5
Ho creato uno SSLClient e SSLServer e ha anche creato l'archivio di chiavi come "server.jks" per SSLServer e "client.jks" per SSLClient. in primo luogo ho eseguito il file SSLServer.java e successivamente quando eseguo il file SSLClient.java. È un'eccezione "javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown". non so perché sto ottenendo questa eccezione. Ho seguito http://ruchirawageesha.blogspot.in/2010/07/how-to-create-clientserver-keystores.html per creare il keystore per server e client. potresti aiutarmi a risolvere questo problema. se c'è qualche errore nel creare certificati per server e client che ho fatto, per favore fatemelo sapere.SSL Eccezione: javax.net.ssl.SSLHandshakeException: Ricevuto avviso fatale: certificato_messaggio
SSLServer.java
package com.betterprogrammer.test;
import java.io.*;
import java.security.Security;
import java.security.PrivilegedActionException;
import javax.net.ssl.*;
import com.sun.net.ssl.internal.ssl.Provider;
public class SSLServer {
public static void main(String[] args) throws Exception {
boolean debug = true;
int intSSLport = 4443;
{
Security.addProvider(new Provider());
System.setProperty("javax.net.ssl.keyStore","C:\\Program Files\\Java\\jre6\\bin\\server.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "123456");
}
if(debug){
System.setProperty("javax.net.debug", "all");
}
try {
SSLServerSocketFactory sslServerSocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketfactory.createServerSocket(intSSLport);
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
while (true) {
PrintWriter out = new PrintWriter(sslSocket.getOutputStream(),true);
BufferedReader in = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null) {
out.println(inputLine);
System.out.println(inputLine);
}
out.close();
in.close();
sslSocket.close();
sslServerSocket.close();
}
}
catch (Exception exp) {
PrivilegedActionException priexp = new PrivilegedActionException(exp);
System.out.println(" Priv exp --- " + priexp.getMessage());
System.out.println(" Exception occurred .... " + exp);
exp.printStackTrace();
}
}
}
e SSLClient.java
package com.betterprogrammer.test;
import java.io.*;
import javax.net.ssl.*;
import com.sun.net.ssl.internal.ssl.Provider;
import java.security.Security;
public class SSLClient {
public static void main(String[] args) throws Exception {
String strServerName = "localhost";
int intSSLport = 4443;
PrintWriter out = null;
BufferedReader in = null;
boolean debug = true;
{
Security.addProvider(new Provider());
System.setProperty("javax.net.ssl.keyStore","C:\\Program Files\\Java\\jre6\\bin\\client.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "123456");
}
if(debug){
System.setProperty("javax.net.debug", "all");
}
try {
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) sslsocketfactory.createSocket(strServerName, intSSLport);
out = new PrintWriter(sslSocket.getOutputStream(), true);
in = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));
BufferedReader stdIn = new BufferedReader(new InputStreamReader(System.in));
String userInput = "Hello Testing ";
out.println(userInput);
while ((userInput = stdIn.readLine()) != null) {
out.println(userInput);
System.out.println("echo: " + in.readLine());
}
out.println(userInput);
out.close();
in.close();
stdIn.close();
sslSocket.close();
}
catch (Exception exp) {
System.out.println(" Exception occurred .... " + exp);
exp.printStackTrace();
}
}
}
Grazie,
Dopo che consenta la completa debug:
Debugger Log Di SSLClient
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
[Raw read]: length = 5
0000: 80 65 01 03 01 .e...
[Raw read]: length = 98
0000: 00 3C 00 00 00 20 00 00 04 01 00 80 00 00 05 00 .<... ..........
0010: 00 2F 00 00 33 00 00 32 00 00 0A 07 00 C0 00 00 ./..3..2........
0020: 16 00 00 13 00 00 09 06 00 40 00 00 15 00 00 12 [email protected]
0030: 00 00 03 02 00 80 00 00 08 00 00 14 00 00 11 00 ................
0040: 00 FF 55 23 87 FB 8F 4F 39 1F 53 16 68 CB F8 4A ..U#...O9.S.h..J
0050: E3 55 F2 65 6F 6D F8 58 6A 3E AC 05 9A 2E 47 00 .U.eom.Xj>....G.
0060: 4A 61 Ja
[read] MD5 and SHA1 hashes: len = 3
0000: 01 03 01 ...
[read] MD5 and SHA1 hashes: len = 98
0000: 00 3C 00 00 00 20 00 00 04 01 00 80 00 00 05 00 .<... ..........
0010: 00 2F 00 00 33 00 00 32 00 00 0A 07 00 C0 00 00 ./..3..2........
0020: 16 00 00 13 00 00 09 06 00 40 00 00 15 00 00 12 [email protected]
0030: 00 00 03 02 00 80 00 00 08 00 00 14 00 00 11 00 ................
0040: 00 FF 55 23 87 FB 8F 4F 39 1F 53 16 68 CB F8 4A ..U#...O9.S.h..J
0050: E3 55 F2 65 6F 6D F8 58 6A 3E AC 05 9A 2E 47 00 .U.eom.Xj>....G.
0060: 4A 61 Ja
main, READ: SSL v2, contentType = Handshake, translated length = 75
*** ClientHello, TLSv1
RandomCookie: GMT: 1428326139 bytes = { 143, 79, 57, 31, 83, 22, 104, 203, 248, 74, 227, 85, 242, 101, 111, 109, 248, 88, 106, 62, 172, 5, 154, 46, 71, 0, 74, 97 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
*** ServerHello, TLSv1
RandomCookie: GMT: 1428326139 bytes = { 158, 48, 29, 129, 13, 62, 146, 105, 73, 124, 215, 161, 95, 187, 133, 185, 177, 126, 152, 188, 242, 149, 169, 89, 170, 54, 114, 1 }
Session ID: {85, 35, 135, 251, 224, 246, 149, 228, 232, 147, 250, 67, 208, 150, 103, 11, 42, 3, 25, 164, 173, 2, 175, 238, 127, 205, 214, 147, 219, 129, 83, 9}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 123574216535049538229649138532732037450344660032008107623318896073877130816352911991676317388894985357571552005101850107090892510303976778984089005629672968049771222968340272946467454151597928015519714376040070285997043906750602810147154555100812394706180558167843570971003367893266814158255391999837062858379
public exponent: 65537
Validity: [From: Tue Apr 07 11:10:44 IST 2015,
To: Mon Jul 06 11:10:44 IST 2015]
Issuer: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
SerialNumber: [ 55236ddc]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 18 7D 3A 3D 98 43 E1 EA C8 CC 79 01 FF 8B BF E1 ..:=.C....y.....
0010: 07 A9 12 2D 6D D6 47 74 FE 67 D0 CA 11 CE D6 90 ...-m.Gt.g......
0020: 9D BA 94 67 19 7C 24 FD B8 EA 45 14 A3 29 5D F7 ...g..$...E..)].
0030: 6A 4A EA 2E 29 42 2B 04 EC D1 FF E6 B0 A5 1C AA jJ..)B+.........
0040: 2E 79 3D 30 B5 D7 1D CD A5 12 5E AE 91 4C 22 10 .y=0......^..L".
0050: CF 45 8E 36 A6 55 76 CC 15 BE 9F 5C 3B 45 D0 0C .E.6.Uv....\;E..
0060: 07 F2 FA F4 E2 42 6F E5 DF 5F AC EC 60 67 F8 B3 .....Bo.._..`g..
0070: 14 B0 F5 2E F6 F7 97 7E FC 24 EA A0 7E 38 5E 25 .........$...8^%
]
***
*** ServerHelloDone
[write] MD5 and SHA1 hashes: len = 686
0000: 02 00 00 4D 03 01 55 23 87 FB 9E 30 1D 81 0D 3E ...M..U#...0...>
0010: 92 69 49 7C D7 A1 5F BB 85 B9 B1 7E 98 BC F2 95 .iI..._.........
0020: A9 59 AA 36 72 01 20 55 23 87 FB E0 F6 95 E4 E8 .Y.6r. U#.......
0030: 93 FA 43 D0 96 67 0B 2A 03 19 A4 AD 02 AF EE 7F ..C..g.*........
0040: CD D6 93 DB 81 53 09 00 04 00 00 05 FF 01 00 01 .....S..........
0050: 00 0B 00 02 55 00 02 52 00 02 4F 30 82 02 4B 30 ....U..R..O0..K0
0060: 82 01 B4 A0 03 02 01 02 02 04 55 23 6D DC 30 0D ..........U#m.0.
0070: 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30 6A 31 ..*.H........0j1
0080: 0B 30 09 06 03 55 04 06 13 02 39 31 31 12 30 10 .0...U....911.0.
0090: 06 03 55 04 08 13 09 6B 61 72 6E 61 74 61 6B 61 ..U....karnataka
00A0: 31 12 30 10 06 03 55 04 07 13 09 62 61 6E 67 61 1.0...U....banga
00B0: 6C 6F 72 65 31 12 30 10 06 03 55 04 0A 13 09 64 lore1.0...U....d
00C0: 65 76 65 6C 6F 70 65 72 31 10 30 0E 06 03 55 04 eveloper1.0...U.
00D0: 0B 13 07 73 74 61 72 74 75 70 31 0D 30 0B 06 03 ...startup1.0...
00E0: 55 04 03 13 04 4A 6F 68 6E 30 1E 17 0D 31 35 30 U....John0...150
00F0: 34 30 37 30 35 34 30 34 34 5A 17 0D 31 35 30 37 407054044Z..1507
0100: 30 36 30 35 34 30 34 34 5A 30 6A 31 0B 30 09 06 06054044Z0j1.0..
0110: 03 55 04 06 13 02 39 31 31 12 30 10 06 03 55 04 .U....911.0...U.
0120: 08 13 09 6B 61 72 6E 61 74 61 6B 61 31 12 30 10 ...karnataka1.0.
0130: 06 03 55 04 07 13 09 62 61 6E 67 61 6C 6F 72 65 ..U....bangalore
0140: 31 12 30 10 06 03 55 04 0A 13 09 64 65 76 65 6C 1.0...U....devel
0150: 6F 70 65 72 31 10 30 0E 06 03 55 04 0B 13 07 73 oper1.0...U....s
0160: 74 61 72 74 75 70 31 0D 30 0B 06 03 55 04 03 13 tartup1.0...U...
0170: 04 4A 6F 68 6E 30 81 9F 30 0D 06 09 2A 86 48 86 .John0..0...*.H.
0180: F7 0D 01 01 01 05 00 03 81 8D 00 30 81 89 02 81 ...........0....
0190: 81 00 AF F9 BC 0C 37 61 CF E9 A6 83 63 4D BD B9 ......7a....cM..
01A0: D8 7D EC 26 04 4D D9 AE CA E1 A0 99 E8 AB FE 0E ...&.M..........
01B0: F2 F2 E6 7A C1 D5 43 0C BE 95 83 01 C0 A9 B9 A9 ...z..C.........
01C0: 8E 19 42 A7 5A 12 66 26 E8 28 9B A2 D5 BE 0A 3A ..B.Z.f&.(.....:
01D0: 66 51 B3 94 4A E9 44 3A 96 64 5E B4 25 84 82 CA fQ..J.D:.d^.%...
01E0: 2B 86 65 1D 16 C4 97 D1 AA 0B D9 4D 9F 9A C8 CC +.e........M....
01F0: DD 2F 79 CB 1C 59 04 EE C0 B5 8D 69 80 46 F5 DA ./y..Y.....i.F..
0200: FB 33 1E E1 78 55 7B 58 24 45 61 8B AB DF C1 80 .3..xU.X$Ea.....
0210: 86 8B 02 03 01 00 01 30 0D 06 09 2A 86 48 86 F7 .......0...*.H..
0220: 0D 01 01 05 05 00 03 81 81 00 18 7D 3A 3D 98 43 ............:=.C
0230: E1 EA C8 CC 79 01 FF 8B BF E1 07 A9 12 2D 6D D6 ....y........-m.
0240: 47 74 FE 67 D0 CA 11 CE D6 90 9D BA 94 67 19 7C Gt.g.........g..
0250: 24 FD B8 EA 45 14 A3 29 5D F7 6A 4A EA 2E 29 42 $...E..)].jJ..)B
0260: 2B 04 EC D1 FF E6 B0 A5 1C AA 2E 79 3D 30 B5 D7 +..........y=0..
0270: 1D CD A5 12 5E AE 91 4C 22 10 CF 45 8E 36 A6 55 ....^..L"..E.6.U
0280: 76 CC 15 BE 9F 5C 3B 45 D0 0C 07 F2 FA F4 E2 42 v....\;E.......B
0290: 6F E5 DF 5F AC EC 60 67 F8 B3 14 B0 F5 2E F6 F7 o.._..`g........
02A0: 97 7E FC 24 EA A0 7E 38 5E 25 0E 00 00 00 ...$...8^%....
main, WRITE: TLSv1 Handshake, length = 686
[Raw write]: length = 691
0000: 16 03 01 02 AE 02 00 00 4D 03 01 55 23 87 FB 9E ........M..U#...
0010: 30 1D 81 0D 3E 92 69 49 7C D7 A1 5F BB 85 B9 B1 0...>.iI..._....
0020: 7E 98 BC F2 95 A9 59 AA 36 72 01 20 55 23 87 FB ......Y.6r. U#..
