TLSv.1.3 interropt problems with OpenSSL 1.1.1 when used on the client side with mutual auth
Xuelei Fan
xuelei.fan at oracle.com
Mon Sep 17 17:35:03 UTC 2018
Hi Norman,
Thank you so much for the reproducing code. Would you mind file a bug
for this issue?
Thanks,
Xuelei
On 9/17/2018 3:39 AM, Norman Maurer wrote:
> Hi all,
>
>
> As requested I pushed a pure JDK reproducer to GitHub which you can
> easily use to reproduce the problem. All the details how to run it etc
> are in the README.md file. I also included a server to show that all
> works if we use the JDK on the client side and server side.
> Also as stated before you will see that the cert will be send even if
> you use OpenSSL on the serverside if you replace “-Verify 1” with
> “-verify 1” (which is kind of the same as setWantClientAuth(true)).
> Please don't hesitate to ping me if you need any more details or have
> any more questions.
>
> https://github.com/normanmaurer/jdktls13bugreproducer
>
>
> Here is the output with debugging enabled on the client side.
>
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.515
> CEST|SSLContextImpl.java:427|System property jdk.tls.client.cipherSuites
> is set to 'null'
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.529
> CEST|SSLContextImpl.java:427|System property jdk.tls.server.cipherSuites
> is set to 'null'
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.563
> CEST|SSLCipher.java:437|jdk.tls.keyLimits: entry = AES/GCM/NoPadding
> KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.577
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.577
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.578
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.578
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.578
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.578
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.578
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.579
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.579
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.579
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.579
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.579
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.580
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.580
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.581
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.581
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.581
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.581
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.581
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.582
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.582
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_RSA_WITH_RC4_128_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.582
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_RC4_128_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.582
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_RSA_WITH_RC4_128_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.582
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_RSA_WITH_RC4_128_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.582
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_ECDSA_WITH_RC4_128_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.583
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_RC4_128_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.583
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_RSA_WITH_RC4_128_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.583
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_RC4_128_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.583
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_RSA_WITH_RC4_128_MD5
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.583
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_RSA_WITH_RC4_128_MD5
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.583
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_anon_WITH_RC4_128_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.583
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_anon_WITH_RC4_128_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.584
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DH_anon_WITH_RC4_128_MD5
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.584
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DH_anon_WITH_RC4_128_MD5
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.584
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.584
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.585
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.585
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.585
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.585
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.585
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.585
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.586
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_RSA_EXPORT_WITH_RC4_40_MD5
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.586
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_RSA_EXPORT_WITH_RC4_40_MD5
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.586
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.586
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.589
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.589
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.589
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.589
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.589
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.590
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.590
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.590
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.590
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.590
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.590
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.591
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.591
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.591
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.593
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.593
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.594
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.594
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.594
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.594
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.594
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.594
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.595
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.595
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.595
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.595
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.595
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.595
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.597
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.597
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.597
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.597
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.598
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.598
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.598
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.598
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.598
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.598
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.598
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.598
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.599
> CEST|SSLContextImpl.java:401|Ignore disabled cipher suite:
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.599
> CEST|SSLContextImpl.java:410|Ignore unsupported cipher suite:
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.642
> CEST|SunX509KeyManagerImpl.java:164|found key for : 1 (
> "certificate" : {
> "version" : "v3",
> "serial number" : "20 C3 8D C4 49 66 D0 02",
> "signature algorithm": "SHA256withRSA",
> "issuer" :
> "CN=e8ac02fa0d65a84219016045db8b05c485b4ecdf.netty.test",
> "not before" : "2013-08-02 09:51:36.000 CEST",
> "not after" : "10000-01-01 24:59:59.000 CET",
> "subject" :
> "CN=e8ac02fa0d65a84219016045db8b05c485b4ecdf.netty.test",
> "subject public key" : "RSA"}
> )
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.643
> CEST|SSLContextImpl.java:115|trigger seeding of SecureRandom
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.643
> CEST|SSLContextImpl.java:119|done seeding of SecureRandom
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.665
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_AES_128_GCM_SHA256 for TLS12
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.666
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_AES_256_GCM_SHA384 for TLS12
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.671
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_AES_128_GCM_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.671
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_AES_256_GCM_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.671
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.671
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.671
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.672
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_RSA_WITH_AES_256_GCM_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.672
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.672
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.672
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.672
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.673
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.673
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_RSA_WITH_AES_128_GCM_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.673
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.673
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.673
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.673
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.673
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.674
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.674
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_RSA_WITH_AES_256_CBC_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.674
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.674
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.674
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.674
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLS11
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.674
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_AES_128_GCM_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.674
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_AES_256_GCM_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_RSA_WITH_AES_256_GCM_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.675
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.676
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_RSA_WITH_AES_128_GCM_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.676
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.676
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.676
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.676
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.676
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.677
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.677
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_RSA_WITH_AES_256_CBC_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.677
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.677
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.677
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLS10
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.677
> CEST|HandshakeContext.java:290|Ignore unsupported cipher suite:
> TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLS10
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.690
> CEST|ServerNameExtension.java:255|Unable to indicate server name
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.690
> CEST|SSLExtensions.java:235|Ignore, context unavailable extension:
> server_name
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.701
> CEST|SignatureScheme.java:282|Signature algorithm, ed25519, is not
> supported by the underlying providers
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.702
> CEST|SignatureScheme.java:282|Signature algorithm, ed448, is not
> supported by the underlying providers
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.706
> CEST|SignatureScheme.java:358|Ignore disabled signature sheme: rsa_md5
> javax.net.ssl|INFO|01|main|2018-09-17 11:51:54.706
> CEST|AlpnExtension.java:161|No available application protocols
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.706
> CEST|SSLExtensions.java:235|Ignore, context unavailable extension:
> application_layer_protocol_negotiation
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.707
> CEST|SSLExtensions.java:235|Ignore, context unavailable extension: cookie
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.711
> CEST|SSLExtensions.java:235|Ignore, context unavailable extension:
> renegotiation_info
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.711
> CEST|PreSharedKeyExtension.java:606|No session to resume.
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.711
> CEST|SSLExtensions.java:235|Ignore, context unavailable extension:
> pre_shared_key
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.714
> CEST|ClientHello.java:633|Produced ClientHello handshake message (
> "ClientHello": {
> "client version" : "TLSv1.2",
> "random" : "66 2E BE D3 8A 77 39 06 3B 5A 34 03 7D EE 74
> BB 08 D2 19 FD 50 17 2D 84 29 AA FB E0 EE ED 50 69",
> "session id" : "0B 03 C8 E2 D2 A5 CD 3A 22 C5 85 17 06 64 A9
> 30 14 62 C0 AF AB 67 CE 63 50 41 50 7F 6B FD 4C 9F",
> "cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301),
> TLS_AES_256_GCM_SHA384(0x1302),
> TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C),
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B),
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030),
> TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D),
> TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E),
> TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032),
> TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F),
> TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3),
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F),
> TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C),
> TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D),
> TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031),
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E),
> TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2),
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024),
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028),
> TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D),
> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026),
> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A),
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B),
> TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A),
> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A),
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014),
> TLS_RSA_WITH_AES_256_CBC_SHA(0x0035),
> TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005),
> TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F),
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039),
> TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038),
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023),
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027),
> TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C),
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025),
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029),
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067),
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040),
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009),
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013),
> TLS_RSA_WITH_AES_128_CBC_SHA(0x002F),
> TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004),
> TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E),
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033),
> TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032),
> TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
> "compression methods" : "00",
> "extensions" : [
> "status_request (5)": {
> "certificate status type": ocsp
> "OCSP status request": {
> "responder_id": <empty>
> "request extensions": {
> <empty>
> }
> }
> },
> "supported_groups (10)": {
> "versions": [secp256r1, secp384r1, secp521r1, sect283k1,
> sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1,
> ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
> },
> "ec_point_formats (11)": {
> "formats": [uncompressed]
> },
> "signature_algorithms (13)": {
> "signature schemes": [ecdsa_secp256r1_sha256,
> ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256,
> rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256,
> rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256,
> rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224,
> rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
> },
> "signature_algorithms_cert (50)": {
> "signature schemes": [ecdsa_secp256r1_sha256,
> ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256,
> rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256,
> rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256,
> rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224,
> rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
> },
> "status_request_v2 (17)": {
> "cert status request": {
> "certificate status type": ocsp_multi
> "OCSP status request": {
> "responder_id": <empty>
> "request extensions": {
> <empty>
> }
> }
> }
> },
> "extended_master_secret (23)": {
> <empty>
> },
> "supported_versions (43)": {
> "versions": [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1]
> },
> "psk_key_exchange_modes (45)": {
> "ke_modes": [psk_dhe_ke]
> },
> "key_share (51)": {
> "client_shares": [
> {
> "named group": secp256r1
> "key_exchange": {
> 0000: 04 A3 9F B9 05 27 00 38 C4 D7 61 6C 66 1F 4A 8D
> .....'.8..alf.J.
> 0010: B1 02 6F 0B F6 E1 BD 50 93 52 86 2C D2 3C 8D 1A
> ..o....P.R.,.<..
> 0020: 10 A9 CD F0 40 F4 CD 04 25 A1 11 E2 58 23 A3 24
> .... at ...%...X#.$
> 0030: CA E8 8F 28 F7 2B 65 96 B2 E3 A1 AE 99 24 94 28
> ...(.+e......$.(
> 0040: 83
> }
> },
> ]
> }
> ]
> }
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.714
> CEST|SSLSocketOutputRecord.java:241|WRITE: TLS13 handshake, length = 417
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.719
> CEST|SSLSocketOutputRecord.java:255|Raw write (
> 0000: 16 03 03 01 A1 01 00 01 9D 03 03 66 2E BE D3 8A ...........f....
> 0010: 77 39 06 3B 5A 34 03 7D EE 74 BB 08 D2 19 FD 50 w9.;Z4...t.....P
> 0020: 17 2D 84 29 AA FB E0 EE ED 50 69 20 0B 03 C8 E2 .-.).....Pi ....
> 0030: D2 A5 CD 3A 22 C5 85 17 06 64 A9 30 14 62 C0 AF ...:"....d.0.b..
> 0040: AB 67 CE 63 50 41 50 7F 6B FD 4C 9F 00 5A 13 01 .g.cPAP.k.L..Z..
> 0050: 13 02 C0 2C C0 2B C0 30 00 9D C0 2E C0 32 00 9F ...,.+.0.....2..
> 0060: 00 A3 C0 2F 00 9C C0 2D C0 31 00 9E 00 A2 C0 24 .../...-.1.....$
> 0070: C0 28 00 3D C0 26 C0 2A 00 6B 00 6A C0 0A C0 14 .(.=.&.*.k.j....
> 0080: 00 35 C0 05 C0 0F 00 39 00 38 C0 23 C0 27 00 3C .5.....9.8.#.'.<
> 0090: C0 25 C0 29 00 67 00 40 C0 09 C0 13 00 2F C0 04 .%.).g. at ...../..
> 00A0: C0 0E 00 33 00 32 00 FF 01 00 00 FA 00 05 00 05 ...3.2..........
> 00B0: 01 00 00 00 00 00 0A 00 20 00 1E 00 17 00 18 00 ........ .......
> 00C0: 19 00 09 00 0A 00 0B 00 0C 00 0D 00 0E 00 16 01 ................
> 00D0: 00 01 01 01 02 01 03 01 04 00 0B 00 02 01 00 00 ................
> 00E0: 0D 00 28 00 26 04 03 05 03 06 03 08 04 08 05 08 ..(.&...........
> 00F0: 06 08 09 08 0A 08 0B 04 01 05 01 06 01 04 02 03 ................
> 0100: 03 03 01 03 02 02 03 02 01 02 02 00 32 00 28 00 ............2.(.
> 0110: 26 04 03 05 03 06 03 08 04 08 05 08 06 08 09 08 &...............
> 0120: 0A 08 0B 04 01 05 01 06 01 04 02 03 03 03 01 03 ................
> 0130: 02 02 03 02 01 02 02 00 11 00 09 00 07 02 00 04 ................
> 0140: 00 00 00 00 00 17 00 00 00 2B 00 09 08 03 04 03 .........+......
> 0150: 03 03 02 03 01 00 2D 00 02 01 01 00 33 00 47 00 ......-.....3.G.
> 0160: 45 00 17 00 41 04 A3 9F B9 05 27 00 38 C4 D7 61 E...A.....'.8..a
> 0170: 6C 66 1F 4A 8D B1 02 6F 0B F6 E1 BD 50 93 52 86 lf.J...o....P.R.
> 0180: 2C D2 3C 8D 1A 10 A9 CD F0 40 F4 CD 04 25 A1 11 ,.<...... at ...%..
> 0190: E2 58 23 A3 24 CA E8 8F 28 F7 2B 65 96 B2 E3 A1 .X#.$...(.+e....
> 01A0: AE 99 24 94 28 83 ..$.(.
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.720
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 16 03 03 00 9B .....
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.720
> CEST|SSLSocketInputRecord.java:213|READ: TLSv1.2 handshake, length = 155
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.721
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 02 00 00 97 03 03 AB 76 F1 BA F3 B1 F0 DD 53 AC .......v......S.
> 0010: 5B 54 E9 E4 2E F8 44 D2 5E B2 59 85 0D 16 79 EE [T....D.^.Y...y.
> 0020: A7 66 8A 84 69 2A 20 0B 03 C8 E2 D2 A5 CD 3A 22 .f..i* .......:"
> 0030: C5 85 17 06 64 A9 30 14 62 C0 AF AB 67 CE 63 50 ....d.0.b...g.cP
> 0040: 41 50 7F 6B FD 4C 9F 13 01 00 00 4F 00 2B 00 02 AP.k.L.....O.+..
