Created
April 3, 2015 19:47
-
-
Save garethahealy/0144444fcfe6d59eb53b to your computer and use it in GitHub Desktop.
SSL Debug
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
JBossFuse:admin@root> Using SSLEngineImpl. | |
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 | |
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | |
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | |
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 | |
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 | |
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | |
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 | |
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 | |
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 | |
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 | |
Ignoring unavailable cipher suite: TLS_ECDH_anon_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 | |
Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA256 | |
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 | |
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 | |
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 | |
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA | |
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA | |
Allow unsafe renegotiation: false | |
Allow legacy hello messages: true | |
Is initial handshake: true | |
Is secure renegotiation: false | |
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello | |
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello | |
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello | |
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello | |
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello | |
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello | |
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv2Hello | |
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 | |
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 | |
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 | |
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 | |
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 | |
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 | |
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv3 | |
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 | |
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 | |
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 | |
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 | |
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 | |
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 | |
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1 | |
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 | |
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 | |
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 | |
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 | |
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 | |
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 | |
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1 | |
%% No cached client session | |
*** ClientHello, TLSv1.2 | |
RandomCookie: GMT: 1428024570 bytes = { 37, 155, 83, 155, 73, 106, 30, 209, 97, 6, 31, 67, 104, 66, 146, 42, 1, 147, 78, 136, 80, 181, 191, 170, 241, 94, 0, 81 } | |
Session ID: {} | |
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] | |
Compression Methods: { 0 } | |
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} | |
Extension ec_point_formats, formats: [uncompressed] | |
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA | |
*** | |
CamelJettyClient(0x73d8db54)-4717 Selector0, WRITE: TLSv1.2 Handshake, length = 193 | |
CamelJettyClient(0x73d8db54)-4717 Selector0, WRITE: SSLv2 client hello message, length = 143 | |
CamelJettyClient(0x73d8db54)-4716, READ: TLSv1.2 Handshake, length = 1142 | |
*** ServerHello, TLSv1.2 | |
RandomCookie: GMT: 1428024570 bytes = { 174, 50, 44, 120, 95, 125, 209, 174, 55, 122, 134, 121, 14, 75, 62, 180, 164, 199, 43, 100, 2, 227, 196, 207, 126, 167, 161, 72 } | |
Session ID: {85, 30, 237, 250, 82, 225, 111, 13, 225, 179, 7, 19, 103, 74, 176, 83, 147, 186, 228, 249, 121, 132, 199, 210, 156, 239, 222, 225, 85, 166, 176, 239} | |
Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | |
Compression Method: 0 | |
Extension renegotiation_info, renegotiated_connection: <empty> | |
*** | |
%% Initialized: [Session-35, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA] | |
** TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA | |
*** Certificate chain | |
chain [0] = [ | |
[ | |
Version: V1 | |
Subject: CN=Mayank Mishra, OU=Dev, O=Apache, L=INDORE, ST=MP, C=IN | |
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4 | |
Key: Sun RSA public key, 1024 bits | |
