我正在尝试通过TLS连接到远程端口。证书是有序的,因为我可以使用openssl s_client进行连接并收到问候语。
但是,尝试从Java程序进行连接时,握手失败并显示TLS警报21(解密失败)。这是与服务器的交易,你能看到可能发生的任何错误吗?
***
found key for : 1
chain [0] = [
[
Version: V3
Subject: CN=ENGAGE, OU=EPP Client, O=webwerks, L=Mumbai, ST=Maharashtra, C=IN
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 97644210742972121686888534165305880954220769271250019818364506430427662498024542828779012554358095531366329241502103170124093897668713677305330758051366431746993526891787785971650522785179230817242028304590935807796310933529367687685626229276304757019217503848361482699205527389688433835941421559881630231223
public exponent: 65537
Validity: [From: Fri Nov 04 03:04:47 PDT 2011,
To: Thu Feb 02 02:04:47 PST 2012]
Issuer: CN=ENGAGE, OU=EPP Client, O=webwerks, L=Mumbai, ST=Maharashtra, C=IN
SerialNumber: [ 4eb3b8bf]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 74 EA 15 E3 FA C3 24 58 57 D3 37 89 A6 38 5C F9 t.....$XW.7..8\.
0010: D9 C4 AC E8 E3 13 1E C7 53 21 4C E9 58 75 B7 90 ........S!L.Xu..
0020: C6 40 B4 EF 3C 8A 3F 5E 3E 9E F7 D1 E7 E4 31 F0 .@..<.?^>
.....1.
0030: C9 BF 20 C4 B8 EE A9 B7 4C D4 F8 B7 61 20 A3 97 .. .....L...a ..
0040: 20 B8 E8 54 E3 12 A6 C1 CA A3 1D A7 75 D9 BC CD ..T........u...
0050: 69 F8 4B E4 23 E0 AF AA 36 17 EB 7A 21 8B F5 33 i.K.#...6..z!..3
0060: C6 0A 45 8E 37 DB 40 C0 9F D3 97 83 D0 65 0A 00 ..E.7.@......e..
0070: BA 2A E7 DE 5F FA 18 24 D8 84 13 07 AF 9F AE 38 .*.._..$.......8
]
***
adding as trusted cert:
Subject: EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE
Issuer: EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE
Algorithm: RSA; Serial number: 0xa8212bc55523f509
Valid from Tue Jul 22 22:04:20 PDT 2008 until Fri Jul 20 22:04:20 PDT 2018
trigger seeding of SecureRandom
done seeding SecureRandom
.......<adding trusted="" certs="" from="" default="" keystore="">
.......
trigger seeding of SecureRandom
done seeding SecureRandom
main, setSoTimeout(180000) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1307544995 bytes = { 131, 151, 17, 116, 155, 79, 233, 104, 69, 163, 68, 58, 111, 82, 163, 220, 24, 211, 224, 89, 48, 26, 129, 252, 202, 154, 241, 107 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
main, WRITE: TLSv1 Handshake, length = 73
main, READ: TLSv1 Handshake, length = 74
*** ServerHello, TLSv1
RandomCookie: GMT: 1307545015 bytes = { 19, 122, 46, 238, 72, 19, 117, 137, 3, 47, 215, 116, 185, 106, 45, 73, 142, 133, 77, 154, 135, 207, 25, 43, 243, 140, 142, 93 }
Session ID: {166, 43, 6, 25, 112, 149, 10, 99, 167, 166, 160, 72, 168, 123, 232, 207, 55, 231, 9, 114, 36, 247, 212, 156, 170, 175, 58, 146, 154, 117, 114, 90}
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA
Compression Method: 0
***
%% Created: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]
** TLS_RSA_WITH_AES_128_CBC_SHA
main, READ: TLSv1 Handshake, length = 3559
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: EMAILADDRESS=support@aeda.ae, CN=epp-ote1.aeda.net.ae, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 4096 bits