> 0050: 03 04 00 33 00 45 00 17 00 41 04 18 4A 46 BB 73 ...3.E...A..JF.s
> 0060: F4 6F 5D F0 3C 98 AD 70 7E 13 D6 C0 E5 C0 28 5A .o].<..p......(Z
> 0070: D7 42 78 95 68 E0 85 B7 06 CD DB 3C 35 DA AF E8 .Bx.h......<5...
> 0080: 95 D6 A2 3C 77 CF 7E 8E C8 94 50 BA CD 18 3F DA ...<w.....P...?.
> 0090: E3 A3 25 E9 F3 C9 A9 7F 4E B6 A9 ..%.....N..
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.721
> CEST|SSLSocketInputRecord.java:249|READ: TLSv1.2 handshake, length = 155
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.722
> CEST|ServerHello.java:866|Consuming ServerHello handshake message (
> "ServerHello": {
> "server version" : "TLSv1.2",
> "random" : "AB 76 F1 BA F3 B1 F0 DD 53 AC 5B 54 E9 E4 2E
> F8 44 D2 5E B2 59 85 0D 16 79 EE A7 66 8A 84 69 2A",
> "session id" : "0B 03 C8 E2 D2 A5 CD 3A 22 C5 85 17 06 64 A9
> 30 14 62 C0 AF AB 67 CE 63 50 41 50 7F 6B FD 4C 9F",
> "cipher suite" : "TLS_AES_128_GCM_SHA256(0x1301)",
> "compression methods" : "00",
> "extensions" : [
> "supported_versions (43)": {
> "selected version": [TLSv1.3]
> },
> "key_share (51)": {
> "server_share": {
> "named group": secp256r1
> "key_exchange": {
> 0000: 04 18 4A 46 BB 73 F4 6F 5D F0 3C 98 AD 70 7E 13
> ..JF.s.o].<..p..
> 0010: D6 C0 E5 C0 28 5A D7 42 78 95 68 E0 85 B7 06 CD
> ....(Z.Bx.h.....
> 0020: DB 3C 35 DA AF E8 95 D6 A2 3C 77 CF 7E 8E C8 94
> .<5......<w.....
> 0030: 50 BA CD 18 3F DA E3 A3 25 E9 F3 C9 A9 7F 4E B6
> P...?...%.....N.
> 0040: A9
> }
> },
> }
> ]
> }
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.723
> CEST|SSLExtensions.java:167|Consumed extension: supported_versions
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.723
> CEST|ServerHello.java:962|Negotiated protocol version: TLSv1.3
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.723
> CEST|SSLExtensions.java:138|Ignore unsupported extension: server_name
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.723
> CEST|SSLExtensions.java:138|Ignore unsupported extension:
> max_fragment_length
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.723
> CEST|SSLExtensions.java:138|Ignore unsupported extension: status_request
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.724
> CEST|SSLExtensions.java:138|Ignore unsupported extension: ec_point_formats
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.724
> CEST|SSLExtensions.java:138|Ignore unsupported extension:
> application_layer_protocol_negotiation
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.724
> CEST|SSLExtensions.java:138|Ignore unsupported extension: status_request_v2
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.724
> CEST|SSLExtensions.java:138|Ignore unsupported extension:
> extended_master_secret
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.724
> CEST|SSLExtensions.java:167|Consumed extension: supported_versions
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.725
> CEST|SSLExtensions.java:167|Consumed extension: key_share
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.725
> CEST|SSLExtensions.java:138|Ignore unsupported extension: renegotiation_info
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.725
> CEST|PreSharedKeyExtension.java:832|Handling pre_shared_key absence.
> javax.net.ssl|ALL|01|main|2018-09-17 11:51:54.725
> CEST|SSLSessionImpl.java:203|Session initialized:
> Session(1537177914725|TLS_AES_128_GCM_SHA256)
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.725
> CEST|SSLExtensions.java:182|Ignore unavailable extension: server_name
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:182|Ignore unavailable extension:
> max_fragment_length
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:182|Ignore unavailable extension: status_request
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:182|Ignore unavailable extension: ec_point_formats
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:182|Ignore unavailable extension:
> application_layer_protocol_negotiation
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:182|Ignore unavailable extension: status_request_v2
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:182|Ignore unavailable extension:
> extended_master_secret
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:190|Ignore impact of unsupported extension:
> supported_versions
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:190|Ignore impact of unsupported extension:
> key_share
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:182|Ignore unavailable extension: renegotiation_info
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.726
> CEST|SSLExtensions.java:182|Ignore unavailable extension: pre_shared_key
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.732
> CEST|SSLCipher.java:1824|KeyLimit read side: algorithm =
> AES/GCM/NOPADDING:KEYUPDATE
> countdown value = 137438953472
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.735
> CEST|SSLCipher.java:1978|KeyLimit write side: algorithm =
> AES/GCM/NOPADDING:KEYUPDATE
> countdown value = 137438953472
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.736
> CEST|SSLSocketOutputRecord.java:225|Raw write (
> 0000: 14 03 03 00 01 01 ......
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.736
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 14 03 03 00 01 .....
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.737
> CEST|SSLSocketInputRecord.java:213|READ: TLSv1.2 change_cipher_spec,
> length = 1
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.737
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 01 .
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.737
> CEST|SSLSocketInputRecord.java:249|READ: TLSv1.2 change_cipher_spec,
> length = 1
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.737
> CEST|ChangeCipherSpec.java:232|Consuming ChangeCipherSpec message
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.737
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 17 03 03 00 27 ....'
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.738
> CEST|SSLSocketInputRecord.java:213|READ: TLSv1.2 application_data,
> length = 39
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.738
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: D5 B7 25 6F AF E9 D6 6F 7C 61 98 90 3F FE BA 9A ..%o...o.a..?...
> 0010: A8 5B 94 5E 3A 47 38 62 36 90 9A 1D BE BF 87 18 .[.^:G8b6.......
> 0020: 56 8C E3 AA CE AD AA V......
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.738
> CEST|SSLSocketInputRecord.java:249|READ: TLSv1.2 application_data,
> length = 39
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.746
> CEST|SSLCipher.java:1915|Plaintext after DECRYPTION (
> 0000: 08 00 00 12 00 10 00 0A 00 0C 00 0A 00 1D 00 17 ................
> 0010: 00 1E 00 19 00 18 ......
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.747
> CEST|EncryptedExtensions.java:171|Consuming EncryptedExtensions
> handshake message (
> "EncryptedExtensions": [
> "supported_groups (10)": {
> "versions": [x25519, secp256r1, x448, secp521r1, secp384r1]
> }
> ]
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.747
> CEST|SSLExtensions.java:148|Ignore unavailable extension: server_name
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.747
> CEST|SSLExtensions.java:148|Ignore unavailable extension:
> max_fragment_length
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.748
> CEST|SSLExtensions.java:167|Consumed extension: supported_groups
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.748
> CEST|SSLExtensions.java:182|Ignore unavailable extension: server_name
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.748
> CEST|SSLExtensions.java:182|Ignore unavailable extension:
> max_fragment_length
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.748
> CEST|SSLExtensions.java:190|Ignore impact of unsupported extension:
> supported_groups
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.748
> CEST|SSLExtensions.java:182|Ignore unavailable extension:
> application_layer_protocol_negotiation
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.749
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 17 03 03 00 42 ....B
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.749
> CEST|SSLSocketInputRecord.java:213|READ: TLSv1.2 application_data,
> length = 66
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.749
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 63 F7 54 24 11 6A 91 1F 1F C5 70 9A 26 AD CE 98 c.T$.j....p.&...
> 0010: D0 A9 7A 84 AF 39 7C A0 AD F6 6B B2 10 88 27 8B ..z..9....k...'.
> 0020: 79 E0 F4 5A 9F 68 AA F0 56 D3 45 72 7C 7F 22 03 y..Z.h..V.Er..".
> 0030: 0A 53 F6 24 68 CB 0B E1 3B DD D4 78 B5 AC 1E D7 .S.$h...;..x....
> 0040: 03 FB ..
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.749
> CEST|SSLSocketInputRecord.java:249|READ: TLSv1.2 application_data,
> length = 66
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.750
> CEST|SSLCipher.java:1915|Plaintext after DECRYPTION (
> 0000: 0D 00 00 2D 00 00 2A 00 0D 00 26 00 24 04 03 05 ...-..*...&.$...
> 0010: 03 06 03 08 07 08 08 08 09 08 0A 08 0B 08 04 08 ................
> 0020: 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 ................
> 0030: 01 .
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.750
> CEST|CertificateRequest.java:864|Consuming CertificateRequest handshake
> message (
> "CertificateRequest": {
> "certificate_request_context": "",
> "extensions": [
> "signature_algorithms (13)": {
> "signature schemes": [ecdsa_secp256r1_sha256,
> ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, ed25519, ed448,
> rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512,
> rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512,
> rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha224,
> ecdsa_sha1, rsa_sha224, rsa_pkcs1_sha1]
> }
> ]
> }
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.750
> CEST|SSLExtensions.java:167|Consumed extension: signature_algorithms
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.750
> CEST|SSLExtensions.java:148|Ignore unavailable extension:
> signature_algorithms_cert
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.751
> CEST|SignatureScheme.java:390|Unsupported signature scheme: ed25519
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.751
> CEST|SignatureScheme.java:390|Unsupported signature scheme: ed448
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.751
> CEST|SignatureScheme.java:390|Unsupported signature scheme: ecdsa_sha224
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.751
> CEST|SignatureScheme.java:390|Unsupported signature scheme: rsa_sha224
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.752
> CEST|SSLExtensions.java:199|Populated with extension: signature_algorithms
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.752
> CEST|SSLExtensions.java:182|Ignore unavailable extension:
> signature_algorithms_cert
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.752
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 17 03 03 03 20 ....
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.752
> CEST|SSLSocketInputRecord.java:213|READ: TLSv1.2 application_data,
> length = 800
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.753
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: FE BB B2 07 BA CE A6 32 AA 58 66 2F 6D 87 16 75 .......2.Xf/m..u
> 0010: CF 71 13 53 FB 45 AE DC 84 F4 AA 33 08 08 DF B5 .q.S.E.....3....
> 0020: 97 C5 79 40 4A 28 F4 9D 0F 5A 86 4E C4 5F C7 2E ..y at J(...Z.N._..
> 0030: AA AA 42 F7 8A FF 6B C1 28 75 9B A3 25 F0 23 81 ..B...k.(u..%.#.
> 0040: 74 BB 9A EA A8 8D 89 BE E9 80 AE 31 C3 3A FC 35 t..........1.:.5
> 0050: E6 CA C5 77 BF C7 0E ED 64 26 DB 4E C3 3D F5 AD ...w....d&.N.=..
> 0060: 5E EB A8 37 AA 81 EF 39 24 84 C9 C4 C7 A2 D7 DB ^..7...9$.......
> 0070: 7F 82 01 7A 02 E7 23 A3 6E C9 68 B8 E5 C3 9F 53 ...z..#.n.h....S
> 0080: 16 6E EF B0 54 D2 67 4C FF 22 E6 78 B1 A0 DB BE .n..T.gL.".x....
> 0090: 97 23 FC C8 D8 92 86 3D C6 6B E4 C1 AC EF B8 46 .#.....=.k.....F
> 00A0: 75 3C 00 08 8B 34 5F 59 05 49 25 97 BE A8 61 8E u<...4_Y.I%...a.
> 00B0: B0 5F 25 91 7A FE 79 53 7A C1 A7 E7 70 7B A5 53 ._%.z.ySz...p..S
> 00C0: 5A 63 8B 8E B9 92 2D B3 80 DC AA 75 BE 0F 47 F3 Zc....-....u..G.
> 00D0: E8 D9 0D 7D D9 C3 B6 00 AD 2A 43 CC 66 87 88 AF .........*C.f...
> 00E0: 35 87 74 2F 87 2F 3C A6 FB 12 1A 9C 46 62 1C DC 5.t/./<.....Fb..
> 00F0: 4E 4E DC 16 70 7E 08 74 FB F7 E6 5F 4D D9 20 F9 NN..p..t..._M. .
> 0100: CA F3 91 45 D6 1A B3 BA FA 4E BD A4 74 9E 4C 78 ...E.....N..t.Lx
> 0110: 03 18 2C 70 35 42 68 F3 9A 1D 24 3F A7 27 DF 29 ..,p5Bh...$?.'.)
> 0120: D5 58 7C CB 19 2F D1 DF 8A 6D B2 85 52 B5 78 19 .X.../...m..R.x.
> 0130: EA 5C E2 7A 23 42 9E D7 A3 DC D0 DE D8 33 47 2B .\.z#B.......3G+
> 0140: 0C D8 6E 77 25 DB E6 12 B0 7A AD A5 C9 96 AC A9 ..nw%....z......
> 0150: 1D CD 73 39 AC 6A 9F E2 0A F7 17 F1 F0 FF 75 9C ..s9.j........u.
> 0160: B2 05 9E 7A F4 18 4F FC 9D 42 69 4C E0 3E A1 21 ...z..O..BiL.>.!
> 0170: DA 1F 71 07 59 C6 A2 F9 0B 4F C0 CD A4 85 A8 DB ..q.Y....O......
> 0180: 77 F6 87 5E 09 16 49 5C 2C B8 C0 7B 39 81 65 FD w..^..I\,...9.e.
> 0190: 29 52 E2 C7 F5 C7 AD BC F6 A9 F9 6D D2 E9 A4 14 )R.........m....
> 01A0: C9 D3 79 2E D2 BA 10 4C BD 44 65 2B A8 7E F1 3A ..y....L.De+...:
> 01B0: F3 F6 11 53 38 17 10 12 B4 CD C5 AD 72 3B 84 A2 ...S8.......r;..
> 01C0: 1B F9 D7 BF 34 00 5A FE F4 CE 09 0C EA F2 27 9A ....4.Z.......'.
