jshell> java.net.http.HttpClient.newBuilder().sslContext(sslContext).build().send(java.net.http.HttpRequest .newBuilder(new java.net.URI("https://www.google.com")).GET().build(), java.net.http.HttpResponse.BodyHandl ers.ofString()).body() javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.943 CST|HandshakeContext.java:297|Ignore unsupported cipher suite: TLS_AES_256_GCM_SHA384 for TLS12 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.944 CST|HandshakeContext.java:297|Ignore unsupported cipher suite: TLS_AES_128_GCM_SHA256 for TLS12 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.944 CST|HandshakeContext.java:297|Ignore unsupported cipher suite: TLS_CHACHA20_POLY1305_SHA256 for TLS12 javax.net.ssl|ALL|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.947 CST|SignatureScheme.java:359|Ignore disabled signature scheme: rsa_md5 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.947 CST|SessionTicketExtension.java:396|Stateless resumption not supported javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.947 CST|SSLExtensions.java:257|Ignore, context unavailable extension: session_ticket javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.947 CST|SSLExtensions.java:257|Ignore, context unavailable extension: cookie javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.949 CST|SSLExtensions.java:257|Ignore, context unavailable extension: renegotiation_info javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.949 CST|PreSharedKeyExtension.java:666|No session to resume. javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.949 CST|SSLExtensions.java:257|Ignore, context unavailable extension: pre_shared_key javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.951 CST|ClientHello.java:652|Produced ClientHello handshake message ( "ClientHello": { "client version" : "TLSv1.2", "random" : "D3 0C F8 FD FA BA E1 25 07 A7 C0 7F F3 80 26 BA 37 A8 C8 65 2F 48 A4 EE 3B E8 33 F9 12 07 05 EB", "session id" : "4E E6 09 FA D6 18 02 E9 5A 83 89 93 F9 F3 21 B3 07 03 5C 03 02 35 B6 46 50 14 A6 C2 43 F1 9E 8C", "cipher suites" : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA9), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA8), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]", "compression methods" : "00", "extensions" : [ "server_name (0)": { type=host_name (0), value=www.google.com }, "status_request (5)": { "certificate status type": ocsp "OCSP status request": { "responder_id": "request extensions": { } } }, "supported_groups (10)": { "versions": [x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192] }, "ec_point_formats (11)": { "formats": [uncompressed] }, "signature_algorithms (13)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "signature_algorithms_cert (50)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "application_layer_protocol_negotiation (16)": { [h2, http/1.1] }, "status_request_v2 (17)": { "cert status request": { "certificate status type": ocsp_multi "OCSP status request": { "responder_id": "request extensions": { } } } }, "extended_master_secret (23)": { }, "supported_versions (43)": { "versions": [TLSv1.3, TLSv1.2] }, "psk_key_exchange_modes (45)": { "ke_modes": [psk_dhe_ke] }, "key_share (51)": { "client_shares": [ { "named group": x25519 "key_exchange": { 0000: 78 39 6A B3 FD A5 07 6D 69 38 2D 91 6B E0 FD EF x9j....mi8-.k... 0010: 41 7D F8 54 7F 87 9E A9 5D 3D 5A 47 F9 9E EA 38 A..T....]=ZG...8 } }, ] } ] } ) javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.969 CST|ServerHello.java:887|Consuming ServerHello handshake message ( "ServerHello": { "server version" : "TLSv1.2", "random" : "8D D9 A0 77 C2 EE FD 64 EF EC 16 E1 37 4D CE 17 68 F5 9F 3F 93 25 D4 9E 54 A8 DF 2A 60 4B D3 1E", "session id" : "4E E6 09 FA D6 18 02 E9 5A 83 89 93 F9 F3 21 B3 07 03 5C 03 02 35 B6 46 50 14 A6 C2 43 F1 9E 8C", "cipher suite" : "TLS_AES_256_GCM_SHA384(0x1302)", "compression methods" : "00", "extensions" : [ "key_share (51)": { "server_share": { "named group": x25519 "key_exchange": { 0000: 8D F7 9E EB 17 D2 69 40 C7 84 51 BE 18 9E 2D CC ......i@..Q...