modulus: 1033424533733906871389910874928325382838223969885131053919730368207020947130139341294321050035347688803506591555218947887242330010041921204528416392650557410615764907146582863829055944537070142300106032226936274301499983985686211111336433439425523726485613612717106574194172270382162588126306791370830798145847768641590411988207354788891999216934348388875998253634994227514031520655674824592204250788486074749798358177501395425796831880246757768365632764872918252643765812744862419774800007218032312116928977047351511210607333073165281089365826634766568301370574117123152213642920165039077237959804087260501814886354218131632299744616824002251261895994106903068740014845276029436429272266294942609759105063959091153097364907627328496635872942388939049746579246086549791995150216163353856618417214011380444039381353360338273142816281564950207730356260350499279458672577655065155205706952558841745732954032641518687161497408559631169333062867817094504366546992831853662653050962583996985668010264993283074294379699112946859638158702422875690930266466204776316535004644577693278453963525718077139284377061320236944750686447013816229661659048648124778262304361346919335020695375001700478657987998886938530056811106533198754292064886806889
public exponent: 65537
Validity: [From: Tue Jul 22 22:09:39 PDT 2008,
To: Fri Jul 20 22:09:39 PDT 2018]
Issuer: EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE
SerialNumber: [ 01]
Certificate Extensions: 7
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1E 16 1C 54 69 6E 79 43 41 20 47 65 6E 65 72 ....TinyCA Gener
0010: 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 65 ated Certificate
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 60 3B 0C FA 22 DE A5 62 86 72 91 91 09 F1 1A A5 `;.."..b.r......
0010: A4 1E 30 DF ..0.
]
]
[3]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL server
]
[4]: ObjectId: 2.5.29.18 Criticality=false
IssuerAlternativeName [
RFC822Name: support@aeda.ae
]
[5]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F7 D0 F8 16 06 2A 28 8B 6B 83 54 86 C3 B2 13 91 .....*(.k.T.....
0010: 60 1A BA F0 `...
]
[EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE]
SerialNumber: [ a8212bc5 5523f509]
]
[6]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
RFC822Name: support@aeda.ae
]
[7]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 43 37 78 B3 DC 3C 1E 0B 75 07 5C B5 76 02 DF CA C7x..<..u.\.v...
0010:="" 53="" ED="" 1F="" 19="" EB="" 98="" AA="" 74="" 29="" 6A="" 0F="" E9="" B6="" E8="" 7D="" 20="" S......t)j.....=""
0020:="" EB="" 9B="" 49="" 5C="" 81="" 71="" 22="" 2F="" 61="" C5="" 00="" 57="" D2="" D8="" 36="" 4B="" ..I\.q="""/a..W..6K
0030: EC 1C 91 17 D4 DB D7 A6 4D 9B 2A 04 4C 77 D7 A5 ........M.*.Lw..
0040: E4 18 B7 C0 EB 6F 7A 6C CD 4B E8 9A 33 66 81 FB .....ozl.K..3f..
0050: 9A 16 CC DE EB E0 2D A5 3C BF BC 7C 59 46 B7 1E ......-.<...YF..
0060:="" 4E="" B7="" 5B="" BF="" 6C="" ED="" 8E="" DD="" F8="" F4="" 30="" 22="" F9="" 95="" 9F="" A9="" N.=""[.l.....0="""....
0070: D9 2F 12 C7 11 C5 F7 5D 6E 5A 42 29 0B DC 06 1F ./.....]nZB)....
0080: 33 56 52 CA CE D0 FA E2 30 1E D6 C6 2C 4D C6 AE 3VR.....0...,M..
0090: 71 0C 84 F5 9C FC 3B F5 8C 58 29 40 B9 9D 17 6B q.....;..X)@...k
00A0: 63 4F 75 F9 92 D6 64 CE BC 19 24 31 E7 C9 F6 65 cOu...d...$1...e
00B0: D2 4B 8C 9E 57 86 5E 9C 97 4C 18 4F 4F 7F C8 EA .K..W.^..L.OO...
