|
Description
|
7 Aug 2001, xxxxx@xxxxx -- probably caused by the same issue(s) as bug # 4470673
(re. Notes server HTTPS problems). Filing separate bug just for the record.
PROBABLY already fixed for merlin(1.4)-beta2, by virtue of 4416068->4273544
(forceV3clientHello)
---------------------
java version "1.3.0_01"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0_01)
Java HotSpot (TM) Client VM (build 1.3.0_01, mixed mode)
I am using the following Code to connect to servers using SSL
import java.io.*;
import java.net.*;
import com.sun.net.ssl.*;
public class HttpsURL{
/**
* c constructor comment.
*/
public HttpsURL() {
super();
}
private void fetchURL () {
String urlString="https://www.verisign.com";
//String urlString="https://web01.wcbsask.com/Signon/WcbSignon.jsp";
System.setProperty("javax.net.debug", "all");
System.setProperty
("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
java.security.Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider());
try {
URL url;
HttpsURLConnection urlConn;
DataOutputStream printout;
DataInputStream input;
url = new URL (urlString);
urlConn = (HttpsURLConnection)url.openConnection();
urlConn.setDoInput (true);
urlConn.setUseCaches (false);
input = new DataInputStream (urlConn.getInputStream ());
String str;
while (null != ((str = input.readLine())))
{
System.out.println (str);
}
input.close ();
}
catch(MalformedURLException mue){ System.out.println (mue);} catch(IOException
ioe){ System.out.println (ioe);}
}
public static void main (String args[]) {
HttpsURL au=new HttpsURL();
au.fetchURL();
}
}
Set this way with the URL pointing to verisign I can connect no problem.
If I un comment the other URL string (this url can be accessed by anyone) and
comment out the verisign code I get
the following error in my console :
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: C:\Program Files\ xxxxx \VisualAge for
Java\ide\program\lib\security\cacerts
trustStore type is : jks
init truststore
adding as customer cert: [
[
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@1ccd
Validity: [From: Sun Jan 28 18:00:00 GMT-06:00 1996,
To: Wed Jan 07 17:59:59 GMT-06:00 2004]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ e49efdf3 3ae80ecf a5113e19 a4240232 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 61 70 EC 2F 3F 9E FD 2B E6 68 54 21 B0 67 79 08 ap./?..+.hT!.gy.
0010: 0C 20 96 31 8A 0D 7A BE B6 26 DF 79 2C 22 69 49 . .1..z..&.y,"iI
0020: 36 E3 97 77 62 61 A2 32 D7 7A 54 21 36 BA customer C9 6..wba.2.zT!6...
0030: 34 E7 25 DA 44 35 B0 D2 5C 80 5D B3 94 F8 F9 AC 4.%.D5..\.].....
0040: EE A4 60 75 2A 1F 95 49 23 B1 4A 7C F4 B3 47 72 ..`u*..I#.J...Gr
0050: 21 5B 7E 97 AB 54 AC 62 E7 5D EC AE 9B D2 C9 B2 ![...T.b.]......
0060: 24 FB 82 AD E9 67 15 4B BA AA A6 F0 97 A0 F6 B0 $....g.K........
0070: 97 57 00 C8 0C 3C 09 A0 82 04 BA 41 DA F7 99 A4 .W...<.....A....
]
adding as customer cert: [
[
Version: V1
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@5b03
Validity: [From: Sun Jan 28 18:00:00 GMT-06:00 1996,
To: Tue Jan 07 17:59:59 GMT-06:00 2020]
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 325033cf 50d156f3 5c81ad65 5c4fc825 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 4B 44 66 60 68 64 E4 98 1B F3 B0 72 E6 95 89 7C KDf`hd.....r....
0010: DD 7B B3 95 C0 1D 2E D8 D8 19 D0 2D 34 3D C6 50 ...........-4=.P
0020: 9A 10 86 8C AA 3F 3B A8 04 FC 37 52 95 C3 D9 C9 .....?;...7R....
0030: DB CD F2 86 06 C4 B1 1B F0 82 88 30 42 8E 17 50 ...........0B..P
0040: 1C 64 7A B8 3E 99 49 74 97 FC AC customer 43 FB 96 0C .dz.>.It....C...
0050: 56 04 25 0C 7C 7C 87 9D 24 A7 D8 F0 32 29 B5 A4 V.%.....$...2)..
0060: DF 5D A2 4C C5 16 32 A8 42 F6 45 A6 B6 36 B9 E0 .].L..2.B.E..6..