modulus: 135204094021008821362421507984799856880257512993538240978377857349160297286433754402443614681330249636188656506206134487690645100293988968771650465202840994823161999298265127358863385839319140532533180745554415195204604464145187828735528971515628372997067134416047762367215217989384234038183812633116487069789 | |
public exponent: 65537 | |
Validity: [From: Sun Jun 14 19:10:15 BST 2009, | |
To: Wed Jun 12 19:10:15 BST 2019] | |
Issuer: CN=Mayank Mishra, OU=Dev, O=Apache, L=INDORE, ST=MP, C=IN | |
SerialNumber: [ 4a353d07] | |
] | |
Algorithm: [MD5withRSA] | |
Signature: | |
0000: 4A 4E E1 E1 21 FF FF 70 79 1B 81 96 BF 07 F3 FA JN..!..py....... | |
0010: 09 48 DB 6D F4 3C B0 37 02 2A 06 D9 FE EE 2E E1 .H.m.<.7.*...... | |
0020: 59 7E A9 CF E5 1F D6 C1 FE 07 E8 58 D4 76 43 28 Y..........X.vC( | |
0030: F3 32 97 C5 B1 87 A8 DD B9 17 51 46 1D 87 82 2F .2........QF.../ | |
0040: B4 C9 40 D2 99 6C 49 5E 01 79 36 7C 1A 29 FD 84 ..@..lI^.y6..).. | |
0050: 37 9D E8 A6 6F D2 E1 7F D9 8D B3 B7 D5 8F 2F 35 7...o........./5 | |
0060: 61 C5 31 48 40 14 5C 60 13 66 D5 DC B6 8D DC BC a.1H@.\`.f...... | |
0070: 22 EA 6B 81 A5 DC 7A 29 54 BC 86 F3 7F 4B 30 6B ".k...z)T....K0k | |
] | |
*** | |
*** ECDH ServerKeyExchange | |
Signature Algorithm SHA1withRSA | |
Server key: Sun EC public key, 256 bits | |
public x coord: 21838513486094780871149160900067803327525754800675450105091306773350910868982 | |
public y coord: 10687725129646762251135189959710520029604618622408311232054793863277077315945 | |
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) | |
*** CertificateRequest | |
Cert Types: RSA, DSS, ECDSA | |
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA | |
Cert Authorities: | |
<CN=Gareth Healy, OU=Development, O=Gareth Healy Inc, L=Anytown, ST=South Yorkshire, C=UK> | |
<CN=Mayank Mishra, OU=Dev, O=Apache, L=INDORE, ST=MP, C=IN> | |
*** ServerHelloDone | |
*** Certificate chain | |
*** | |
*** ECDHClientKeyExchange | |
ECDH Public value: { 4, 178, 183, 200, 71, 66, 168, 41, 93, 177, 141, 88, 248, 143, 227, 37, 1, 7, 253, 159, 119, 141, 231, 223, 172, 89, 211, 242, 59, 242, 7, 89, 148, 20, 24, 40, 0, 171, 123, 108, 90, 143, 2, 89, 6, 240, 3, 8, 156, 180, 159, 240, 182, 14, 27, 14, 230, 170, 222, 244, 222, 228, 29, 176, 20 } | |
CamelJettyClient(0x73d8db54)-4716, WRITE: TLSv1.2 Handshake, length = 77 | |
SESSION KEYGEN: | |
PreMaster Secret: | |
0000: 74 16 5B 7D FD 94 B8 A1 90 FF 54 ED 47 B5 9C 25 t.[.......T.G..% | |
0010: 09 8C 8C 9B 2C 32 9A 8A CA 6B 5F 26 A3 11 4A B6 ....,2...k_&..J. | |
CONNECTION KEYGEN: | |
Client Nonce: | |
0000: 55 1E ED FA 25 9B 53 9B 49 6A 1E D1 61 06 1F 43 U...%.S.Ij..a..C | |
0010: 68 42 92 2A 01 93 4E 88 50 B5 BF AA F1 5E 00 51 hB.*..N.P....^.Q | |
Server Nonce: | |
0000: 55 1E ED FA AE 32 2C 78 5F 7D D1 AE 37 7A 86 79 U....2,x_...7z.y | |
0010: 0E 4B 3E B4 A4 C7 2B 64 02 E3 C4 CF 7E A7 A1 48 .K>...+d.......H | |
Master Secret: | |
0000: 6F 78 93 91 78 79 05 D3 2F 8B C2 7D B0 99 1B FF ox..xy../....... | |
0010: 38 D7 8D AF 48 A2 29 DA D2 39 65 04 FD 07 AA D0 8...H.)..9e..... | |
0020: A6 A1 81 74 A1 21 BE 51 DC 2A EA 8E 23 7E 59 D9 ...t.!.Q.*..#.Y. | |
Client MAC write Secret: | |
0000: B8 56 43 6F 3B E1 EE 5E D1 0B D1 19 7D 47 51 EF .VCo;..^.....GQ. | |
0010: C1 D9 4A 6A ..Jj | |
Server MAC write Secret: | |
0000: 7F 2D 3A 6E C9 DE 84 98 7F 86 90 0E 00 69 94 B1 .-:n.........i.. | |
0010: 43 71 8E 2A Cq.* | |
Client write key: | |
0000: 92 D5 65 07 68 3B C8 5D EC 7A 8F 12 F8 98 3C 5E ..e.h;.].z....<^ | |
0010: 81 38 5C C1 3C 6B A9 6D .8\.<k.m | |
Server write key: | |
0000: B7 3E 80 66 E0 1E CC 19 72 6E AD DB 91 E0 11 66 .>.f....rn.....f | |
0010: 45 06 75 08 17 25 68 D4 E.u..%h. | |
... no IV derived for this protocol | |
CamelJettyClient(0x73d8db54)-4716, WRITE: TLSv1.2 Change Cipher Spec, length = 1 | |
*** Finished | |
verify_data: { 110, 162, 10, 109, 245, 173, 253, 70, 10, 136, 175, 179 } | |
*** | |
CamelJettyClient(0x73d8db54)-4716, WRITE: TLSv1.2 Handshake, length = 48 | |
CamelJettyClient(0x73d8db54)-4712, called closeInbound() | |
CamelJettyClient(0x73d8db54)-4712, fatal error: 80: Inbound closed before receiving peer's close_notify: possible truncation attack? | |
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack? | |
%% Invalidated: [Session-35, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA] | |
CamelJettyClient(0x73d8db54)-4712, SEND TLSv1.2 ALERT: fatal, description = internal_error | |
CamelJettyClient(0x73d8db54)-4712, WRITE: TLSv1.2 Alert, length = 32 | |
CamelJettyClient(0x73d8db54)-4712, called closeInbound() | |
CamelJettyClient(0x73d8db54)-4712, closeInboundInternal() | |
CamelJettyClient(0x73d8db54)-4712, called closeInbound() | |
CamelJettyClient(0x73d8db54)-4712, closeInboundInternal() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment