Groups | Search | Server Info | Keyboard shortcuts | Login | Register

Groups > comp.lang.java.programmer > #4346

Re: SSL client program

From Stone <phracek2@gmail.com>
Newsgroups comp.lang.java.programmer
Subject Re: SSL client program
Date 2011-05-20 02:00 -0700
Organization http://groups.google.com
Message-ID <d2c2b2d8-3cce-422d-a3fb-a54e7b969a6e@gu8g2000vbb.googlegroups.com> (permalink)
References (5 earlier) <03ea3315-bf04-48ef-b659-d2175a6d7a45@c26g2000vbq.googlegroups.com> <ce6c02bd-5988-47a0-bd0e-ab18db444593@a26g2000vbo.googlegroups.com> <4dd1b468$0$45428$c30e37c6@exi-reader.telstra.net> <f004fa48-77c4-411f-9082-ed2f5414e62a@n10g2000yqf.googlegroups.com> <4dd5ead5$0$45430$c30e37c6@exi-reader.telstra.net>

Show all headers | View raw

On May 20, 6:15 am, Esmond Pitt <esmond.p...@bigpond.com> wrote:
> On 19/05/2011 6:46 PM, Stone wrote:
>
> > On May 17, 1:33 am, Esmond Pitt<esmond.p...@bigpond.com>  wrote:
> >> Can you run the Java client with -Djavax.net.debug=ssl,handshake,record
> >> and post the output here? It should show what alert is being generated.
>
> > What type of problem is this?
>
> Can you do what I asked above?

Here is the output. I have deleted sections like PreMaster Secret,
Client Nonce MasterSecret, etc. for the security reasons:

main, READ: TLSv1 Handshake, length = 4
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
CONNECTION KEYGEN:
Client Nonce:
Server Nonce:
Master Secret:
Client MAC write Secret:
Server MAC write Secret:
Client write key:
Server write key:
... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data:  { 194, 94, 110, 184, 146, 84, 139, 23, 128, 30, 172,
154 }
***
main, WRITE: TLSv1 Handshake, length = 32
main, READ: TLSv1 Change Cipher Spec, length = 1
main, READ: TLSv1 Handshake, length = 32
*** Finished
verify_data:  { 221, 84, 99, 182, 94, 229, 245, 49, 239, 9, 242, 116 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
Getting session was done
Peer host is 192.168.0.120
Cipher is SSL_RSA_WITH_RC4_128_MD5
Protocol is TLSv1
Socket class: class com.sun.net.ssl.internal.ssl.SSLSocketImpl
   Remote address = /192.168.0.120
   Remote port = 5000
   Local socket address = /10.7.254.22:2184
   Local address = /192.168.0.130
   Local port = 2184
   Need client authentication = false
   Cipher suite = SSL_RSA_WITH_RC4_128_MD5
   Protocol = TLSv1
main, READ: TLSv1 Handshake, length = 20
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: false
Is secure renegotiation: true
*** HelloRequest (empty)
%% Client cached [Session-1, SSL_RSA_WITH_RC4_128_MD5]
%% Try resuming [Session-1, SSL_RSA_WITH_RC4_128_MD5] from port 2184
*** ClientHello, TLSv1
RandomCookie:  GMT: 1289103832 bytes = { 65, 48, 233, 162, 111, 170,
145, 44, 19
9, 239, 216, 52, 135, 235, 207, 100, 46, 51, 207, 42, 143, 130, 172,
180, 10, 84
, 41, 182 }
Session ID:  {250, 122, 71, 89, 118, 196, 255, 44, 117, 119, 69, 73,
223, 161, 1
26, 19, 49, 161, 129, 40, 140, 144, 141, 116, 217, 98, 244, 232, 131,
214, 79, 1
42}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH
_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC
_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA,
SSL_DHE_RSA_WITH_DES_CBC_SH
A, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5,
SSL_RSA_EXPORT_
WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
SSL_DHE_DSS_EXPORT_WI
TH_DES40_CBC_SHA]
Compression Methods:  { 0 }
Extension renegotiation_info, renegotiated_connection: c2:5e:
6e:b8:92:54:8b:17:8
0:1e:ac:9a
***
main, WRITE: TLSv1 Handshake, length = 140
main, READ: TLSv1 Application Data, length = 106
HELLO_SSL_SERVER_IS_HERE
main, WRITE: TLSv1 Application Data, length = 74
main, READ: TLSv1 Handshake, length = 121
*** ServerHello, TLSv1
RandomCookie:  GMT: 1289105023 bytes = { 255, 208, 20, 94, 83, 1, 175,
155, 28,
235, 171, 32, 185, 187, 240, 129, 197, 41, 89, 188, 75, 176, 55, 176,
247, 226,
12, 57 }
Session ID:  {250, 122, 71, 89, 118, 196, 255, 44, 117, 119, 69, 73,
223, 161, 1
26, 19, 49, 161, 129, 40, 140, 144, 141, 116, 217, 98, 244, 232, 131,
214, 79, 1
42}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: c2:5e:
6e:b8:92:54:8b:17:8
0:1e:ac:9a:dd:54:63:b6:5e:e5:f5:31:ef:09:f2:74
***
CONNECTION KEYGEN:
Client Nonce:
Server Nonce:
Master Secret:
Client MAC write Secret:
Server MAC write Secret:
Client write key:
Server write key:
Kza...wd....Z..J
... no IV used for this cipher
%% Server resumed [Session-1, SSL_RSA_WITH_RC4_128_MD5]
main, READ: TLSv1 Change Cipher Spec, length = 17
main, READ: TLSv1 Handshake, length = 32
*** Finished
verify_data:  { 97, 230, 102, 11, 191, 75, 26, 119, 46, 96, 184, 61 }
***
main, WRITE: TLSv1 Change Cipher Spec, length = 17
*** Finished
verify_data:  { 202, 55, 36, 163, 185, 216, 10, 77, 62, 152, 71, 69 }
***
main, WRITE: TLSv1 Handshake, length = 32
main, READ: TLSv1 Alert, length = 18
main, RECV TLSv1 ALERT:  fatal, unexpected_message
%% Invalidated:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLException: Received fatal
alert: unex
pected_message

Back to comp.lang.java.programmer | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

SSL client program Stone <phracek2@gmail.com> - 2011-05-13 01:09 -0700
  Re: SSL client program Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-13 18:39 +0200
    Re: SSL client program Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-13 18:57 +0200
      Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 01:54 -0700
        Re: SSL client program Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-14 17:34 +0200
          Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 09:45 -0700
          Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 09:48 -0700
            Re: SSL client program Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-14 21:23 +0200
              Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 12:34 -0700
          Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 11:35 -0700
        Re: SSL client program Esmond Pitt <esmond.pitt@bigpond.com> - 2011-05-16 16:54 +1000
          Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-16 03:08 -0700
            Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-16 05:22 -0700
              Re: SSL client program Esmond Pitt <esmond.pitt@bigpond.com> - 2011-05-17 09:33 +1000
                Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-19 01:46 -0700
                Re: SSL client program Esmond Pitt <esmond.pitt@bigpond.com> - 2011-05-20 14:15 +1000
                Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-20 01:56 -0700
                Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-20 02:00 -0700
    Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-14 01:49 -0700
  Re: SSL client program Lothar Kimmeringer <news200709@kimmeringer.de> - 2011-05-15 13:52 +0200
    Re: SSL client program Stone <phracek2@gmail.com> - 2011-05-15 11:05 -0700
      Re: SSL client program Lothar Kimmeringer <news200709@kimmeringer.de> - 2011-05-16 08:46 +0200

csiph-web