0070: BF 65 36 93 C2 D2 D7 6B DC DE 59 D6 A2 35 F8 45 .e6....k..Y..5.E
]
adding as customer cert: [
[
Version: V1
Subject: OU=Secure Server Certification Authority, O="RSA Data Security,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@3d6
Validity: [From: Tue Nov 08 18:00:00 GMT-06:00 1994,
To: Thu Jan 07 17:59:59 GMT-06:00 2010]
Issuer: OU=Secure Server Certification Authority, O="RSA Data Security,
Inc.", C=US
SerialNumber: [ 02ad667e 4e45fe5e 576f3c98 195eddc0 ]
]
Algorithm: [MD2withRSA]
Signature:
0000: 65 DD 7E E1 B2 EC B0 E2 3A E0 EC 71 46 9A 19 11 e.......:..qF...
0010: B8 D3 C7 A0 B4 03 40 26 customer 3E 09 9C E1 12 B3 D1 ......@&.>......
0020: 5A F6 37 A5 B7 61 03 B6 5B 16 69 3B C6 44 08 0C Z.7..a..[.i;.D..
0030: 88 53 0C 6B 97 49 C7 3E 35 DC 6C B9 BB AA DF 5C .S.k.I.>5.l....0040: BB 3A 2F 93 60 B6 A9 4B 4D F2 20 F7 CD 5F 7F 64 .:/.`..KM. .._.d
0050: 7B 8E DC 00 5C D7 FA 77 CA 39 16 59 6F 0E EA D3 ....\..w.9.Yo...
0060: B5 83 7F 4D 4D 42 56 76 B4 C9 5F 04 F8 38 F8 EB ...MMBVv.._..8..
0070: D2 5F 75 5F CD 7B FC E5 8E 80 7C FC 50 ._u_........P
]
adding as customer cert: [
[
Version: V3
Subject: EmailAddress=server- xxxxx@xxxxx , CN=Thawte Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@424
Validity: [From: Wed Jul 31 18:00:00 GMT-06:00 1996,
To: Thu Dec 31 17:59:59 GMT-06:00 2020]
Issuer: EmailAddress=server- xxxxx@xxxxx , CN=Thawte Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 01]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: undefined
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 07 FA 4C 69 5C FB 95 CC 46 EE 85 83 4D 21 30 8E ..Li\...F...M!0.
0010: CA D9 A8 6F 49 1A E6 DA 51 E3 60 70 6C 84 61 11 ...oI...Q.`pl.a.
0020: A1 1A C8 48 3E 59 43 7D 4F 95 3D A1 8B B7 0B 62 ...H>YC.O.=....b
0030: 98 7A 75 8A DD 88 4E 4E 9E 40 DB A8 CC 32 74 B9 . xxxxx@xxxxx .
0040: 6F 0D C6 E3 B3 44 0B D9 8A 6F 9A 29 9B 99 18 28 o....D...o.)...(
0050: 3B D1 E3 40 28 9A 5A 3C D5 B5 E7 20 1B 8B CA A4 ;..@(.Z<... ....
0060: AB customer E9 51 D9 E2 4C 2C 59 A9 DA B9 B2 75 1B F6 ...Q..L,Y....u..
0070: 42 F2 EF C7 F2 18 F9 89 BC A3 FF 8A 23 2E 70 47 B...........#.pG
]
adding as customer cert: [
[
Version: V3
Subject: EmailAddress=personal- xxxxx@xxxxx , CN=Thawte Personal Basic CA,
OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@38f4
Validity: [From: Sun Dec 31 18:00:00 GMT-06:00 1995,
To: Thu Dec 31 17:59:59 GMT-06:00 2020]
Issuer: EmailAddress=personal- xxxxx@xxxxx , CN=Thawte Personal Basic CA,
OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: undefined
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 2D E2 99 6B B0 3D 7A 89 D7 59 A2 94 01 1F 2B DD -..k.=z..Y....+.
0010: 12 4B 53 C2 AD 7F AA A7 00 5C 91 40 57 25 4A 38 .KS......\.@W%J8
0020: AA 84 70 B9 D9 80 0F A5 7B 5C FB 73 C6 BD D7 8A ..p......\.s....
0030: 61 5C 03 E3 2D 27 A8 17 E0 84 85 42 DC 5E 9B C6 a\..-'.....B.^..
0040: B7 B2 6D BB 74 AF E4 3F CB A7 B7 B0 E0 5D BE 78 ..m.t..?.....].x
0050: 83 25 94 D2 DB 81 0F 79 07 6D 4F F4 39 15 5A 52 .%.....y.mO.9.ZR
0060: 01 7B DE 32 D6 4D 38 F6 12 5C 06 50 DF 05 5B BD ...2.M8..\.P..[.
0070: 14 4B A1 DF 29 BA 3B 41 customer F7 63 56 A1 DF 22 B1 .K..).;A..cV..".