00C0: 64 48 C4 2B 5D 7B 1D 33 96 51 78 0D 3F BB 7C C0 dH.+]..3.Qx.?...
00D0: FA EE A5 92 26 8B 3B CC 72 B8 B6 33 78 F2 B7 1E ....&.;.r..3x...
00E0: 37 34 17 9B 0D F4 03 B4 62 57 26 71 60 8C 3C 79 74......bW&q`.<y
00F0:="" DA="" 5F="" A6="" 26="" 16="" E0="" 0F="" 89="" 2C="" B5="" 7B="" 3B="" 23="" 75="" 81="" F6="" ._.=""&....,..;#u..
0100: AA B0 40 50 D5 A2 E6 34 64 FF F4 F7 09 6B 8B 47 ..@P...4d....k.G
0110: F7 10 C3 73 31 96 AC 5D 5E C8 56 36 99 76 3B 8A ...s1..]^.V6.v;.
0120: 19 D1 25 08 7F EC 52 5F 38 6F 26 A7 0A 9E F2 FB ..%...R_8o&.....
0130: E8 5E 62 8B 5A BF 02 7F 08 E2 DB 4F EF D2 29 E7 .^b.Z......O..).
0140: FB B1 B9 A5 FE 75 81 4C 94 3B 2D 51 DC 17 D8 3F .....u.L.;-Q...?
0150: DD 96 DD 37 64 36 AA B1 95 2C 05 A6 BD 7F B8 37 ...7d6...,.....7
0160: 6C 9C 67 81 61 1E 19 13 F8 0D 0E 3E F1 0D 57 6D l.g.a......>..Wm
0170: A9 E3 EB AA 0B 19 78 3D 42 20 54 32 42 7C 25 44 ......x=B T2B.%D
0180: 6E E8 16 FB F9 F3 4C BE FF E0 B0 24 28 A2 F8 6F n.....L....$(..o
0190: FF 0D 20 1A B5 0D 04 26 DD C0 82 A2 98 37 B6 BA .. ....&.....7..
01A0: C5 64 D2 CE 7E AA 4C AF B6 B4 71 95 84 31 27 80 .d....L...q..1'.
01B0: 91 96 9C 72 39 98 12 BC 0F F6 B1 5F 3D 26 23 83 ...r9......_=&#.
01C0: D8 5F 95 C8 67 A1 88 86 44 1D 39 77 E3 84 EE 80 ._..g...D.9w....
01D0: 24 AB BF C3 E8 6A 5F D4 C9 A6 73 79 C3 7E 73 C5 $....j_...sy..s.
01E0: 14 33 D9 7D 5C 5F 4D FE CA A3 E1 A8 39 34 AB 94 .3..\_M.....94..
01F0: 89 58 82 5E 3F E4 B5 5E 67 6C 87 38 F1 C5 EF 0A .X.^?..^gl.8....
]
chain [1] = [
[
Version: V3
Subject: EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 4096 bits
modulus: 871774825595925153693350569828693343810635815652081124183060789607741563150622078284514921843005596771773469206296291215567187315273475264239820535085831678503157897336548552168959370490026762469429088797088522609768957530539984141969943099838966106395242907582593417139362522699634520671459879457188132524965433791264047249170258037134068243808821966233170502507711390835192355794056804757635874177489243458048036986883096904022111615642958159656105326206002387003952176799820927819563824843546688098151708160102412643819480490660996678143961837456834371309810810449365937569427005441607159301595861537475868517139981506036070425058345217196417712681026107436832987137611152299670423961339666208822106925146705307895514846134549240393521819760679069174974592267108219201791894147300192624708160235310834664262723708903213079548613402011720169451287212616740385343495196658242390736518746046944436734024607933956153576140360874749849158281886053672168807378326379041567689138878143613202349441161363677603405928451103794208375381998694199121624031137077578126489564647381427505959236925492099409290052615367746073682905397434657088571012518852724385971717708004632972207989604482440831272725217068947608171272635950201206835881416999
public exponent: 65537
Validity: [From: Tue Jul 22 22:04:20 PDT 2008,
To: Fri Jul 20 22:04:20 PDT 2018]
Issuer: EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE
SerialNumber: [ a8212bc5 5523f509]
Certificate Extensions: 8
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1A 16 18 2E 61 65 44 41 20 4F 54 45 20 43 41 .....aeDA OTE CA
0010: 20 43 65 72 74 69 66 69 63 61 74 65 Certificate
[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F7 D0 F8 16 06 2A 28 8B 6B 83 54 86 C3 B2 13 91 .....*(.k.T.....
