javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:57.801 CEST|SSLCipher.java:437|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472 javax.net.ssl|WARNING|01|main|2020-05-12 06:11:58.005 CEST|ServerNameExtension.java:261|Unable to indicate server name javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.006 CEST|SSLExtensions.java:256|Ignore, context unavailable extension: server_name javax.net.ssl|WARNING|01|main|2020-05-12 06:11:58.010 CEST|SignatureScheme.java:295|Signature algorithm, ed25519, is not supported by the underlying providers javax.net.ssl|WARNING|01|main|2020-05-12 06:11:58.010 CEST|SignatureScheme.java:295|Signature algorithm, ed448, is not supported by the underlying providers javax.net.ssl|INFO|01|main|2020-05-12 06:11:58.014 CEST|AlpnExtension.java:161|No available application protocols javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.015 CEST|SSLExtensions.java:256|Ignore, context unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.015 CEST|SSLExtensions.java:256|Ignore, context unavailable extension: cookie javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.033 CEST|SSLExtensions.java:256|Ignore, context unavailable extension: renegotiation_info javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.033 CEST|PreSharedKeyExtension.java:634|No session to resume. javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.034 CEST|SSLExtensions.java:256|Ignore, context unavailable extension: pre_shared_key javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.038 CEST|ClientHello.java:651|Produced ClientHello handshake message ( "ClientHello": { "client version" : "TLSv1.2", "random" : "EA C9 EC 70 52 A2 C1 A5 E3 B5 7A 26 9A 86 67 9C 00 8E BC 35 A8 9D 3B C8 4A 58 2B 02 C3 C3 C2 48", "session id" : "42 84 B4 FF 1C 9E D4 82 77 56 55 6D 7D 6E 1E 23 24 4E 45 DD 28 FC 42 FE FE 49 C2 95 49 95 C8 FD", "cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]", "compression methods" : "00", "extensions" : [ "status_request (5)": { "certificate status type": ocsp "OCSP status request": { "responder_id": "request extensions": { } } }, "supported_groups (10)": { "versions": [secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192] }, "ec_point_formats (11)": { "formats": [uncompressed] }, "signature_algorithms (13)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "signature_algorithms_cert (50)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "status_request_v2 (17)": { "cert status request": { "certificate status type": ocsp_multi "OCSP status request": { "responder_id": "request extensions": { } } } }, "extended_master_secret (23)": { }, "supported_versions (43)": { "versions": [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1] }, "psk_key_exchange_modes (45)": { "ke_modes": [psk_dhe_ke] }, "key_share (51)": { "client_shares": [ { "named group": secp256r1 "key_exchange": { 0000: 04 8E 2D 51 17 70 0D D3 2A C6 1D 32 C8 18 BF AA ..-Q.p..*..2.... 0010: 0C 3D CC 32 00 54 92 C7 78 12 F2 67 32 C4 54 E6 .=.2.T..x..g2.T. 0020: 71 F5 87 0A 15 26 52 B6 63 CE 5D 0F C9 BF FC F6 q....&R.c.]..... 0030: 7E A4 83 30 B0 DA 86 19 F6 B4 2B 7B D8 F3 61 CE ...0......+...a. 0040: 11 } }, ] } ] } ) javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.054 CEST|ServerHello.java:884|Consuming ServerHello handshake message ( "ServerHello": { "server version" : "TLSv1.2", "random" : "5D 8B E8 18 C2 50 00 01 A6 F9 69 BC 4F 08 9B BA A1 21 AF 2B 2A 0C C9 69 25 5C AC 58 05 23 C6 BE", "session id" : "42 84 B4 FF 1C 9E D4 82 77 56 55 6D 7D 6E 1E 23 24 4E 45 DD 28 FC 42 FE FE 49 C2 95 49 95 C8 FD", "cipher suite" : "TLS_AES_128_GCM_SHA256(0x1301)", "compression methods" : "00", "extensions" : [ "supported_versions (43)": { "selected version": [TLSv1.3] }, "key_share (51)": { "server_share": { "named group": secp256r1 "key_exchange": { 0000: 04 2E 3A 89 1A B6 33 27 61 6F 3C 88 31 CD 08 65 ..:...3'ao<.1..e 0010: EC 0E 3C 40 F3 17 25 98 B9 4B 24 2D 6F FA 6C 6B ..<@..%..K$-o.lk 0020: C6 F3 8D 34 F0 BC 9A 76 AA C9 5F 88 0F D1 23 B7 ...4...v.._...#. 0030: D7 A1 FB 18 A1 56 BB 26 06 8C 13 04 64 02 23 C8 .....V.&....d.#. 0040: FC } }, } ] } ) javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.060 CEST|SSLExtensions.java:188|Consumed extension: supported_versions javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.060 CEST|ServerHello.java:980|Negotiated protocol version: TLSv1.3 javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.061 CEST|SSLExtensions.java:159|Ignore unsupported extension: server_name javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.063 CEST|SSLExtensions.java:159|Ignore unsupported extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.063 CEST|SSLExtensions.java:159|Ignore unsupported extension: status_request javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.063 CEST|SSLExtensions.java:159|Ignore unsupported extension: ec_point_formats javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.064 CEST|SSLExtensions.java:159|Ignore unsupported extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.064 CEST|SSLExtensions.java:159|Ignore unsupported extension: status_request_v2 javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.064 CEST|SSLExtensions.java:159|Ignore unsupported extension: extended_master_secret javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.064 CEST|SSLExtensions.java:188|Consumed extension: supported_versions javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.065 CEST|SSLExtensions.java:188|Consumed extension: key_share javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.066 CEST|SSLExtensions.java:159|Ignore unsupported extension: renegotiation_info javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.066 CEST|PreSharedKeyExtension.java:867|Handling pre_shared_key absence. javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.066 CEST|SSLExtensions.java:203|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.067 CEST|SSLExtensions.java:203|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.067 CEST|SSLExtensions.java:203|Ignore unavailable extension: status_request javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.067 CEST|SSLExtensions.java:203|Ignore unavailable extension: ec_point_formats javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.067 CEST|SSLExtensions.java:203|Ignore unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.068 CEST|SSLExtensions.java:203|Ignore unavailable extension: status_request_v2 javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.068 CEST|SSLExtensions.java:203|Ignore unavailable extension: extended_master_secret javax.net.ssl|WARNING|01|main|2020-05-12 06:11:58.069 CEST|SSLExtensions.java:211|Ignore impact of unsupported extension: supported_versions javax.net.ssl|WARNING|01|main|2020-05-12 06:11:58.069 CEST|SSLExtensions.java:211|Ignore impact of unsupported extension: key_share javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.070 CEST|SSLExtensions.java:203|Ignore unavailable extension: renegotiation_info javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.070 CEST|SSLExtensions.java:203|Ignore unavailable extension: pre_shared_key javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.082 CEST|SSLCipher.java:1824|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.083 CEST|SSLCipher.java:1978|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.085 CEST|ChangeCipherSpec.java:250|Consuming ChangeCipherSpec message javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.095 CEST|EncryptedExtensions.java:171|Consuming EncryptedExtensions handshake message ( "EncryptedExtensions": [ ] ) javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.096 CEST|SSLExtensions.java:169|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.096 CEST|SSLExtensions.java:169|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.096 CEST|SSLExtensions.java:169|Ignore unavailable extension: supported_groups javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.097 CEST|SSLExtensions.java:203|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.097 CEST|SSLExtensions.java:203|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.097 CEST|SSLExtensions.java:203|Ignore unavailable extension: supported_groups javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.098 CEST|SSLExtensions.java:203|Ignore unavailable extension: application_layer_protocol_negotiation javax.net.ssl|ERROR|01|main|2020-05-12 06:11:58.100 CEST|TransportContext.java:319|Fatal (UNSUPPORTED_EXTENSION): extension (5) should not be presented in certificate_request ( "throwable" : { javax.net.ssl.SSLHandshakeException: extension (5) should not be presented in certificate_request at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:314) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:270) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:261) at java.base/sun.security.ssl.SSLExtensions.(SSLExtensions.java:89) at java.base/sun.security.ssl.CertificateRequest$T13CertificateRequestMessage.(CertificateRequest.java:818) at java.base/sun.security.ssl.CertificateRequest$T13CertificateRequestConsumer.consume(CertificateRequest.java:922) at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:451) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:428) at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:184) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164) at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151) at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402) at SSLSocketClient.main(SSLSocketClient.java:26)} ) javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.107 CEST|SSLSocketImpl.java:1360|close the underlying socket javax.net.ssl|DEBUG|01|main|2020-05-12 06:11:58.107 CEST|SSLSocketImpl.java:1379|close the SSL connection (initiative) Exception in thread "main" javax.net.ssl.SSLHandshakeException: extension (5) should not be presented in certificate_request at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:314) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:270) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:261) at java.base/sun.security.ssl.SSLExtensions.(SSLExtensions.java:89) at java.base/sun.security.ssl.CertificateRequest$T13CertificateRequestMessage.(CertificateRequest.java:818) at java.base/sun.security.ssl.CertificateRequest$T13CertificateRequestConsumer.consume(CertificateRequest.java:922) at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:451) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:428) at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:184) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164) at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1151) at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1062) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402) at SSLSocketClient.main(SSLSocketClient.java:26)