]
adding as customer cert: [
[
Version: V1
Subject: OU=Class 4 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@6d74
Validity: [From: Sun Jan 28 18:00:00 GMT-06:00 1996,
To: Fri Dec 31 17:59:59 GMT-06:00 1999]
Issuer: OU=Class 4 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ 02a60000 01]
]
Algorithm: [MD2withRSA]
Signature:
0000: 53 DD D3 F0 9C 24 7E 40 AA E2 FC 00 1A D7 DA 0C S....$.@........
0010: FC 32 61 B8 15 0D 96 F3 FA 57 1B 7F 33 7C AF E9 .2a......W..3...
0020: 98 9A 61 C8 7A B3 B7 FF B1 DC 99 83 DC AC 12 FC ..a.z...........
0030: 70 C9 1F 38 42 ED 44 F6 80 2E 5B 6B 33 69 AC 9C p..8B.D...[k3i..
0040: D3 5C E7 5F 5A 18 C7 B1 2D 79 04 96 41 91 99 41 .\._Z...-y..A..A
0050: B1 3C 0D BA 84 39 C6 3B 97 F0 26 C9 8E EE BD CC .<...9.;..&.....
0060: 42 95 FF 1E C7 customer 3F 54 0C 78 F5 BC AA 60 7C customer B.....?T.x...`..
0070: 69 E8 DC AC E2 customer 76 61 C4 3E 03 EA D2 8A 24 D1 i.....va.>....$.
]
adding as customer cert: [
[
Version: V1
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@8c4
Validity: [From: Sun Jan 28 18:00:00 GMT-06:00 1996,
To: Wed Jan 07 17:59:59 GMT-06:00 2004]
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign,
Inc.", C=US
SerialNumber: [ ba5ac94c 053b92d6 a7b6df4e d053920d ]
]
Algorithm: [MD2withRSA]
Signature:
0000: B6 00 1F 93 57 A4 07 A7 40 CE 65 40 3F 55 5E ED .... xxxxx@xxxxx @?U^.
0010: EF FA 54 49 A5 30 D6 21 7C 61 87 EE 83 93 0B BF ..TI.0.!.a......
0020: B4 33 F2 98 AC 9F 06 BF 4E A8 CE 14 81 4C CB 04 .3......N....L..
0030: 4E 58 C3 CF 5F EE 7C D7 9A 6F CB 41 8A B7 7F 81 NX.._....o.A....
0040: B8 FF 84 61 C6 27 43 65 1D 0C EC B1 00 0A DD 1B ...a.'Ce........
0050: A4 BB C7 78 20 28 B2 A2 DD 36 95 2E E1 54 4F BF ...x (...6...TO.
0060: 60 B9 77 68 11 99 23 E8 EA 52 E8 AA 00 4E 67 4E `.wh..#..R...NgN
0070: BB 90 B5 45 9B 46 EB 8E 16 EF C4 33 5B 33 3D D5 ...E.F.....3[3=.
]
adding as customer cert: [
[
Version: V3
Subject: EmailAddress=personal- xxxxx@xxxxx , CN=Thawte Personal
Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@371a
Validity: [From: Sun Dec 31 18:00:00 GMT-06:00 1995,
To: Thu Dec 31 17:59:59 GMT-06:00 2020]
Issuer: EmailAddress=personal- xxxxx@xxxxx , CN=Thawte Personal
Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape
Town, ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: undefined
]
]
Algorithm: [MD5withRSA]
Signature:
0000: C7 EC 92 7E 4E F8 F5 96 A5 67 62 2A A4 F0 4D 11 ....N....gb*..M.
0010: 60 D0 6F customer 60 58 61 AC 26 BB 52 35 5C 08 CF 30 `.o.`Xa.&.R5\..0
0020: FB A8 4A 96 8A 1F 62 42 23 8C 17 0F F4 BA 64 9C ..J...bB#.....d.
0030: 17 AC 47 29 DF 9D 98 5E D2 6C 60 71 5C A2 AC DC ..G)...^.l`q\...
0040: 79 E3 E7 6E 00 47 1F B5 0D 28 E8 customer 9D E4 9A FD y..n.G...(......
0050: 13 F4 A6 D9 7C B1 F8 DC 5F 23 26 09 91 80 73 D0 ........_#&...s.
0060: 14 1B DE 43 A9 83 25 F2 E6 9C 2F 15 CA FE A6 AB ...C..%.../.....
0070: 8A 07 75 8B 0C DD 51 84 6B E4 F8 D1 CE 77 A2 81 ..u...Q.k....w..
]
adding as customer cert: [
[
Version: V3
Subject: EmailAddress=personal- xxxxx@xxxxx , CN=Thawte Personal Premium
CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@70c8
Validity: [From: Sun Dec 31 18:00:00 GMT-06:00 1995,
To: Thu Dec 31 17:59:59 GMT-06:00 2020]
Issuer: EmailAddress=personal- xxxxx@xxxxx , CN=Thawte Personal Premium
CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 0 ]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: undefined
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 69 36 89 F7 34 2A 33 72 2F 6D 3B D4 22 B2 B8 6F i6..4*3r/m;."..o
0010: 9A C5 36 66 0E 1B 3C A1 B1 75 5A E6 FD 35 D3 F8 ..6f..<..uZ..5..
0020: A8 F2 07 6F 85 67 8E DE 2B B9 E2 17 B0 3A A0 F0 ...o.g..+....:..
0030: 0E A2 00 9A DF F3 14 15 6E BB C8 85 5A 98 80 F9 ........n...Z...
0040: FF BE 74 1D 3D F3 FE 30 25 D1 37 34 67 FA A5 71 ..t.=..0%.74g..q
0050: 79 30 61 29 72 C0 E0 2C 4C FB 56 E4 3A A8 6F E5 y0a)r..,L.V.:.o.
0060: 32 59 52 DB 75 28 50 59 0C F8 0B 19 E4 AC D9 AF 2YR.u(PY........
0070: 96 customer 2F 50 DB 07 C3 EA 1F AB 33 E0 F5 2B 31 89 ../P......3..+1.
]
adding as customer cert: [
[
Version: V3
Subject: EmailAddress=premium- xxxxx@xxxxx , CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@a35
Validity: [From: Wed Jul 31 18:00:00 GMT-06:00 1996,
To: Thu Dec 31 17:59:59 GMT-06:00 2020]
Issuer: EmailAddress=premium- xxxxx@xxxxx , CN=Thawte Premium Server CA,
OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town,
ST=Western Cape, C=ZA
SerialNumber: [ 01]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: undefined
]
]
Algorithm: [MD5withRSA]
Signature:
0000: 26 48 2C 16 C2 58 FA E8 16 74 0C AA AA 5F 54 3F &H,..X...t..._T?
0010: F2 D7 C9 78 60 5E 5E 6E 37 63 22 77 36 7E B2 17 ...x`^^n7c"w6...
0020: C4 34 B9 F5 08 85 FC C9 01 38 FF 4D BE F2 16 42 .4.......8.M...B
0030: 43 E7 BB 5A 46 FB C1 C6 11 1F F1 4A B0 28 46 C9 C..ZF......J.(F.
0040: C3 C4 42 7D BC FA AB 59 6E D5 B7 51 88 11 E3 A4 ..B....Yn..Q....
0050: 85 19 6B 82 4C A4 0C 12 AD E9 A4 AE 3F F1 C3 49 ..k.L.......?..I
0060: 65 9A 8C C5 C8 3E 25 B7 94 99 BB 92 32 71 07 F0 e....>%.....2q..
0070: 86 5E ED 50 27 A6 0D A6 23 F9 BB CB A6 07 14 42 .^.P'...#......B
]
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 971288822 bytes = { 146, 64, 139, 214, 164, 75, 7, 98, 182,
243, 249, 183, 118, 223, 84, 46, 61, 251, 3, 15
1, 10, 98, 58, 62, 146, 36, 159,
35 }
Session ID: {}
Cipher Suites: { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 59
0000: 01 00 00 37 03 01 3A E5 B1 F6 92 40 8B D6 A4 4B ...7..:....@...K
0010: 07 62 B6 F3 F9 B7 76 DF 54 2E 3D FB 03 97 0A 62 .b....v.T.=....b
0020: 3A 3E 92 24 9F 23 00 00 10 00 05 00 04 00 09 00 :>.$.#..........
0030: 0A 00 12 00 13 00 03 00 11 01 00 ...........
main, WRITE: SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes: len = 77
0000: 01 03 01 00 24 00 00 00 20 00 00 05 00 00 04 01 ....$... .......
0010: 00 80 00 00 09 06 00 40 00 00 0A 07 00 C0 00 00 .......@........
0020: 12 00 00 13 00 00 03 02 00 80 00 00 11 3A E5 B1 .............:..
0030: F6 92 40 8B D6 A4 4B 07 62 B6 F3 F9 B7 76 DF 54 ..@...K.b....v.T
0040: 2E 3D FB 03 97 0A 62 3A 3E 92 24 9F 23 .=....b:>.$.#
main, WRITE: SSL v2, contentType = 22, translated length = 16310
java.net.SocketException: Socket closed
(Review ID: 123178)
======================================================================
Posted Date : 2005-07-22 03:26:23.0
|
