A Play application using HTTPS and WS with optional client authentication
Home Page: https://developer.lightbend.com/start/?group=play
License: Creative Commons Zero v1.0 Universal
I am trying to connect using the TLSv1.2 with the Cipher Suite TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, on JAVA version: Java(TM) SE Runtime Environment (build 1.8.0_201-b09).
Everything works well but when its almost completing, I get this error. Any help?
play.api.http.HttpErrorHandlerExceptions$$anon$1: Execution exception[[ConnectException: Received fatal alert: handshake_failure]]
at play.api.http.HttpErrorHandlerExceptions$.throwableToUsefulException(HttpErrorHandler.scala:323)
at play.api.http.DefaultHttpErrorHandler.onServerError(HttpErrorHandler.scala:243)
at play.core.server.AkkaHttpServer$$anonfun$1.applyOrElse(AkkaHttpServer.scala:382)
at play.core.server.AkkaHttpServer$$anonfun$1.applyOrElse(AkkaHttpServer.scala:380)
at scala.concurrent.Future.$anonfun$recoverWith$1(Future.scala:417)
at scala.concurrent.impl.Promise.$anonfun$transformWith$1(Promise.scala:41)
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:64)
at akka.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:55)
at akka.dispatch.BatchingExecutor$BlockableBatch.$anonfun$run$1(BatchingExecutor.scala:91)
at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
Caused by: java.net.ConnectException: Received fatal alert: handshake_failure
at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:179)
at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener$1.onFailure(NettyConnectListener.java:151)
at play.shaded.ahc.org.asynchttpclient.netty.SimpleFutureListener.operationComplete(SimpleFutureListener.java:26)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:511)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners0(DefaultPromise.java:504)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:483)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:424)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.tryFailure(DefaultPromise.java:121)
at play.shaded.ahc.io.netty.handler.ssl.SslHandler.handleUnwrapThrowable(SslHandler.java:1223)
at play.shaded.ahc.io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1205)
Caused by: javax.net.ssl.SSLException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:219)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1647)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1615)
at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1781)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1070)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:896)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:766)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at play.shaded.ahc.io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:294)
at play.shaded.ahc.io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1297)
AsyncHttpClient-7-1, called closeOutbound()
AsyncHttpClient-7-1, closeOutboundInternal()
AsyncHttpClient-7-1, called closeInbound()
AsyncHttpClient-7-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
AsyncHttpClient-7-1, called closeOutbound()
AsyncHttpClient-7-1, closeOutboundInternal()
[Raw read]: length = 5
0000: 15 03 03 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
AsyncHttpClient-7-1, READ: TLSv1.2 Alert, length = 2
AsyncHttpClient-7-1, RECV TLSv1.2 ALERT: fatal, handshake_failure
AsyncHttpClient-7-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
AsyncHttpClient-7-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
AsyncHttpClient-7-1, called closeOutbound()
AsyncHttpClient-7-1, closeOutboundInternal()
AsyncHttpClient-7-1, called closeInbound()
AsyncHttpClient-7-1, closeInboundInternal()
AsyncHttpClient-7-1, closeOutboundInternal()
The full log is here:
adding as trusted cert:
Subject: CN=example.com, OU=Software Dep, O=xxxxx Ltd, L=Kampala, ST=CENTRAL, C=UG
Issuer: CN=xxxxxxx_ca_test
Algorithm: RSA; Serial number: 0x3b3c7ca5dabe2f05
Valid from Wed Feb 27 06:01:00 UTC 2019 until Fri Feb 26 06:01:00 UTC 2021
adding as trusted cert:
Subject: CN=xxxxxxx_ca_test
Issuer: CN=xxxxxxx_ca_test
Algorithm: RSA; Serial number: 0x1
Valid from Mon Jun 11 20:27:02 UTC 2018 until Thu Jun 08 20:27:02 UTC 2028
trigger seeding of SecureRandom
done seeding SecureRandom
trigger seeding of SecureRandom
done seeding SecureRandom
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: false
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLSv1.1
%% No cached client session
update handshake state: client_hello[1]
upcoming handshake states: server_hello[2]
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1551332516 bytes = { 123, 130, 20, 91, 100, 93, 82, 75, 104, 189, 168, 134, 50, 42, 17, 132, 67, 32, 60, 224, 77, 151, 129, 245, 21, 129, 175, 149 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension extended_master_secret
Extension renegotiation_info, renegotiated_connection: <empty>
***
[write] MD5 and SHA1 hashes: len = 134
0000: 01 00 00 82 03 03 5C 77 75 A4 7B 82 14 3Q 64 5D ......\wu....[d]
0010: 52 4B 68 BD A8 86 32 2A 11 84 43 20 3C E0 4D 97 RKh...2*..C <.M.
0020: 81 F5 15 81 AF 95 00 00 10 C0 2C C0 2B C0 2F C0 ..........,.+./.
0030: 13 C0 14 00 9C 00 2F 00 35 01 00 00 49 00 0A 00 ....../.5...I...
0040: 16 00 14 00 17 00 18 00 19 00 09 00 0A 00 0B 00 ................
0050: 0C 00 0D 00 3Q 00 16 00 0B 00 02 01 00 00 0D 00 ................
0060: 1C 00 1A 06 03 06 01 05 03 05 01 04 03 04 01 04 ................
0070: 02 03 03 03 01 03 02 02 03 02 01 02 02 00 17 00 ................
0080: 00 FF 01 00 01 00 ......
AsyncHttpClient-7-1, WRITE: TLSv1.2 Handshake, length = 134
[Raw write]: length = 139
0000: 16 03 03 00 86 01 00 00 82 03 03 5C 77 75 A4 7B ...........\wu..
0010: 82 14 3Q 64 5D 52 4B 68 BD A8 86 32 2A 11 84 43 ..[d]RKh...2*..C
0020: 20 3C E0 4D 97 81 F5 15 81 AF 95 00 00 10 C0 2C <.M...........,
0030: C0 2B C0 2F C0 13 C0 14 00 9C 00 2F 00 35 01 00 .+./......./.5..
0040: 00 49 00 0A 00 16 00 14 00 17 00 18 00 19 00 09 .I..............
0050: 00 0A 00 0B 00 0C 00 0D 00 3Q 00 16 00 0B 00 02 ................
0060: 01 00 00 0D 00 1C 00 1A 06 03 06 01 05 03 05 01 ................
0070: 04 03 04 01 04 02 03 03 03 01 03 02 02 03 02 01 ................
0080: 02 02 00 17 00 00 FF 01 00 01 00 ...........
[Raw read]: length = 5
0000: 16 03 03 00 57 ....W
[Raw read]: length = 87
0000: 02 00 00 53 03 03 ED CE 8E 53 WQ 7A C5 91 57 15 ...S.....S.z..W.
0010: 1B A3 99 59 A3 98 9D 19 BC 6A DC 5E 10 E7 CF 02 ...Y.....j.^....
0020: 24 27 56 7A 02 C0 20 C2 38 44 D2 17 7C B8 B6 AB $'Vz.. .8D......
0030: 01 C5 71 7F C5 60 3F 02 49 BE 87 E3 6C 2D A3 5C ..q..`?.I...l-.\
0040: 12 CB B7 4E 55 B0 4F C0 2F 00 00 0B FF 01 00 01 ...NU.O./.......
0050: 00 00 0B 00 02 01 00 .......
AsyncHttpClient-7-1, READ: TLSv1.2 Handshake, length = 87
check handshake state: server_hello[2]
*** ServerHello, TLSv1.2
RandomCookie: GMT: -322073005 bytes = { 219, 122, 197, 145, 87, 21, 27, 163, 153, 89, 163, 152, 157, 25, 188, 106, 220, 94, 16, 231, 207, 2, 36, 39, 86, 122, 2, 192 }
Session ID: {194, 56, 68, 210, 23, 124, 184, 182, 171, 1, 197, 113, 127, 197, 96, 63, 2, 73, 190, 135, 227, 108, 45, 163, 92, 18, 203, 183, 78, 85, 176, 79}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
Extension ec_point_formats, formats: [uncompressed]
***
%% Initialized: [Session-4, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
** TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
update handshake state: server_hello[2]
upcoming handshake states: server certificate[11]
upcoming handshake states: server_key_exchange[12](optional)
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
[read] MD5 and SHA1 hashes: len = 87
0000: 02 00 00 53 03 03 ED CE 8E 53 WQ 7A C5 91 57 15 ...S.....S.z..W.
0010: 1B A3 99 59 A3 98 9D 19 BC 6A DC 5E 10 E7 CF 02 ...Y.....j.^....
0020: 24 27 56 7A 02 C0 20 C2 38 44 D2 17 7C B8 B6 AB $'Vz.. .8D......
0030: 01 C5 71 7F C5 60 3F 02 49 BE 87 E3 6C 2D A3 5C ..q..`?.I...l-.\
0040: 12 CB B7 4E 55 B0 4F C0 2F 00 00 0B FF 01 00 01 ...NU.O./.......
0050: 00 00 0B 00 02 01 00 .......
[Raw read]: length = 5
0000: 16 03 03 09 33 ....3
[Raw read]: length = 2355
0000: 0B 00 09 2F 00 09 2C 00 04 1B 30 82 04 17 30 82 .../..,...0...0.
0010: 01 FF A0 03 02 01 02 02 08 D5 02 20 82 D0 F8 84 ........... ....
0020: 37 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 70...*.H........
0030: 30 1E 31 1C 30 1A 06 03 55 04 03 0C 13 6D 33 5F 0.1.0...U....m3_
0040: 65 78 74 65 72 6E 61 6C 5F 63 61 5F 74 65 73 74 external_ca_test
0050: 30 1E 17 0D 31 38 30 36 31 32 30 37 35 31 33 39 0...180612075139
0060: 5A 17 0D 32 30 30 36 31 31 30 37 35 31 33 39 5A Z..200611075139Z
0070: 30 2A 31 0B 30 09 06 03 55 04 06 13 02 55 47 31 0*1.0...U....UG1
0080: 1B 30 19 06 03 55 04 03 0C 12 65 63 77 2D 74 65 .0...U....www-te
0090: 73 74 2E 6D 74 6E 2E 63 6F 2E 75 67 30 82 01 22 st.ext.co.ke0.."
00A0: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 0...*.H.........
00B0: 82 01 0F 00 30 82 01 0A 02 82 01 01 00 94 9B F1 ....0...........
00C0: 04 82 3F B0 F9 AE F4 98 CD 53 E4 1B B8 9A 90 A7 ..?......S......
00D0: 54 C2 3Q BD 2E 68 40 DC 1C 4A 15 FC 8A A9 3C 37 T.[[email protected]....<7
00E0: EE 9F 4C C7 68 32 B5 3Q 61 07 6A E1 F6 D3 17 E5 ..L.h2.[a.j.....
00F0: FC 3B 30 76 E2 5C 91 4C 91 46 0A 44 AC 3B 3Q A5 .;0v.\.L.F.D.;..
0100: 3E 3Q FB E8 15 62 13 AA 11 DC 40 25 FC 2D B1 3Q >....b....@%.-.[
0110: 6B 17 F2 0F 4E B6 3A B1 52 74 88 08 40 B7 43 0C k...N.:[email protected].
0120: 55 5C 3Q A6 8D 8E 45 87 6E D0 B7 50 20 AD 39 10 U\[...E.n..P .9.
0130: 74 C1 3A C0 B9 72 2E D7 D3 EE FF 46 DE EB E6 E1 t.:..r.....F....
0140: 88 43 C4 4F 73 11 33 93 34 CE F4 C2 A8 66 FC F4 .C.Os.3.4....f..
0150: E3 7B 3Q 43 71 0C 6C 26 5C F5 47 B3 CE 8F FA 14 ..[Cq.l&\.G.....
0160: 02 7D D3 24 31 A1 13 7A 81 D6 DE D0 83 16 80 93 ...$1..z........
0170: 5A 7E 75 D6 02 B4 04 F3 35 51 88 CC 36 CE 43 79 Z.u.....5Q..6.Cy
0180: F5 F8 9D 01 74 9E 81 80 78 96 2A 25 BF 02 B0 3E ....t...x.*%...>
0190: AD EC 3C 63 72 86 17 A5 C2 35 04 72 2F 94 77 D6 ..<cr....5.r/.w.
01A0: 92 7E A5 9C 21 19 97 0F 80 EB C2 6E 50 92 9C 33 ....!......nP..3
01B0: B0 30 FA CE C9 B2 4F E9 E5 3F 67 F8 ED 02 03 01 .0....O..?g.....
01C0: 00 01 A3 4D 30 4B 30 09 06 03 55 1D 13 04 02 30 ...M0K0...U....0
01D0: 00 30 1D 06 03 55 1D 3Q 04 16 04 14 07 DE 5D 71 .0...U........]q
01E0: F6 5C F7 0C 36 49 0F 0D 42 B7 32 DE 98 6C 74 BF .\..6I..B.2..lt.
01F0: 30 1F 06 03 55 1D 23 04 18 30 16 80 14 5F 7F 19 0...U.#..0..._..
0200: 08 87 CD CC DD 56 B8 E4 C5 F4 6D B3 8E 18 E6 E3 .....V....m.....
0210: 83 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 .0...*.H........
0220: 03 82 02 01 00 48 E7 EC 53 40 38 F2 CA 62 39 A1 [email protected].
0230: 3Q B5 21 3E 67 F6 3Q 7F 28 1A 71 21 A1 4B 24 4F [.!>g...(.q!.K$O
0240: 68 39 4D E5 48 4B 76 2A 78 B0 4C 66 C3 93 37 10 h9M.HKv*x.Lf..7.
0250: 40 42 A7 55 15 A6 4B 6A 0A A0 F4 0F 66 55 96 7F @B.U..Kj....fU..
0260: 45 DD C5 D7 6D 1A 9D D9 26 A7 04 C1 A3 B8 59 48 E...m...&.....YH
0270: 9A CE D6 50 ED EC 48 7B 16 9D 9C EF 43 E2 E8 3E ...P..H.....C..>
0280: 5D 46 B7 A8 3Q A1 D0 1A 71 2B 30 68 7F 2C 6F 31 ]F..[...q+0h.,o1
0290: A2 D9 A5 4E 16 09 3D 5E F1 F7 A1 29 6E E9 37 61 ...N..=^...)n.7a
02A0: 22 15 44 CE 34 CC AB 82 7D 1E 53 41 6E 52 9E A0 ".D.4.....SAnR..
02B0: 0B D3 50 32 70 5A 42 F5 FC F1 67 D3 3B A4 93 10 ..P2pZB...g.;...
02C0: 34 FB C0 F8 70 2D 90 2B 97 4C E5 0B 15 FA F0 45 4...p-.+.L.....E
02D0: 3E B6 52 06 7D E0 9E E1 09 CD 42 33 0F 80 71 DA >.R.......B3..q.
02E0: D5 44 19 60 81 C0 B9 32 7B 4A 78 67 7E 1F 65 33 .D.`...2.Jxg..e3
02F0: 60 B2 B2 4D EF 19 87 B8 AD FE D2 5E 76 63 9E 73 `..M.......^vc.s
0300: 66 B0 B2 41 AD 1D E8 E0 3F 99 DC D0 D2 C7 75 7A f..A....?.....uz
0310: 74 6E 9E 83 0B BF 8F 91 37 A0 E3 62 F9 E0 69 9C tn......7..b..i.
0320: FE 95 9C B4 13 67 A5 32 C0 5A 97 5C B5 7F 36 9E .....g.2.Z.\..6.
0330: 83 F3 E2 82 BD F8 F7 68 0F 75 EE 48 9F B4 C5 E2 .......h.u.H....
0340: EA 91 59 2C 96 70 DE F9 43 F7 B0 8F C9 C4 8E 24 ..Y,.p..C......$
0350: CE AD 73 40 0F 38 70 CE 4A 45 01 93 2E FB D1 BF [email protected]......
0360: 1A 4E 65 66 FE E7 67 26 70 B6 A0 B4 97 67 2F 91 .Nef..g&p....g/.
0370: 27 6D CF 9A 32 BA E9 C4 CB 1C 13 67 D3 18 40 89 'm..2......g..@.
0380: CF C5 E4 A4 86 A1 5F E7 C3 85 7A 4E 3B 57 AD 95 ......_...zN;W..
0390: FB B0 73 8D 91 19 26 3B BD C2 CD EF 39 51 9E C6 ..s...&;....9Q..
03A0: 14 73 0A 6F 5C 73 70 0B 73 04 A3 CF D2 34 AC 3A .s.o\sp.s....4.:
03B0: 43 06 8F AF F5 37 B9 1A 33 A9 D0 CF EF 14 60 29 C....7..3.....`)
03C0: 12 71 92 74 25 D9 3C B3 C6 5D B7 10 96 13 0D FA .q.t%.<..]......
03D0: 31 42 13 AC B2 ED 50 03 CF E8 6B 28 5F 88 F7 57 1B....P...k(_..W
03E0: 1E CC 47 B8 EB EC B9 E0 BA FF 09 24 F7 A1 03 43 ..G........$...C
03F0: 2A C8 75 14 C4 B6 31 A2 2C 3F 5A D3 FC E6 09 87 *.u...1.,?Z.....
0400: 55 AC DF 06 B7 72 EF 3C A6 2B 20 9E 06 F7 B6 53 U....r.<.+ ....S
0410: 3Q 8B F1 C3 4F 38 72 15 BC 27 14 06 27 79 AF AA ....O8r..'..'y..
0420: 3C FA 47 B4 2C 00 05 0B 30 82 05 07 30 82 02 EF <.G.,...0...0...
0430: A0 03 02 01 02 02 01 01 30 0D 06 09 2A 86 48 86 ........0...*.H.
0440: F7 0D 01 01 0B 05 00 30 1E 31 1C 30 1A 06 03 55 .......0.1.0...U
0450: 04 03 0C 13 6D 33 5F 65 78 74 65 72 6E 61 6C 5F ....m3_external_
0460: 63 61 5F 74 65 73 74 30 1E 17 0D 31 38 30 36 31 ca_test0...18061
0470: 31 32 30 32 37 30 32 5A 17 0D 32 38 30 36 30 38 1202702Z..280608
0480: 32 30 32 37 30 32 5A 30 1E 31 1C 30 1A 06 03 55 202702Z0.1.0...U
0490: 04 03 0C 13 6D 33 5F 65 78 74 65 72 6E 61 6C 5F ....m3_external_
04A0: 63 61 5F 74 65 73 74 30 82 02 22 30 0D 06 09 2A ca_test0.."0...*
04B0: 86 48 86 F7 0D 01 01 01 05 00 03 82 02 0F 00 30 .H.............0
04C0: 82 02 0A 02 82 02 01 00 88 91 97 01 35 BB 35 3D ............5.5=
04D0: 2C 06 7D 2A 6D 8A 36 26 65 18 08 8D 46 EB B1 3Q ,..*m.6&e...F...
04E0: 92 09 53 79 CF 63 36 57 CA 67 B8 B5 60 1C FF D6 ..Sy.c6W.g..`...
04F0: C3 E8 9D 27 9B 04 DF 7F B5 D2 A3 67 43 C9 85 2B ...'.......gC..+
0500: 60 CB 94 5C D6 EF 19 75 FA 32 53 A3 C4 FF 4A 5E `..\...u.2S...J^
0510: 6E 99 50 97 5E 5C 57 0A C2 68 A5 16 0C 06 09 40 n.P.^\W..h.....@
0520: 8B 20 3F 3B CB C2 B8 09 FE D4 3D 3Q 49 DA EB 7E . ?;......=[I...
0530: A0 2E 65 41 0A BD 89 13 F9 63 49 C7 AE 2B 07 1C ..eA.....cI..+..
0540: 59 85 22 09 7C 9D 31 9B 6E FB 33 6E 4A CF 45 03 Y."...1.n.3nJ.E.
0550: 55 A8 6F 6F AC 3A 4A 3B 00 95 C1 65 B5 56 6F 6F U.oo.:J;...e.Voo
0560: F5 9E 23 6C 8A 0D 14 DA 36 18 C3 7D 6F 88 4A B7 ..#l....6...o.J.
0570: 99 79 81 9C F0 F3 97 AB 32 24 95 AC FF BA 75 3F .y......2$....u?
0580: 47 75 22 91 3E 23 20 D8 DF F6 BF F2 F4 B9 E0 AB Gu".># .........
0590: E9 84 51 90 4F 96 48 21 DC BE 74 50 7B 78 4E 77 ..Q.O.H!..tP.xNw
05A0: 4C 45 9B 8C 7B 05 B9 C4 76 0D 40 2C CD 59 3B 65 LE......v.@,.Y;e
05B0: BE FD WQ BF 88 D3 02 0A E3 AA 5E ED 1E 03 00 74 ..........^....t
05C0: 98 B4 7C B7 D8 DE C6 0D 38 7B A7 98 C6 02 7C FF ........8.......
05D0: 91 BD DC E2 F0 25 1F 62 58 E3 80 7F AE 8C 9B 97 .....%.bX.......
05E0: 40 97 C0 2D 6E 02 14 4D B9 B2 EC 47 01 D2 48 56 @..-n..M...G..HV
05F0: 94 38 E3 4D 75 B3 7B 96 11 AC E3 EF EC DF D1 4F .8.Mu..........O
0600: 84 28 0C 67 5F C0 D8 A8 68 B2 BE 8A D3 63 AD 2D .(.g_...h....c.-
0610: A9 0A 62 4B 73 E4 EC CE 3C FD 8D 3F 5C 18 00 CD ..bKs...<..?\...
0620: A2 66 F5 3F 75 AC ED 31 20 F0 6A C6 3Q 88 D2 33 .f.?u..1 .j.[..3
0630: 7B 73 CD 69 CC E3 4B 1D 9C 3B 83 5A 3E 95 7C 19 .s.i..K..;.Z>...
0640: 46 EE 34 0B 73 7E 7E F7 1F 32 DC F4 08 E7 51 3B F.4.s....2....Q;
0650: 40 B3 F2 35 26 06 8E E5 57 D0 8E 25 F8 A3 B2 9C @..5&...W..%....
0660: 4A 57 4A 88 D1 B1 50 1C F1 A1 E4 19 C8 FF 6E 22 JWJ...P.......n"
0670: D9 BC 63 D0 8F 32 6E 02 0A 5A 6F 2B D8 68 40 A3 ..c..2n..Zo+.h@.
0680: B6 65 2A 7A 42 D6 03 39 46 BE 8E 2E 58 E8 D8 7B .e*zB..9F...X...
0690: A2 FF 9E BD A4 B7 3A 4C E1 C2 11 35 A8 E0 C8 07 ......:L...5....
06A0: 21 DE 34 7D A7 72 5D 6D A3 7F B5 F7 E3 61 8E 09 !.4..r]m.....a..
06B0: D9 03 E1 AB 17 CE 8F 83 2F 22 F0 3B F4 93 EA 43 ......../".;...C
06C0: A6 C9 10 72 9E 32 CB E3 02 03 01 00 01 A3 50 30 ...r.2........P0
06D0: 4E 30 0C 06 03 55 1D 13 04 05 30 03 01 01 FF 30 N0...U....0....0
06E0: 1D 06 03 55 1D 3Q 04 16 04 14 5F 7F 19 08 87 CD ...U......_.....
06F0: CC DD 56 B8 E4 C5 F4 6D B3 8E 18 E6 E3 83 30 1F ..V....m......0.
0700: 06 03 55 1D 23 04 18 30 16 80 14 5F 7F 19 08 87 ..U.#..0..._....
0710: CD CC DD 56 B8 E4 C5 F4 6D B3 8E 18 E6 E3 83 30 ...V....m......0
0720: 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 03 82 ...*.H..........
0730: 02 01 00 2B A6 71 B1 E3 8A AF 97 CF 02 55 D6 EC ...+.q.......U..
0740: 02 CE 56 69 27 B5 34 51 33 19 74 18 DF F4 1C A2 ..Vi'.4Q3.t.....
0750: 63 7A WQ B6 0B 3A 00 1F 64 13 DA B6 73 5F BC BD cz...:..d...s_..
0760: 69 BA 08 7B 7E 15 CE A5 8F 85 0F 35 EF CE 46 A5 i..........5..F.
0770: 46 77 B0 CB 86 22 4C CA EA F1 28 B8 94 E6 B3 6C Fw..."L...(....l
0780: 42 61 36 66 34 6C FD 87 4E 2E BA EA 33 5D 14 DD Ba6f4l..N...3]..
0790: 84 1F 4B 89 EF 1B AE D9 F3 38 3E DF 8A 73 00 C5 ..K......8>..s..
07A0: 12 86 D2 95 00 BC 5D FC EB AA F2 8D 24 6C D5 70 ......].....$l.p
07B0: 3Q 86 B0 A7 CC EE 29 8D 6F BB B6 20 CA 78 5E 5C ......).o.. .x^\
07C0: 2E 8A 64 32 AA E1 DF 1F 8A E3 F3 BE 73 35 70 B8 ..d2........s5p.
07D0: 75 E0 77 BB 9C 9A 6D C8 2D 5F 65 23 DD E3 F7 64 u.w...m.-_e#...d
07E0: 89 F4 C4 D3 60 2B 24 F1 C2 C5 DF 88 01 90 F5 68 ....`+$........h
07F0: 67 9D 4B 47 C7 5F 9F 9B 2F E6 71 3F AE F3 A5 72 g.KG._../.q?...r
0800: 78 8D 73 8B 77 0D 21 C3 A4 B0 D3 B2 F3 02 68 AC x.s.w.!.......h.
0810: 66 31 83 85 3B 98 0F F7 8B 5C 33 4B 06 4E 08 43 f1..;....\3K.N.C
0820: 58 CF 74 1B 0A B9 F4 BF 5D 71 D9 18 30 AF 66 B7 X.t.....]q..0.f.
0830: D8 8A 43 0F 0C 6A 12 D2 8A 3Q 0D 87 15 77 70 D0 ..C..j.......wp.
0840: AC D6 89 11 43 27 56 3Q 02 E0 11 43 FF EF 1A DC ....C'V[...C....
0850: 62 F5 8E 0F E5 76 FD D9 13 03 40 47 C3 79 B0 B9 [email protected]..
0860: 3B 7C EA 2F 94 93 CD 35 D3 D4 35 7E 5C 3Q 01 41 ;../...5..5.\[.A
0870: BB 59 8F 85 A4 04 61 09 C8 13 4A 54 FB 66 CE 2D .Y....a...JT.f.-
0880: 2C 55 F7 E6 58 EF 06 30 1D 49 78 FE 89 WQ 01 12 ,U..X..0.Ix.....
0890: 40 CA EA 9A 3Q 02 98 21 83 92 09 09 9A 33 4C C7 @...[..!.....3L.
08A0: FC 83 9A 74 FB 79 3Q CD 4C 09 66 0F B5 3E D5 BB ...t.y..L.f..>..
08B0: E5 6B 6D E4 9D EC 13 F8 5E D3 5A 88 1E 41 82 55 .km.....^.Z..A.U
08C0: F2 EC 54 1D 86 22 3F D8 7A CF 37 63 9F 96 D2 29 ..T.."?.z.7c...)
08D0: 97 86 CD 15 02 4D EF 9A 24 3E 42 FC 8D C7 32 3F .....M..$>B...2?
08E0: 0B 8A 0B 7D AC F4 8A A5 25 86 7C C2 76 EC 36 10 ........%...v.6.
08F0: A5 0B 65 F4 4C 8B 25 2A CE EF 44 8A E8 7D 26 CD ..e.L.%*..D...&.
0900: 45 01 4C 4A 21 D0 FF 87 4F 6E E9 72 3A AE E5 80 E.LJ!...On.r:...
0910: 3F B3 67 87 AE BE D5 BA 44 21 21 82 CF 71 AF 1E ?.g.....D!!..q..
0920: AD B3 CF A7 A2 7E 47 F7 A5 E1 4D 8B F3 3B FB 2B ......G...M..;.+
0930: 3A 54 94 :T.
AsyncHttpClient-7-1, READ: TLSv1.2 Handshake, length = 2355
check handshake state: certificate[11]
update handshake state: certificate[11]
upcoming handshake states: server_key_exchange[12](optional)
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=www-test.ext.co.ke, C=UG
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
modulus: 18760166742336210646007664495745031327190029464821669470306527829763575346528631782132547941171360849683772583992605930917301481441101416645698614632353739542027025964353638587080188542222265595135606550050263251566024846748496906202147541040537923796925027183659957438551757027649843448864636566620125718160161036066401938675839562124067154220020711797081648913760388845438273214664283001626409771418011670171258850910841909886694279369529607357694509457161786296272001851016465260784571102998268482752579716916942479394342018541725225860288291413277309136676355212252408510983833354048707941547165862153808461166829
public exponent: 65537
Validity: [From: Tue Jun 12 07:51:39 UTC 2018,
To: Thu Jun 11 07:51:39 UTC 2020]
Issuer: CN=xxxxxxx_ca_test
SerialNumber: [ -2afddf7d 2f077bc9]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 5F 7F 19 08 87 CD CC DD 56 B8 E4 C5 F4 6D B3 8E _.......V....m..
0010: 18 E6 E3 83 ....
]
]
[2]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 07 DE 5D 71 F6 5C F7 0C 36 49 0F 0D 42 B7 32 DE ..]q.\..6I..B.2.
0010: 98 6C 74 BF .lt.
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 48 E7 EC 53 40 38 F2 CA 62 39 A1 3Q B5 21 3E 67 [email protected].[.!>g
0010: F6 3Q 7F 28 1A 71 21 A1 4B 24 4F 68 39 4D E5 48 ...(.q!.K$Oh9M.H
0020: 4B 76 2A 78 B0 4C 66 C3 93 37 10 40 42 A7 55 15 Kv*[email protected].
0030: A6 4B 6A 0A A0 F4 0F 66 55 96 7F 45 DD C5 D7 6D .Kj....fU..E...m
0040: 1A 9D D9 26 A7 04 C1 A3 B8 59 48 9A CE D6 50 ED ...&.....YH...P.
0050: EC 48 7B 16 9D 9C EF 43 E2 E8 3E 5D 46 B7 A8 3Q .H.....C..>]F..[
0060: A1 D0 1A 71 2B 30 68 7F 2C 6F 31 A2 D9 A5 4E 16 ...q+0h.,o1...N.
0070: 09 3D 5E F1 F7 A1 29 6E E9 37 61 22 15 44 CE 34 .=^...)n.7a".D.4
0080: CC AB 82 7D 1E 53 41 6E 52 9E A0 0B D3 50 32 70 .....SAnR....P2p
0090: 5A 42 F5 FC F1 67 D3 3B A4 93 10 34 FB C0 F8 70 ZB...g.;...4...p
00A0: 2D 90 2B 97 4C E5 0B 15 FA F0 45 3E B6 52 06 7D -.+.L.....E>.R..
00B0: E0 9E E1 09 CD 42 33 0F 80 71 DA D5 44 19 60 81 .....B3..q..D.`.
00C0: C0 B9 32 7B 4A 78 67 7E 1F 65 33 60 B2 B2 4D EF ..2.Jxg..e3`..M.
00D0: 19 87 B8 AD FE D2 5E 76 63 9E 73 66 B0 B2 41 AD ......^vc.sf..A.
00E0: 1D E8 E0 3F 99 DC D0 D2 C7 75 7A 74 6E 9E 83 0B ...?.....uztn...
00F0: BF 8F 91 37 A0 E3 62 F9 E0 69 9C FE 95 9C B4 13 ...7..b..i......
0100: 67 A5 32 C0 5A 97 5C B5 7F 36 9E 83 F3 E2 82 BD g.2.Z.\..6......
0110: F8 F7 68 0F 75 EE 48 9F B4 C5 E2 EA 91 59 2C 96 ..h.u.H......Y,.
0120: 70 DE F9 43 F7 B0 8F C9 C4 8E 24 CE AD 73 40 0F p..C......$..s@.
0130: 38 70 CE 4A 45 01 93 2E FB D1 BF 1A 4E 65 66 FE 8p.JE.......Nef.
0140: E7 67 26 70 B6 A0 B4 97 67 2F 91 27 6D CF 9A 32 .g&p....g/.'m..2
0150: BA E9 C4 CB 1C 13 67 D3 18 40 89 CF C5 E4 A4 86 ......g..@......
0160: A1 5F E7 C3 85 7A 4E 3B 57 AD 95 FB B0 73 8D 91 ._...zN;W....s..
0170: 19 26 3B BD C2 CD EF 39 51 9E C6 14 73 0A 6F 5C .&;....9Q...s.o\
0180: 73 70 0B 73 04 A3 CF D2 34 AC 3A 43 06 8F AF F5 sp.s....4.:C....
0190: 37 B9 1A 33 A9 D0 CF EF 14 60 29 12 71 92 74 25 7..3.....`).q.t%
01A0: D9 3C B3 C6 5D B7 10 96 13 0D FA 31 42 13 AC B2 .<..]......1B...
01B0: ED 50 03 CF E8 6B 28 5F 88 F7 57 1E CC 47 B8 EB .P...k(_..W..G..
01C0: EC B9 E0 BA FF 09 24 F7 A1 03 43 2A C8 75 14 C4 ......$...C*.u..
01D0: B6 31 A2 2C 3F 5A D3 FC E6 09 87 55 AC DF 06 B7 .1.,?Z.....U....
01E0: 72 EF 3C A6 2B 20 9E 06 F7 B6 53 3Q 8B F1 C3 4F r.<.+ ....S....O
01F0: 38 72 15 BC 27 14 06 27 79 AF AA 3C FA 47 B4 2C 8r..'..'y..<.G.,
]
chain [1] = [
[
Version: V3
Subject: CN=xxxxxxx_ca_test
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 4096 bits
modulus: 557151729257513438839644150388994050633257463150916756666288129639829273703829321229726135597409651267923163753540191812166215491681418750095800124039177047610921338095584777847693211532173924379229429356988539203692954447396372998918466327209925104754132112452040117309037337899793627958986425102119033235946821927766586736238366399909058576730416643277317107012215518939823367870794050831329502931200465236622573918783105404625612091949806908192432139109240293637102989990682880462249168023520927635743443446087921283697496893345488202662761882381308627361840750432546788878561709613460624082025467787953553336217008221683384807014080736684293664958483129172471210065490491426284163056269241358166314722428304811418521683643082368229159063698592514583819017847444753883136339509772465286214624964332968123898190861074330815047931167787772472284663941700641329596402280513951974416355486973105161800167081754916542965323709213497146993492567648900054926942904129100128883337830188142220064431633066248767423041608386155063786967752130358976047264442038254969571760619157207175872513536937111013216384389085422556190661912889530860668679008606571201626257041618168321149461375656917730604989009634813014849328401907226383781886872547
public exponent: 65537
Validity: [From: Mon Jun 11 20:27:02 UTC 2018,
To: Thu Jun 08 20:27:02 UTC 2028]
Issuer: CN=xxxxxxx_ca_test
SerialNumber: [ 01]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 5F 7F 19 08 87 CD CC DD 56 B8 E4 C5 F4 6D B3 8E _.......V....m..
0010: 18 E6 E3 83 ....
]
]
[2]: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 5F 7F 19 08 87 CD CC DD 56 B8 E4 C5 F4 6D B3 8E _.......V....m..
0010: 18 E6 E3 83 ....
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 2B A6 71 B1 E3 8A AF 97 CF 02 55 D6 EC 02 CE 56 +.q.......U....V
0010: 69 27 B5 34 51 33 19 74 18 DF F4 1C A2 63 7A WQ i'.4Q3.t.....cz.
0020: B6 0B 3A 00 1F 64 13 DA B6 73 5F BC BD 69 BA 08 ..:..d...s_..i..
0030: 7B 7E 15 CE A5 8F 85 0F 35 EF CE 46 A5 46 77 B0 ........5..F.Fw.
0040: CB 86 22 4C CA EA F1 28 B8 94 E6 B3 6C 42 61 36 .."L...(....lBa6
0050: 66 34 6C FD 87 4E 2E BA EA 33 5D 14 DD 84 1F 4B f4l..N...3]....K
0060: 89 EF 1B AE D9 F3 38 3E DF 8A 73 00 C5 12 86 D2 ......8>..s.....
0070: 95 00 BC 5D FC EB AA F2 8D 24 6C D5 70 3Q 86 B0 ...].....$l.p...
0080: A7 CC EE 29 8D 6F BB B6 20 CA 78 5E 5C 2E 8A 64 ...).o.. .x^\..d
0090: 32 AA E1 DF 1F 8A E3 F3 BE 73 35 70 B8 75 E0 77 2........s5p.u.w
00A0: BB 9C 9A 6D C8 2D 5F 65 23 DD E3 F7 64 89 F4 C4 ...m.-_e#...d...
00B0: D3 60 2B 24 F1 C2 C5 DF 88 01 90 F5 68 67 9D 4B .`+$........hg.K
00C0: 47 C7 5F 9F 9B 2F E6 71 3F AE F3 A5 72 78 8D 73 G._../.q?...rx.s
00D0: 8B 77 0D 21 C3 A4 B0 D3 B2 F3 02 68 AC 66 31 83 .w.!.......h.f1.
00E0: 85 3B 98 0F F7 8B 5C 33 4B 06 4E 08 43 58 CF 74 .;....\3K.N.CX.t
00F0: 1B 0A B9 F4 BF 5D 71 D9 18 30 AF 66 B7 D8 8A 43 .....]q..0.f...C
0100: 0F 0C 6A 12 D2 8A 3Q 0D 87 15 77 70 D0 AC D6 89 ..j.......wp....
0110: 11 43 27 56 3Q 02 E0 11 43 FF EF 1A DC 62 F5 8E .C'V[...C....b..
0120: 0F E5 76 FD D9 13 03 40 47 C3 79 B0 B9 3B 7C EA [email protected]..;..
0130: 2F 94 93 CD 35 D3 D4 35 7E 5C 3Q 01 41 BB 59 8F /...5..5.\[.A.Y.
0140: 85 A4 04 61 09 C8 13 4A 54 FB 66 CE 2D 2C 55 F7 ...a...JT.f.-,U.
0150: E6 58 EF 06 30 1D 49 78 FE 89 WQ 01 12 40 CA EA .X..0.Ix.....@..
0160: 9A 3Q 02 98 21 83 92 09 09 9A 33 4C C7 FC 83 9A .[..!.....3L....
0170: 74 FB 79 3Q CD 4C 09 66 0F B5 3E D5 BB E5 6B 6D t.y..L.f..>...km
0180: E4 9D EC 13 F8 5E D3 5A 88 1E 41 82 55 F2 EC 54 .....^.Z..A.U..T
0190: 1D 86 22 3F D8 7A CF 37 63 9F 96 D2 29 97 86 CD .."?.z.7c...)...
01A0: 15 02 4D EF 9A 24 3E 42 FC 8D C7 32 3F 0B 8A 0B ..M..$>B...2?...
01B0: 7D AC F4 8A A5 25 86 7C C2 76 EC 36 10 A5 0B 65 .....%...v.6...e
01C0: F4 4C 8B 25 2A CE EF 44 8A E8 7D 26 CD 45 01 4C .L.%*..D...&.E.L
01D0: 4A 21 D0 FF 87 4F 6E E9 72 3A AE E5 80 3F B3 67 J!...On.r:...?.g
01E0: 87 AE BE D5 BA 44 21 21 82 CF 71 AF 1E AD B3 CF .....D!!..q.....
01F0: A7 A2 7E 47 F7 A5 E1 4D 8B F3 3B FB 2B 3A 54 94 ...G...M..;.+:T.
]
***
[read] MD5 and SHA1 hashes: len = 2355
0000: 0B 00 09 2F 00 09 2C 00 04 1B 30 82 04 17 30 82 .../..,...0...0.
0010: 01 FF A0 03 02 01 02 02 08 D5 02 20 82 D0 F8 84 ........... ....
0020: 37 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 70...*.H........
0030: 30 1E 31 1C 30 1A 06 03 55 04 03 0C 13 6D 33 5F 0.1.0...U....m3_
0040: 65 78 74 65 72 6E 61 6C 5F 63 61 5F 74 65 73 74 external_ca_test
0050: 30 1E 17 0D 31 38 30 36 31 32 30 37 35 31 33 39 0...180612075139
0060: 5A 17 0D 32 30 30 36 31 31 30 37 35 31 33 39 5A Z..200611075139Z
0070: 30 2A 31 0B 30 09 06 03 55 04 06 13 02 55 47 31 0*1.0...U....UG1
0080: 1B 30 19 06 03 55 04 03 0C 12 65 63 77 2D 74 65 .0...U....www-te
0090: 73 74 2E 6D 74 6E 2E 63 6F 2E 75 67 30 82 01 22 st.ext.co.ke0.."
00A0: 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 0...*.H.........
00B0: 82 01 0F 00 30 82 01 0A 02 82 01 01 00 94 9B F1 ....0...........
00C0: 04 82 3F B0 F9 AE F4 98 CD 53 E4 1B B8 9A 90 A7 ..?......S......
00D0: 54 C2 3Q BD 2E 68 40 DC 1C 4A 15 FC 8A A9 3C 37 T.[[email protected]....<7
00E0: EE 9F 4C C7 68 32 B5 3Q 61 07 6A E1 F6 D3 17 E5 ..L.h2.[a.j.....
00F0: FC 3B 30 76 E2 5C 91 4C 91 46 0A 44 AC 3B 3Q A5 .;0v.\.L.F.D.;..
0100: 3E 3Q FB E8 15 62 13 AA 11 DC 40 25 FC 2D B1 3Q >....b....@%.-.[
0110: 6B 17 F2 0F 4E B6 3A B1 52 74 88 08 40 B7 43 0C k...N.:[email protected].
0120: 55 5C 3Q A6 8D 8E 45 87 6E D0 B7 50 20 AD 39 10 U\[...E.n..P .9.
0130: 74 C1 3A C0 B9 72 2E D7 D3 EE FF 46 DE EB E6 E1 t.:..r.....F....
0140: 88 43 C4 4F 73 11 33 93 34 CE F4 C2 A8 66 FC F4 .C.Os.3.4....f..
0150: E3 7B 3Q 43 71 0C 6C 26 5C F5 47 B3 CE 8F FA 14 ..[Cq.l&\.G.....
0160: 02 7D D3 24 31 A1 13 7A 81 D6 DE D0 83 16 80 93 ...$1..z........
0170: 5A 7E 75 D6 02 B4 04 F3 35 51 88 CC 36 CE 43 79 Z.u.....5Q..6.Cy
0180: F5 F8 9D 01 74 9E 81 80 78 96 2A 25 BF 02 B0 3E ....t...x.*%...>
0190: AD EC 3C 63 72 86 17 A5 C2 35 04 72 2F 94 77 D6 ..<cr....5.r/.w.
01A0: 92 7E A5 9C 21 19 97 0F 80 EB C2 6E 50 92 9C 33 ....!......nP..3
01B0: B0 30 FA CE C9 B2 4F E9 E5 3F 67 F8 ED 02 03 01 .0....O..?g.....
01C0: 00 01 A3 4D 30 4B 30 09 06 03 55 1D 13 04 02 30 ...M0K0...U....0
01D0: 00 30 1D 06 03 55 1D 3Q 04 16 04 14 07 DE 5D 71 .0...U........]q
01E0: F6 5C F7 0C 36 49 0F 0D 42 B7 32 DE 98 6C 74 BF .\..6I..B.2..lt.
01F0: 30 1F 06 03 55 1D 23 04 18 30 16 80 14 5F 7F 19 0...U.#..0..._..
0200: 08 87 CD CC DD 56 B8 E4 C5 F4 6D B3 8E 18 E6 E3 .....V....m.....
0210: 83 30 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 .0...*.H........
0220: 03 82 02 01 00 48 E7 EC 53 40 38 F2 CA 62 39 A1 [email protected].
0230: 3Q B5 21 3E 67 F6 3Q 7F 28 1A 71 21 A1 4B 24 4F [.!>g...(.q!.K$O
0240: 68 39 4D E5 48 4B 76 2A 78 B0 4C 66 C3 93 37 10 h9M.HKv*x.Lf..7.
0250: 40 42 A7 55 15 A6 4B 6A 0A A0 F4 0F 66 55 96 7F @B.U..Kj....fU..
0260: 45 DD C5 D7 6D 1A 9D D9 26 A7 04 C1 A3 B8 59 48 E...m...&.....YH
0270: 9A CE D6 50 ED EC 48 7B 16 9D 9C EF 43 E2 E8 3E ...P..H.....C..>
0280: 5D 46 B7 A8 3Q A1 D0 1A 71 2B 30 68 7F 2C 6F 31 ]F..[...q+0h.,o1
0290: A2 D9 A5 4E 16 09 3D 5E F1 F7 A1 29 6E E9 37 61 ...N..=^...)n.7a
02A0: 22 15 44 CE 34 CC AB 82 7D 1E 53 41 6E 52 9E A0 ".D.4.....SAnR..
02B0: 0B D3 50 32 70 5A 42 F5 FC F1 67 D3 3B A4 93 10 ..P2pZB...g.;...
02C0: 34 FB C0 F8 70 2D 90 2B 97 4C E5 0B 15 FA F0 45 4...p-.+.L.....E
02D0: 3E B6 52 06 7D E0 9E E1 09 CD 42 33 0F 80 71 DA >.R.......B3..q.
02E0: D5 44 19 60 81 C0 B9 32 7B 4A 78 67 7E 1F 65 33 .D.`...2.Jxg..e3
02F0: 60 B2 B2 4D EF 19 87 B8 AD FE D2 5E 76 63 9E 73 `..M.......^vc.s
0300: 66 B0 B2 41 AD 1D E8 E0 3F 99 DC D0 D2 C7 75 7A f..A....?.....uz
0310: 74 6E 9E 83 0B BF 8F 91 37 A0 E3 62 F9 E0 69 9C tn......7..b..i.
0320: FE 95 9C B4 13 67 A5 32 C0 5A 97 5C B5 7F 36 9E .....g.2.Z.\..6.
0330: 83 F3 E2 82 BD F8 F7 68 0F 75 EE 48 9F B4 C5 E2 .......h.u.H....
0340: EA 91 59 2C 96 70 DE F9 43 F7 B0 8F C9 C4 8E 24 ..Y,.p..C......$
0350: CE AD 73 40 0F 38 70 CE 4A 45 01 93 2E FB D1 BF [email protected]......
0360: 1A 4E 65 66 FE E7 67 26 70 B6 A0 B4 97 67 2F 91 .Nef..g&p....g/.
0370: 27 6D CF 9A 32 BA E9 C4 CB 1C 13 67 D3 18 40 89 'm..2......g..@.
0380: CF C5 E4 A4 86 A1 5F E7 C3 85 7A 4E 3B 57 AD 95 ......_...zN;W..
0390: FB B0 73 8D 91 19 26 3B BD C2 CD EF 39 51 9E C6 ..s...&;....9Q..
03A0: 14 73 0A 6F 5C 73 70 0B 73 04 A3 CF D2 34 AC 3A .s.o\sp.s....4.:
03B0: 43 06 8F AF F5 37 B9 1A 33 A9 D0 CF EF 14 60 29 C....7..3.....`)
03C0: 12 71 92 74 25 D9 3C B3 C6 5D B7 10 96 13 0D FA .q.t%.<..]......
03D0: 31 42 13 AC B2 ED 50 03 CF E8 6B 28 5F 88 F7 57 1B....P...k(_..W
03E0: 1E CC 47 B8 EB EC B9 E0 BA FF 09 24 F7 A1 03 43 ..G........$...C
03F0: 2A C8 75 14 C4 B6 31 A2 2C 3F 5A D3 FC E6 09 87 *.u...1.,?Z.....
0400: 55 AC DF 06 B7 72 EF 3C A6 2B 20 9E 06 F7 B6 53 U....r.<.+ ....S
0410: 3Q 8B F1 C3 4F 38 72 15 BC 27 14 06 27 79 AF AA ....O8r..'..'y..
0420: 3C FA 47 B4 2C 00 05 0B 30 82 05 07 30 82 02 EF <.G.,...0...0...
0430: A0 03 02 01 02 02 01 01 30 0D 06 09 2A 86 48 86 ........0...*.H.
0440: F7 0D 01 01 0B 05 00 30 1E 31 1C 30 1A 06 03 55 .......0.1.0...U
0450: 04 03 0C 13 6D 33 5F 65 78 74 65 72 6E 61 6C 5F ....m3_external_
0460: 63 61 5F 74 65 73 74 30 1E 17 0D 31 38 30 36 31 ca_test0...18061
0470: 31 32 30 32 37 30 32 5A 17 0D 32 38 30 36 30 38 1202702Z..280608
0480: 32 30 32 37 30 32 5A 30 1E 31 1C 30 1A 06 03 55 202702Z0.1.0...U
0490: 04 03 0C 13 6D 33 5F 65 78 74 65 72 6E 61 6C 5F ....m3_external_
04A0: 63 61 5F 74 65 73 74 30 82 02 22 30 0D 06 09 2A ca_test0.."0...*
04B0: 86 48 86 F7 0D 01 01 01 05 00 03 82 02 0F 00 30 .H.............0
04C0: 82 02 0A 02 82 02 01 00 88 91 97 01 35 BB 35 3D ............5.5=
04D0: 2C 06 7D 2A 6D 8A 36 26 65 18 08 8D 46 EB B1 3Q ,..*m.6&e...F...
04E0: 92 09 53 79 CF 63 36 57 CA 67 B8 B5 60 1C FF D6 ..Sy.c6W.g..`...
04F0: C3 E8 9D 27 9B 04 DF 7F B5 D2 A3 67 43 C9 85 2B ...'.......gC..+
0500: 60 CB 94 5C D6 EF 19 75 FA 32 53 A3 C4 FF 4A 5E `..\...u.2S...J^
0510: 6E 99 50 97 5E 5C 57 0A C2 68 A5 16 0C 06 09 40 n.P.^\W..h.....@
0520: 8B 20 3F 3B CB C2 B8 09 FE D4 3D 3Q 49 DA EB 7E . ?;......=[I...
0530: A0 2E 65 41 0A BD 89 13 F9 63 49 C7 AE 2B 07 1C ..eA.....cI..+..
0540: 59 85 22 09 7C 9D 31 9B 6E FB 33 6E 4A CF 45 03 Y."...1.n.3nJ.E.
0550: 55 A8 6F 6F AC 3A 4A 3B 00 95 C1 65 B5 56 6F 6F U.oo.:J;...e.Voo
0560: F5 9E 23 6C 8A 0D 14 DA 36 18 C3 7D 6F 88 4A B7 ..#l....6...o.J.
0570: 99 79 81 9C F0 F3 97 AB 32 24 95 AC FF BA 75 3F .y......2$....u?
0580: 47 75 22 91 3E 23 20 D8 DF F6 BF F2 F4 B9 E0 AB Gu".># .........
0590: E9 84 51 90 4F 96 48 21 DC BE 74 50 7B 78 4E 77 ..Q.O.H!..tP.xNw
05A0: 4C 45 9B 8C 7B 05 B9 C4 76 0D 40 2C CD 59 3B 65 LE......v.@,.Y;e
05B0: BE FD WQ BF 88 D3 02 0A E3 AA 5E ED 1E 03 00 74 ..........^....t
05C0: 98 B4 7C B7 D8 DE C6 0D 38 7B A7 98 C6 02 7C FF ........8.......
05D0: 91 BD DC E2 F0 25 1F 62 58 E3 80 7F AE 8C 9B 97 .....%.bX.......
05E0: 40 97 C0 2D 6E 02 14 4D B9 B2 EC 47 01 D2 48 56 @..-n..M...G..HV
05F0: 94 38 E3 4D 75 B3 7B 96 11 AC E3 EF EC DF D1 4F .8.Mu..........O
0600: 84 28 0C 67 5F C0 D8 A8 68 B2 BE 8A D3 63 AD 2D .(.g_...h....c.-
0610: A9 0A 62 4B 73 E4 EC CE 3C FD 8D 3F 5C 18 00 CD ..bKs...<..?\...
0620: A2 66 F5 3F 75 AC ED 31 20 F0 6A C6 3Q 88 D2 33 .f.?u..1 .j.[..3
0630: 7B 73 CD 69 CC E3 4B 1D 9C 3B 83 5A 3E 95 7C 19 .s.i..K..;.Z>...
0640: 46 EE 34 0B 73 7E 7E F7 1F 32 DC F4 08 E7 51 3B F.4.s....2....Q;
0650: 40 B3 F2 35 26 06 8E E5 57 D0 8E 25 F8 A3 B2 9C @..5&...W..%....
0660: 4A 57 4A 88 D1 B1 50 1C F1 A1 E4 19 C8 FF 6E 22 JWJ...P.......n"
0670: D9 BC 63 D0 8F 32 6E 02 0A 5A 6F 2B D8 68 40 A3 ..c..2n..Zo+.h@.
0680: B6 65 2A 7A 42 D6 03 39 46 BE 8E 2E 58 E8 D8 7B .e*zB..9F...X...
0690: A2 FF 9E BD A4 B7 3A 4C E1 C2 11 35 A8 E0 C8 07 ......:L...5....
06A0: 21 DE 34 7D A7 72 5D 6D A3 7F B5 F7 E3 61 8E 09 !.4..r]m.....a..
06B0: D9 03 E1 AB 17 CE 8F 83 2F 22 F0 3B F4 93 EA 43 ......../".;...C
06C0: A6 C9 10 72 9E 32 CB E3 02 03 01 00 01 A3 50 30 ...r.2........P0
06D0: 4E 30 0C 06 03 55 1D 13 04 05 30 03 01 01 FF 30 N0...U....0....0
06E0: 1D 06 03 55 1D 3Q 04 16 04 14 5F 7F 19 08 87 CD ...U......_.....
06F0: CC DD 56 B8 E4 C5 F4 6D B3 8E 18 E6 E3 83 30 1F ..V....m......0.
0700: 06 03 55 1D 23 04 18 30 16 80 14 5F 7F 19 08 87 ..U.#..0..._....
0710: CD CC DD 56 B8 E4 C5 F4 6D B3 8E 18 E6 E3 83 30 ...V....m......0
0720: 0D 06 09 2A 86 48 86 F7 0D 01 01 0B 05 00 03 82 ...*.H..........
0730: 02 01 00 2B A6 71 B1 E3 8A AF 97 CF 02 55 D6 EC ...+.q.......U..
0740: 02 CE 56 69 27 B5 34 51 33 19 74 18 DF F4 1C A2 ..Vi'.4Q3.t.....