0010: 60 1A BA F0 `...
]
]
[4]: ObjectId: 2.5.29.18 Criticality=false
IssuerAlternativeName [
]
[5]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F7 D0 F8 16 06 2A 28 8B 6B 83 54 86 C3 B2 13 91 .....*(.k.T.....
0010: 60 1A BA F0 `...
]
[EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE]
SerialNumber: [ a8212bc5 5523f509]
]
[6]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
RFC822Name: support@aeda.ae
]
[7]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
[8]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: BA 7D CD 08 CF 81 14 B4 90 EF FD 44 A3 66 FB 35 ...........D.f.5
0010: 16 87 82 8F 60 94 61 C2 10 AB 74 3F 46 86 41 6D ....`.a...t?F.Am
0020: CD 96 8A 3C DC 88 5A 52 69 97 70 1C FC BE 5A C2 ...<..ZRi.p...Z.
0030:="" F7="" B6="" FC="" 27="" 22="" 03="" 7D="" A5="" AB="" 97="" F5="" A3="" 23="" 37="" A2="" 42="" ...=""'".......#7.B
0040: 9F 42 D2 CD C3 05 D3 09 20 72 A9 AF 4A C6 B0 7C .B...... r..J...
0050: 73 30 4B 4D F5 46 C1 0C 65 74 94 48 AC 81 E3 5A s0KM.F..et.H...Z
0060: D9 2F 32 33 22 05 B3 9A 2A 8E D0 F4 69 C1 3D 17 ./23"...*...i.=.
0070: AB F0 D6 00 97 1A 8E F6 FF 00 0F A1 58 52 D8 DE ............XR..
0080: 9C BA 1B 3D E7 DE 1E 48 28 37 75 CE B1 BE 8D 5B ...=...H(7u....[
0090: EF DA 7F 7C B4 BF 9E 53 A5 37 FC 71 D0 E4 4D 9F .......S.7.q..M.
00A0: AA 74 DF 21 BF 9A 26 F0 F8 1F DA 75 DC 4A FF 9A .t.!..&....u.J..
00B0: 96 F1 85 04 4A B9 60 33 6E 08 14 67 AD 75 77 A5 ....J.`3n..g.uw.
00C0: 4B 56 76 77 FC 25 63 FC 0A 0C 23 34 57 1C 49 D0 KVvw.%c...#4W.I.
00D0: 00 DA 13 A4 37 63 06 79 93 BB DF 40 5C 86 81 E3 ....7c.y...@\...
00E0: D1 0D AA 78 5F C9 87 B7 E2 AD D2 D2 F9 DB AC 73 ...x_..........s
00F0: D5 32 A0 A5 93 0B 72 3B 7F A7 7C 44 7B D9 58 AF .2....r;...D..X.
0100: 97 66 A3 D7 AA 30 BC B8 D8 5F FB FB A1 28 D8 A3 .f...0..._...(..
0110: 66 E0 0F CF A4 CD E8 5B 3E A1 6B 4C 91 00 AA 24 f......[>.kL...$
0120: E1 AE 34 C2 C4 8E B6 16 E1 E0 8B E4 05 4F 2F 74 ..4..........O/t
0130: 23 45 51 31 27 5B 4F 43 68 C3 01 59 59 70 8B E9 #EQ1'[OCh..YYp..
0140: C5 00 CD EF 0F 90 E1 ED 06 06 2B ED B5 D2 E5 28 ..........+....(
0150: 3A AD 7F 30 96 CE 31 9C E3 77 5F DC 0D C9 A5 CE :..0..1..w_.....
0160: 85 1A 14 E7 5B A3 DA B2 A0 E4 59 9A 6D 40 BA E0 ....[.....Y.m@..
0170: 53 6B F0 BF E0 C2 F8 B7 6E 63 27 6D EF C8 9B 3E Sk......nc'm...>
0180: 5A 89 53 0E 40 AB 9F C4 DB CA 11 DB 57 DE D8 F0 Z.S.@.......W...
0190: 1E F4 CB 67 45 57 E4 38 1D D9 2B E2 99 87 59 DD ...gEW.8..+...Y.
01A0: DA 9E 9A 9F 8F 28 16 77 D5 E9 EE 32 60 31 7A 60 .....(.w...2`1z`
01B0: BC E4 3F 72 D2 A5 E6 A9 1F EE B2 A4 06 C0 2E F4 ..?r............
01C0: 07 ED 10 9F B8 F7 27 6D 23 30 27 08 D9 2A A5 22 ......'m#0'..*."
01D0: 68 55 A8 F2 0B FB BC DB AB DA 44 3B 68 DC BE C3 hU........D;h...
01E0: 33 A2 A8 76 8A C9 A0 E6 E9 E0 3B 93 24 E9 1D D9 3..v......;.$...
01F0: BB BE D1 7B D1 4F F6 6A DA 05 45 8B 92 E2 15 EC .....O.j..E.....
]
***
Found trusted certificate:
[
[
Version: V3
Subject: EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 4096 bits
modulus: 871774825595925153693350569828693343810635815652081124183060789607741563150622078284514921843005596771773469206296291215567187315273475264239820535085831678503157897336548552168959370490026762469429088797088522609768957530539984141969943099838966106395242907582593417139362522699634520671459879457188132524965433791264047249170258037134068243808821966233170502507711390835192355794056804757635874177489243458048036986883096904022111615642958159656105326206002387003952176799820927819563824843546688098151708160102412643819480490660996678143961837456834371309810810449365937569427005441607159301595861537475868517139981506036070425058345217196417712681026107436832987137611152299670423961339666208822106925146705307895514846134549240393521819760679069174974592267108219201791894147300192624708160235310834664262723708903213079548613402011720169451287212616740385343495196658242390736518746046944436734024607933956153576140360874749849158281886053672168807378326379041567689138878143613202349441161363677603405928451103794208375381998694199121624031137077578126489564647381427505959236925492099409290052615367746073682905397434657088571012518852724385971717708004632972207989604482440831272725217068947608171272635950201206835881416999
public exponent: 65537
Validity: [From: Tue Jul 22 22:04:20 PDT 2008,
To: Fri Jul 20 22:04:20 PDT 2018]
Issuer: EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE
SerialNumber: [ a8212bc5 5523f509]
Certificate Extensions: 8
[1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 1A 16 18 2E 61 65 44 41 20 4F 54 45 20 43 41 .....aeDA OTE CA
0010: 20 43 65 72 74 69 66 69 63 61 74 65 Certificate
[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
Object Signing CA]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: F7 D0 F8 16 06 2A 28 8B 6B 83 54 86 C3 B2 13 91 .....*(.k.T.....
0010: 60 1A BA F0 `...
]
]
[4]: ObjectId: 2.5.29.18 Criticality=false
IssuerAlternativeName [
]
[5]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: F7 D0 F8 16 06 2A 28 8B 6B 83 54 86 C3 B2 13 91 .....*(.k.T.....
0010: 60 1A BA F0 `...
]
[EMAILADDRESS=support@aeda.ae, CN=aeDA-OTE-CA, OU=psg, O=.aeDA, L=Dubai, ST=Dubai, C=AE]
SerialNumber: [ a8212bc5 5523f509]
]
[6]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
RFC822Name: support@aeda.ae
]
[7]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
[8]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: BA 7D CD 08 CF 81 14 B4 90 EF FD 44 A3 66 FB 35 ...........D.f.5
0010: 16 87 82 8F 60 94 61 C2 10 AB 74 3F 46 86 41 6D ....`.a...t?F.Am
0020: CD 96 8A 3C DC 88 5A 52 69 97 70 1C FC BE 5A C2 ...<..ZRi.p...Z.
0030:="" F7="" B6="" FC="" 27="" 22="" 03="" 7D="" A5="" AB="" 97="" F5="" A3="" 23="" 37="" A2="" 42="" ...=""'".......#7.B
0040: 9F 42 D2 CD C3 05 D3 09 20 72 A9 AF 4A C6 B0 7C .B...... r..J...
0050: 73 30 4B 4D F5 46 C1 0C 65 74 94 48 AC 81 E3 5A s0KM.F..et.H...Z
0060: D9 2F 32 33 22 05 B3 9A 2A 8E D0 F4 69 C1 3D 17 ./23"...*...i.=.
0070: AB F0 D6 00 97 1A 8E F6 FF 00 0F A1 58 52 D8 DE ............XR..
0080: 9C BA 1B 3D E7 DE 1E 48 28 37 75 CE B1 BE 8D 5B ...=...H(7u....[
0090: EF DA 7F 7C B4 BF 9E 53 A5 37 FC 71 D0 E4 4D 9F .......S.7.q..M.
00A0: AA 74 DF 21 BF 9A 26 F0 F8 1F DA 75 DC 4A FF 9A .t.!..&....u.J..
00B0: 96 F1 85 04 4A B9 60 33 6E 08 14 67 AD 75 77 A5 ....J.`3n..g.uw.
00C0: 4B 56 76 77 FC 25 63 FC 0A 0C 23 34 57 1C 49 D0 KVvw.%c...#4W.I.
00D0: 00 DA 13 A4 37 63 06 79 93 BB DF 40 5C 86 81 E3 ....7c.y...@\...
00E0: D1 0D AA 78 5F C9 87 B7 E2 AD D2 D2 F9 DB AC 73 ...x_..........s
00F0: D5 32 A0 A5 93 0B 72 3B 7F A7 7C 44 7B D9 58 AF .2....r;...D..X.
0100: 97 66 A3 D7 AA 30 BC B8 D8 5F FB FB A1 28 D8 A3 .f...0..._...(..
0110: 66 E0 0F CF A4 CD E8 5B 3E A1 6B 4C 91 00 AA 24 f......[>.kL...$
0120: E1 AE 34 C2 C4 8E B6 16 E1 E0 8B E4 05 4F 2F 74 ..4..........O/t
0130: 23 45 51 31 27 5B 4F 43 68 C3 01 59 59 70 8B E9 #EQ1'[OCh..YYp..
0140: C5 00 CD EF 0F 90 E1 ED 06 06 2B ED B5 D2 E5 28 ..........+....(
0150: 3A AD 7F 30 96 CE 31 9C E3 77 5F DC 0D C9 A5 CE :..0..1..w_.....
0160: 85 1A 14 E7 5B A3 DA B2 A0 E4 59 9A 6D 40 BA E0 ....[.....Y.m@..
0170: 53 6B F0 BF E0 C2 F8 B7 6E 63 27 6D EF C8 9B 3E Sk......nc'm...>
0180: 5A 89 53 0E 40 AB 9F C4 DB CA 11 DB 57 DE D8 F0 Z.S.@.......W...
0190: 1E F4 CB 67 45 57 E4 38 1D D9 2B E2 99 87 59 DD ...gEW.8..+...Y.
01A0: DA 9E 9A 9F 8F 28 16 77 D5 E9 EE 32 60 31 7A 60 .....(.w...2`1z`
01B0: BC E4 3F 72 D2 A5 E6 A9 1F EE B2 A4 06 C0 2E F4 ..?r............
01C0: 07 ED 10 9F B8 F7 27 6D 23 30 27 08 D9 2A A5 22 ......'m#0'..*."
