap://admindir.admin.ch:389/cn=Swiss%20Government%20Root%20CA%20III,ou=Certification%20Authorities,ou=Services,o=Admin,c=CH] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.16.756.1.17.3.61.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 38 68 74 74 70 3A 2F 2F 77 77 77 2E 70 6B 69 .8http://www.pki 0010: 2E 61 64 6D 69 6E 2E 63 68 2F 63 70 73 2F 43 50 .admin.ch/cps/CP 0020: 53 5F 32 5F 31 36 5F 37 35 36 5F 31 5F 31 37 5F S_2_16_756_1_17_ 0030: 33 5F 36 31 5F 30 2E 70 64 66 3_61_0.pdf ], PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.2 qualifier: 0000: 30 81 A4 1A 81 A1 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o 0010: 6E 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 n the SG Root CA 0020: 20 49 49 49 20 43 65 72 74 69 66 69 63 61 74 65 III Certificate 0030: 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 61 73 by any party as 0040: 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E 63 65 sumes acceptance 0050: 20 6F 66 20 74 68 65 20 74 68 65 6E 20 61 70 70 of the then app 0060: 6C 69 63 61 62 6C 65 20 73 74 61 6E 64 61 72 64 licable standard 0070: 20 74 65 72 6D 73 20 61 6E 64 20 63 6F 6E 64 69 terms and condi 0080: 74 69 6F 6E 73 20 6F 66 20 75 73 65 20 61 6E 64 tions of use and 0090: 20 74 68 65 20 53 47 20 52 6F 6F 74 20 43 41 20 the SG Root CA 00A0: 49 49 49 20 43 50 53 III CPS ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 84 58 4E 87 2D A5 B0 4E 49 85 BB BC 01 71 E6 B4 .XN.-..NI....q.. 0010: C7 55 FF 10 .U.. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 75 22 F0 9D 51 C2 83 18 E7 FF 92 50 2F 0E A6 2E u"..Q......P/... 0010: C4 21 A5 F4 26 36 DC FB 1E DB CC 65 2A 7B D8 25 .!..&6.....e*..% 0020: 52 AF 04 79 77 34 80 4B BA CB 93 81 14 BF 7B 4F R..yw4.K.......O 0030: 71 14 EE E9 A8 13 36 74 83 1F EA D7 4A 56 1F F5 q.....6t....JV.. 0040: BE 0D 4F D2 04 A6 EE BF 16 F1 89 2A 67 A4 FA B4 ..O........*g... 0050: 2B 7C 1F 66 4D 26 C0 A0 D0 84 82 C2 62 3F 05 D0 +..fM&......b?.. 0060: 55 67 DB 18 9F 1F 7D DD 91 42 96 7A 83 94 8F 1F Ug.......B.z.... 0070: E0 49 2F AD 15 5A 18 89 45 30 17 6A D2 A4 35 F5 .I/..Z..E0.j..5. 0080: C2 DE 9A 3A B3 1A 89 A0 38 46 FA CD D7 6C F5 8A ...:....8F...l.. 0090: 60 40 64 E5 93 AD 01 24 6C AF 96 1D DC BD 37 29 `@d....$l.....7) 00A0: 1B F0 66 E0 52 17 26 F5 AC 4A FB B0 1C CB 4B 7C ..f.R.&..J....K. 00B0: C8 C7 03 0D 87 72 FF 6B 72 58 32 E7 E7 25 15 C3 .....r.krX2..%.. 00C0: 57 39 8E A2 1D 8F 97 6F 46 99 67 67 C3 36 38 9A W9.....oF.gg.68. 00D0: 5C E1 ED 9F FC 3E 99 23 AF 98 AB 4F C2 C8 C7 8D \....>.#...O.... 00E0: 96 C4 CE F5 2E 65 C3 61 8F B3 0E 64 38 D9 C2 6F .....e.a...d8..o 00F0: E7 14 40 E0 3E 3E CA 46 9F F5 E6 55 04 A6 5C FF ..@.>>.F...U..\. 0100: 02 B8 DA 39 09 00 75 36 50 86 E6 A9 D2 A3 E1 A1 ...9..u6P....... 0110: 2A 33 50 3C 13 D4 C7 0E E5 6F D2 A1 C4 A8 41 8E *3P<.....o....A. 0120: A8 67 E3 64 3E 8A 39 99 5D D7 D3 26 70 C5 8D 2F .g.d>.9.]..&p../ 0130: 9F AE 16 4D 80 AA 30 EF 57 7F 1D CF 9F 84 D8 1A ...M..0.W....... 0140: F3 A2 24 16 69 3B 8F DE A0 8D 48 26 A0 61 C4 B7 ..$.i;....H&.a.. 0150: E7 93 74 D3 80 12 0A 3F 9D 79 C0 74 EB 3C 27 6F ..t....?.y.t.<'o 0160: E5 3B 47 53 14 84 D4 A2 BE 85 02 97 59 53 B5 EA .;GS........YS.. 0170: 06 00 62 1B 90 C8 AC A8 99 A4 E0 C7 CF EA A8 F6 ..b............. 0180: EB 3E 85 AC B7 89 EF BA A5 64 1A F3 1A 0E 12 EA .>.......d...... 0190: F9 9A 48 5C AC 51 DB 23 98 FA AC 6B 60 08 D0 A5 ..H\.Q.#...k`... 01A0: EE 20 A1 30 CB 57 B9 A8 C9 7E BC 4D 0D 74 14 11 . .0.W.....M.t.. 01B0: 8B 9D 1B B0 05 C8 FF 7B 81 86 F2 1E 3D 8F F6 EA ............=... 01C0: 2A EF 0E BF 8B 68 5C 7A 0E 75 7B 26 0F 69 D1 29 *....h\z.u.&.i.) 01D0: C2 97 7F E2 88 0C C9 02 AD D9 26 11 EE BB 66 90 ..........&...f. 01E0: C2 49 19 4A F2 30 52 9C 6B 72 A7 7F BF CE 90 8D .I.J.0R.kr...... 01F0: B4 C3 F4 2D 3A 07 35 DB 35 57 1E 8C 96 2A 27 FF ...-:.5.5W...*'. ] main, READ: TLSv1.2 Handshake, length = 357 *** ECDH ServerKeyExchange Signature Algorithm SHA512withRSA Server key: Sun EC public key, 256 bits public x coord: 45446754979265883978336986373749097768079000910129249266957252650887284750355 public y coord: 40702895262243234540897648032982251290779759322417852398151778660378209402651 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) main, READ: TLSv1.2 Handshake, length = 1149 *** CertificateRequest Cert Types: RSA, DSS, ECDSA Supported Signature Algorithms: SHA512withRSA, Unknown (hash:0x6, signature:0x2), SHA512withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA, SHA256withRSA, SHA256withDSA, SHA256withECDSA, SHA224withRSA, SHA224withDSA, SHA224withECDSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA Cert Authorities: