Java 对两个eclipse项目使用相同的密钥库,但它们可以';在同一系统上调试时,无法进行通信
我们的目标是让两个不同的eclipse项目同时运行以进行调试。(在eclipse上,右键单击项目并选择Debug As->Java应用程序)。这两个项目具有安全的RMI通信。我在两个项目中使用相同的自签名证书密钥库;位于Java 对两个eclipse项目使用相同的密钥库,但它们可以';在同一系统上调试时,无法进行通信,java,eclipse,ssl,keystore,Java,Eclipse,Ssl,Keystore,我们的目标是让两个不同的eclipse项目同时运行以进行调试。(在eclipse上,右键单击项目并选择Debug As->Java应用程序)。这两个项目具有安全的RMI通信。我在两个项目中使用相同的自签名证书密钥库;位于/home/keystore/app.jks的密钥库。我还在位于/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/lib/security/cacerts的默认javacacerts文件中导入了这个密钥库 然而,当第一个程序试图打开与第二个程序的
/home/keystore/app.jks/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre/lib/security/cacerts的默认javacacerts
文件中导入了这个密钥库
然而,当第一个程序试图打开与第二个程序的RMI连接时,我遇到了SSL错误。
显然,在客户端应该发送证书链,但找不到合适的证书链并发送
(我不明白为什么,因为两个程序使用相同的密钥库)之前,这个过程一直很顺利
***服务器Hellodone
警告:找不到合适的证书-在没有客户端身份验证的情况下继续
***证书链
***
下面是SSL握手的过程:(复制自)
服务器你好
客户你好
证书链
找到受信任的证书
证书申请
服务器你好,完成了
证书链->在这里,我们在SSL调试日志中打印了一个
客户密钥交换
验证数据
这是SSL日志(通过JVM选项-Djavax.net.debug=SSL:handshake启用):
系统属性jdk.tls.client.cipherSuites设置为“null”
系统属性jdk.tls.server.CipherSuite设置为“null”
忽略禁用的密码套件:TLS_DH_anon_WITH_AES_256_CBC_SHA
忽略禁用的密码套件:TLS_DH_anon_WITH_AES_256_CBC_SHA256
忽略禁用的密码套件:TLS\u ECDHE\u RSA\u和\u NULL\u SHA
忽略禁用的密码套件:SSL\u RSA\u WITH\u DES\u CBC\u SHA
忽略禁用的密码套件:SSL\u DHE\u DSS\u EXPORT\u WITH\u DES40\u CBC\u SHA
忽略禁用的密码套件:TLS_KRB5_WITH_DES_CBC_MD5
忽略禁用的密码套件:TLS\u ECDH\u RSA\u WITH\u NULL\u SHA
忽略禁用的密码套件:SSL\u DH\u anon\u EXPORT\u与\u RC4\u 40\u MD5
忽略禁用的密码套件:SSL_DH_anon_WITH_DES_CBC_SHA
忽略禁用的密码套件:TLS_DH_anon_与_AES_128_CBC_SHA
忽略禁用的密码套件:TLS_KRB5_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:TLS_KRB5_与_DES_CBC_SHA
忽略禁用的密码套件:TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
忽略禁用的密码套件:TLS_ECDHE_ECDSA_与_RC4_128_SHA
忽略禁用的密码套件:SSL\u DHE\u RSA\u和\u DES\u CBC\u SHA
忽略禁用的密码套件:TLS_KRB5_WITH_3DES_EDE_CBC_MD5
忽略禁用的密码套件:SSL\u DH\u anon\u和\u RC4\u 128\u MD5
忽略禁用的密码套件:TLS_ECDHE_ECDSA_WITH_NULL_SHA
忽略禁用的密码套件:SSL\u DHE\u DSS\u和\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:TLS\U RSA\U带\U NULL\U SHA256
忽略禁用的密码套件:TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:SSL\u DH\u anon\u与\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:TLS_ECDH_anon_和_NULL_SHA
忽略禁用的密码套件:SSL\u RSA\u与\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:SSL\u DHE\u RSA\u EXPORT\u WITH\u DES40\u CBC\u SHA
忽略禁用的密码套件:TLS_ECDH_anon_与_RC4_128_SHA
忽略禁用的密码套件:SSL_DHE_DSS_WITH_DES_CBC_SHA
忽略禁用的密码套件:TLS_KRB5_EXPORT_与_RC4_40_SHA
忽略禁用的密码套件:SSL\u RSA\u EXPORT\u WITH\u DES40\u CBC\u SHA
忽略禁用的密码套件:TLS_KRB5_与_RC4_128_SHA
忽略禁用的密码套件:TLS_ECDH_anon_WITH_AES_256_CBC_SHA
忽略禁用的密码套件:SSL\u RSA\u EXPORT\u WITH\u RC4\u 40\u MD5
忽略禁用的密码套件:TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
忽略禁用的密码套件:TLS_KRB5_EXPORT_WITH_RC4_40_MD5
忽略禁用的密码套件:TLS_ECDH_anon_WITH_AES_128_CBC_SHA
忽略禁用的密码套件:TLS_ECDH_ECDSA_和_RC4_128_SHA
忽略禁用的密码套件:TLS_KRB5_WITH_RC4_128_MD5
忽略禁用的密码套件:TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:SSL\u RSA\u和\u RC4\u 128\u SHA
忽略禁用的密码套件:TLS_ECDH_ECDSA_WITH_NULL_SHA
忽略禁用的密码套件:TLS_ECDH_anon_与_3DES_EDE_CBC_SHA
忽略禁用的密码套件:TLS\u ECDH\u RSA\u和\u RC4\u 128\u SHA
忽略禁用的密码套件:SSL\u DH\u anon\u EXPORT\u WITH\u DES40\u CBC\u SHA
忽略禁用的密码套件:SSL\u DHE\u RSA\u与\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:SSL\u RSA\u和\u NULL\u SHA
忽略禁用的密码套件:TLS_ECDHE_RSA_WITH_RC4_128_SHA
忽略禁用的密码套件:SSL\u RSA\u和\u RC4\u 128\u MD5
忽略禁用的密码套件:TLS_DH_anon_WITH_AES_128_CBC_SHA256
忽略禁用的密码套件:SSL\u RSA\u和\u NULL\u MD5
忽略已禁用的密码套件:TLS_DH_anon_和_AES_128_GCM_SHA256
忽略禁用的密码套件:TLS_DH_anon_WITH_AES_256_GCM_SHA384
忽略禁用的密码套件:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:SSL\u DHE\u DSS\u和\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:SSL\u RSA\u与\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:SSL\u DHE\u RSA\u与\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:SSL\u DHE\u DSS\u和\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:SSL\u RSA\u与\u 3DES\u EDE\u CBC\u SHA
忽略禁用的密码套件:TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
忽略禁用的密码套件:TLS_ECDH_ECDSA_WITH_3DES_EDE_C
*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
System property jdk.tls.client.cipherSuites is set to 'null'
System property jdk.tls.server.cipherSuites is set to 'null'
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA256
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_NULL_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_DES_CBC_MD5
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_NULL_SHA
Ignoring disabled cipher suite: SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
Ignoring disabled cipher suite: SSL_DH_anon_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_3DES_EDE_CBC_MD5
Ignoring disabled cipher suite: SSL_DH_anon_WITH_RC4_128_MD5
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_NULL_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_RSA_WITH_NULL_SHA256
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_NULL_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_DES_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_RC4_40_SHA
Ignoring disabled cipher suite: SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_RC4_128_SHA
Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_AES_256_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_EXPORT_WITH_RC4_40_MD5
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
Ignoring disabled cipher suite: TLS_KRB5_EXPORT_WITH_RC4_40_MD5
Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: TLS_KRB5_WITH_RC4_128_MD5
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_NULL_SHA
Ignoring disabled cipher suite: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_NULL_SHA
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_RC4_128_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_RC4_128_MD5
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA256
Ignoring disabled cipher suite: SSL_RSA_WITH_NULL_MD5
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_128_GCM_SHA256
Ignoring disabled cipher suite: TLS_DH_anon_WITH_AES_256_GCM_SHA384
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Ignoring disabled cipher suite: SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
trustStore is: /home/keystore/app.jks
trustStore type is: jks
trustStore provider is:
the last modified time is: Mon Dec 02 16:38:01 GMT 2019
Reload the trust store
Reload trust certs
Reloaded 1 trust certs
adding as trusted cert:
Subject: CN=my.app.test
Issuer: CN=appCA
Algorithm: RSA; Serial number: [...]
Valid from Mon Sep 30 08:41:44 GMT 2019 until Thu Sep 27 08:41:44 GMT 2029
keyStore is : /home/keystore/app.jks
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
***
found key for : my.app.test
chain [0] = [...]
***
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
%% No cached client session
update handshake state: client_hello[1]
upcoming handshake states: server_hello[2]
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1558599263 bytes = { 135, 11, 247, 14, 133, 248, 158, 202, 41, 209, 89, 113, 206, 119, 223, 17, 30, 221, 128, 28, 149, 6, 75, 230, 156, 178, 94, 77 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension extended_master_secret
***
appManager, WRITE: TLSv1.2 Handshake, length = 199
appManager, READ: TLSv1.2 Handshake, length = 1254
check handshake state: server_hello[2]
*** ServerHello, TLSv1.2
RandomCookie: GMT: 1558599263 bytes = { 159, 56, 1, 88, 45, 19, 29, 230, 125, 18, 76, 116, 193, 42, 181, 157, 53, 94, 111, 171, 107, 5, 170, 218, 219, 178, 18, 210 }
Session ID: {93, 230, 86, 95, 159, 71, 64, 135, 131, 120, 204, 235, 35, 54, 195, 62, 202, 242, 209, 174, 1, 149, 229, 230, 38, 42, 77, 42, 242, 100, 229, 209}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
Extension extended_master_secret
***
%% Initialized: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
** TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
update handshake state: server_hello[2]
upcoming handshake states: server certificate[11]
upcoming handshake states: server_key_exchange[12](optional)
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
check handshake state: certificate[11]
update handshake state: certificate[11]
upcoming handshake states: server_key_exchange[12](optional)
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** Certificate chain
chain [0] = [...]
***
Found trusted certificate:
[...]
check handshake state: server_key_exchange[12]
update handshake state: server_key_exchange[12]
upcoming handshake states: certificate_request[13](optional)
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
public x coord: [...]
public y coord: [...]
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
check handshake state: unknown[13]
*** CertificateRequest
Cert Types: RSA, DSS, ECDSA
Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Cert Authorities:
<CN=my.app.test>
update handshake state: unknown[13]
upcoming handshake states: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
check handshake state: server_hello_done[14]
update handshake state: server_hello_done[14]
upcoming handshake states: client certificate[11](optional)
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ServerHelloDone
Warning: no suitable certificate found - continuing without client authentication
*** Certificate chain
<Empty>
***
update handshake state: certificate[11]
upcoming handshake states: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
*** ECDHClientKeyExchange
ECDH Public value: { [...] }
update handshake state: client_key_exchange[16]
upcoming handshake states: certificate_verify[15](optional)
upcoming handshake states: client change_cipher_spec[-1]
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
appManager, WRITE: TLSv1.2 Handshake, length = 77
SESSION KEYGEN:
PreMaster Secret:
[...]
CONNECTION KEYGEN:
Client Nonce:
[...]
Server Nonce:
[...]
Master Secret:
[...]
Client MAC write Secret:
[...]
Server MAC write Secret:
[...]
Client write key:
[...]
Server write key:
[...]
... no IV derived for this protocol
update handshake state: change_cipher_spec
upcoming handshake states: client finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
appManager, WRITE: TLSv1.2 Change Cipher Spec, length = 1
*** Finished
verify_data: { 27, 133, 125, 59, 68, 57, 144, 47, 161, 199, 165, 13 }
***
update handshake state: finished[20]
upcoming handshake states: server change_cipher_spec[-1]
upcoming handshake states: server finished[20]
appManager, WRITE: TLSv1.2 Handshake, length = 96
appManager, waiting for close_notify or alert: state 1
appManager, READ: TLSv1.2 Alert, length = 2
appManager, RECV TLSv1.2 ALERT: fatal, bad_certificate
%% Invalidated: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
appManager, called closeSocket()
appManager, Exception while waiting for close javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
appManager, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
appManager, called close()
appManager, called closeInternal(true)
Finalizer, called close()
Finalizer, called closeInternal(true)
java.rmi.ConnectIOException: error during JRMP connection establishment; nested exception is:
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:307)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:338)
at sun.rmi.registry.RegistryImpl_Stub.lookup(RegistryImpl_Stub.java:112)
at appManager.appManager.initappInstances(appManager.java:1522)
at appManager.appManager.<init>(appManager.java:117)
at ProcessManager.ProcessThread$1.run(ProcessThread.java:129)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2020)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1127)
at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1761)
at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:124)
at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:1152)
at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1280)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1190)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:369)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at java.io.DataOutputStream.flush(DataOutputStream.java:123)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:229)
... 7 more
-Djavax.net.ssl.trustStore=Path to the cacert file
-Djavax.net.ssl.trustStorePassword=password