-. 0010: FD F3 DB C1 2C F8 81 48 EC EA DD F6 0F 55 92 26 ....,..H.....U.& } }, }, "supported_versions (43)": { "selected version": [TLSv1.3] } ] } ) javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.970 CST|SSLExtensions.java:189|Consumed extension: supported_versions javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.970 CST|ServerHello.java:983|Negotiated protocol version: TLSv1.3 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.970 CST|SSLExtensions.java:160|Ignore unsupported extension: server_name javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.970 CST|SSLExtensions.java:160|Ignore unsupported extension: max_fragment_length javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.971 CST|SSLExtensions.java:160|Ignore unsupported extension: status_request javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.971 CST|SSLExtensions.java:160|Ignore unsupported extension: ec_point_formats javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.971 CST|SSLExtensions.java:160|Ignore unsupported extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.971 CST|SSLExtensions.java:160|Ignore unsupported extension: status_request_v2 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.971 CST|SSLExtensions.java:160|Ignore unsupported extension: extended_master_secret javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.971 CST|SSLExtensions.java:160|Ignore unsupported extension: session_ticket javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.972 CST|SSLExtensions.java:189|Consumed extension: supported_versions javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.972 CST|SSLExtensions.java:189|Consumed extension: key_share javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.972 CST|SSLExtensions.java:160|Ignore unsupported extension: renegotiation_info javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.972 CST|PreSharedKeyExtension.java:898|Handling pre_shared_key absence. javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.972 CST|SSLExtensions.java:204|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.973 CST|SSLExtensions.java:204|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.973 CST|SSLExtensions.java:204|Ignore unavailable extension: status_request javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.973 CST|SSLExtensions.java:204|Ignore unavailable extension: ec_point_formats javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.973 CST|SSLExtensions.java:204|Ignore unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.973 CST|SSLExtensions.java:204|Ignore unavailable extension: status_request_v2 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.974 CST|SSLExtensions.java:204|Ignore unavailable extension: extended_master_secret javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.974 CST|SSLExtensions.java:204|Ignore unavailable extension: session_ticket javax.net.ssl|WARNING|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.974 CST|SSLExtensions.java:212|Ignore impact of unsupported extension: supported_versions javax.net.ssl|WARNING|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.974 CST|SSLExtensions.java:212|Ignore impact of unsupported extension: key_share javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.974 CST|SSLExtensions.java:204|Ignore unavailable extension: renegotiation_info javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.974 CST|SSLExtensions.java:204|Ignore unavailable extension: pre_shared_key javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.976 CST|SSLCipher.java:1867|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.977 CST|SSLCipher.java:2021|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.977 CST|ChangeCipherSpec.java:246|Consuming ChangeCipherSpec message javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.978 CST|EncryptedExtensions.java:171|Consuming EncryptedExtensions handshake message ( "EncryptedExtensions": [ "application_layer_protocol_negotiation (16)": { [h2] } ] ) javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.979 CST|SSLExtensions.java:170|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.979 CST|SSLExtensions.java:170|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.979 CST|SSLExtensions.java:170|Ignore unavailable extension: supported_groups javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.979 CST|SSLExtensions.java:189|Consumed extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.979 CST|SSLExtensions.java:204|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.979 CST|SSLExtensions.java:204|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.980 CST|SSLExtensions.java:204|Ignore unavailable extension: supported_groups javax.net.ssl|WARNING|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.980 CST|SSLExtensions.java:212|Ignore impact of unsupported extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.983 CST|CertificateMessage.java:1154|Consuming server Certificate handshake message ( "Certificate": { "certificate_request_context": "", "certificate_list": [ { "certificate" : { "version" : "v3", "serial number" : "00 D4 B0 87 D4 5A EC 89 BC 02 00 00 00 00 57 9B D4", "signature algorithm": "SHA256withRSA", "issuer" : "CN=GTS CA 1O1, O=Google Trust Services, C=US", "not before" : "2020-01-30 06:01:37.000 CST", "not after" : "2020-04-23 06:01:37.000 CST", "subject" : "CN=www.google.com, O=Google LLC, L=Mountain View, ST=California, C=US", "subject public key" : "EC", "extensions" : [ { ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false }, { ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://ocsp.pki.goog/gts1o1 , accessMethod: caIssuers accessLocation: URIName: http://pki.goog/gsr2/GTS1O1.crt ] ] }, { ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 98 D1 F8 6E 10 EB CF 9B EC 60 9F 18 90 1B A0 EB ...n.....`...... 0010: 7D 09 FD 2B ...+ ] ] }, { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] }, { ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.pki.goog/GTS1O1.crl] ]] }, { ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.23.140.1.2.2] [] ] [CertificatePolicyId: [1.3.6.1.4.1.11129.2.5.3] [] ] ] }, { ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth ] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature ] }, { ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: www.google.com ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 3A C6 8F 58 05 D3 B4 E3 DB E7 FE 7A 94 8A 89 49 :..X.......z...I 0010: 93 41 52 DF .AR. ] ] } ]} "extensions": { } }, { "certificate" : { "version" : "v3", "serial number" : "01 E3 B4 9A A1 8D 8A A9 81 25 69 50 B8", "signature algorithm": "SHA256withRSA", "issuer" : "CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2", "not before" : "2017-06-15 08:00:42.000 CST", "not after" : "2021-12-15 08:00:42.000 CST", "subject" : "CN=GTS CA 1O1, O=Google Trust Services, C=US", "subject public key" : "RSA", "extensions" : [ { ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://ocsp.pki.goog/gsr2 ] ] }, { ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 9B E2 07 57 67 1C 1E C0 6A 06 DE 59 B4 9A 2D DF ...Wg...j..Y..-. 0010: DC 19 86 2E .... ] ] }, { ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] }, { ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.pki.goog/gsr2/gsr2.crl] ]] }, { ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.23.140.1.2.2] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 1C 68 74 74 70 73 3A 2F 2F 70 6B 69 2E 67 6F ..https://pki.go 0010: 6F 67 2F 72 65 70 6F 73 69 74 6F 72 79 2F og/repository/ ]] ] ] }, { ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] }, { ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] }, { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 98 D1 F8 6E 10 EB CF 9B EC 60 9F 18 90 1B A0 EB ...n.....`...... 0010: 7D 09 FD 2B ...+ ] ] } ]} "extensions": { } }, ] } ) javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.984 CST|SSLExtensions.java:170|Ignore unavailable extension: status_request javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.984 CST|SSLExtensions.java:170|Ignore unavailable extension: status_request javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.990 CST|CertificateVerify.java:1165|Consuming CertificateVerify handshake message ( "CertificateVerify": { "signature algorithm": ecdsa_secp256r1_sha256 "signature": { 0000: 30 44 02 20 47 90 56 88 DB 34 49 71 F8 0A 38 A7 0D. G.V..4Iq..8. 0010: 36 3E 22 FE 63 4E C6 C6 58 AC 40 1A 23 FB D8 DA 6>".cN..X.@.#... 0020: BC 2A 9C 97 02 20 01 0F 5A C8 BF 92 33 CE 01 31 .*... ..Z...3..1 0030: F4 0C 47 66 4A 3A 42 E6 D3 23 CF CC 36 A8 C9 E0 ..GfJ:B..#..6... 0040: F8 91 D1 F3 94 54 .....T } } ) javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.990 CST|Finished.java:908|Consuming server Finished handshake message ( "Finished": { "verify data": { 0000: FD 34 F5 35 5A F3 B9 75 E0 4B 82 AE B7 87 81 EA .4.5Z..u.K...... 0010: B4 6B 04 C7 CC 87 DD 90 3D 40 A6 5D 1C 68 E2 74 .k......=@.].h.t 0020: 91 B5 12 AD 9F 8F 96 15 4F AC 1D 17 2A 0D BB 1C ........O...*... }'} ) javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.991 CST|SSLCipher.java:1867|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.993 CST|Finished.java:683|Produced client Finished handshake message ( "Finished": { "verify data": { 0000: FD A0 AC 7D 04 24 5E 1B 19 EA 93 87 E5 A9 44 A1 .....$^.......D. 0010: 42 7E 12 AC 58 F7 B3 BC FC 65 5D 48 ED 5C 65 3B B...X....e]H.\e; 0020: 6A D3 E8 4C F0 A1 82 9D 13 AF ED 63 04 8E 2C B8 j..L.......c..,. }'} ) javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:26.994 CST|SSLCipher.java:2021|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:27.008 CST|SSLExtensions.java:132|Ignore unknown or unsupported extension ( "unknown extension (19,018)": { } ) javax.net.ssl|DEBUG|16|HttpClient-2-Worker-0|2020-02-19 19:10:27.009 CST|NewSessionTicket.java:523|Consuming NewSessionTicket message ( "NewSessionTicket": { "ticket_lifetime" : "172,800", "ticket_age_add" : "", "ticket_nonce" : "00", "ticket" : { 0000: 01 61 E9 38 68 12 3B B3 00 F6 F8 C1 DB 33 4E 86 .a.8h.;......3N. 0010: 2C 09 B9 8A 46 07 6F 89 B2 83 88 29 A5 2A 16 9C ,...F.o....).*.. 0020: 0C C0 F1 66 12 DF 20 26 88 3A 0B 33 10 B9 4F 5E ...f.. &.:.3..O^ 0030: 57 38 AB 69 96 A5 CB 3D B1 5C 2B 8B 52 A1 C5 9C W8.i...=.\+.R... 0040: F1 29 FC E2 24 40 37 D7 CE C5 75 74 93 65 41 B9 .)..$@7...ut.eA. 0050: 06 1A 40 D7 92 98 99 EE 6A 14 98 F3 3C 70 AE 57 ..@.....j...", "ticket_nonce" : "01", "ticket" : { 0000: 01 61 E9 38 68 12 3B B3 00 F6 F8 C1 DB 33 4E 86 .a.8h.;......3N. 0010: 68 6D 2E AE 72 23 1A 52 29 DE 39 97 42 1B 72 B0 hm..r#.R).9.B.r. 0020: D8 72 B1 11 A9 99 9C 9D 47 5B A6 83 D0 EB 59 61 .r......G[....Ya 0030: FB 27 43 51 59 A8 6A 43 FE E0 B1 48 84 AB 07 26 .'CQY.jC...H...& 0040: AD 8C D5 80 23 DB EB C8 D3 ED 22 A0 23 50 4A 95 ....#.....".#PJ. 0050: 44 8D 15 77 12 FB 1E 96 42 CD 65 AB 35 AB 29 85 D..w....B.e.5.). 0060: C6 C7 51 F7 FB 45 8C 1E D3 23 96 2A CB 66 44 D7 ..Q..E...#.*.fD. 0070: 48 8B 32 B1 AF F6 12 5A 77 5B 59 7D C0 46 07 CE H.2....Zw[Y..F.. 0080: 3A 21 BC 23 57 26 DE 65 5B 5D 37 0A 6F D6 12 D6 :!.#W&.e[]7.o... 0090: 53 7D 2F 2B 34 11 53 9D A7 97 D3 53 34 0B 31 E3 S./+4.S....S4.1. 00A0: 92 09 52 0A BE 12 A3 41 C1 42 71 3A 8D CC 1D 94 ..R....A.Bq:.... 00B0: 5B C7 67 51 92 D5 F8 6C F2 3E 74 5E C7 83 E9 B1 [.gQ...l.>t^.... 00C0: 9F ED 3A 6C 1C 9E 7B 94 40 80 7E 60 39 84 06 F2 ..:l....@..`9... 00D0: 4D 5A 27 A8 EB A1 E2 6C C8 8B 5D A1 26 66 2E 9F MZ'....l..].&f.. 00E0: 09 C7 ED AB 26 47 3D CA 37 53 6B A8 10 94 BD 78 ....&G=.7Sk....x 00F0: 33 44 } "extensions" : [ "unknown extension (19,018)": { } ] } ) $8 ==> "Google "