0750: 63 7A WQ B6 0B 3A 00 1F 64 13 DA B6 73 5F BC BD cz...:..d...s_..
0760: 69 BA 08 7B 7E 15 CE A5 8F 85 0F 35 EF CE 46 A5 i..........5..F.
0770: 46 77 B0 CB 86 22 4C CA EA F1 28 B8 94 E6 B3 6C Fw..."L...(....l
0780: 42 61 36 66 34 6C FD 87 4E 2E BA EA 33 5D 14 DD Ba6f4l..N...3]..
0790: 84 1F 4B 89 EF 1B AE D9 F3 38 3E DF 8A 73 00 C5 ..K......8>..s..
07A0: 12 86 D2 95 00 BC 5D FC EB AA F2 8D 24 6C D5 70 ......].....$l.p
07B0: 3Q 86 B0 A7 CC EE 29 8D 6F BB B6 20 CA 78 5E 5C ......).o.. .x^\
07C0: 2E 8A 64 32 AA E1 DF 1F 8A E3 F3 BE 73 35 70 B8 ..d2........s5p.
07D0: 75 E0 77 BB 9C 9A 6D C8 2D 5F 65 23 DD E3 F7 64 u.w...m.-_e#...d
07E0: 89 F4 C4 D3 60 2B 24 F1 C2 C5 DF 88 01 90 F5 68 ....`+$........h
07F0: 67 9D 4B 47 C7 5F 9F 9B 2F E6 71 3F AE F3 A5 72 g.KG._../.q?...r
0800: 78 8D 73 8B 77 0D 21 C3 A4 B0 D3 B2 F3 02 68 AC x.s.w.!.......h.
0810: 66 31 83 85 3B 98 0F F7 8B 5C 33 4B 06 4E 08 43 f1..;....\3K.N.C
0820: 58 CF 74 1B 0A B9 F4 BF 5D 71 D9 18 30 AF 66 B7 X.t.....]q..0.f.
0830: D8 8A 43 0F 0C 6A 12 D2 8A 3Q 0D 87 15 77 70 D0 ..C..j.......wp.
0840: AC D6 89 11 43 27 56 3Q 02 E0 11 43 FF EF 1A DC ....C'V[...C....
0850: 62 F5 8E 0F E5 76 FD D9 13 03 40 47 C3 79 B0 B9 [email protected]..
0860: 3B 7C EA 2F 94 93 CD 35 D3 D4 35 7E 5C 3Q 01 41 ;../...5..5.\[.A
0870: BB 59 8F 85 A4 04 61 09 C8 13 4A 54 FB 66 CE 2D .Y....a...JT.f.-
0880: 2C 55 F7 E6 58 EF 06 30 1D 49 78 FE 89 WQ 01 12 ,U..X..0.Ix.....
0890: 40 CA EA 9A 3Q 02 98 21 83 92 09 09 9A 33 4C C7 @...[..!.....3L.
08A0: FC 83 9A 74 FB 79 3Q CD 4C 09 66 0F B5 3E D5 BB ...t.y..L.f..>..
08B0: E5 6B 6D E4 9D EC 13 F8 5E D3 5A 88 1E 41 82 55 .km.....^.Z..A.U
08C0: F2 EC 54 1D 86 22 3F D8 7A CF 37 63 9F 96 D2 29 ..T.."?.z.7c...)
08D0: 97 86 CD 15 02 4D EF 9A 24 3E 42 FC 8D C7 32 3F .....M..$>B...2?
08E0: 0B 8A 0B 7D AC F4 8A A5 25 86 7C C2 76 EC 36 10 ........%...v.6.
08F0: A5 0B 65 F4 4C 8B 25 2A CE EF 44 8A E8 7D 26 CD ..e.L.%*..D...&.
0900: 45 01 4C 4A 21 D0 FF 87 4F 6E E9 72 3A AE E5 80 E.LJ!...On.r:...
0910: 3F B3 67 87 AE BE D5 BA 44 21 21 82 CF 71 AF 1E ?.g.....D!!..q..
0920: AD B3 CF A7 A2 7E 47 F7 A5 E1 4D 8B F3 3B FB 2B ......G...M..;.+
0930: 3A 54 94 :T.
[Raw read]: length = 5
0000: 16 03 03 01 4D ....M
[Raw read]: length = 333
0000: 0C 00 01 49 03 00 17 41 04 66 25 28 E5 37 1F BA ...I...A.f%(.7..
0010: 78 55 A6 BE A1 B3 C0 60 12 50 27 7D 8A 32 64 96 xU.....`.P'..2d.
0020: 29 AB 29 C3 C0 92 D8 00 84 71 4E 53 54 FA EE 82 ).)......qNST...
0030: C1 75 B8 BD F5 0F 74 8A 58 5F CE D2 40 C8 A0 0C .u....t.X_..@...
0040: 4D 52 44 8F 1C 97 0F 76 E5 04 01 01 00 64 44 AB MRD....v.....dD.
0050: 8B 4B 5D F1 E8 45 5C 9D E0 C5 B1 1C 59 AB B8 A2 .K]..E\.....Y...
0060: 2E B5 B2 44 08 3A 43 8A A0 10 75 86 ED 1E 0D 95 ...D.:C...u.....
0070: 91 63 65 A0 A8 8B 9A 56 EE F7 96 06 89 02 F0 30 .ce....V.......0
0080: CB A4 C6 16 B5 1B AA D6 C8 7E A2 10 45 09 3C 0D ............E.<.
0090: 01 86 83 55 C5 2B 3E F9 04 79 30 96 17 95 07 8C ...U.+>..y0.....
00A0: E4 A5 AE 7F 9E 07 23 49 E7 AF 6C D5 5F 68 4C 6A ......#I..l._hLj
00B0: F0 0B 92 D2 05 9C 58 30 3F 6A B4 5E AA 19 6F F1 ......X0?j.^..o.
00C0: 1F CF BD 34 38 18 FD 72 66 E8 CF 30 3F 46 B2 5C ...48..rf..0?F.\
00D0: 86 E3 E6 1F 34 59 F7 52 21 3Q B7 98 04 27 66 5E ....4Y.R![...'f^
00E0: D4 17 EF 9E 1B B2 D8 D8 15 WQ 97 D9 07 7C A5 48 ...............H
00F0: 16 17 6B 58 E4 E8 DE 7A 07 AF 68 81 41 37 WQ 51 ..kX...z..h.A7.Q
0100: 14 F4 21 99 07 FB E8 77 E0 AF 49 3D 4C CE 3A 09 ..!....w..I=L.:.
0110: 7F 85 F1 C1 FD A9 15 5E 09 9A 9E BA E6 EB 5C E2 .......^......\.
0120: 6A 28 3F E2 42 EE FA 09 FC D3 3D F6 F7 E0 D6 D8 j(?.B.....=.....
0130: 70 FF 8A 57 C7 D8 4E 59 6B 1C 45 F4 A4 F1 02 3B p..W..NYk.E....;
0140: 04 21 01 A3 DF 9E BA 1C 03 94 F3 7C 07 .!...........
AsyncHttpClient-7-1, READ: TLSv1.2 Handshake, length = 333
check handshake state: server_key_exchange[12]
update handshake state: server_key_exchange[12]
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ECDH ServerKeyExchange
Signature Algorithm SHA256withRSA
Server key: Sun EC public key, 256 bits
public x coord: 46201566146376858582240146650294352567629789770669068454035747656672669597828
public y coord: 51249741096970310075954050598340123464281661912250227629259474494345689659109
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
[read] MD5 and SHA1 hashes: len = 333
0000: 0C 00 01 49 03 00 17 41 04 66 25 28 E5 37 1F BA ...I...A.f%(.7..
0010: 78 55 A6 BE A1 B3 C0 60 12 50 27 7D 8A 32 64 96 xU.....`.P'..2d.
0020: 29 AB 29 C3 C0 92 D8 00 84 71 4E 53 54 FA EE 82 ).)......qNST...
0030: C1 75 B8 BD F5 0F 74 8A 58 5F CE D2 40 C8 A0 0C .u....t.X_..@...
0040: 4D 52 44 8F 1C 97 0F 76 E5 04 01 01 00 64 44 AB MRD....v.....dD.
0050: 8B 4B 5D F1 E8 45 5C 9D E0 C5 B1 1C 59 AB B8 A2 .K]..E\.....Y...
0060: 2E B5 B2 44 08 3A 43 8A A0 10 75 86 ED 1E 0D 95 ...D.:C...u.....
0070: 91 63 65 A0 A8 8B 9A 56 EE F7 96 06 89 02 F0 30 .ce....V.......0
0080: CB A4 C6 16 B5 1B AA D6 C8 7E A2 10 45 09 3C 0D ............E.<.
0090: 01 86 83 55 C5 2B 3E F9 04 79 30 96 17 95 07 8C ...U.+>..y0.....
00A0: E4 A5 AE 7F 9E 07 23 49 E7 AF 6C D5 5F 68 4C 6A ......#I..l._hLj
00B0: F0 0B 92 D2 05 9C 58 30 3F 6A B4 5E AA 19 6F F1 ......X0?j.^..o.
00C0: 1F CF BD 34 38 18 FD 72 66 E8 CF 30 3F 46 B2 5C ...48..rf..0?F.\
00D0: 86 E3 E6 1F 34 59 F7 52 21 3Q B7 98 04 27 66 5E ....4Y.R![...'f^
00E0: D4 17 EF 9E 1B B2 D8 D8 15 WQ 97 D9 07 7C A5 48 ...............H
00F0: 16 17 6B 58 E4 E8 DE 7A 07 AF 68 81 41 37 WQ 51 ..kX...z..h.A7.Q
0100: 14 F4 21 99 07 FB E8 77 E0 AF 49 3D 4C CE 3A 09 ..!....w..I=L.:.
0110: 7F 85 F1 C1 FD A9 15 5E 09 9A 9E BA E6 EB 5C E2 .......^......\.
0120: 6A 28 3F E2 42 EE FA 09 FC D3 3D F6 F7 E0 D6 D8 j(?.B.....=.....
0130: 70 FF 8A 57 C7 D8 4E 59 6B 1C 45 F4 A4 F1 02 3B p..W..NYk.E....;
0140: 04 21 01 A3 DF 9E BA 1C 03 94 F3 7C 07 .!...........
[Raw read]: length = 5
0000: 16 03 03 00 46 ....F
[Raw read]: length = 70
0000: 0D 00 00 42 03 01 02 40 00 18 04 01 04 02 04 03 ...B...@........
0010: 05 01 05 02 05 03 06 01 06 02 06 03 02 01 02 02 ................
0020: 02 03 00 22 00 20 30 1E 31 1C 30 1A 06 03 55 04 ...". 0.1.0...U.
0030: 03 0C 13 6D 33 5F 65 78 74 65 72 6E 61 6C 5F 63 ...m3_external_c
0040: 61 5F 74 65 73 74 a_test
AsyncHttpClient-7-1, READ: TLSv1.2 Handshake, length = 70
check handshake state: unknown[13]
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA256withRSA, SHA256withDSA, SHA256withECDSA, SHA384withRSA, Unknown (hash:0x5, signature:0x2), SHA384withECDSA, SHA512withRSA, Unknown (hash:0x6, signature:0x2), SHA512withECDSA, SHA1withRSA, SHA1withDSA, SHA1withECDSA
Cert Authorities:
<CN=xxxxxxx_ca_test>
update handshake state: unknown[13]
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
[read] MD5 and SHA1 hashes: len = 70
0000: 0D 00 00 42 03 01 02 40 00 18 04 01 04 02 04 03 ...B...@........
0010: 05 01 05 02 05 03 06 01 06 02 06 03 02 01 02 02 ................
0020: 02 03 00 22 00 20 30 1E 31 1C 30 1A 06 03 55 04 ...". 0.1.0...U.
0030: 03 0C 13 6D 33 5F 65 78 74 65 72 6E 61 6C 5F 63 ...m3_external_c
0040: 61 5F 74 65 73 74 a_test
[Raw read]: length = 5
0000: 16 03 03 00 04 .....
[Raw read]: length = 4
0000: 3Q 00 00 00 ....
AsyncHttpClient-7-1, READ: TLSv1.2 Handshake, length = 4
check handshake state: server_hello_done[14]
update handshake state: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 3Q 00 00 00 ....
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
update handshake state: certificate[11]
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ECDHClientKeyExchange
ECDH Public value: { 4, 74, 112, 130, 185, 157, 4, 107, 95, 85, 78, 56, 181, 78, 83, 195, 33, 201, 232, 52, 204, 193, 169, 103, 195, 179, 90, 150, 141, 150, 171, 68, 49, 69, 90, 88, 161, 250, 43, 179, 246, 106, 61, 161, 180, 193, 175, 102, 222, 25, 194, 191, 32, 81, 157, 131, 97, 153, 168, 141, 213, 90, 187, 218, 127 }
update handshake state: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
[write] MD5 and SHA1 hashes: len = 77
0000: 0B 00 00 03 00 00 00 10 00 00 42 41 04 4A 70 82 ..........BA.Jp.
0010: B9 9D 04 6B 5F 55 4E 38 B5 4E 53 C3 21 C9 E8 34 ...k_UN8.NS.!..4
0020: CC C1 A9 67 C3 B3 5A 96 8D 96 AB 44 31 45 5A 58 ...g..Z....D1EZX
0030: A1 FA 2B B3 F6 6A 3D A1 B4 C1 AF 66 DE 19 C2 BF ..+..j=....f....
0040: 20 51 9D 83 61 99 A8 8D D5 5A BB DA 7F Q..a....Z...