0030: E0 F6 95 E4 E8 93 FA 43 D0 96 67 0B 2A 03 19 A4 .......C..g.*...
0040: AD 02 AF EE 7F CD D6 93 DB 81 53 09 00 04 00 00 ..........S.....
0050: 05 FF 01 00 01 00 0B 00 02 55 00 02 52 00 02 4F .........U..R..O
0060: 30 82 02 4B 30 82 01 B4 A0 03 02 01 02 02 04 55 0..K0..........U
0070: 23 6D DC 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 #m.0...*.H......
0080: 05 00 30 6A 31 0B 30 09 06 03 55 04 06 13 02 39 ..0j1.0...U....9
0090: 31 31 12 30 10 06 03 55 04 08 13 09 6B 61 72 6E 11.0...U....karn
00A0: 61 74 61 6B 61 31 12 30 10 06 03 55 04 07 13 09 ataka1.0...U....
00B0: 62 61 6E 67 61 6C 6F 72 65 31 12 30 10 06 03 55 bangalore1.0...U
00C0: 04 0A 13 09 64 65 76 65 6C 6F 70 65 72 31 10 30 ....developer1.0
00D0: 0E 06 03 55 04 0B 13 07 73 74 61 72 74 75 70 31 ...U....startup1
00E0: 0D 30 0B 06 03 55 04 03 13 04 4A 6F 68 6E 30 1E .0...U....John0.
00F0: 17 0D 31 35 30 34 30 37 30 35 34 30 34 34 5A 17 ..150407054044Z.
0100: 0D 31 35 30 37 30 36 30 35 34 30 34 34 5A 30 6A .150706054044Z0j
0110: 31 0B 30 09 06 03 55 04 06 13 02 39 31 31 12 30 1.0...U....911.0
0120: 10 06 03 55 04 08 13 09 6B 61 72 6E 61 74 61 6B ...U....karnatak
0130: 61 31 12 30 10 06 03 55 04 07 13 09 62 61 6E 67 a1.0...U....bang
0140: 61 6C 6F 72 65 31 12 30 10 06 03 55 04 0A 13 09 alore1.0...U....
0150: 64 65 76 65 6C 6F 70 65 72 31 10 30 0E 06 03 55 developer1.0...U
0160: 04 0B 13 07 73 74 61 72 74 75 70 31 0D 30 0B 06 ....startup1.0..
0170: 03 55 04 03 13 04 4A 6F 68 6E 30 81 9F 30 0D 06 .U....John0..0..
0180: 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 81 8D 00 .*.H............
0190: 30 81 89 02 81 81 00 AF F9 BC 0C 37 61 CF E9 A6 0..........7a...
01A0: 83 63 4D BD B9 D8 7D EC 26 04 4D D9 AE CA E1 A0 .cM.....&.M.....
01B0: 99 E8 AB FE 0E F2 F2 E6 7A C1 D5 43 0C BE 95 83 ........z..C....
01C0: 01 C0 A9 B9 A9 8E 19 42 A7 5A 12 66 26 E8 28 9B .......B.Z.f&.(.
01D0: A2 D5 BE 0A 3A 66 51 B3 94 4A E9 44 3A 96 64 5E ....:fQ..J.D:.d^
01E0: B4 25 84 82 CA 2B 86 65 1D 16 C4 97 D1 AA 0B D9 .%...+.e........
01F0: 4D 9F 9A C8 CC DD 2F 79 CB 1C 59 04 EE C0 B5 8D M...../y..Y.....
0200: 69 80 46 F5 DA FB 33 1E E1 78 55 7B 58 24 45 61 i.F...3..xU.X$Ea
0210: 8B AB DF C1 80 86 8B 02 03 01 00 01 30 0D 06 09 ............0...
0220: 2A 86 48 86 F7 0D 01 01 05 05 00 03 81 81 00 18 *.H.............
0230: 7D 3A 3D 98 43 E1 EA C8 CC 79 01 FF 8B BF E1 07 .:=.C....y......
0240: A9 12 2D 6D D6 47 74 FE 67 D0 CA 11 CE D6 90 9D ..-m.Gt.g.......
0250: BA 94 67 19 7C 24 FD B8 EA 45 14 A3 29 5D F7 6A ..g..$...E..)].j
0260: 4A EA 2E 29 42 2B 04 EC D1 FF E6 B0 A5 1C AA 2E J..)B+..........
0270: 79 3D 30 B5 D7 1D CD A5 12 5E AE 91 4C 22 10 CF y=0......^..L"..
0280: 45 8E 36 A6 55 76 CC 15 BE 9F 5C 3B 45 D0 0C 07 E.6.Uv....\;E...
0290: F2 FA F4 E2 42 6F E5 DF 5F AC EC 60 67 F8 B3 14 ....Bo.._..`g...
02A0: B0 F5 2E F6 F7 97 7E FC 24 EA A0 7E 38 5E 25 0E ........$...8^%.
02B0: 00 00 00 ...
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 2E ..
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, certificate_unknown
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
Priv exp --- null
Exception occurred .... javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
at sun.nio.cs.StreamDecoder.readBytes(Unknown Source)
at sun.nio.cs.StreamDecoder.implRead(Unknown Source)
at sun.nio.cs.StreamDecoder.read(Unknown Source)
at java.io.InputStreamReader.read(Unknown Source)
at java.io.BufferedReader.fill(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at com.betterprogrammer.test.SSLServer.main(SSLServer.java:36)
e Debugger Log di SSLServer
keyStore is : C:\Program Files\Java\jre6\bin\server.jks
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
***
found key for : server
chain [0] = [
[
Version: V3
Subject: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 123574216535049538229649138532732037450344660032008107623318896073877130816352911991676317388894985357571552005101850107090892510303976778984089005629672968049771222968340272946467454151597928015519714376040070285997043906750602810147154555100812394706180558167843570971003367893266814158255391999837062858379
public exponent: 65537
Validity: [From: Tue Apr 07 11:10:44 IST 2015,
To: Mon Jul 06 11:10:44 IST 2015]
Issuer: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
SerialNumber: [ 55236ddc]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 18 7D 3A 3D 98 43 E1 EA C8 CC 79 01 FF 8B BF E1 ..:=.C....y.....
0010: 07 A9 12 2D 6D D6 47 74 FE 67 D0 CA 11 CE D6 90 ...-m.Gt.g......
0020: 9D BA 94 67 19 7C 24 FD B8 EA 45 14 A3 29 5D F7 ...g..$...E..)].
0030: 6A 4A EA 2E 29 42 2B 04 EC D1 FF E6 B0 A5 1C AA jJ..)B+.........
0040: 2E 79 3D 30 B5 D7 1D CD A5 12 5E AE 91 4C 22 10 .y=0......^..L".
0050: CF 45 8E 36 A6 55 76 CC 15 BE 9F 5C 3B 45 D0 0C .E.6.Uv....\;E..
0060: 07 F2 FA F4 E2 42 6F E5 DF 5F AC EC 60 67 F8 B3 .....Bo.._..`g..
0070: 14 B0 F5 2E F6 F7 97 7E FC 24 EA A0 7E 38 5E 25 .........$...8^%
]
***
trustStore is: C:\Program Files\Java\jre6\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0x4eb200670c035d4f
Valid from Wed Oct 25 14:06:00 IST 2006 until Sat Oct 25 14:06:00 IST 2036
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Sat Jun 26 03:53:48 IST 1999 until Wed Jun 26 03:53:48 IST 2019
adding as trusted cert:
Subject: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Algorithm: RSA; Serial number: 0x344ed55720d5edec49f42fce37db2b6d
Valid from Fri Nov 17 05:30:00 IST 2006 until Thu Jul 17 05:29:59 IST 2036
...................
......................
.........................
IST 2021
adding as trusted cert:
Subject: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x15ac6e9419b2794b41f627a9c3180f1f
Valid from Wed Apr 02 05:30:00 IST 2008 until Wed Dec 02 05:29:59 IST 2037
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 20:20:00 IST 1998 until Thu Aug 15 05:29:00 IST 2013
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Sat Jul 10 00:01:20 IST 1999 until Wed Jul 10 00:10:36 IST 2019
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Fri Jun 25 00:27:21 IST 1999 until Tue Jun 25 00:36:30 IST 2019
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 12:59:40 IST 2001 until Tue Apr 06 12:59:40 IST 2021
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 20:08:43 IST 2006 until Thu Jan 01 04:29:59 IST 2026
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
matching alias: server
main, called closeSocket()
Java ha anche un archivio sicuro per JVM in jre/lib/security /. La chiave è che ogni estremità che convalida il certificato del lato opposto avrà bisogno di fidarsi del certificato che ha firmato il certificato del lato opposto, direttamente o attraverso una catena per la quale ha le chiavi pubbliche. Gli archivi fiduciari sono solo raccolte di certificati che saranno considerati attendibili per la firma di certificati per entità finali o certificati CA secondari. – gobbly