01D0: 68 55 A8 F2 0B FB BC DB AB DA 44 3B 68 DC BE C3 hU........D;h...
01E0: 33 A2 A8 76 8A C9 A0 E6 E9 E0 3B 93 24 E9 1D D9 3..v......;.$...
01F0: BB BE D1 7B D1 4F F6 6A DA 05 45 8B 92 E2 15 EC .....O.j..E.....
]
main, READ: TLSv1 Handshake, length = 13
*** CertificateRequest
Cert Types: RSA, DSS
Cert Authorities:
*** ServerHelloDone
*** Certificate chain
***
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 525
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 97 AD ED 81 08 4F C8 A5 34 64 23 7F F7 3D .......O..4d#..=
0010: 21 40 10 BC ED D3 A6 BB 20 5B EF 05 56 06 42 AB !@...... [..V.B.
0020: BE 03 63 2C 50 E9 4F 48 55 6A 57 DE 42 66 89 D8 ..c,P.OHUjW.Bf..
CONNECTION KEYGEN:
Client Nonce:
0000: 4E F0 8E A3 83 97 11 74 9B 4F E9 68 45 A3 44 3A N......t.O.hE.D:
0010: 6F 52 A3 DC 18 D3 E0 59 30 1A 81 FC CA 9A F1 6B oR.....Y0......k
Server Nonce:
0000: 4E F0 8E B7 13 7A 2E EE 48 13 75 89 03 2F D7 74 N....z..H.u../.t
0010: B9 6A 2D 49 8E 85 4D 9A 87 CF 19 2B F3 8C 8E 5D .j-I..M....+...]
Master Secret:
0000: 65 C9 B4 6B 3B AE A6 7F 75 C1 0B 57 D3 83 59 A9 e..k;...u..W..Y.
0010: A1 9F 61 77 DB 19 87 4F D8 5B A5 2E 4A D0 4D DD ..aw...O.[..J.M.
0020: D0 23 17 E4 E5 3B 84 29 87 E6 B6 66 F6 87 CC D4 .#...;.)...f....
Client MAC write Secret:
0000: 34 79 AE 9A 63 E2 47 5B CD 7F 56 55 50 4C 16 79 4y..c.G[..VUPL.y
0010: 86 85 FB E2 ....
Server MAC write Secret:
0000: 00 0B E9 B0 EB 60 99 6B EA C7 8F 15 05 17 3D A1 .....`.k......=.
0010: 08 54 EE 42 .T.B
Client write key:
0000: 46 C6 1D 4F 70 45 AF F5 38 9D 6A CD AC 55 BA 6F F..OpE..8.j..U.o
Server write key:
0000: 78 0F 3D 73 5B 80 34 01 35 F9 6C 82 28 DE 3A B5 x.=s[.4.5.l.(.:.
Client write IV:
0000: BB 81 AA 42 43 7A AD F6 F8 6B CD 6E F2 81 37 73 ...BCz...k.n..7s
Server write IV:
0000: C1 3A 1B C5 F4 E6 4F 0C F8 B8 ED 56 97 B5 56 16 .:....O....V..V.
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 135, 217, 63, 193, 78, 23, 58, 129, 69, 163, 125, 208 }
***
main, WRITE: TLSv1 Handshake, length = 48
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Wireshark将此捕获为TLS警报之前的最后一个数据包:
Secure Sockets Layer
TLSv1 Record Layer: Handshake Protocol: Multiple Handshake Messages
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 525
Handshake Protocol: Certificate
Handshake Type: Certificate (11)
Length: 3
Certificates Length: 0
Handshake Protocol: Client Key Exchange
Handshake Type: Client Key Exchange (16)
Length: 514
是否与证书长度有关:0?上一个数据包中有一个SSL证书请求。
Handshake Protocol: Certificate Request
Handshake Type: Certificate Request (13)
Length: 5
Certificate types count: 2
Certificate types (2 types)
Certificate type: RSA Sign (1)
Certificate type: DSS Sign (2)
Distinguished Names Length: 0