AsyncHttpClient-7-1, WRITE: TLSv1.2 Handshake, length = 77
SESSION KEYGEN:
PreMaster Secret:
0000: 86 E3 67 A7 1C E0 E9 C0 E0 95 4B BF 8F 60 BB 67 ..g.......K..`.g
0010: E2 EE 8E 7A A2 82 E9 DE CE 59 19 5C 74 4F 6A 4F ...z.....Y.\tOjO
CONNECTION KEYGEN:
Client Nonce:
0000: 5C 77 75 A4 7B 82 14 3Q 64 5D 52 4B 68 BD A8 86 \wu....[d]RKh...
0010: 32 2A 11 84 43 20 3C E0 4D 97 81 F5 15 81 AF 95 2*..C <.M.......
Server Nonce:
0000: ED CE 8E 53 WQ 7A C5 91 57 15 1B A3 99 59 A3 98 ...S.z..W....Y..
0010: 9D 19 BC 6A DC 5E 10 E7 CF 02 24 27 56 7A 02 C0 ...j.^....$'Vz..
Master Secret:
0000: B2 74 F1 7C 05 EF 30 27 76 55 93 D6 9D 46 A8 D5 .t....0'vU...F..
0010: AC CB 57 05 39 E0 71 64 33 45 AE 7B C4 D3 3Q 8C ..W.9.qd3E....[.
0020: C1 D8 18 63 4E 1B 98 5A AF 76 8C 5F 84 84 9D A9 ...cN..Z.v._....
... no MAC keys used for this cipher
Client write key:
0000: 47 A0 FC 75 09 7B B1 97 02 43 6B 2E 60 38 D6 38 G..u.....Ck.`8.8
Server write key:
0000: C7 55 0C 1C 6D 14 3D A4 C6 2C F6 EC 2B D7 C8 BE .U..m.=..,..+...
Client write IV:
0000: 3E 02 DC 63 >..c
Server write IV:
0000: 41 68 B3 EE Ah..
update handshake state: change_cipher_spec
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
AsyncHttpClient-7-1, WRITE: TLSv1.2 Change Cipher Spec, length = 1
*** Finished
verify_data: { 246, 32, 244, 41, 155, 25, 109, 169, 59, 112, 139, 117 }
***
update handshake state: finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
[write] MD5 and SHA1 hashes: len = 16
0000: 14 00 00 0C F6 20 F4 29 9B 19 6D A9 3B 70 8B 75 ..... .)..m.;p.u
Padded plaintext before ENCRYPTION: len = 16
0000: 14 00 00 0C F6 20 F4 29 9B 19 6D A9 3B 70 8B 75 ..... .)..m.;p.u
AsyncHttpClient-7-1, WRITE: TLSv1.2 Handshake, length = 40
[Raw write]: length = 82
0000: 16 03 03 00 4D 0B 00 00 03 00 00 00 10 00 00 42 ....M..........B
0010: 41 04 4A 70 82 B9 9D 04 6B 5F 55 4E 38 B5 4E 53 A.Jp....k_UN8.NS
0020: C3 21 C9 E8 34 CC C1 A9 67 C3 B3 5A 96 8D 96 AB .!..4...g..Z....
0030: 44 31 45 5A 58 A1 FA 2B B3 F6 6A 3D A1 B4 C1 AF D1EZX..+..j=....
0040: 66 DE 19 C2 BF 20 51 9D 83 61 99 A8 8D D5 5A BB f.... Q..a....Z.
0050: DA 7F ..
[Raw write]: length = 6
0000: 14 03 03 00 01 01 ......
[Raw write]: length = 45
0000: 16 03 03 00 28 00 00 00 00 00 00 00 00 BC D8 99 ....(...........
0010: 1F D9 3F D0 35 A8 29 D3 92 12 D2 27 A5 B7 69 12 ..?.5.)....'..i.
0020: C5 01 67 41 51 1D B1 BE 6A A1 89 ED B9 ..gAQ...j....
[Raw read]: length = 5
0000: 15 03 03 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
AsyncHttpClient-7-1, READ: TLSv1.2 Alert, length = 2
AsyncHttpClient-7-1, RECV TLSv1.2 ALERT: fatal, handshake_failure
AsyncHttpClient-7-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
AsyncHttpClient-7-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
AsyncHttpClient-7-1, called closeOutbound()
AsyncHttpClient-7-1, closeOutboundInternal()
AsyncHttpClient-7-1, SEND TLSv1.2 ALERT: warning, description = close_notify
Padded plaintext before ENCRYPTION: len = 2
0000: 01 00 ..
AsyncHttpClient-7-1, WRITE: TLSv1.2 Alert, length = 26
[Raw write]: length = 31
0000: 15 03 03 00 1A 00 00 00 00 00 00 00 01 F8 29 EA ..............).
0010: BA 64 08 0D F1 17 1A A1 AF D1 02 F8 73 A0 C0 .d..........s..
[error] application -
! @7b3mbdo4a - Internal server error, for (GET) [/10.X.X.X/8080/testcase/xxx] ->
play.api.http.HttpErrorHandlerExceptions$$anon$1: Execution exception[[ConnectException: Received fatal alert: handshake_failure]]
at play.api.http.HttpErrorHandlerExceptions$.throwableToUsefulException(HttpErrorHandler.scala:323)
at play.api.http.DefaultHttpErrorHandler.onServerError(HttpErrorHandler.scala:243)
at play.core.server.AkkaHttpServer$$anonfun$1.applyOrElse(AkkaHttpServer.scala:382)
at play.core.server.AkkaHttpServer$$anonfun$1.applyOrElse(AkkaHttpServer.scala:380)
at scala.concurrent.Future.$anonfun$recoverWith$1(Future.scala:417)
at scala.concurrent.impl.Promise.$anonfun$transformWith$1(Promise.scala:41)
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:64)
at akka.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:55)
at akka.dispatch.BatchingExecutor$BlockableBatch.$anonfun$run$1(BatchingExecutor.scala:91)
at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
Caused by: java.net.ConnectException: Received fatal alert: handshake_failure
at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:179)
at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener$1.onFailure(NettyConnectListener.java:151)
at play.shaded.ahc.org.asynchttpclient.netty.SimpleFutureListener.operationComplete(SimpleFutureListener.java:26)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:511)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners0(DefaultPromise.java:504)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:483)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:424)
at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.tryFailure(DefaultPromise.java:121)
at play.shaded.ahc.io.netty.handler.ssl.SslHandler.handleUnwrapThrowable(SslHandler.java:1223)
at play.shaded.ahc.io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1205)
Caused by: javax.net.ssl.SSLException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:219)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1647)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1615)
at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1781)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1070)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:896)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:766)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at play.shaded.ahc.io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:294)
at play.shaded.ahc.io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1297)
AsyncHttpClient-7-1, called closeOutbound()
AsyncHttpClient-7-1, closeOutboundInternal()
AsyncHttpClient-7-1, called closeInbound()
AsyncHttpClient-7-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
AsyncHttpClient-7-1, called closeOutbound()
AsyncHttpClient-7-1, closeOutboundInternal()
[Raw read]: length = 5
0000: 15 03 03 00 02 .....
[Raw read]: length = 2
0000: 02 28 .(
AsyncHttpClient-7-1, READ: TLSv1.2 Alert, length = 2
AsyncHttpClient-7-1, RECV TLSv1.2 ALERT: fatal, handshake_failure
AsyncHttpClient-7-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
AsyncHttpClient-7-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Received fatal alert: handshake_failure
AsyncHttpClient-7-1, called closeOutbound()
AsyncHttpClient-7-1, closeOutboundInternal()
AsyncHttpClient-7-1, called closeInbound()
AsyncHttpClient-7-1, closeInboundInternal()
AsyncHttpClient-7-1, closeOutboundInternal()
when running ./play run, following error message shows:
Error opening zip file or JAR manifest missing : /Users/twer/source/scala/play-scala-tls-example/target/universal/stage/jetty-alpn-agent/jetty-alpn-agent-2.0.6.jar
should I download the jar and put it to the specified place by myself? or do I missed some step?
The current self-signed certificates expired on 14 August 2017.
The certificate is not trusted because the issuer certificate is unknown. The server
might not be sending the appropriate intermediate certificates. An additional root
certificate may need to be imported. The certificate expired on 14 August 2017,
00:37:51 GMT+2. The current time is 22 November 2018, 20:59. Error code:
SEC_ERROR_UNKNOWN_ISSUER
We should re-generated them.
Followed the readme, but results in NET::ERR_CERT_INVALID as of origin/2.5.x commit id: 7a308ba
Hi.
i'm new to play. Can someone hint me to how to get sslsession information inside a controller's action?
I want to map the client's cert to a role and authorize actions..
Thanks.
Update: Think, I'm looking for something like this: http://spray.io/documentation/1.1-SNAPSHOT/api/index.html#spray.util.SSLSessionInfo
This seems to be a way:
https://github.com/bblfish/play20/tree/TLS#tls-differences
I can run this locally but I am getting this error when deploying (with Docker on OpenShift):
ย | java.lang.NoSuchFieldError: state
ย | at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:218)
ย | at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
ย | at sun.security.ssl.Handshaker$1.run(Handshaker.java:970)
ย | at sun.security.ssl.Handshaker$1.run(Handshaker.java:967)
ย | at java.security.AccessController.doPrivileged(Native Method)
ย | at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1459)
ย | at akka.stream.impl.io.TLSActor.runDelegatedTasks(TLSActor.scala:404)
ย | at akka.stream.impl.io.TLSActor.doUnwrap(TLSActor.scala:373)
ย | at akka.stream.impl.io.TLSActor.doInbound(TLSActor.scala:292)
ย | at akka.stream.impl.io.TLSActor.$anonfun$bidirectional$1(TLSActor.scala:227)
ย | at akka.stream.impl.Pump.pump(Transfer.scala:201)
ย | at akka.stream.impl.Pump.pump$(Transfer.scala:199)
ย | at akka.stream.impl.io.TLSActor.pump(TLSActor.scala:50)
ย | at akka.stream.impl.SimpleOutputs$$anonfun$downstreamRunning$1.applyOrElse(ActorProcessor.scala:239)
ย | at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:38)
ย | at akka.stream.impl.SubReceive.apply(Transfer.scala:18)
ย | at akka.stream.impl.FanOut$OutputBunch$$anonfun$subreceive$1.applyOrElse(FanOut.scala:231)
ย | at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:38)
ย | at akka.stream.impl.SubReceive.apply(Transfer.scala:18)
ย | at akka.stream.impl.SubReceive.apply(Transfer.scala:14)
ย | at scala.PartialFunction.applyOrElse(PartialFunction.scala:127)
ย | at scala.PartialFunction.applyOrElse$(PartialFunction.scala:126)
ย | at akka.stream.impl.SubReceive.applyOrElse(Transfer.scala:14)
ย | at scala.PartialFunction$OrElse.applyOrElse(PartialFunction.scala:176)
ย | at akka.actor.Actor.aroundReceive(Actor.scala:517)
ย | at akka.actor.Actor.aroundReceive$(Actor.scala:515)
ย | at akka.stream.impl.io.TLSActor.aroundReceive(TLSActor.scala:50)
ย | at akka.actor.ActorCell.receiveMessage(ActorCell.scala:588)
ย | at akka.actor.ActorCell.invoke(ActorCell.scala:557)
ย | at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:258)
ย | at akka.dispatch.Mailbox.run(Mailbox.scala:225)
ย | at akka.dispatch.Mailbox.exec(Mailbox.scala:235)
ย | at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
ย | at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
ย | at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
ย | at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
Instead of defining a bash script over sbt, why not use .jvmopts?
Hi,
I have followed the steps in the github readme.md doc, when I run ./play run after generating certificates. I'm getting the following. I belive it is something todo with jdk. Could you please elabore little bit more details
`
[azureuser@GAVEL3-CLUSTER03 play-scala-tls-example]$ ./play run
[jetty-alpn-agent] Using: alpn-boot-8.1.11.v20170118.jar
[info] Loading settings from plugins.sbt ...
[info] Loading project definition from /home/azureuser/.sbt/1.0/staging/27667c294a34329f651e/play-scala-tls-example/project
[info] Loading settings from build.sbt ...
[info] Loading settings from build.sbt ...
[info] Loading settings from build.sbt ...
[info] Set current project to play-tls-example (in build file:/opt/gavel/siva/soc_work/play-scala-tls-example/)
--- (Running the application, auto-reloading is enabled) ---
[info] p.a.h.EnabledFilters - Enabled Filters (see https://www.playframework.com/documentation/latest/Filters):
play.filters.csrf.CSRFFilter
play.filters.headers.SecurityHeadersFilter
play.filters.hosts.AllowedHostsFilter
[info] play.api.Play - Application started (Dev)
[info] p.c.s.AkkaHttpServer - Enabling HTTP/2 on Akka HTTP server...
[info] p.c.s.AkkaHttpServer - Listening for HTTPS on /0:0:0:0:0:0:0:0:9443
(Server started, use Enter to stop and go back to the console...)
