5
Ich habe eine SSLClient und SSLServer erstellt und schaffte auch den Schlüsselspeicher als „server.jks“ für SSLServer und „client.jks“ für SSLClient. Zuerst habe ich die Datei SSLServer.java ausgeführt und danach die Datei SSLClient.java. Es wirft eine Ausnahme "javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown". Ich weiß nicht, warum ich diese Ausnahme bekomme. Ich folgte http://ruchirawageesha.blogspot.in/2010/07/how-to-create-clientserver-keystores.html, um Keystore für Server und Client zu erstellen. könnten Sie mir bitte helfen, dieses Problem zu beheben. Wenn es einen Fehler gibt, Zertifikate für Server und Client zu erstellen, dann lass es mich wissen.SSL Ausnahme: javax.net.ssl.SSLHandshakeException: Schwerwiegender Alarm empfangen: Zertifikat_unbekannt
SSLServer.java
package com.betterprogrammer.test;
import java.io.*;
import java.security.Security;
import java.security.PrivilegedActionException;
import javax.net.ssl.*;
import com.sun.net.ssl.internal.ssl.Provider;
public class SSLServer {
public static void main(String[] args) throws Exception {
boolean debug = true;
int intSSLport = 4443;
{
Security.addProvider(new Provider());
System.setProperty("javax.net.ssl.keyStore","C:\\Program Files\\Java\\jre6\\bin\\server.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "123456");
}
if(debug){
System.setProperty("javax.net.debug", "all");
}
try {
SSLServerSocketFactory sslServerSocketfactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketfactory.createServerSocket(intSSLport);
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
while (true) {
PrintWriter out = new PrintWriter(sslSocket.getOutputStream(),true);
BufferedReader in = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null) {
out.println(inputLine);
System.out.println(inputLine);
}
out.close();
in.close();
sslSocket.close();
sslServerSocket.close();
}
}
catch (Exception exp) {
PrivilegedActionException priexp = new PrivilegedActionException(exp);
System.out.println(" Priv exp --- " + priexp.getMessage());
System.out.println(" Exception occurred .... " + exp);
exp.printStackTrace();
}
}
}
und SSLClient.java
package com.betterprogrammer.test;
import java.io.*;
import javax.net.ssl.*;
import com.sun.net.ssl.internal.ssl.Provider;
import java.security.Security;
public class SSLClient {
public static void main(String[] args) throws Exception {
String strServerName = "localhost";
int intSSLport = 4443;
PrintWriter out = null;
BufferedReader in = null;
boolean debug = true;
{
Security.addProvider(new Provider());
System.setProperty("javax.net.ssl.keyStore","C:\\Program Files\\Java\\jre6\\bin\\client.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "123456");
}
if(debug){
System.setProperty("javax.net.debug", "all");
}
try {
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) sslsocketfactory.createSocket(strServerName, intSSLport);
out = new PrintWriter(sslSocket.getOutputStream(), true);
in = new BufferedReader(new InputStreamReader(sslSocket.getInputStream()));
BufferedReader stdIn = new BufferedReader(new InputStreamReader(System.in));
String userInput = "Hello Testing ";
out.println(userInput);
while ((userInput = stdIn.readLine()) != null) {
out.println(userInput);
System.out.println("echo: " + in.readLine());
}
out.println(userInput);
out.close();
in.close();
stdIn.close();
sslSocket.close();
}
catch (Exception exp) {
System.out.println(" Exception occurred .... " + exp);
exp.printStackTrace();
}
}
}
Danke,
Nach der Aktivierung der vollständigen Debugging:
Debugger Protokoll SSLClient
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
[Raw read]: length = 5
0000: 80 65 01 03 01 .e...
[Raw read]: length = 98
0000: 00 3C 00 00 00 20 00 00 04 01 00 80 00 00 05 00 .<... ..........
0010: 00 2F 00 00 33 00 00 32 00 00 0A 07 00 C0 00 00 ./..3..2........
0020: 16 00 00 13 00 00 09 06 00 40 00 00 15 00 00 12 [email protected]
0030: 00 00 03 02 00 80 00 00 08 00 00 14 00 00 11 00 ................