> 01D0: BD DD 93 37 E2 DF 60 CC 8A F7 C6 4B 08 30 0D 78 ...7..`....K.0.x
> 01E0: 5C EB 49 34 DB 8B EB 55 33 0C 82 03 07 FD 3D FC \.I4...U3.....=.
> 01F0: 49 11 88 1C F6 67 7F 0B 48 AA EC 1B AF 04 46 CF I....g..H.....F.
> 0200: 09 C5 8E B3 F8 92 C4 56 3D 8F 0E 1D 9F D3 0C FE .......V=.......
> 0210: 94 23 15 53 8E 1F 5E C4 FA 44 03 3B 1B B0 0A 2D .#.S..^..D.;...-
> 0220: 71 D4 B5 AC 1F 52 D7 25 9F A0 C8 4B 9B 32 B8 22 q....R.%...K.2."
> 0230: 3F AF B3 19 16 8C 2A 5C B4 89 BF 82 DC 4D AF 22 ?.....*\.....M."
> 0240: 2A 33 73 90 F3 C8 FF 2E C1 B3 83 D2 7A 29 4E 15 *3s.........z)N.
> 0250: 5D 87 86 F6 94 EA B0 B4 A4 41 B9 C5 BA 89 B8 E9 ]........A......
> 0260: 26 E7 96 BC 4D 8A FD 86 C7 C9 2A 96 75 C3 07 EF &...M.....*.u...
> 0270: 5C 5A 4E 91 71 7D 1B A2 12 88 C5 D0 D2 5E 79 E1 \ZN.q........^y.
> 0280: 6C 65 35 5E 6C CC 56 47 FD F3 96 78 7A A0 08 7E le5^l.VG...xz...
> 0290: DB 3C CC 10 76 15 37 46 48 6B 2D 23 7B A3 44 5A .<..v.7FHk-#..DZ
> 02A0: A4 46 B3 CE E2 15 BA 4C D2 93 16 57 1F BA 75 72 .F.....L...W..ur
> 02B0: BF 8C 66 50 F2 A4 F6 05 84 E5 47 12 30 BE 34 70 ..fP......G.0.4p
> 02C0: 4D 0F BD FE 54 E8 B1 CE B5 7F 6E 97 38 09 29 1F M...T.....n.8.).
> 02D0: 41 2D 2E 9E 75 D8 77 0C 08 DB 5C B4 EE 3F FE E2 A-..u.w...\..?..
> 02E0: DC CF D0 ED C8 02 50 C4 EE B3 1D 8A 9E 9B EE 5E ......P........^
> 02F0: 14 BA C2 5A B0 83 8E 5C E5 7B 69 2B 69 8C F1 AA ...Z...\..i+i...
> 0300: 2D D5 D1 3D 9D 42 1B B2 50 5D BE 7E E4 11 D2 90 -..=.B..P]......
> 0310: 0B 54 71 7F D6 13 88 E2 FE 37 9F 70 B5 0B 57 79 .Tq......7.p..Wy
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.753
> CEST|SSLSocketInputRecord.java:249|READ: TLSv1.2 application_data,
> length = 800
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.755
> CEST|SSLCipher.java:1915|Plaintext after DECRYPTION (
> 0000: 0B 00 03 0B 00 00 03 07 00 03 02 30 82 02 FE 30 ...........0...0
> 0010: 82 01 E6 A0 03 02 01 02 02 08 20 C3 8D C4 49 66 .......... ...If
> 0020: D0 02 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 ..0...*.H.......
> 0030: 00 30 3E 31 3C 30 3A 06 03 55 04 03 0C 33 65 38 .0>1<0:..U...3e8
> 0040: 61 63 30 32 66 61 30 64 36 35 61 38 34 32 31 39 ac02fa0d65a84219
> 0050: 30 31 36 30 34 35 64 62 38 62 30 35 63 34 38 35 016045db8b05c485
> 0060: 62 34 65 63 64 66 2E 6E 65 74 74 79 2E 74 65 73 b4ecdf.netty.tes
> 0070: 74 30 20 17 0D 31 33 30 38 30 32 30 37 35 31 33 t0 ..13080207513
> 0080: 36 5A 18 0F 39 39 39 39 31 32 33 31 32 33 35 39 6Z..999912312359
> 0090: 35 39 5A 30 3E 31 3C 30 3A 06 03 55 04 03 0C 33 59Z0>1<0:..U...3
> 00A0: 65 38 61 63 30 32 66 61 30 64 36 35 61 38 34 32 e8ac02fa0d65a842
> 00B0: 31 39 30 31 36 30 34 35 64 62 38 62 30 35 63 34 19016045db8b05c4
> 00C0: 38 35 62 34 65 63 64 66 2E 6E 65 74 74 79 2E 74 85b4ecdf.netty.t
> 00D0: 65 73 74 30 82 01 22 30 0D 06 09 2A 86 48 86 F7 est0.."0...*.H..
> 00E0: 0D 01 01 01 05 00 03 82 01 0F 00 30 82 01 0A 02 ...........0....
> 00F0: 82 01 01 00 DB F8 70 4E DC 2D 14 44 12 AF 0D 48 ......pN.-.D...H
> 0100: 09 1D B8 48 94 1C 9E F1 7F DC 6C D1 F7 94 3A B7 ...H......l...:.
> 0110: 5C E3 85 07 3E CB E1 76 4A 2C 32 17 4B E1 5E 42 \...>..vJ,2.K.^B
> 0120: A4 80 50 CA 36 A2 D9 94 F9 59 23 D0 AA 2B B2 13 ..P.6....Y#..+..
> 0130: 23 6D 45 DF 13 52 A4 4E 28 D3 30 99 5A 81 AD 8C #mE..R.N(.0.Z...
> 0140: DB 15 55 B7 6D 5F 44 89 09 35 66 C8 2F 47 56 14 ..U.m_D..5f./GV.
> 0150: B5 B2 46 AE CE 5D DC A0 C8 59 08 89 6F 5B DB F2 ..F..]...Y..o[..
> 0160: D8 69 E3 C1 80 44 F6 DA 46 ED 1D 20 80 12 3F 81 .i...D..F.. ..?.
> 0170: 95 27 F6 EB 9F B5 AC DC 72 01 70 46 18 67 1C 08 .'......r.pF.g..
> 0180: AC C4 6D CA 80 48 12 87 3A 05 69 EA 92 EA 95 00 ..m..H..:.i.....
> 0190: 1F B9 2C BA 83 F3 B3 1B 37 1E B3 7C D7 46 B1 AE ..,.....7....F..
> 01A0: D4 DD E9 04 8C C0 23 00 96 E3 6F 67 E7 66 65 61 ......#...og.fea
> 01B0: F6 11 D2 7A FE 44 42 83 9D 1A CF 20 80 EC 58 04 ...z.DB.... ..X.
> 01C0: A6 10 78 41 7B 34 C3 FA FD 2A 08 94 72 2F 3D AE ..xA.4...*..r/=.
> 01D0: B0 58 16 63 EE DA 81 42 44 DB 21 C7 23 69 93 BB .X.c...BD.!.#i..
> 01E0: 64 40 16 78 01 8A 52 57 94 C0 AD 57 04 F4 C4 6B d at .x..RW...W...k
> 01F0: 90 C6 46 C7 02 03 01 00 01 30 0D 06 09 2A 86 48 ..F......0...*.H
> 0200: 86 F7 0D 01 01 0B 05 00 03 82 01 01 00 4B FC 37 .............K.7
> 0210: B5 E6 F2 A6 98 D8 58 2B 39 CE 8F 6B 51 93 80 0F ......X+9..kQ...
> 0220: 80 39 BD DA 53 7D D3 1B 00 11 F3 A7 FE 9C B7 FA .9..S...........
> 0230: 05 23 DA A2 17 10 7C E7 89 89 DE C5 90 5B 98 22 .#...........[."
> 0240: 7B 97 97 EA 2A B3 E4 6A 33 F8 FC 47 41 39 06 E1 ....*..j3..GA9..
> 0250: 98 63 6C 0E 2A 92 FF 3D B1 62 D7 27 FF 2B 2B DF .cl.*..=.b.'.++.
> 0260: B7 B2 95 87 C7 B5 21 45 1E 73 F8 B5 0D D6 13 0C ......!E.s......
> 0270: 1D 25 35 6B D7 5F 18 DF 30 A1 8B 72 DD C6 31 B1 .%5k._..0..r..1.
> 0280: 07 2A F2 DF 1F 1E 36 23 0C FF F9 FB DA E8 B5 2B .*....6#.......+
> 0290: 3B 8B B6 4C 37 EF D3 27 07 B9 1E D4 64 4B 82 D4 ;..L7..'....dK..
> 02A0: 32 78 C6 D1 61 6E 9A BF 41 10 23 0B 27 CD C7 77 2x..an..A.#.'..w
> 02B0: 03 73 B2 F6 12 D2 56 9C 29 A2 BD 31 40 F6 5F 0C .s....V.)..1 at ._.
> 02C0: 17 56 4F 30 34 95 77 87 9C 43 B0 74 C5 92 05 43 .VO04.w..C.t...C
> 02D0: 97 12 48 5B 7B 58 66 89 0A C1 8C CD 89 14 E0 5A ..H[.Xf........Z
> 02E0: 78 23 29 10 71 6C 5D 94 D5 FB C0 96 51 C1 0D 93 x#).ql].....Q...
> 02F0: 64 91 45 82 5A 53 88 56 5D 7A AE 88 E8 07 7D 02 d.E.ZS.V]z......
> 0300: 7D 44 9D CA 73 E5 6F 14 27 8B 6F 86 6C 00 00 .D..s.o.'.o.l..
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.756
> CEST|CertificateMessage.java:1148|Consuming server Certificate handshake
> message (
> "Certificate": {
> "certificate_request_context": "",
> "certificate_list": [
> {
> "certificate" : {
> "version" : "v3",
> "serial number" : "20 C3 8D C4 49 66 D0 02",
> "signature algorithm": "SHA256withRSA",
> "issuer" :
> "CN=e8ac02fa0d65a84219016045db8b05c485b4ecdf.netty.test",
> "not before" : "2013-08-02 09:51:36.000 CEST",
> "not after" : "10000-01-01 24:59:59.000 CET",
> "subject" :
> "CN=e8ac02fa0d65a84219016045db8b05c485b4ecdf.netty.test",
> "subject public key" : "RSA"}
> "extensions": {
> <no extension>
> }
> },
> ]
> }
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.756
> CEST|SSLExtensions.java:148|Ignore unavailable extension: status_request
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.757
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 17 03 03 01 19 .....
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.757
> CEST|SSLSocketInputRecord.java:213|READ: TLSv1.2 application_data,
> length = 281
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.757
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: DE 53 C0 74 78 C3 82 0D E8 46 C0 0A F4 56 6E 6B .S.tx....F...Vnk
> 0010: B5 39 77 41 20 21 BA 07 99 2B BF 8D 0A 41 C9 B8 .9wA !...+...A..
> 0020: BC 0F C1 8E C5 76 36 F0 7A B6 9A F8 38 4D 4D 4D .....v6.z...8MMM
> 0030: 70 33 BE 8F 8C ED BE BC 60 49 B8 41 65 E9 04 D9 p3......`I.Ae...
> 0040: 45 43 AA 41 6D F7 67 7B 03 6D FF E0 4D 76 53 CE EC.Am.g..m..MvS.
> 0050: C1 73 3E 1C CD 87 40 B7 25 56 54 0C 3E CA D7 1D .s>... at .%VT.>...
> 0060: 45 80 41 E8 36 B7 FC 57 38 BB 21 EB E7 EA 19 A1 E.A.6..W8.!.....
> 0070: 39 25 B0 44 8B FD 30 87 86 7A 47 03 C1 02 AC FD 9%.D..0..zG.....
> 0080: 67 89 4B 27 34 04 20 AE 91 65 7C 8C 4A 58 C5 77 g.K'4. ..e..JX.w
> 0090: 46 2E DD A8 23 CA 5C 28 49 25 23 3D 8A 93 B9 10 F...#.\(I%#=....
> 00A0: 24 0D DE DC 98 AC AA B0 CB 51 80 D7 F8 E7 20 23 $........Q.... #
> 00B0: 41 64 A6 44 93 A7 E1 A7 91 62 4F 3A 73 F6 24 04 Ad.D.....bO:s.$.
> 00C0: C3 E8 25 65 37 D9 1B 7A 65 AE DE C6 29 67 2E C1 ..%e7..ze...)g..
> 00D0: F7 4C 5C 18 D7 14 98 90 ED 9D AD F5 98 A7 FD 93 .L\.............
> 00E0: 53 F4 B5 90 C9 CB FD 54 8E 5F 53 23 E3 73 94 BD S......T._S#.s..
> 00F0: A4 07 B7 E3 C7 83 7B 17 CF 51 4A 9E 9C 05 3C 51 .........QJ...<Q
> 0100: 4D C7 A1 7A D6 4D A6 58 E5 3A D4 12 B9 B9 46 9C M..z.M.X.:....F.
> 0110: AB 1D C5 6B F9 6A 85 CB E2 ...k.j...
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.758
> CEST|SSLSocketInputRecord.java:249|READ: TLSv1.2 application_data,
> length = 281
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.758
> CEST|SSLCipher.java:1915|Plaintext after DECRYPTION (
> 0000: 0F 00 01 04 08 04 01 00 30 11 28 CE 64 4E 08 BA ........0.(.dN..
> 0010: A1 BE 46 D9 3D 14 29 1A EB 5A B0 1A 09 B7 11 A5 ..F.=.)..Z......
> 0020: 9A F4 22 17 87 5F 87 D5 63 04 8E 27 EC 3A F8 52 ..".._..c..'.:.R
> 0030: 36 F4 2F CF 47 D2 5C CE 0A F0 29 EF 63 03 B1 64 6./.G.\...).c..d
> 0040: B8 45 6E 39 71 E3 BD 25 95 31 25 85 4C FB C6 AD .En9q..%.1%.L...
> 0050: C8 43 96 4E FA AD B9 98 17 43 61 FB 9B 87 CE 94 .C.N.....Ca.....
> 0060: CF 74 6F 3B AA 6A C8 80 8F C7 C8 05 E4 EF 42 6C .to;.j........Bl
> 0070: D4 01 9E 25 5E 34 E8 2D 93 BD BB 05 49 2F 9D B6 ...%^4.-....I/..
> 0080: F6 91 2F D1 E5 CB 1B 9E F6 DB 18 32 1D F5 66 A0 ../........2..f.
> 0090: 63 5D 25 01 B6 F6 1B 41 07 3E 90 61 37 49 38 17 c]%....A.>.a7I8.
> 00A0: B0 15 C9 AD 0C 7A 05 8D B4 48 BB 03 2D DE 5E 49 .....z...H..-.^I
> 00B0: 99 8B 74 53 5F 73 9B 18 FD 95 2A C3 F9 A3 8B 59 ..tS_s....*....Y
> 00C0: 1A ED 2C 55 C2 22 10 1E 7A FC 38 0A 99 FC 30 89 ..,U."..z.8...0.
> 00D0: 03 89 1C CD A7 DE E5 35 FD E9 E0 05 96 09 AF DD .......5........
> 00E0: 51 A3 7F C7 16 C5 96 8D CA CC 53 50 DC C5 C6 BA Q.........SP....
> 00F0: D6 05 28 18 BA 99 F8 0F 7F 24 9F D5 6B 93 DE BC ..(......$..k...
> 0100: EB 23 85 D9 D3 41 56 44 .#...AVD
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.762
> CEST|CertificateVerify.java:1128|Consuming CertificateVerify handshake
> message (
> "CertificateVerify": {
> "signature algorithm": rsa_pss_rsae_sha256
> "signature": {
> 0000: 30 11 28 CE 64 4E 08 BA A1 BE 46 D9 3D 14 29 1A
> 0.(.dN....F.=.).
> 0010: EB 5A B0 1A 09 B7 11 A5 9A F4 22 17 87 5F 87 D5
> .Z........".._..
> 0020: 63 04 8E 27 EC 3A F8 52 36 F4 2F CF 47 D2 5C CE
> c..'.:.R6./.G.\.
> 0030: 0A F0 29 EF 63 03 B1 64 B8 45 6E 39 71 E3 BD 25
> ..).c..d.En9q..%
> 0040: 95 31 25 85 4C FB C6 AD C8 43 96 4E FA AD B9 98
> .1%.L....C.N....
> 0050: 17 43 61 FB 9B 87 CE 94 CF 74 6F 3B AA 6A C8 80
> .Ca......to;.j..
> 0060: 8F C7 C8 05 E4 EF 42 6C D4 01 9E 25 5E 34 E8 2D
> ......Bl...%^4.-
> 0070: 93 BD BB 05 49 2F 9D B6 F6 91 2F D1 E5 CB 1B 9E
> ....I/..../.....
> 0080: F6 DB 18 32 1D F5 66 A0 63 5D 25 01 B6 F6 1B 41
> ...2..f.c]%....A
> 0090: 07 3E 90 61 37 49 38 17 B0 15 C9 AD 0C 7A 05 8D
> .>.a7I8......z..
> 00A0: B4 48 BB 03 2D DE 5E 49 99 8B 74 53 5F 73 9B 18
> .H..-.^I..tS_s..
> 00B0: FD 95 2A C3 F9 A3 8B 59 1A ED 2C 55 C2 22 10 1E
> ..*....Y..,U."..
> 00C0: 7A FC 38 0A 99 FC 30 89 03 89 1C CD A7 DE E5 35
> z.8...0........5
> 00D0: FD E9 E0 05 96 09 AF DD 51 A3 7F C7 16 C5 96 8D
> ........Q.......
> 00E0: CA CC 53 50 DC C5 C6 BA D6 05 28 18 BA 99 F8 0F
> ..SP......(.....
> 00F0: 7F 24 9F D5 6B 93 DE BC EB 23 85 D9 D3 41 56 44
> .$..k....#...AVD
> }
> }
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.762
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 17 03 03 00 35 ....5
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.762
> CEST|SSLSocketInputRecord.java:213|READ: TLSv1.2 application_data,
> length = 53
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.763
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: F6 A7 CD EA 89 34 B2 DB C4 28 91 18 C9 03 98 B6 .....4...(......
> 0010: DF 49 4E F5 2E 23 32 90 F8 13 C7 AE 18 E3 E5 64 .IN..#2........d
> 0020: D9 E4 A5 B0 5C F0 4A 3E AF EC 28 8D 09 78 AB EE ....\.J>..(..x..
> 0030: 38 1B 9E 45 04 8..E.
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.763
> CEST|SSLSocketInputRecord.java:249|READ: TLSv1.2 application_data,
> length = 53
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.763
> CEST|SSLCipher.java:1915|Plaintext after DECRYPTION (
> 0000: 14 00 00 20 F2 93 6B 71 2B FA F3 1B BF 68 98 D1 ... ..kq+....h..
> 0010: AA 5E B0 AF 5D 3B A6 B5 8F 79 BA 64 E8 A1 34 5F .^..];...y.d..4_
> 0020: D4 2B ED 8C .+..
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.764
> CEST|Finished.java:860|Consuming server Finished handshake message (
> "Finished": {
> "verify data": {
> 0000: F2 93 6B 71 2B FA F3 1B BF 68 98 D1 AA 5E B0 AF
> ..kq+....h...^..
> 0010: 5D 3B A6 B5 8F 79 BA 64 E8 A1 34 5F D4 2B ED 8C
> ];...y.d..4_.+..
> }'}
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.765
> CEST|SSLCipher.java:1824|KeyLimit read side: algorithm =
> AES/GCM/NOPADDING:KEYUPDATE
> countdown value = 137438953472
> javax.net.ssl|WARNING|01|main|2018-09-17 11:51:54.765
> CEST|CertificateMessage.java:1015|No signature_algorithms(_cert) in
> ClientHello
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.766
> CEST|CertificateMessage.java:1081|No available client authentication scheme
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.766
> CEST|CertificateMessage.java:1116|Produced client Certificate message (
> "Certificate": {
> "certificate_request_context": "",
> "certificate_list": [
> ]
> }
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.766
> CEST|SSLSocketOutputRecord.java:241|WRITE: TLS13 handshake, length = 8
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.766
> CEST|SSLCipher.java:2020|Plaintext before ENCRYPTION (
> 0000: 0B 00 00 04 00 00 00 00 16 00 00 00 00 00 00 00 ................
> 0010: 00 00 00 00 00 00 00 00 00 .........
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.767
> CEST|SSLSocketOutputRecord.java:255|Raw write (
> 0000: 17 03 03 00 29 E5 32 E4 5B 13 E7 D4 A1 78 FE 38 ....).2.[....x.8
> 0010: 26 22 CB C1 04 88 3A 3A 2D D4 A1 31 5A 78 65 50 &"....::-..1ZxeP
> 0020: 51 45 67 FA 9F 55 35 E1 49 C5 3B 3B 91 B1 QEg..U5.I.;;..
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.767
> CEST|CertificateVerify.java:1059|No X.509 credentials negotiated for
> CertificateVerify
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.768
> CEST|Finished.java:658|Produced client Finished handshake message (
> "Finished": {
> "verify data": {
> 0000: D8 47 0B A0 DF BB BF 49 E4 55 B9 D3 FB 3D B0 DD
> .G.....I.U...=..
> 0010: 57 1E 08 28 20 7E E1 0B E3 EB 12 10 09 76 D1 8F W..(
> ........v..
> }'}
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.768
> CEST|SSLSocketOutputRecord.java:241|WRITE: TLS13 handshake, length = 36
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.769
> CEST|SSLCipher.java:2020|Plaintext before ENCRYPTION (
> 0000: 14 00 00 20 D8 47 0B A0 DF BB BF 49 E4 55 B9 D3 ... .G.....I.U..
> 0010: FB 3D B0 DD 57 1E 08 28 20 7E E1 0B E3 EB 12 10 .=..W..( .......
> 0020: 09 76 D1 8F 16 00 00 00 00 00 00 00 00 00 00 00 .v..............
> 0030: 00 00 00 00 00 .....
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.769
> CEST|SSLSocketOutputRecord.java:255|Raw write (
> 0000: 17 03 03 00 45 0F 4D 84 52 28 59 96 92 52 D1 AB ....E.M.R(Y..R..
> 0010: DB 86 64 25 31 FF 9D 8E D7 84 63 B5 03 E2 9E 06 ..d%1.....c.....
> 0020: 3C 8C C2 22 F3 7A EE 55 AD 8C F5 5C F6 04 9A E2 <..".z.U...\....
> 0030: 6D BA E4 C4 9F 97 C3 DA BC D3 CB 8C 2C 9E BF FD m...........,...
> 0040: A3 9F C1 A2 79 51 75 B7 AE B6 ....yQu...
> )
> javax.net.ssl|DEBUG|01|main|2018-09-17 11:51:54.770
> CEST|SSLCipher.java:1978|KeyLimit write side: algorithm =
> AES/GCM/NOPADDING:KEYUPDATE
> countdown value = 137438953472
> javax.net.ssl|DEBUG|0C|Thread-0|2018-09-17 11:51:54.772
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 17 03 03 00 13 .....
> )
> javax.net.ssl|DEBUG|0C|Thread-0|2018-09-17 11:51:54.772
> CEST|SSLSocketInputRecord.java:213|READ: TLSv1.2 application_data,
> length = 19
> javax.net.ssl|DEBUG|0C|Thread-0|2018-09-17 11:51:54.772
> CEST|SSLSocketInputRecord.java:458|Raw read (
> 0000: 4F 0D C7 65 8B 24 B4 92 A2 26 31 8C 81 AF 8F F7 O..e.$...&1.....
> 0010: AC C3 B3 ...
> )
> javax.net.ssl|DEBUG|0C|Thread-0|2018-09-17 11:51:54.772
> CEST|SSLSocketInputRecord.java:249|READ: TLSv1.2 application_data,
> length = 19
> javax.net.ssl|DEBUG|0C|Thread-0|2018-09-17 11:51:54.773
> CEST|SSLCipher.java:1915|Plaintext after DECRYPTION (
> 0000: 02 74 .t
> )
> javax.net.ssl|DEBUG|0C|Thread-0|2018-09-17 11:51:54.774
> CEST|Alert.java:232|Received alert message (
> "Alert": {
> "level" : "fatal",
> "description": "certificate_required"
> }
> )
> javax.net.ssl|ERROR|0C|Thread-0|2018-09-17 11:51:54.774
> CEST|TransportContext.java:313|Fatal (CERTIFICATE_REQUIRED): Received
> fatal alert: certificate_required (
> "throwable" : {
> javax.net.ssl.SSLHandshakeException: Received fatal alert:
> certificate_required
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
> at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
> at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1155)
> at
> java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1125)
> at
> java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:823)
> at
> java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:758)
> at ReproducerClient$1.run(ReproducerClient.java:33)
> at java.base/java.lang.Thread.run(Thread.java:834)}
>
> )
> javax.net.ssl|ALL|0C|Thread-0|2018-09-17 11:51:54.775
> CEST|SSLSessionImpl.java:753|Invalidated session:
> Session(1537177914725|TLS_AES_128_GCM_SHA256)
> javax.net.ssl|DEBUG|0C|Thread-0|2018-09-17 11:51:54.776
> CEST|SSLSocketImpl.java:1361|close the underlying socket
> javax.net.ssl|DEBUG|0C|Thread-0|2018-09-17 11:51:54.776
> CEST|SSLSocketImpl.java:1380|close the SSL connection (initiative)
> javax.net.ssl|WARNING|0C|Thread-0|2018-09-17 11:51:54.777
> CEST|SSLSocketImpl.java:1289|handling exception (
> "throwable" : {
> javax.net.ssl.SSLHandshakeException: Received fatal alert:
> certificate_required
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:128)
> at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
> at
> java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
> at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:279)
> at
> java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:181)
> at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
> at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1155)
> at
> java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1125)
> at
> java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:823)
> at
> java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:758)
> at ReproducerClient$1.run(ReproducerClient.java:33)
> at java.base/java.lang.Thread.run(Thread.java:834)}
>
> )
>
>
> Bye
> Norman
>
>> On 16. Sep 2018, at 15:54, Norman Maurer <norman.maurer at googlemail.com
>> <mailto:norman.maurer at googlemail.com>> wrote:
>>
>> Will do, but not before tomorrow (I will also share the client side
>> code). That said there is nothing special about the keymanager.
>> Like I said before it sends the cert when using „want client with“, it
>> just seems it may be too late.
>>
>>
>> Bye
>> Norman
>>
>>> Am 15.09.2018 um 08:26 schrieb Bradford Wetmore
>>> <bradford.wetmore at oracle.com <mailto:bradford.wetmore at oracle.com>>:
>>>
>>> It would greatly help if you can provide the client side debug output
>>> so we can see what's going on locally:
>>>
>>> -Djavax.net.debug=all or System.setProperty(....)
>>>
>>> Please also let us know if you are using a custom client keymanager.
>>> It's possible that it isn't properly selecting an entity to use, in
>>> which case an empty message will be sent.
>>>
>>> Brad
>>>
>>>
>>>> On 9/14/2018 11:18 PM, Norman Maurer wrote:
>>>> Ok will try to find time today.
>>>>> Am 15.09.2018 um 08:08 schrieb Xuelei Fan <xuelei.fan at oracle.com
>>>>> <mailto:xuelei.fan at oracle.com>>:
>>>>>
>>>>> Hi Norman,
>>>>>
>>>>> I have not had a chance to look into the details. But sure, it
>>>>> helps a lot if you can provide a java client to reproduce the issue.
>>>>>
>>>>> Thanks,
>>>>> Xuelei
>>>>>
>>>>>> On 9/14/2018 10:29 PM, Norman Maurer wrote:
>>>>>> Is there any more details you need ?
>>>>>> Just wondering. If you say so I can also provide a pure jdk client
>>>>>> (without the Netty wrapper) that shows the problem when used with
>>>>>> OpenSSL on the server in the next days.
>>>>>> Bye
>>>>>> Norman
>>>>>>> Am 13.09.2018 um 21:07 schrieb Norman Maurer
>>>>>>> <norman.maurer at googlemail.com <mailto:norman.maurer at googlemail.com>>:
>>>>>>>
>>>>>>> Hi all,
>>>>>>>
>>>>>>> I am currently in the process of adding TLS 1.3 support into
>>>>>>> netty-tcnative[1] which uses JNI to make use of OpenSSL for it.
>>>>>>> During this work I noticed that I received test-failures when
>>>>>>> mutual auth is used and the JDK implementation is used on the
>>>>>>> client side. When using the JDK implementation on the server and
>>>>>>> client side all works as expected. Also if I use another protocol
>>>>>>> (like TLSv1.2) all works as expected.
>>>>>>>
>>>>>>> The problem I am observing is that the client seems to sent the
>>>>>>> certificate “too late” and so the server (which uses openssl)
>>>>>>> will report and error that the client did not provide an
>>>>>>> certificate (even when it was required).
>>>>>>>
>>>>>>> To reproduce this you can use openssl s_server like this and just
>>>>>>> create your usual SSLSocket with a KeyManagerFactory configured.
>>>>>>>
>>>>>>> ./bin/openssl s_server -tls1_3 -cert
>>>>>>> ~/Documents/workspace/netty/handler/src/test/resources/io/netty/handler/ssl/test.crt
>>>>>>> -key
>>>>>>> ~/Documents/workspace/netty/handler/src/test/resources/io/netty/handler/ssl/test_unencrypted.pem
>>>>>>> -4 -accept localhost:8443 -state -debug -Verify 1
>>>>>>>
>>>>>>> When now try to connect to it via the JDK TLS1.3 implementation I
>>>>>>> see the following output:
>>>>>>> SSL_accept:before SSL initialization
>>>>>>> read from 0x7fe400f050c0 [0x7fe40300f603] (5 bytes => 5 (0x5))
>>>>>>> 0000 - 16 03 03 01 60 ....`
>>>>>>> read from 0x7fe400f050c0 [0x7fe40300f608] (352 bytes => 352 (0x160))
>>>>>>> 0000 - 01 00 01 5c 03 03 22 da-02 d7 86 40 6e 7d c5 a7
>>>>>>> ...\..".... at n}..
>>>>>>> 0010 - ea 34 47 a4 fa d0 bb 92-f5 62 ec f6 21 e5 ec da
>>>>>>> .4G......b..!...
>>>>>>> 0020 - d6 6b 75 aa b9 34 20 b7-57 a6 83 7b c8 bc a2 0f .ku..4
>>>>>>> .W..{....
>>>>>>> 0030 - 52 82 11 6f a3 1a 84 c5-4b fd e0 80 58 3c 2a bf
>>>>>>> R..o....K...X<*.
>>>>>>> 0040 - af 54 32 4c 7d 4f fe 00-14 c0 2c c0 2b c0 2f c0
>>>>>>> .T2L}O....,.+./.
>>>>>>> 0050 - 13 c0 14 00 9c 00 2f 00-35 13 01 13 02 01 00 00
>>>>>>> ....../.5.......
>>>>>>> 0060 - ff 00 05 00 05 01 00 00-00 00 00 0a 00 20 00 1e
>>>>>>> ............. ..
>>>>>>> 0070 - 00 17 00 18 00 19 00 09-00 0a 00 0b 00 0c 00 0d
>>>>>>> ................
>>>>>>> 0080 - 00 0e 00 16 01 00 01 01-01 02 01 03 01 04 00 0b
>>>>>>> ................
>>>>>>> 0090 - 00 02 01 00 00 0d 00 28-00 26 04 03 05 03 06 03
>>>>>>> .......(.&......
>>>>>>> 00a0 - 08 04 08 05 08 06 08 09-08 0a 08 0b 04 01 05 01
>>>>>>> ................
>>>>>>> 00b0 - 06 01 04 02 03 03 03 01-03 02 02 03 02 01 02 02
>>>>>>> ................
>>>>>>> 00c0 - 00 32 00 28 00 26 04 03-05 03 06 03 08 04 08 05
>>>>>>> .2.(.&..........
>>>>>>> 00d0 - 08 06 08 09 08 0a 08 0b-04 01 05 01 06 01 04 02
>>>>>>> ................
>>>>>>> 00e0 - 03 03 03 01 03 02 02 03-02 01 02 02 00 11 00 09
>>>>>>> ................
>>>>>>> 00f0 - 00 07 02 00 04 00 00 00-00 00 17 00 00 00 2b 00
>>>>>>> ..............+.
>>>>>>> 0100 - 09 08 03 04 03 03 03 02-03 01 00 2d 00 02 01 01
>>>>>>> ...........-....
>>>>>>> 0110 - 00 33 00 47 00 45 00 17-00 41 04 4e da b3 f2 63
>>>>>>> .3.G.E...A.N...c
>>>>>>> 0120 - ee 6e bf e3 af 73 be c9-92 c5 ec 70 ff c7 64 b8
>>>>>>> .n...s.....p..d.
>>>>>>> 0130 - 8a 9a cc fd f9 d6 36 ef-ce e0 dc 81 01 2f 87 57
>>>>>>> ......6....../.W
>>>>>>> 0140 - 56 f0 e4 2d 8b c8 73 14-eb 5f 21 0a 5e 94 46 ba
>>>>>>> V..-..s.._!.^.F.
>>>>>>> 0150 - de d1 33 57 4c b5 b3 66-c9 26 fb ff 01 00 01 00
>>>>>>> ..3WL..f.&......
>>>>>>> SSL_accept:before SSL initialization
>>>>>>> SSL_accept:SSLv3/TLS read client hello
>>>>>>> SSL_accept:SSLv3/TLS write server hello
>>>>>>> SSL_accept:SSLv3/TLS write change cipher spec
>>>>>>> SSL_accept:TLSv1.3 write encrypted extensions
>>>>>>> SSL_accept:SSLv3/TLS write certificate request
>>>>>>> SSL_accept:SSLv3/TLS write certificate
>>>>>>> SSL_accept:TLSv1.3 write server certificate verify
>>>>>>> write to 0x7fe400f050c0 [0x7fe403018a00] (1430 bytes => 1430 (0x596))
>>>>>>> 0000 - 16 03 03 00 9b 02 00 00-97 03 03 bc 7f 3b 07 ad
>>>>>>> .............;..
>>>>>>> 0010 - fb 21 9c 6f 7c 4a 9d 84-9a 82 6e 9c 1a b4 e3 5d
>>>>>>> .!.o|J....n....]
>>>>>>> 0020 - a8 d3 9d 52 a7 e1 93 c3-cc 8c 82 20 b7 57 a6 83
>>>>>>> ...R....... .W..
>>>>>>> 0030 - 7b c8 bc a2 0f 52 82 11-6f a3 1a 84 c5 4b fd e0
>>>>>>> {....R..o....K..
>>>>>>> 0040 - 80 58 3c 2a bf af 54 32-4c 7d 4f fe 13 01 00 00
>>>>>>> .X<*..T2L}O.....
>>>>>>> 0050 - 4f 00 2b 00 02 03 04 00-33 00 45 00 17 00 41 04
>>>>>>> O.+.....3.E...A.
>>>>>>> 0060 - 7d 81 11 ab ff a6 60 e7-5f 23 82 ed 22 35 76 24
>>>>>>> }.....`._#.."5v$
>>>>>>> 0070 - b0 47 09 25 0c 79 b9 07-5b 3e 28 b7 3c d8 d3 ce
>>>>>>> .G.%.y..[>(.<...
>>>>>>> 0080 - 6b 89 c6 01 21 28 c9 97-ae 50 a5 e7 43 35 ae c7
>>>>>>> k...!(...P..C5..
>>>>>>> 0090 - 73 10 60 62 57 25 9b c9-f1 93 28 70 03 44 e1 a0
>>>>>>> s.`bW%....(p.D..
>>>>>>> 00a0 - 14 03 03 00 01 01 17 03-03 00 27 0f 8b fb 2d 33
>>>>>>> ..........'...-3
>>>>>>> 00b0 - 72 c6 a8 28 0b 7d e1 c3-b7 d0 f3 d9 18 5b ca e0
>>>>>>> r..(.}.......[..
>>>>>>> 00c0 - 56 09 74 48 ba 28 16 1c-15 11 d9 fa 6e b3 bc b9
>>>>>>> V.tH.(......n...
>>>>>>> 00d0 - 4d 54 17 03 03 00 42 35-53 5b 9a 8e 09 df 86 c4
>>>>>>> MT....B5S[......
>>>>>>> 00e0 - 00 28 05 6d a8 c9 bb 38-e2 77 72 73 25 26 e3 65
>>>>>>> .(.m...8.wrs%&.e
>>>>>>> 00f0 - 58 d8 fd 15 8a ce ea 97-8a 50 1e e3 f9 c5 dc 96
>>>>>>> X........P......
>>>>>>> 0100 - f0 3b 3c 0a 12 41 58 9d-ab f8 3a 28 0a 1f 61 e9
>>>>>>> .;<..AX...:(..a.
>>>>>>> 0110 - df 68 a9 1f 84 66 f7 5b-d7 17 03 03 03 20 8f b5
>>>>>>> .h...f.[..... ..
>>>>>>> 0120 - b4 52 44 80 d0 b9 63 3d-80 9c 8b 02 fc f3 d5 bb
>>>>>>> .RD...c=........
>>>>>>> 0130 - a9 2a 4f 5b 4a cc 77 78-96 75 95 20 b8 12 c4 a6
>>>>>>> .*O[J.wx.u. ....
>>>>>>> 0140 - e6 82 ea 56 56 e2 5f 97-65 99 7e 6e 3d b1 66 ee
>>>>>>> ...VV._.e.~n=.f.
>>>>>>> 0150 - 10 4c f7 6d 9b 73 86 14-7a 81 f8 b1 27 af 08 ee
>>>>>>> .L.m.s..z...'...
>>>>>>> 0160 - ce 26 90 34 73 3d b7 45-8d 85 29 a8 65 19 e7 02
>>>>>>> .&.4s=.E..).e...
>>>>>>> 0170 - e5 55 4a 27 f1 b1 6a a4-11 cc 6c af 78 6d 22 5c
>>>>>>> .UJ'..j...l.xm"\
>>>>>>> 0180 - 33 73 e3 ad 7f 8d 1b d3-75 95 66 64 2d 0e f1 3e
>>>>>>> 3s......u.fd-..>
>>>>>>> 0190 - c2 30 df a1 7e ce a3 50-c3 4e 68 f6 36 b3 4e 45
>>>>>>> .0..~..P.Nh.6.NE
>>>>>>> 01a0 - 9c ac e9 f2 0d 7c e3 73-6a 40 ab 6e 6e f9 d8 20
>>>>>>> .....|.sj at .nn..
>>>>>>> 01b0 - 9c f3 04 32 cd 1d df 18-e5 4d e3 e8 b1 38 59 f8
>>>>>>> ...2.....M...8Y.
>>>>>>> 01c0 - 28 67 2e ca af a2 8b 88-ce ca 48 a6 07 2b a6 9a
>>>>>>> (g........H..+..
>>>>>>> 01d0 - 0e 88 5b d7 0b d9 31 77-97 8d 6c 2b f5 60 24 61
>>>>>>> ..[...1w..l+.`$a
>>>>>>> 01e0 - a8 5c 47 5d 7c 66 f0 9b-1f e4 76 93 38 f6 78 3e
>>>>>>> .\G]|f....v.8.x>
>>>>>>> 01f0 - 69 29 72 f9 d9 4b cb 05-03 e4 f2 d6 24 e1 91 ee
>>>>>>> i)r..K......$...
>>>>>>> 0200 - 85 37 d7 7b c3 5c 35 90-08 cd b1 cc 76 11 fc 00
>>>>>>> .7.{.\5.....v...
>>>>>>> 0210 - 12 7e 89 7b 70 e6 ca fe-0b 26 b6 bb ac fe 4b 9f
>>>>>>> .~.{p....&....K.
>>>>>>> 0220 - ec cf 41 69 42 3a 3e 41-f9 b0 c0 93 5b 70 1f c7
>>>>>>> ..AiB:>A....[p..
>>>>>>> 0230 - 11 00 3d ec 66 5a 1a ca-31 89 22 27 02 dd a0 cb
>>>>>>> ..=.fZ..1."'....
>>>>>>> 0240 - 39 14 25 ee 30 44 e8 62-97 bf 8e 16 63 40 c4 11
>>>>>>> 9.%.0D.b....c at ..
>>>>>>> 0250 - a6 d9 32 b1 3c 86 35 bb-9f f1 4d 71 9f a5 4f 78
>>>>>>> ..2.<.5...Mq..Ox
>>>>>>> 0260 - 0a e8 96 dd 4d 10 c3 48-f2 db 67 57 2d cd dc 23
>>>>>>> ....M..H..gW-..#
>>>>>>> 0270 - 3a 8d 6a 61 47 20 ff c8-33 cd e9 f7 47 4c 68 4f :.jaG
>>>>>>> ..3...GLhO
>>>>>>> 0280 - 19 2f 8b e3 b1 90 ac 66-a7 cf 5c e6 d2 05 21 25
>>>>>>> ./.....f..\...!%
>>>>>>> 0290 - d2 d8 f0 43 8c 55 01 ef-d6 8f c0 27 87 0d 21 d5
>>>>>>> ...C.U.....'..!.
>>>>>>> 02a0 - 2b 2b 6f db e8 85 ea cd-6e 9c 5d 56 d5 31 c1 f2
>>>>>>> ++o.....n.]V.1..
>>>>>>> 02b0 - 97 2f 5a 83 7a 2b 71 03-65 e0 b6 4a 56 37 de e1
>>>>>>> ./Z.z+q.e..JV7..
>>>>>>> 02c0 - 80 3a c4 cc 5a ac 3b 9a-7a bf f7 6b fe a8 69 e9
>>>>>>> .:..Z.;.z..k..i.
>>>>>>> 02d0 - 58 09 59 bd 46 bd d2 a3-bc ad 1c 10 53 c8 29 7b
>>>>>>> X.Y.F.......S.){
>>>>>>> 02e0 - be 63 00 d6 e5 a8 d6 ab-b2 bc 8b e1 2c 0e 24 2a
>>>>>>> .c..........,.$*
>>>>>>> 02f0 - c2 31 2d d8 6e 1f 19 93-d7 54 e1 1e 28 ce 72 83
>>>>>>> .1-.n....T..(.r.
>>>>>>> 0300 - ff 05 18 f2 fc e9 0c b3-0c 1b d5 96 c2 d8 fc 76
>>>>>>> ...............v
>>>>>>> 0310 - 37 a9 5a ef 8e e9 b6 71-21 f3 bd c1 85 23 85 22
>>>>>>> 7.Z....q!....#."
>>>>>>> 0320 - 3d c4 1c c9 31 8b 7e 00-8f 8e b4 9f 05 d4 80 6b
>>>>>>> =...1.~........k
>>>>>>> 0330 - 98 4c a8 82 68 ff 1a a5-28 e2 9b 03 a1 a7 b1 00
>>>>>>> .L..h...(.......
>>>>>>> 0340 - 02 2b 2d e2 e1 87 8c e8-0a fb 0b 79 54 ca 3d d5
>>>>>>> .+-........yT.=.
>>>>>>> 0350 - 6a dd b7 b7 87 42 2b 47-49 da e9 0a 82 0a c9 8f
>>>>>>> j....B+GI.......
>>>>>>> 0360 - 57 f7 1e 03 ca 8d 16 bc-21 3a 6a ee b9 b8 fa f0
>>>>>>> W.......!:j.....
>>>>>>> 0370 - d9 18 35 9f 35 ac d8 6e-9a 8a 0d 56 10 1e 1f 5a
>>>>>>> ..5.5..n...V...Z
>>>>>>> 0380 - ba ec e4 fe 1a 92 b4 31-35 43 1d 99 b9 12 fa ff
>>>>>>> .......15C......
>>>>>>> 0390 - 99 2b 88 e0 58 ec 9c dc-8f 67 ef 2a c2 e2 64 5d
>>>>>>> .+..X....g.*..d]
>>>>>>> 03a0 - 66 76 1c d0 aa 00 30 59-b1 f5 b1 55 9f ad 60 e9
>>>>>>> fv....0Y...U..`.
>>>>>>> 03b0 - 3d 03 1e d0 8b 4d bf 74-ac bc bb 1c 83 14 c5 e0
>>>>>>> =....M.t........
>>>>>>> 03c0 - f4 fc 70 9e f4 22 a0 78-04 fe c8 b1 17 65 f6 94
>>>>>>> ..p..".x.....e..
>>>>>>> 03d0 - 47 82 50 4a b6 32 74 ae-5b 38 5a 2e d9 b0 6a 45
>>>>>>> G.PJ.2t.[8Z...jE
>>>>>>> 03e0 - 74 e8 f0 22 fe d3 b0 11-c3 fd 72 4f da 77 7a ba
>>>>>>> t.."......rO.wz.
>>>>>>> 03f0 - 26 3e 61 0c 63 21 17 a6-b2 13 6e 71 5c f2 0d ad
>>>>>>> &>a.c!....nq\...
>>>>>>> 0400 - f2 d1 19 71 51 9e a4 1b-b0 30 24 e0 71 7d 87 80
>>>>>>> ...qQ....0$.q}..
>>>>>>> 0410 - a9 5a e9 bc db e4 4f 50-4d a1 bc bc 2c 4b 66 98
>>>>>>> .Z....OPM...,Kf.
>>>>>>> 0420 - d4 e4 b0 76 0f d2 db a5-a5 39 9e f2 5b ea 34 c1
>>>>>>> ...v.....9..[.4.
>>>>>>> 0430 - 62 ab 47 51 3b 37 17 45-54 31 18 f3 f1 ca 17 03
>>>>>>> b.GQ;7.ET1......
>>>>>>> 0440 - 03 01 19 dd 50 50 f5 0c-f2 c9 3c b4 8f 63 cc 4a
>>>>>>> ....PP....<..c.J
>>>>>>> 0450 - a7 50 c9 91 9b 79 9a 2a-5c 47 d3 77 f6 56 69 90
>>>>>>> .P...y.*\G.w.Vi.
>>>>>>> 0460 - 98 cd ff bd c1 2a 49 fc-0d d4 7e cc 7e 44 af c4
>>>>>>> .....*I...~.~D..
>>>>>>> 0470 - 61 47 e0 c1 76 b1 8c 2e-df 7e d0 82 e1 89 1f 04
>>>>>>> aG..v....~......
>>>>>>> 0480 - ae 64 bd 71 4d ae 1c 3c-e3 d3 39 5d 61 2a ea 70
>>>>>>> .d.qM..<..9]a*.p
>>>>>>> 0490 - 8c 31 6d a0 b1 72 a8 7a-5c 9c 11 08 b8 4d a5 c4
>>>>>>> .1m..r.z\....M..
>>>>>>> 04a0 - ad 1b 38 4a 6a 02 28 d4-d1 0f c8 9f 0b b3 02 18
>>>>>>> ..8Jj.(.........
>>>>>>> 04b0 - 82 2b bd 46 82 04 64 f0-41 b2 da f5 cd 9c f7 f3
>>>>>>> .+.F..d.A.......
>>>>>>> 04c0 - 73 30 58 ca 12 ec ea 90-85 1c 75 09 0a 70 b8 80
>>>>>>> s0X.......u..p..
>>>>>>> 04d0 - 3d 02 17 3e 9b 83 04 b5-dd 9e e6 18 17 65 83 a5
>>>>>>> =..>.........e..
>>>>>>> 04e0 - 59 7d 4b 98 da bd 8b aa-d6 aa c5 1c 7d 87 56 e3
>>>>>>> Y}K.........}.V.
>>>>>>> 04f0 - 74 d8 e9 7b eb b3 3d f7-7c 3c 0a e9 a8 2e 04 0d
>>>>>>> t..{..=.|<......
>>>>>>> 0500 - 6a e7 83 e0 ec 99 43 6a-8b 1c 73 59 7a c8 cd 6e
>>>>>>> j.....Cj..sYz..n
>>>>>>> 0510 - 4a 14 73 ff 9a fb 71 94-d5 50 a9 d9 e0 dd 02 4c
>>>>>>> J.s...q..P.....L
>>>>>>> 0520 - 2b 67 9e da 9e fa 2d 67-49 df 13 10 ed 35 3e 73
>>>>>>> +g....-gI....5>s
>>>>>>> 0530 - 07 20 17 fb 0b ef f6 d0-b7 68 1c 65 21 a6 e3 3b .
>>>>>>> .......h.e!..;
>>>>>>> 0540 - bf 7b 84 cd 9e f5 76 2a-0d 4f b8 c3 c8 15 08 e9
>>>>>>> .{....v*.O......
>>>>>>> 0550 - 0f 3c 50 49 12 97 a8 d7-f1 a3 16 da 17 03 03 00
>>>>>>> .<PI............
>>>>>>> 0560 - 35 22 dd a2 9d 25 98 2c-35 b8 00 29 fa a1 dd ba
>>>>>>> 5"...%.,5..)....
>>>>>>> 0570 - 72 b9 fe e5 85 85 f0 f1-3b 4e f5 7c 58 c8 2a da
>>>>>>> r.......;N.|X.*.
>>>>>>> 0580 - d2 75 94 3b c1 7a 7c 7e-db 5b fe 8a 2d 3f 8c 9a
>>>>>>> .u.;.z|~.[..-?..
>>>>>>> 0590 - 6e 79 ab 2b ff 1a ny.+..
>>>>>>> SSL_accept:SSLv3/TLS write finished
>>>>>>> SSL_accept:TLSv1.3 early data
>>>>>>> read from 0x7fe400f050c0 [0x7fe40300f603] (5 bytes => 5 (0x5))
>>>>>>> 0000 - 14 03 03 00 01 .....
>>>>>>> read from 0x7fe400f050c0 [0x7fe40300f608] (1 bytes => 1 (0x1))
>>>>>>> 0000 - 01 .
>>>>>>> read from 0x7fe400f050c0 [0x7fe40300f603] (5 bytes => 5 (0x5))
>>>>>>> 0000 - 17 03 03 00 3d ....=
>>>>>>> read from 0x7fe400f050c0 [0x7fe40300f608] (61 bytes => 61 (0x3D))
>>>>>>> 0000 - 38 e7 bb 2c 5b af b6 5f-37 d8 3e 7e bb f4 04 f5
>>>>>>> 8..,[.._7.>~....
>>>>>>> 0010 - e1 28 b5 e5 07 5a ec ce-da 2f f3 b6 45 61 cf ef
>>>>>>> .(...Z.../..Ea..
>>>>>>> 0020 - 90 fb 57 b8 f3 20 45 27-60 d4 26 51 38 77 e4 bc ..W..
>>>>>>> E'`.&Q8w..
>>>>>>> 0030 - b7 64 d4 8b 73 25 41 9e-fe d3 9d 5f 53
>>>>>>> .d..s%A...._S
>>>>>>> SSL_accept:TLSv1.3 early data
>>>>>>> write to 0x7fe400f050c0 [0x7fe403018a00] (24 bytes => 24 (0x18))
>>>>>>> 0000 - 17 03 03 00 13 25 85 60-eb 7d c1 a8 15 49 d5 63
>>>>>>> .....%.`.}...I.c
>>>>>>> 0010 - 18 7f c6 ac ed 7f df 77- .......w
>>>>>>> SSL3 alert write:fatal:unknown
>>>>>>> SSL_accept:error in error
>>>>>>> ERROR
>>>>>>> 140736092021632:error:1417C0C7:SSL
>>>>>>> routines:tls_process_client_certificate:peer did not return a
>>>>>>> certificate:ssl/statem/statem_srvr.c:3654:
>>>>>>> shutting down SSL
>>>>>>> CONNECTION CLOSED
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> When using openssl s_client all works as expected tho (thats also
>>>>>>> true if I use my native implementation on the client and server
>>>>>>> side that uses openssl):
>>>>>>>
>>>>>>> ./bin/openssl s_client -cert
>>>>>>> ~/Documents/workspace/netty/handler/src/test/resources/io/netty/handler/ssl/test.crt
>>>>>>> -key
>>>>>>> ~/Documents/workspace/netty/handler/src/test/resources/io/netty/handler/ssl/test_unencrypted.pem
>>>>>>> -state -tls1_3 -connect localhost:8443
>>>>>>>
>>>>>>> The interesting thing is if I use “-verify 1” and not “-Verify 1”
>>>>>>> with openssl which tells it I want to request a certificate but
>>>>>>> will also process if none is provided I receive the certificate
>>>>>>> at some point as seen here:
>>>>>>>
>>>>>>> SSL_accept:before SSL initialization
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da03] (5 bytes => 5 (0x5))
>>>>>>> 0000 - 16 03 03 01 60 ....`
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da08] (352 bytes => 352 (0x160))
>>>>>>> 0000 - 01 00 01 5c 03 03 61 c0-b3 ed 88 65 e6 cf 11 3f
>>>>>>> ...\..a....e...?
>>>>>>> 0010 - c0 e0 f8 df a6 63 32 c2-ab 3d 61 6f 41 ed b1 4b
>>>>>>> .....c2..=aoA..K
>>>>>>> 0020 - 53 0e 83 e5 a1 b8 20 c7-1b 8c b8 e6 b5 da 4e 4e S.....
>>>>>>> .......NN
>>>>>>> 0030 - 3f 3c 61 7a ad 58 23 94-a7 32 79 2f db 9f 21 c0
>>>>>>> ?<az.X#..2y/..!.
>>>>>>> 0040 - 8e 0c c5 ce b1 c2 a4 00-14 c0 2c c0 2b c0 2f c0
>>>>>>> ..........,.+./.
>>>>>>> 0050 - 13 c0 14 00 9c 00 2f 00-35 13 01 13 02 01 00 00
>>>>>>> ....../.5.......
>>>>>>> 0060 - ff 00 05 00 05 01 00 00-00 00 00 0a 00 20 00 1e
>>>>>>> ............. ..
>>>>>>> 0070 - 00 17 00 18 00 19 00 09-00 0a 00 0b 00 0c 00 0d
>>>>>>> ................
>>>>>>> 0080 - 00 0e 00 16 01 00 01 01-01 02 01 03 01 04 00 0b
>>>>>>> ................
>>>>>>> 0090 - 00 02 01 00 00 0d 00 28-00 26 04 03 05 03 06 03
>>>>>>> .......(.&......
>>>>>>> 00a0 - 08 04 08 05 08 06 08 09-08 0a 08 0b 04 01 05 01
>>>>>>> ................
>>>>>>> 00b0 - 06 01 04 02 03 03 03 01-03 02 02 03 02 01 02 02
>>>>>>> ................
>>>>>>> 00c0 - 00 32 00 28 00 26 04 03-05 03 06 03 08 04 08 05
>>>>>>> .2.(.&..........
>>>>>>> 00d0 - 08 06 08 09 08 0a 08 0b-04 01 05 01 06 01 04 02
>>>>>>> ................
>>>>>>> 00e0 - 03 03 03 01 03 02 02 03-02 01 02 02 00 11 00 09
>>>>>>> ................
>>>>>>> 00f0 - 00 07 02 00 04 00 00 00-00 00 17 00 00 00 2b 00
>>>>>>> ..............+.
>>>>>>> 0100 - 09 08 03 04 03 03 03 02-03 01 00 2d 00 02 01 01
>>>>>>> ...........-....
>>>>>>> 0110 - 00 33 00 47 00 45 00 17-00 41 04 52 dc d6 47 6e
>>>>>>> .3.G.E...A.R..Gn
>>>>>>> 0120 - a1 de 9c 71 c2 54 0e 5c-9b 57 fb c8 aa 3f 19 f7
>>>>>>> ...q.T.\.W...?..
>>>>>>> 0130 - d3 a4 25 12 fa 3f 6c 6d-95 30 66 ca 63 b7 a1 dd
>>>>>>> ..%..?lm.0f.c...
>>>>>>> 0140 - ae 9f 99 d6 a8 6b 20 4f-29 7a 74 58 ad 58 de 12 .....k
>>>>>>> O)ztX.X..
>>>>>>> 0150 - d7 a5 9b 69 dc 27 ac ec-9e d4 04 ff 01 00 01 00
>>>>>>> ...i.'..........
>>>>>>> SSL_accept:before SSL initialization
>>>>>>> SSL_accept:SSLv3/TLS read client hello
>>>>>>> SSL_accept:SSLv3/TLS write server hello
>>>>>>> SSL_accept:SSLv3/TLS write change cipher spec
>>>>>>> SSL_accept:TLSv1.3 write encrypted extensions
>>>>>>> SSL_accept:SSLv3/TLS write certificate request
>>>>>>> SSL_accept:SSLv3/TLS write certificate
>>>>>>> SSL_accept:TLSv1.3 write server certificate verify
>>>>>>> write to 0x7fdc58809fb0 [0x7fdc59025e00] (1430 bytes => 1430 (0x596))
>>>>>>> 0000 - 16 03 03 00 9b 02 00 00-97 03 03 8b c8 62 48 6c
>>>>>>> .............bHl
>>>>>>> 0010 - f5 7c 73 d9 17 f8 63 a2-11 27 40 93 09 26 53 06
>>>>>>> .|s...c..'@..&S.
>>>>>>> 0020 - b3 62 df 46 26 b6 dc 59-29 b5 58 20 c7 1b 8c b8
>>>>>>> .b.F&..Y).X ....
>>>>>>> 0030 - e6 b5 da 4e 4e 3f 3c 61-7a ad 58 23 94 a7 32 79
>>>>>>> ...NN?<az.X#..2y
>>>>>>> 0040 - 2f db 9f 21 c0 8e 0c c5-ce b1 c2 a4 13 01 00 00
>>>>>>> /..!............
>>>>>>> 0050 - 4f 00 2b 00 02 03 04 00-33 00 45 00 17 00 41 04
>>>>>>> O.+.....3.E...A.
>>>>>>> 0060 - 07 63 1c 19 53 89 68 a8-0f ea 9e 4c 18 6f 2a ad
>>>>>>> .c..S.h....L.o*.
>>>>>>> 0070 - 2a df eb 17 a2 08 94 c6-e3 c5 97 ae 0f c1 1a d7
>>>>>>> *...............
>>>>>>> 0080 - 0d d7 2e 6d 77 3d 30 a0-07 db 70 35 bb 37 dd 1e
>>>>>>> ...mw=0...p5.7..
>>>>>>> 0090 - b6 f3 4d cb 13 97 7c 11-63 98 e8 64 2d a7 e6 cc
>>>>>>> ..M...|.c..d-...
>>>>>>> 00a0 - 14 03 03 00 01 01 17 03-03 00 27 a3 73 d2 ee 2c
>>>>>>> ..........'.s..,
>>>>>>> 00b0 - 2f 9c 8f 95 7f ca a3 89-bc b4 b3 b2 3c 8b 23 ef
>>>>>>> /...........<.#.
>>>>>>> 00c0 - 36 66 23 c9 09 02 33 0d-dc 5d 36 61 44 89 8b ef
>>>>>>> 6f#...3..]6aD...
>>>>>>> 00d0 - fd 13 17 03 03 00 42 f2-5b 3c 0c 27 5e 7f 97 4f
>>>>>>> ......B.[<.'^..O
>>>>>>> 00e0 - 0f de 8c b9 0a a1 41 c7-c2 1e 92 99 6a d5 bd 12
>>>>>>> ......A.....j...
>>>>>>> 00f0 - 38 b6 b7 93 33 e9 8e 0f-44 93 f0 69 58 b6 41 22
>>>>>>> 8...3...D..iX.A"
>>>>>>> 0100 - 46 e2 4a d5 d6 32 2b b8-a7 ae 3a c2 c5 2f e6 35
>>>>>>> F.J..2+...:../.5
>>>>>>> 0110 - 11 0c f1 9a 35 2a 87 ed-9e 17 03 03 03 20 a7 e2
>>>>>>> ....5*....... ..
>>>>>>> 0120 - fe ba c7 10 5b 9c cd 94-67 19 37 2d 46 59 ab 56
>>>>>>> ....[...g.7-FY.V
>>>>>>> 0130 - 6b dd a4 10 61 cc ed f1-71 a7 2d 6a 41 2e 2b da
>>>>>>> k...a...q.-jA.+.
>>>>>>> 0140 - d1 35 fc 01 df 49 e5 90-1d 9b b2 03 0a 81 58 18
>>>>>>> .5...I........X.
>>>>>>> 0150 - 96 a1 db 31 19 98 35 5c-87 8f 6e 32 0a e6 c0 aa
>>>>>>> ...1..5\..n2....
>>>>>>> 0160 - 9e 8e 72 e2 34 b3 b7 a3-d6 d1 66 c7 ce 93 fe 78
>>>>>>> ..r.4.....f....x
>>>>>>> 0170 - 17 c4 71 7c 42 15 c8 af-dc 4f 50 42 51 80 fc bf
>>>>>>> ..q|B....OPBQ...
>>>>>>> 0180 - fc 54 d5 d8 59 20 9a 90-c4 78 97 9c 2d 4a d5 58 .T..Y
>>>>>>> ...x..-J.X
>>>>>>> 0190 - be 81 79 23 59 22 9d 27-f8 bd a0 b2 98 b3 47 82
>>>>>>> ..y#Y".'......G.
>>>>>>> 01a0 - d3 52 b5 b5 91 ab 5c 76-52 c5 a5 95 2d 03 1c b7
>>>>>>> .R....\vR...-...
>>>>>>> 01b0 - 64 4d 0b 88 7f 15 0b c8-a8 90 50 9a b6 b1 9f b7
>>>>>>> dM........P.....
>>>>>>> 01c0 - 40 09 f2 5f 39 f8 9a 06-21 4d 67 10 0a 67 08 b6
>>>>>>> @.._9...!Mg..g..
>>>>>>> 01d0 - b5 9a 25 8c d5 ca 31 6a-8a 6b 01 93 7d 6f 1e 52
>>>>>>> ..%...1j.k..}o.R
>>>>>>> 01e0 - 98 96 9d fb e8 c1 07 ab-57 98 2d 1e 75 77 ef c2
>>>>>>> ........W.-.uw..
>>>>>>> 01f0 - 49 78 e0 b9 2b 32 23 7e-95 4d 3e 27 00 61 86 0c
>>>>>>> Ix..+2#~.M>'.a..
>>>>>>> 0200 - 47 c7 79 e4 ee 9d ba c0-ea 62 f1 0d 8e 4a 91 30
>>>>>>> G.y......b...J.0
>>>>>>> 0210 - bc 4f 5a 98 26 30 66 ec-c4 63 8f 28 d5 1c 61 23
>>>>>>> .OZ.&0f..c.(..a#
>>>>>>> 0220 - ea e9 90 4e 36 d9 fa 31-7b 14 27 22 0a ae 9f 64
>>>>>>> ...N6..1{.'"...d
>>>>>>> 0230 - 40 3d e5 a0 5c 9d 3c 04-71 09 b0 7a 6b 51 a0 9c
>>>>>>> @=..\.<.q..zkQ..
>>>>>>> 0240 - c0 61 32 ce 15 62 8e 29-b1 59 91 c0 17 2c b3 c5
>>>>>>> .a2..b.).Y...,..
>>>>>>> 0250 - f9 ed 07 65 3d 11 de 98-de 62 36 50 74 37 af 2d
>>>>>>> ...e=....b6Pt7.-
>>>>>>> 0260 - 7d 86 55 c4 3e a2 83 ab-47 8d f2 b2 8d 1d 75 83
>>>>>>> }.U.>...G.....u.
>>>>>>> 0270 - b5 e4 41 87 a7 a3 85 b0-5e 4e 2e 9c 8c b0 1b 83
>>>>>>> ..A.....^N......
>>>>>>> 0280 - 7b 54 79 c9 60 ea 7d ed-06 fa dd 24 40 f1 53 9e
>>>>>>> {Ty.`.}....$@.S.
>>>>>>> 0290 - 43 79 25 53 9c c7 6e 95-ab 9f 96 59 cd b9 7b a8
>>>>>>> Cy%S..n....Y..{.
>>>>>>> 02a0 - a0 23 13 69 db a9 c9 e7-1a 8e e1 9b 54 94 1c 44
>>>>>>> .#.i........T..D
>>>>>>> 02b0 - 50 08 8b dd eb 4e 2b bb-d7 c9 c2 33 8c a1 b3 65
>>>>>>> P....N+....3...e
>>>>>>> 02c0 - 06 e6 9d ac 11 16 21 58-40 8d 59 e6 67 e5 31 02
>>>>>>> ......!X at .Y.g.1.
>>>>>>> 02d0 - 15 8d 29 80 20 66 ba c3-56 93 95 5c 65 4b 41 00 ..).
>>>>>>> f..V..\eKA.
>>>>>>> 02e0 - c5 71 12 12 f5 20 4f 59-be 77 06 10 6e 48 85 5c .q...
>>>>>>> OY.w..nH.\
>>>>>>> 02f0 - ff a2 c4 ae fb 4d 95 f5-cc f6 61 20 33 b7 92 1d
>>>>>>> .....M....a 3...
>>>>>>> 0300 - ac a8 f1 b2 b0 88 c6 7b-8b 00 53 30 6d 4a d1 42
>>>>>>> .......{..S0mJ.B
>>>>>>> 0310 - b3 3e 85 f5 84 e1 c6 ab-10 9d 61 03 46 ff 2d 81
>>>>>>> .>........a.F.-.
>>>>>>> 0320 - 15 4f 84 d1 4c ee f4 a6-a0 ec 50 60 a0 d1 ff df
>>>>>>> .O..L.....P`....
>>>>>>> 0330 - 8a 97 f6 7d fb 8f fb 60-18 d4 f1 1f 92 4d d8 69
>>>>>>> ...}...`.....M.i
>>>>>>> 0340 - b1 92 97 44 0f 3c 8a aa-47 07 48 d4 07 2d 3e f2
>>>>>>> ...D.<..G.H..->.
>>>>>>> 0350 - c4 a7 16 35 a7 17 71 ef-98 84 24 67 12 58 30 3b
>>>>>>> ...5..q...$g.X0;
>>>>>>> 0360 - 1d 41 8d e5 12 52 95 64-e5 88 35 99 d7 c3 58 40
>>>>>>> .A...R.d..5...X@
>>>>>>> 0370 - f9 55 9b 9f e5 33 15 70-41 d7 45 ba a4 fc 75 ea
>>>>>>> .U...3.pA.E...u.
>>>>>>> 0380 - a4 ae f0 68 ea 64 d8 f5-06 68 a9 75 22 4d 43 cc
>>>>>>> ...h.d...h.u"MC.
>>>>>>> 0390 - ff 50 cc ac 6e fd 43 dd-eb e4 c8 dd 4b 6c 12 bb
>>>>>>> .P..n.C.....Kl..
>>>>>>> 03a0 - f1 d4 5e 11 4a 86 90 0b-f8 3a 2e 23 db 61 5a 1f
>>>>>>> ..^.J....:.#.aZ.
>>>>>>> 03b0 - 7e 11 00 92 21 68 1f b5-ab f2 f8 38 5e 62 ea f8
>>>>>>> ~...!h.....8^b..
>>>>>>> 03c0 - da ef c2 6e a0 b8 20 e4-69 49 b3 1f 15 84 0b 9b ...n..
>>>>>>> .iI......
>>>>>>> 03d0 - ce b0 6f 36 32 7f 7e bf-e8 d7 18 7a 58 60 f4 04
>>>>>>> ..o62.~....zX`..
>>>>>>> 03e0 - cc 36 bf 06 cd ec e5 9b-19 03 96 09 fb af 8f c3
>>>>>>> .6..............
>>>>>>> 03f0 - 98 b4 02 aa e8 55 81 aa-c4 fe 06 81 30 a0 c7 b2
>>>>>>> .....U......0...
>>>>>>> 0400 - f8 e2 30 00 d7 a0 54 7f-5f d7 ef a6 f8 41 58 34
>>>>>>> ..0...T._....AX4
>>>>>>> 0410 - f5 f0 18 69 8d e6 7a 23-78 90 8f b1 05 c5 b5 7f
>>>>>>> ...i..z#x.......
>>>>>>> 0420 - e0 f2 c7 fa c8 36 5b 53-7e cf e6 75 d3 54 b4 69
>>>>>>> .....6[S~..u.T.i
>>>>>>> 0430 - 68 43 0d 6a d2 83 cc 13-6d ca bf 83 3c 90 17 03
>>>>>>> hC.j....m...<...
>>>>>>> 0440 - 03 01 19 96 dc 49 26 ce-1d 8e 86 3d bd cb 00 5e
>>>>>>> .....I&....=...^
>>>>>>> 0450 - ee f6 e7 1d 16 7a ca ef-fa 6d 16 40 b6 99 d0 c1
>>>>>>> .....z...m. at ....
>>>>>>> 0460 - df 0b 5f 51 60 a8 24 e0-61 82 13 40 da 88 38 3a
>>>>>>> .._Q`.$.a.. at ..8:
>>>>>>> 0470 - 26 1d 80 51 c4 b1 95 35-95 3c 91 35 28 17 49 d8
>>>>>>> &..Q...5.<.5(.I.
>>>>>>> 0480 - c3 45 be 32 98 3e 02 07-3b 01 20 2b 51 e1 1a 94
>>>>>>> .E.2.>..;. +Q...
>>>>>>> 0490 - b9 be 96 aa 7a 13 09 ff-d5 a9 63 d4 6f 49 cb b5
>>>>>>> ....z.....c.oI..
>>>>>>> 04a0 - 23 ab 7f 8c e2 63 f0 5c-5c 27 1e 04 a8 71 0c c0
>>>>>>> #....c.\\'...q..
>>>>>>> 04b0 - 89 cd ed 18 8d 5b 75 ac-af f3 68 6d cc ba 20 38
>>>>>>> .....[u...hm.. 8
>>>>>>> 04c0 - b5 7c 09 47 29 28 e2 26-57 57 1f f0 f3 18 fd 6f
>>>>>>> .|.G)(.&WW.....o
>>>>>>> 04d0 - 27 42 a4 e3 de bb e5 d6-09 7d 25 b1 98 97 ad 33
>>>>>>> 'B.......}%....3
>>>>>>> 04e0 - 68 35 92 07 80 23 f1 66-20 5d 74 f3 02 c5 51 ff h5...#.f
>>>>>>> ]t...Q.
>>>>>>> 04f0 - 07 a9 e9 0e 3e 74 da 2e-8f 3b 16 be e6 94 1b 66
>>>>>>> ....>t...;.....f
>>>>>>> 0500 - bb b2 a2 1e 7c 7b ff 5e-a4 36 2a ba 0b cd 7f e9
>>>>>>> ....|{.^.6*.....
>>>>>>> 0510 - 86 bb 5e 30 f5 57 92 52-82 b6 2e da 71 b7 22 c2
>>>>>>> ..^0.W.R....q.".
>>>>>>> 0520 - 90 c4 69 46 07 df 6c 3f-05 8b 19 3e ce b9 75 0d
>>>>>>> ..iF..l?...>..u.
>>>>>>> 0530 - 4b 97 37 ae 94 e2 d6 3c-91 e6 82 c7 a1 78 79 2c
>>>>>>> K.7....<.....xy,
>>>>>>> 0540 - 9a a3 d5 45 94 ad e2 c8-ab fd 81 ec 62 87 f7 75
>>>>>>> ...E........b..u
>>>>>>> 0550 - e3 70 79 8e 82 3b c5 45-0d d0 33 5f 17 03 03 00
>>>>>>> .py..;.E..3_....
>>>>>>> 0560 - 35 da e0 74 2a 06 41 5a-64 1e 54 94 29 73 43 3f
>>>>>>> 5..t*.AZd.T.)sC?
>>>>>>> 0570 - e5 24 a8 ba b2 7e 6b 26-82 fc d9 f6 dd 19 05 4a
>>>>>>> .$...~k&.......J
>>>>>>> 0580 - 2c 1a f3 bb 16 1d 38 95-a6 d3 a8 58 f6 a3 41 c7
>>>>>>> ,.....8....X..A.
>>>>>>> 0590 - 92 44 35 24 25 0e .D5$%.
>>>>>>> SSL_accept:SSLv3/TLS write finished
>>>>>>> SSL_accept:TLSv1.3 early data
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da03] (5 bytes => 5 (0x5))
>>>>>>> 0000 - 14 03 03 00 01 .....
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da08] (1 bytes => 1 (0x1))
>>>>>>> 0000 - 01 .
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da03] (5 bytes => 5 (0x5))
>>>>>>> 0000 - 17 03 03 00 3d ....=
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da08] (61 bytes => 61 (0x3D))
>>>>>>> 0000 - ad dd 3e d9 ee ab 56 65-50 1c 72 2a d8 62 7f 90
>>>>>>> ..>...VeP.r*.b..
>>>>>>> 0010 - 13 71 7d 37 39 40 fb 89-8f 05 4b 39 44 9d 4d 67
>>>>>>> .q}79 at ....K9D.Mg
>>>>>>> 0020 - e3 41 29 b6 3e e8 fe 04-1b 8e eb 7a 4c e2 14 a0
>>>>>>> .A).>......zL...
>>>>>>> 0030 - b1 c2 47 3f 94 35 ed ab-8a d1 75 3b ba
>>>>>>> ..G?.5....u;.
>>>>>>> SSL_accept:TLSv1.3 early data
>>>>>>> SSL_accept:SSLv3/TLS read client certificate
>>>>>>> SSL_accept:SSLv3/TLS read finished
>>>>>>> write to 0x7fdc58809fb0 [0x7fdc59025e00] (223 bytes => 223 (0xDF))
>>>>>>> 0000 - 17 03 03 00 da 52 1f 48-00 f4 31 13 90 7f 9c c2
>>>>>>> .....R.H..1.....
>>>>>>> 0010 - fc 70 1a fc f7 4a 48 e7-31 ad 37 ab b5 2b 4e 5c
>>>>>>> .p...JH.1.7..+N\
>>>>>>> 0020 - e8 d8 6d e9 af 6c 4f c1-9e 7b ea ff ef b3 eb 74
>>>>>>> ..m..lO..{.....t
>>>>>>> 0030 - 27 67 10 21 66 5b 32 13-31 bc 99 d5 1c 6c 79 55
>>>>>>> 'g.!f[2.1....lyU
>>>>>>> 0040 - f3 3e f6 4b 07 4d a9 78-3d 12 8a f5 38 ef d9 f4
>>>>>>> .>.K.M.x=...8...
>>>>>>> 0050 - 48 e0 2c 35 94 06 4f eb-09 e6 70 fb 59 95 7a c8
>>>>>>> H.,5..O...p.Y.z.
>>>>>>> 0060 - 24 dd 24 e2 f9 63 b9 3c-f2 66 86 c4 73 44 53 fd
>>>>>>> $.$..c.<.f..sDS.
>>>>>>> 0070 - ca 67 8f 01 d6 db 70 f9-60 bc 50 11 51 72 dc 63
>>>>>>> .g....p.`.P.Qr.c
>>>>>>> 0080 - 12 ca 4f 23 e2 c5 d1 1d-e5 b0 d4 ec 89 ca 28 be
>>>>>>> ..O#..........(.
>>>>>>> 0090 - 9c 30 83 40 02 a4 62 a8-5c b3 20 1a ab 39 b7 7b
>>>>>>> .0. at ..b.\. ..9.{
>>>>>>> 00a0 - 89 13 39 87 73 be a8 f8-60 13 31 0a 48 5c 79 b9
>>>>>>> ..9.s...`.1.H\y.
>>>>>>> 00b0 - cc 4a 51 e3 0d d2 b4 93-c0 1f 3a 22 b3 fa 24 a0
>>>>>>> .JQ.......:"..$.
>>>>>>> 00c0 - 7c f6 76 79 d0 2d 5b 1a-ff a6 e9 e1 40 d3 b1 8c
>>>>>>> |.vy.-[..... at ...
>>>>>>> 00d0 - 0a fa fa de f3 8e d6 ad-9a 22 6b 67 0b 88 18
>>>>>>> ........."kg...
>>>>>>> SSL_accept:SSLv3/TLS write session ticket
>>>>>>> write to 0x7fdc58809fb0 [0x7fdc59025e00] (223 bytes => 223 (0xDF))
>>>>>>> 0000 - 17 03 03 00 da 46 aa ea-6a 37 b1 35 e8 41 c8 b3
>>>>>>> .....F..j7.5.A..
>>>>>>> 0010 - 84 25 af 1c 36 a3 6d 78-a4 44 4a 83 52 ef 13 7c
>>>>>>> .%..6.mx.DJ.R..|
>>>>>>> 0020 - 8f 18 d3 4c f8 22 c8 b3-ad d0 d0 5b 47 a0 43 da
>>>>>>> ...L.".....[G.C.
>>>>>>> 0030 - d2 6e 04 8f dc c9 56 90-58 87 62 63 4c cc 31 ec
>>>>>>> .n....V.X.bcL.1.
>>>>>>> 0040 - b8 c9 18 be 41 32 e1 3c-00 41 2a f1 4d 5c 2d 44
>>>>>>> ....A2.<.A*.M\-D
>>>>>>> 0050 - 8c aa e1 f0 ed 38 ee 44-64 e5 fd ea 58 3b 84 5d
>>>>>>> .....8.Dd...X;.]
>>>>>>> 0060 - 83 39 21 2e fe 79 4d 76-10 65 87 0f 3c ac df 28
>>>>>>> .9!..yMv.e..<..(
>>>>>>> 0070 - 49 f8 60 eb be 49 e4 0a-0b 6a 03 2b 9d cf 9b a5
>>>>>>> I.`..I...j.+....
>>>>>>> 0080 - 03 56 58 32 c2 b2 59 f9-0a 0d f0 ae af ff 20 19
>>>>>>> .VX2..Y....... .
>>>>>>> 0090 - e5 6e e4 86 2f 5e 3f 7d-47 d5 73 ae 89 48 a7 66
>>>>>>> .n../^?}G.s..H.f
>>>>>>> 00a0 - fb 2d 83 60 e8 8b ab 27-12 db 24 78 54 eb 14 2d
>>>>>>> .-.`...'..$xT..-
>>>>>>> 00b0 - b7 c6 17 2d 3c 91 57 ac-6e 35 b8 c3 fa c2 42 48
>>>>>>> ...-<.W.n5....BH
>>>>>>> 00c0 - 2a cb aa 98 32 89 8a ce-0c f7 cd 5e fb bf 6d 33
>>>>>>> *...2......^..m3
>>>>>>> 00d0 - 08 50 cf 1e 06 bb a1 98-be a4 a9 51 9a b0 34
>>>>>>> .P.........Q..4
>>>>>>> SSL_accept:SSLv3/TLS write session ticket
>>>>>>> write to 0x7fdc58809fb0 [0x7fdc59021c03] (23 bytes => 23 (0x17))
>>>>>>> 0000 - 17 03 03 00 12 c5 9b 73-cc 91 7e 48 cb 25 31 a0
>>>>>>> .......s..~H.%1.
>>>>>>> 0010 - 67 41 db bb 0f 62 d8 gA...b.
>>>>>>> write to 0x7fdc58809fb0 [0x7fdc59021c03] (23 bytes => 23 (0x17))
>>>>>>> 0000 - 17 03 03 00 12 0f dd 3f-c1 7c e6 b0 cc ea f0 13
>>>>>>> .......?.|......
>>>>>>> 0010 - 00 d8 01 de ef 7c bb .....|.
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da03] (5 bytes => 5 (0x5))
>>>>>>> 0000 - 17 03 03 00 1e .....
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da08] (30 bytes => 30 (0x1E))
>>>>>>> 0000 - d6 88 44 82 cb 23 16 ba-c9 a4 fb 55 51 08 90 c1
>>>>>>> ..D..#.....UQ...
>>>>>>> 0010 - bf bd a1 7f 0e 37 b0 b4-b5 df f1 07 6c 07
>>>>>>> .....7......l.
>>>>>>> I am a clientwrite to 0x7fdc58809fb0 [0x7fdc59021c03] (23 bytes
>>>>>>> => 23 (0x17))
>>>>>>> 0000 - 17 03 03 00 12 c0 70 5d-14 e7 69 57 0a d8 64 16
>>>>>>> ......p]..iW..d.
>>>>>>> 0010 - 0c 90 06 0f c3 4d 1d .....M.
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da03] (5 bytes => 5 (0x5))
>>>>>>> 0000 - 17 03 03 00 13 .....
>>>>>>> read from 0x7fdc58809fb0 [0x7fdc5901da08] (19 bytes => 19 (0x13))
>>>>>>> 0000 - 60 28 5b ff bb 0d 9f 96-9a 2d cb fd 60 eb 96 62
>>>>>>> `([......-..`..b
>>>>>>> 0010 - 53 e6 25 S.%
>>>>>>> SSL3 alert read:warning:close notify
>>>>>>> DONE
>>>>>>> shutting down SSL
>>>>>>> CONNECTION CLOSED
>>>>>>>
>>>>>>>
>>>>>>> I am using the following JDK version on MacOS:
>>>>>>>
>>>>>>> ssl git:(cert_cb_openssl_1_1_1) ✗
>>>>>>> /Library/Java/JavaVirtualMachines/jdk-11.jdk/Contents/Home/bin/java
>>>>>>> -version
>>>>>>> java version "11" 2018-09-25
>>>>>>> Java(TM) SE Runtime Environment 18.9 (build 11+28)
>>>>>>> Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11+28, mixed mode)
>>>>>>>
>>>>>>> For this to work you will need to have openssl 1.1.1 installed.
>>>>>>>
>>>>>>> Any help would be welcome,
>>>>>>> Norman
>>>>>>>
>>>>>>> [1] https://github.com/netty/netty-tcnative
>>>>>>>
>>>>>>>
>>>>>>>
>
More information about the security-dev
mailing list