[jetty-alpn-agent] Replacing: sun/security/ssl/ServerHandshaker
[jetty-alpn-agent] Replacing: sun/security/ssl/ClientHandshaker
[jetty-alpn-agent] Replacing: sun/security/ssl/HelloExtensions
[jetty-alpn-agent] Replacing: sun/security/ssl/ExtensionType
Uncaught error from thread [play-dev-mode-akka.actor.default-dispatcher-2]: sun/security/ssl/SupportedEllipticPointFormatsExtension, shutting down JVM since 'akka.jvm-exit-on-fatal-error' is enabled for for ActorSystem[play-dev-mode]
java.lang.NoClassDefFoundError: sun/security/ssl/SupportedEllipticPointFormatsExtension
at sun.security.ssl.HelloExtensions.(HelloExtensions.java:84)
at sun.security.ssl.HandshakeMessage$ClientHello.(HandshakeMessage.java:245)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:224)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:992)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:989)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1467)
at akka.stream.impl.io.TLSActor.runDelegatedTasks(TLSActor.scala:403)
at akka.stream.impl.io.TLSActor.doUnwrap(TLSActor.scala:372)
at akka.stream.impl.io.TLSActor.doInbound(TLSActor.scala:291)
at akka.stream.impl.io.TLSActor.$anonfun$bidirectional$1(TLSActor.scala:226)
at akka.stream.impl.Pump.pump(Transfer.scala:200)
at akka.stream.impl.Pump.pump$(Transfer.scala:198)
at akka.stream.impl.io.TLSActor.pump(TLSActor.scala:49)
at akka.stream.impl.SimpleOutputs$$anonfun$downstreamRunning$1.applyOrElse(ActorProcessor.scala:238)
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:34)
at akka.stream.impl.SubReceive.apply(Transfer.scala:17)
at akka.stream.impl.FanOut$OutputBunch$$anonfun$subreceive$1.applyOrElse(FanOut.scala:230)
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:34)
at akka.stream.impl.SubReceive.apply(Transfer.scala:17)
at akka.stream.impl.SubReceive.apply(Transfer.scala:13)
at scala.PartialFunction.applyOrElse(PartialFunction.scala:123)
at scala.PartialFunction.applyOrElse$(PartialFunction.scala:122)
at akka.stream.impl.SubReceive.applyOrElse(Transfer.scala:13)
at scala.PartialFunction$OrElse.applyOrElse(PartialFunction.scala:172)
at akka.actor.Actor.aroundReceive(Actor.scala:517)
at akka.actor.Actor.aroundReceive$(Actor.scala:515)
at akka.stream.impl.io.TLSActor.aroundReceive(TLSActor.scala:49)
at akka.actor.ActorCell.receiveMessage(ActorCell.scala:527)
at akka.actor.ActorCell.invoke(ActorCell.scala:496)
at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:257)
at akka.dispatch.Mailbox.run(Mailbox.scala:224)
at akka.dispatch.Mailbox.exec(Mailbox.scala:234)
at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
[ERROR] [SECURITY][07/18/2018 16:36:53.930] [play-dev-mode-akka.actor.default-dispatcher-2] [akka.actor.ActorSystemImpl(play-dev-mode)] Uncaught error from thread [play-dev-mode-akka.actor.default-dispatcher-2]: sun/security/ssl/SupportedEllipticPointFormatsExtension, shutting down JVM since 'akka.jvm-exit-on-fatal-error' is enabled for ActorSystem[play-dev-mode]
java.lang.NoClassDefFoundError: sun/security/ssl/SupportedEllipticPointFormatsExtension
at sun.security.ssl.HelloExtensions.(HelloExtensions.java:84)
at sun.security.ssl.HandshakeMessage$ClientHello.(HandshakeMessage.java:245)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:224)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:992)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:989)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1467)
at akka.stream.impl.io.TLSActor.runDelegatedTasks(TLSActor.scala:403)
at akka.stream.impl.io.TLSActor.doUnwrap(TLSActor.scala:372)
at akka.stream.impl.io.TLSActor.doInbound(TLSActor.scala:291)
at akka.stream.impl.io.TLSActor.$anonfun$bidirectional$1(TLSActor.scala:226)
at akka.stream.impl.Pump.pump(Transfer.scala:200)
at akka.stream.impl.Pump.pump$(Transfer.scala:198)
at akka.stream.impl.io.TLSActor.pump(TLSActor.scala:49)
at akka.stream.impl.SimpleOutputs$$anonfun$downstreamRunning$1.applyOrElse(ActorProcessor.scala:238)
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:34)
at akka.stream.impl.SubReceive.apply(Transfer.scala:17)
at akka.stream.impl.FanOut$OutputBunch$$anonfun$subreceive$1.applyOrElse(FanOut.scala:230)
at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:34)
at akka.stream.impl.SubReceive.apply(Transfer.scala:17)
at akka.stream.impl.SubReceive.apply(Transfer.scala:13)
at scala.PartialFunction.applyOrElse(PartialFunction.scala:123)
at scala.PartialFunction.applyOrElse$(PartialFunction.scala:122)
at akka.stream.impl.SubReceive.applyOrElse(Transfer.scala:13)
at scala.PartialFunction$OrElse.applyOrElse(PartialFunction.scala:172)
at akka.actor.Actor.aroundReceive(Actor.scala:517)
at akka.actor.Actor.aroundReceive$(Actor.scala:515)
at akka.stream.impl.io.TLSActor.aroundReceive(TLSActor.scala:49)
at akka.actor.ActorCell.receiveMessage(ActorCell.scala:527)
at akka.actor.ActorCell.invoke(ActorCell.scala:496)
at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:257)
at akka.dispatch.Mailbox.run(Mailbox.scala:224)
at akka.dispatch.Mailbox.exec(Mailbox.scala:234)
at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
`
When I run this example on Amazon Linux, I get the following errors.
How can I fix this issue?
This works on my local machine. Is this Java configuration issue?
Here is my code:
https://github.com/ogis-onishi/activator-play-tls-example
And the details of my questions is as follows.
http://stackoverflow.com/questions/35598266/play-scala-err-ssl-version-or-cipher-mismatch
A zip archive produces by executing "activator dist" does not contain the certificates produced by the scripts. So, the certificates should be in /certs. unless, you have to add the certificates after unzip the zip archive.
After launching the Play server successfully I get the following error when I run the Main program. Has anybody come across anything similar?
[info] [error] application - failure = java.net.ConnectException: General SSLEngine problem
[info] java.net.ConnectException: General SSLEngine problem
[info] at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:168)
[info] at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener$1.onFailure(NettyConnectListener.java:139)
[info] at play.shaded.ahc.org.asynchttpclient.netty.SimpleFutureListener.operationComplete(SimpleFutureListener.java:26)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:507)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners0(DefaultPromise.java:500)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:479)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:420)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.tryFailure(DefaultPromise.java:122)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.notifyHandshakeFailure(SslHandler.java:1443)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.setHandshakeFailure(SslHandler.java:1435)
[info] Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
[info] at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1478)
[info] at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:535)
[info] at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:813)
[info] at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
[info] at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:272)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1175)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1087)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1122)
[info] at play.shaded.ahc.io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:491)
[info] Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
[info] at sun.security.ssl.Alerts.getSSLException(Alerts.java:203)
[info] at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1728)
[info] at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:304)
[info] at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
[info] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1595)
[info] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:220)
[info] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
[info] at sun.security.ssl.Handshaker$1.run(Handshaker.java:966)
[info] at sun.security.ssl.Handshaker$1.run(Handshaker.java:963)
[info] at java.security.AccessController.doPrivileged(Native Method)
[info] Caused by: com.typesafe.sslconfig.ssl.CompositeCertificateException: No trust manager was able to validate this certificate chain: # of exceptions = 1
[info] at com.typesafe.sslconfig.ssl.CompositeX509TrustManager.checkServerTrusted(CompositeX509TrustManager.scala:90)
[info] at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:999)
[info] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1582)
[info] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:220)
[info] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
[info] at sun.security.ssl.Handshaker$1.run(Handshaker.java:966)
[info] at sun.security.ssl.Handshaker$1.run(Handshaker.java:963)
[info] at java.security.AccessController.doPrivileged(Native Method)
[info] at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1416)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1324)
[info] AsyncHttpClient-2-1, called closeOutbound()
[info] AsyncHttpClient-2-1, closeOutboundInternal()
Obviously, looking at the truststore, there's an entry for exampleca which signed the one.example.com certificate:
user$ keytool -list -keystore scripts/exampletrust.jks -storepass changeit
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
exampleca, 15-May-2017, trustedCertEntry,
Certificate fingerprint (SHA1): 44:C6:5E:7F:7B:44:54:E8:6E:8A:FE:4F:8C:06:1E:EE:D6:73:50:05
Two immediate thoughts that sprang to mind from looking at the full log are:
1 - Is it picking the right trustStore
[info] trustStore is: /Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/security/cacerts
2 - Why is the keyStore blank:
[info] keyStore is :
[info] keyStore type is : jks
[info] keyStore provider is :
Here's the full log:
[info] Running (fork) Main
[error] objc[4583]: Class JavaLaunchHelper is implemented in both /Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/bin/java and /Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/libinstrument.dylib. One of the two will be used. Which one is undefined.
[error] [jetty-alpn-agent] Using: alpn-boot-8.1.11.v20170118.jar
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/Alerts
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/ClientHandshaker$1
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/ClientHandshaker$2
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/ClientHandshaker
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/ExtensionType
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/HelloExtensions
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/ServerHandshaker$1
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/ServerHandshaker$2
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/ServerHandshaker$3
[error] [jetty-alpn-agent] Replacing: sun/security/ssl/ServerHandshaker
[info] ***
[info] found key for : clientca
[info] chain [0] = [
[info] [
[info] Version: V3
[info] Subject: CN=clientca, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] Signature Algorithm: SHA256withECDSA, OID = 1.2.840.10045.4.3.2
[info] Key: Sun EC public key, 256 bits
[info] public x coord: 66600178323990434091429505456221986389956610527515094100876202907609767809207
[info] public y coord: 39981919656179605960563297807977898753095123904953444661304035192164170594721
[info] parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
[info] Validity: [From: Mon May 15 23:37:46 BST 2017,
[info] To: Tue May 15 23:37:46 BST 2018]
[info] Issuer: CN=clientca, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] SerialNumber: [ 4c30d94d]
[info] Certificate Extensions: 3
[info] [1]: ObjectId: 2.5.29.19 Criticality=true
[info] BasicConstraints:[
[info] CA:true
[info] PathLen:2147483647
[info] ]
[info] [2]: ObjectId: 2.5.29.15 Criticality=true
[info] KeyUsage [
[info] Key_CertSign
[info] ]
[info] [3]: ObjectId: 2.5.29.14 Criticality=false
[info] SubjectKeyIdentifier [
[info] KeyIdentifier [
[info] 0000: E1 C2 6B C1 29 64 69 59 8A 0D 2A AF 35 56 56 CA ..k.)diY..*.5VV.
[info] 0010: 42 C5 E2 9A B...
[info] ]
[info] ]
[info] ]
[info] Algorithm: [SHA256withECDSA]
[info] Signature:
[info] 0000: 30 46 02 21 00 98 68 ED 3F 89 3A DD 84 36 1E D6 0F.!..h.?.:..6..
[info] 0010: EA D9 3C 44 03 C1 BC DC CE 97 6F A8 0F 42 E5 FB ..<D......o..B..
[info] 0020: 3B DC BC 41 56 02 21 00 A5 0C B0 90 1D 12 A3 2E ;..AV.!.........
[info] 0030: 31 C3 02 C3 83 32 C2 00 4C C9 7B A3 57 CE AC BF 1....2..L...W...
[info] 0040: 9C 42 55 02 51 3B 08 12 .BU.Q;..
[info] ]
[info] ***
[info] ***
[info] found key for : client
[info] chain [0] = [
[info] [
[info] Version: V3
[info] Subject: CN=client, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] Signature Algorithm: SHA256withECDSA, OID = 1.2.840.10045.4.3.2
[info] Key: Sun EC public key, 256 bits
[info] public x coord: 44297222968117830209847875843052182103557829000758561201210962586561851588096
[info] public y coord: 614210147463812705960737657537591654641232092754041828112551229763588328757
[info] parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
[info] Validity: [From: Mon May 15 23:37:47 BST 2017,
[info] To: Sun Aug 13 23:37:47 BST 2017]
[info] Issuer: CN=clientca, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] SerialNumber: [ 56a6dc40]
[info] Certificate Extensions: 3
[info] [1]: ObjectId: 2.5.29.35 Criticality=false
[info] AuthorityKeyIdentifier [
[info] KeyIdentifier [
[info] 0000: E1 C2 6B C1 29 64 69 59 8A 0D 2A AF 35 56 56 CA ..k.)diY..*.5VV.
[info] 0010: 42 C5 E2 9A B...
[info] ]
[info] ]
[info] [2]: ObjectId: 2.5.29.37 Criticality=false
[info] ExtendedKeyUsages [
[info] clientAuth
[info] ]
[info] [3]: ObjectId: 2.5.29.14 Criticality=false
[info] SubjectKeyIdentifier [
[info] KeyIdentifier [
[info] 0000: EE 03 E0 22 00 43 43 F3 23 C1 7B BB 9F 43 87 CB ...".CC.#....C..
[info] 0010: 2F FC 3B 5A /.;Z
[info] ]
[info] ]
[info] ]
[info] Algorithm: [SHA256withECDSA]
[info] Signature:
[info] 0000: 30 44 02 20 1D 3A FF 42 5D 09 A5 15 79 3B 96 F5 0D. .:.B]...y;..
[info] 0010: 9A 75 46 51 12 96 17 A0 62 3D 5A FF B4 7F 6C 68 .uFQ....b=Z...lh
[info] 0020: B0 D0 68 3A 02 20 06 BB 45 8D 4D 42 FF E5 B3 7A ..h:. ..E.MB...z
[info] 0030: 65 64 AB 76 5D EA 21 83 AA ED A7 62 1D 79 0C 2C ed.v].!....b.y.,
[info] 0040: 19 5F EE 9A FB 15 ._....
[info] ]
[info] chain [1] = [
[info] [
[info] Version: V3
[info] Subject: CN=clientca, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] Signature Algorithm: SHA256withECDSA, OID = 1.2.840.10045.4.3.2
[info] Key: Sun EC public key, 256 bits
[info] public x coord: 66600178323990434091429505456221986389956610527515094100876202907609767809207
[info] public y coord: 39981919656179605960563297807977898753095123904953444661304035192164170594721
[info] parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
[info] Validity: [From: Mon May 15 23:37:46 BST 2017,
[info] To: Tue May 15 23:37:46 BST 2018]
[info] Issuer: CN=clientca, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] SerialNumber: [ 4c30d94d]
[info] Certificate Extensions: 3
[info] [1]: ObjectId: 2.5.29.19 Criticality=true
[info] BasicConstraints:[
[info] CA:true
[info] PathLen:2147483647
[info] ]
[info] [2]: ObjectId: 2.5.29.15 Criticality=true
[info] KeyUsage [
[info] Key_CertSign
[info] ]
[info] [3]: ObjectId: 2.5.29.14 Criticality=false
[info] SubjectKeyIdentifier [
[info] KeyIdentifier [
[info] 0000: E1 C2 6B C1 29 64 69 59 8A 0D 2A AF 35 56 56 CA ..k.)diY..*.5VV.
[info] 0010: 42 C5 E2 9A B...
[info] ]
[info] ]
[info] ]
[info] Algorithm: [SHA256withECDSA]
[info] Signature:
[info] 0000: 30 46 02 21 00 98 68 ED 3F 89 3A DD 84 36 1E D6 0F.!..h.?.:..6..
[info] 0010: EA D9 3C 44 03 C1 BC DC CE 97 6F A8 0F 42 E5 FB ..<D......o..B..
[info] 0020: 3B DC BC 41 56 02 21 00 A5 0C B0 90 1D 12 A3 2E ;..AV.!.........
[info] 0030: 31 C3 02 C3 83 32 C2 00 4C C9 7B A3 57 CE AC BF 1....2..L...W...
[info] 0040: 9C 42 55 02 51 3B 08 12 .BU.Q;..
[info] ]
[info] ***
[info] adding as trusted cert:
[info] Subject: CN=exampleCA, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] Issuer: CN=exampleCA, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] Algorithm: EC; Serial number: 0x72e43aca
[info] Valid from Mon May 15 23:37:45 BST 2017 until Thu Sep 29 23:37:45 BST 2044
[info] trigger seeding of SecureRandom
[info] done seeding SecureRandom
[info] %% Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL]
[info] trustStore is: /Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre/lib/security/cacerts
[info] trustStore type is : jks
[info] trustStore provider is :
[info] init truststore
[info] adding as trusted cert:
[info] Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
[info] Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
[info] Algorithm: RSA; Serial number: 0xc3517
[info] Valid from Mon Jun 21 05:00:00 BST 1999 until Mon Jun 22 05:00:00 BST 2020
...
[info] adding as trusted cert:
[info] Subject: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
[info] Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
[info] Algorithm: RSA; Serial number: 0x33af1e6a711a9a0bb2864b11d09fae5
[info] Valid from Thu Aug 01 13:00:00 BST 2013 until Fri Jan 15 12:00:00 GMT 2038
[info] keyStore is :
[info] keyStore type is : jks
[info] keyStore provider is :
[info] init keystore
[info] init keymanager of type SunX509
[info] trigger seeding of SecureRandom
[info] done seeding SecureRandom
[info] Finalizer, called close()
[info] Finalizer, called closeInternal(true)
[info] Finalizer, called closeSocket(true)
[info] Finalizer, called close()
[info] Finalizer, called closeInternal(true)
[info] Finalizer, called closeSocket(true)
[info] Using SSLEngineImpl.
[info] Allow unsafe renegotiation: false
[info] Allow legacy hello messages: true
[info] Is initial handshake: true
[info] Is secure renegotiation: false
[info] Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
[info] Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
[info] Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
[info] Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
[info] Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
[info] Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
[info] Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1
[info] Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
[info] Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
[info] Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
[info] Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
[info] Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
[info] Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
[info] Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
[info] %% No cached client session
[info] *** ClientHello, TLSv1.2
[info] RandomCookie: GMT: 1515414972 bytes = { 81, 15, 60, 89, 54, 121, 181, 124, 183, 88, 151, 109, 199, 58, 248, 165, 145, 98, 108, 227, 30, 90, 20, 202, 58, 234, 52, 122 }
[info] Session ID: {}
[info] Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
[info] Compression Methods: { 0 }
[info] Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
[info] Extension ec_point_formats, formats: [uncompressed]
[info] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
[info] Extension server_name, server_name: [type=host_name (0), value=one.example.com]
[info] ***
[info] AsyncHttpClient-2-1, WRITE: TLSv1.2 Handshake, length = 233
[info] AsyncHttpClient-2-1, READ: TLSv1.2 Handshake, length = 1622
[info] *** ServerHello, TLSv1.2
[info] RandomCookie: GMT: 1515414972 bytes = { 186, 106, 87, 67, 31, 80, 32, 13, 202, 9, 201, 81, 13, 165, 86, 205, 24, 217, 0, 224, 27, 144, 51, 66, 150, 148, 31, 163 }
[info] Session ID: {90, 83, 102, 188, 152, 226, 92, 88, 104, 79, 209, 92, 200, 171, 228, 101, 78, 58, 232, 88, 170, 140, 217, 168, 125, 103, 10, 94, 248, 34, 140, 187}
[info] Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
[info] Compression Method: 0
[info] Extension renegotiation_info, renegotiated_connection: <empty>
[info] ***
[info] %% Initialized: [Session-1, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384]
[info] ** TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
[info] *** Certificate chain
[info] chain [0] = [
[info] [
[info] Version: V3
[info] Subject: CN=one.example.com, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] Signature Algorithm: SHA256withECDSA, OID = 1.2.840.10045.4.3.2
[info] Key: Sun EC public key, 256 bits
[info] public x coord: 12919396288456902233976640161237048815156576160429441835392270624795846096375
[info] public y coord: 70496434976171164818467039846707814600001883029644685617142760792536858883219
[info] parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
[info] Validity: [From: Mon May 15 23:37:50 BST 2017,
[info] To: Sun Aug 13 23:37:50 BST 2017]
[info] Issuer: CN=exampleCA, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] SerialNumber: [ 5443eefa]
[info] Certificate Extensions: 5
[info] [1]: ObjectId: 2.5.29.35 Criticality=false
[info] AuthorityKeyIdentifier [
[info] KeyIdentifier [
[info] 0000: 83 5A E2 CF 38 1F AF 00 EE A4 57 09 59 B5 49 21 .Z..8.....W.Y.I!
[info] 0010: 0A 02 5E 97 ..^.
[info] ]
[info] ]
[info] [2]: ObjectId: 2.5.29.37 Criticality=false
[info] ExtendedKeyUsages [
[info] serverAuth
[info] ]
[info] [3]: ObjectId: 2.5.29.15 Criticality=true
[info] KeyUsage [
[info] DigitalSignature
[info] Key_Encipherment
[info] ]
[info] [4]: ObjectId: 2.5.29.17 Criticality=false
[info] SubjectAlternativeName [
[info] DNSName: one.example.com
[info] ]
[info] [5]: ObjectId: 2.5.29.14 Criticality=false
[info] SubjectKeyIdentifier [
[info] KeyIdentifier [
[info] 0000: 4E D0 47 22 5F 3E E1 55 BD 17 9A CE C9 13 57 50 N.G"_>.U......WP
[info] 0010: 21 1F E7 21 !..!
[info] ]
[info] ]
[info] ]
[info] Algorithm: [SHA256withECDSA]
[info] Signature:
[info] 0000: 30 46 02 21 00 DE 22 5E 14 50 C5 3A 3D 5D F9 52 0F.!.."^.P.:=].R
[info] 0010: 43 F2 75 83 19 AE 8E 52 26 4E D0 A2 E9 36 0A 0D C.u....R&N...6..
[info] 0020: 7A 10 AE C9 4C 02 21 00 8C 79 48 1A DA D5 F0 C6 z...L.!..yH.....
[info] 0030: 63 33 6D 6E 8F F1 BC 4E 09 A0 90 DD 55 30 BB 60 c3mn...N....U0.`
[info] 0040: 17 DB 80 D6 9C E4 B1 08 ........
[info] ]
[info] chain [1] = [
[info] [
[info] Version: V3
[info] Subject: CN=exampleCA, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] Signature Algorithm: SHA256withECDSA, OID = 1.2.840.10045.4.3.2
[info] Key: Sun EC public key, 256 bits
[info] public x coord: 70310033362004550653036664969660851239303736980904864081454777492561020184864
[info] public y coord: 21370874994400014720222136767587995388263316900153759375793350058661508681688
[info] parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
[info] Validity: [From: Mon May 15 23:37:45 BST 2017,
[info] To: Thu Sep 29 23:37:45 BST 2044]
[info] Issuer: CN=exampleCA, OU=Example Org, O=Example Company, L=San Francisco, ST=California, C=US
[info] SerialNumber: [ 72e43aca]
[info] Certificate Extensions: 3
[info] [1]: ObjectId: 2.5.29.19 Criticality=true
[info] BasicConstraints:[
[info] CA:true
[info] PathLen:2147483647
[info] ]
[info] [2]: ObjectId: 2.5.29.15 Criticality=true
[info] KeyUsage [
[info] Key_CertSign
[info] ]
[info] [3]: ObjectId: 2.5.29.14 Criticality=false
[info] SubjectKeyIdentifier [
[info] KeyIdentifier [
[info] 0000: 83 5A E2 CF 38 1F AF 00 EE A4 57 09 59 B5 49 21 .Z..8.....W.Y.I!
[info] 0010: 0A 02 5E 97 ..^.
[info] ]
[info] ]
[info] ]
[info] Algorithm: [SHA256withECDSA]
[info] Signature:
[info] 0000: 30 44 02 20 1F 6B 09 8F DA 99 19 9D C1 51 EF 1C 0D. .k.......Q..
[info] 0010: 29 17 EB B1 D3 6F 39 0D 43 35 C6 44 1B 5F 18 7A )....o9.C5.D._.z
[info] 0020: E2 8A 5D 8A 02 20 36 46 0C 2F 7C 9C 24 22 94 6E ..].. 6F./..$".n
[info] 0030: 65 86 6D D0 61 DC 14 37 2D 56 E0 D9 85 BF DA 3B e.m.a..7-V.....;
[info] 0040: A4 34 5B 75 A6 95 .4[u..
[info] ]
[info] ***
[info] AsyncHttpClient-2-1, fatal error: 46: General SSLEngine problem
[info] com.typesafe.sslconfig.ssl.CompositeCertificateException: No trust manager was able to validate this certificate chain: # of exceptions = 1
[info] %% Invalidated: [Session-1, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384]
[info] AsyncHttpClient-2-1, SEND TLSv1.2 ALERT: fatal, description = certificate_unknown
[info] AsyncHttpClient-2-1, WRITE: TLSv1.2 Alert, length = 2
[info] AsyncHttpClient-2-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLHandshakeException: General SSLEngine problem
[info] AsyncHttpClient-2-1, called closeOutbound()
[info] AsyncHttpClient-2-1, closeOutboundInternal()
[info] AsyncHttpClient-2-1, called closeInbound()
[info] AsyncHttpClient-2-1, fatal: engine already closed. Rethrowing javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
[info] AsyncHttpClient-2-1, called closeOutbound()
[info] AsyncHttpClient-2-1, closeOutboundInternal()
[info] AsyncHttpClient-2-1, called closeOutbound()
[info] AsyncHttpClient-2-1, closeOutboundInternal()
[info] [error] application - failure = java.net.ConnectException: General SSLEngine problem
[info] java.net.ConnectException: General SSLEngine problem
[info] at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:168)
[info] at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener$1.onFailure(NettyConnectListener.java:139)
[info] at play.shaded.ahc.org.asynchttpclient.netty.SimpleFutureListener.operationComplete(SimpleFutureListener.java:26)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:507)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners0(DefaultPromise.java:500)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListenersNow(DefaultPromise.java:479)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners(DefaultPromise.java:420)
[info] at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.tryFailure(DefaultPromise.java:122)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.notifyHandshakeFailure(SslHandler.java:1443)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.setHandshakeFailure(SslHandler.java:1435)
[info] Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
[info] at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1478)
[info] at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:535)
[info] at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:813)
[info] at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
[info] at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:272)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1175)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1087)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1122)
[info] at play.shaded.ahc.io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:491)
[info] Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
[info] at sun.security.ssl.Alerts.getSSLException(Alerts.java:203)
[info] at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1728)
[info] at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:304)
[info] at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
[info] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1595)
[info] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:220)
[info] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
[info] at sun.security.ssl.Handshaker$1.run(Handshaker.java:966)
[info] at sun.security.ssl.Handshaker$1.run(Handshaker.java:963)
[info] at java.security.AccessController.doPrivileged(Native Method)
[info] Caused by: com.typesafe.sslconfig.ssl.CompositeCertificateException: No trust manager was able to validate this certificate chain: # of exceptions = 1
[info] at com.typesafe.sslconfig.ssl.CompositeX509TrustManager.checkServerTrusted(CompositeX509TrustManager.scala:90)
[info] at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:999)
[info] at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1582)
[info] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:220)
[info] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
[info] at sun.security.ssl.Handshaker$1.run(Handshaker.java:966)
[info] at sun.security.ssl.Handshaker$1.run(Handshaker.java:963)
[info] at java.security.AccessController.doPrivileged(Native Method)
[info] at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1416)
[info] at play.shaded.ahc.io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1324)
[success] Total time: 7 s, completed 08-Jan-2018 12:40:29
I want to use the CustomSSLEngineProvider in Play to do 2-way SSL. Even though needClientAuth=true, the server does not request the client to send its certificate.
Details follow:
Step 3) shouldn't just happen because the server is expected to request a certificate from the client and Chrome will prompt me to send a certificate. But that didn't happen
Can you give me any clue why
One way of doing this is by adding the following to .travis.yml:
matrix:
include:
- scala: 2.12.7
jdk: openjdk11
allow_failures:
# Java 11 is still not fully supported. It is good that we are already
# testing our sample applications to better discover possible problems
# but we can allow failures here too.
- jdk: openjdk11Make sure that's the right Scala version. Also we might want to use AdoptOpenJDK 11 instead of Oracle OpenJDK 11.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.