0040: 00 FF 55 23 87 FB 8F 4F 39 1F 53 16 68 CB F8 4A ..U#...O9.S.h..J
0050: E3 55 F2 65 6F 6D F8 58 6A 3E AC 05 9A 2E 47 00 .U.eom.Xj>....G.
0060: 4A 61 Ja
[read] MD5 and SHA1 hashes: len = 3
0000: 01 03 01 ...
[read] MD5 and SHA1 hashes: len = 98
0000: 00 3C 00 00 00 20 00 00 04 01 00 80 00 00 05 00 .<... ..........
0010: 00 2F 00 00 33 00 00 32 00 00 0A 07 00 C0 00 00 ./..3..2........
0020: 16 00 00 13 00 00 09 06 00 40 00 00 15 00 00 12 [email protected]
0030: 00 00 03 02 00 80 00 00 08 00 00 14 00 00 11 00 ................
0040: 00 FF 55 23 87 FB 8F 4F 39 1F 53 16 68 CB F8 4A ..U#...O9.S.h..J
0050: E3 55 F2 65 6F 6D F8 58 6A 3E AC 05 9A 2E 47 00 .U.eom.Xj>....G.
0060: 4A 61 Ja
main, READ: SSL v2, contentType = Handshake, translated length = 75
*** ClientHello, TLSv1
RandomCookie: GMT: 1428326139 bytes = { 143, 79, 57, 31, 83, 22, 104, 203, 248, 74, 227, 85, 242, 101, 111, 109, 248, 88, 106, 62, 172, 5, 154, 46, 71, 0, 74, 97 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
*** ServerHello, TLSv1
RandomCookie: GMT: 1428326139 bytes = { 158, 48, 29, 129, 13, 62, 146, 105, 73, 124, 215, 161, 95, 187, 133, 185, 177, 126, 152, 188, 242, 149, 169, 89, 170, 54, 114, 1 }
Session ID: {85, 35, 135, 251, 224, 246, 149, 228, 232, 147, 250, 67, 208, 150, 103, 11, 42, 3, 25, 164, 173, 2, 175, 238, 127, 205, 214, 147, 219, 129, 83, 9}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 123574216535049538229649138532732037450344660032008107623318896073877130816352911991676317388894985357571552005101850107090892510303976778984089005629672968049771222968340272946467454151597928015519714376040070285997043906750602810147154555100812394706180558167843570971003367893266814158255391999837062858379
public exponent: 65537
Validity: [From: Tue Apr 07 11:10:44 IST 2015,
To: Mon Jul 06 11:10:44 IST 2015]
Issuer: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
SerialNumber: [ 55236ddc]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 18 7D 3A 3D 98 43 E1 EA C8 CC 79 01 FF 8B BF E1 ..:=.C....y.....
0010: 07 A9 12 2D 6D D6 47 74 FE 67 D0 CA 11 CE D6 90 ...-m.Gt.g......
0020: 9D BA 94 67 19 7C 24 FD B8 EA 45 14 A3 29 5D F7 ...g..$...E..)].
0030: 6A 4A EA 2E 29 42 2B 04 EC D1 FF E6 B0 A5 1C AA jJ..)B+.........
0040: 2E 79 3D 30 B5 D7 1D CD A5 12 5E AE 91 4C 22 10 .y=0......^..L".
0050: CF 45 8E 36 A6 55 76 CC 15 BE 9F 5C 3B 45 D0 0C .E.6.Uv....\;E..
0060: 07 F2 FA F4 E2 42 6F E5 DF 5F AC EC 60 67 F8 B3 .....Bo.._..`g..
0070: 14 B0 F5 2E F6 F7 97 7E FC 24 EA A0 7E 38 5E 25 .........$...8^%
]
***
*** ServerHelloDone
[write] MD5 and SHA1 hashes: len = 686
0000: 02 00 00 4D 03 01 55 23 87 FB 9E 30 1D 81 0D 3E ...M..U#...0...>
0010: 92 69 49 7C D7 A1 5F BB 85 B9 B1 7E 98 BC F2 95 .iI..._.........
0020: A9 59 AA 36 72 01 20 55 23 87 FB E0 F6 95 E4 E8 .Y.6r. U#.......
0030: 93 FA 43 D0 96 67 0B 2A 03 19 A4 AD 02 AF EE 7F ..C..g.*........
0040: CD D6 93 DB 81 53 09 00 04 00 00 05 FF 01 00 01 .....S..........
0050: 00 0B 00 02 55 00 02 52 00 02 4F 30 82 02 4B 30 ....U..R..O0..K0
0060: 82 01 B4 A0 03 02 01 02 02 04 55 23 6D DC 30 0D ..........U#m.0.
0070: 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30 6A 31 ..*.H........0j1
0080: 0B 30 09 06 03 55 04 06 13 02 39 31 31 12 30 10 .0...U....911.0.
0090: 06 03 55 04 08 13 09 6B 61 72 6E 61 74 61 6B 61 ..U....karnataka
00A0: 31 12 30 10 06 03 55 04 07 13 09 62 61 6E 67 61 1.0...U....banga
00B0: 6C 6F 72 65 31 12 30 10 06 03 55 04 0A 13 09 64 lore1.0...U....d
00C0: 65 76 65 6C 6F 70 65 72 31 10 30 0E 06 03 55 04 eveloper1.0...U.
00D0: 0B 13 07 73 74 61 72 74 75 70 31 0D 30 0B 06 03 ...startup1.0...
00E0: 55 04 03 13 04 4A 6F 68 6E 30 1E 17 0D 31 35 30 U....John0...150
00F0: 34 30 37 30 35 34 30 34 34 5A 17 0D 31 35 30 37 407054044Z..1507
0100: 30 36 30 35 34 30 34 34 5A 30 6A 31 0B 30 09 06 06054044Z0j1.0..
0110: 03 55 04 06 13 02 39 31 31 12 30 10 06 03 55 04 .U....911.0...U.
0120: 08 13 09 6B 61 72 6E 61 74 61 6B 61 31 12 30 10 ...karnataka1.0.
0130: 06 03 55 04 07 13 09 62 61 6E 67 61 6C 6F 72 65 ..U....bangalore
0140: 31 12 30 10 06 03 55 04 0A 13 09 64 65 76 65 6C 1.0...U....devel
0150: 6F 70 65 72 31 10 30 0E 06 03 55 04 0B 13 07 73 oper1.0...U....s
0160: 74 61 72 74 75 70 31 0D 30 0B 06 03 55 04 03 13 tartup1.0...U...
0170: 04 4A 6F 68 6E 30 81 9F 30 0D 06 09 2A 86 48 86 .John0..0...*.H.
0180: F7 0D 01 01 01 05 00 03 81 8D 00 30 81 89 02 81 ...........0....
0190: 81 00 AF F9 BC 0C 37 61 CF E9 A6 83 63 4D BD B9 ......7a....cM..
01A0: D8 7D EC 26 04 4D D9 AE CA E1 A0 99 E8 AB FE 0E ...&.M..........
01B0: F2 F2 E6 7A C1 D5 43 0C BE 95 83 01 C0 A9 B9 A9 ...z..C.........
01C0: 8E 19 42 A7 5A 12 66 26 E8 28 9B A2 D5 BE 0A 3A ..B.Z.f&.(.....:
01D0: 66 51 B3 94 4A E9 44 3A 96 64 5E B4 25 84 82 CA fQ..J.D:.d^.%...
01E0: 2B 86 65 1D 16 C4 97 D1 AA 0B D9 4D 9F 9A C8 CC +.e........M....
01F0: DD 2F 79 CB 1C 59 04 EE C0 B5 8D 69 80 46 F5 DA ./y..Y.....i.F..
0200: FB 33 1E E1 78 55 7B 58 24 45 61 8B AB DF C1 80 .3..xU.X$Ea.....
0210: 86 8B 02 03 01 00 01 30 0D 06 09 2A 86 48 86 F7 .......0...*.H..
0220: 0D 01 01 05 05 00 03 81 81 00 18 7D 3A 3D 98 43 ............:=.C
0230: E1 EA C8 CC 79 01 FF 8B BF E1 07 A9 12 2D 6D D6 ....y........-m.
0240: 47 74 FE 67 D0 CA 11 CE D6 90 9D BA 94 67 19 7C Gt.g.........g..
0250: 24 FD B8 EA 45 14 A3 29 5D F7 6A 4A EA 2E 29 42 $...E..)].jJ..)B
0260: 2B 04 EC D1 FF E6 B0 A5 1C AA 2E 79 3D 30 B5 D7 +..........y=0..
0270: 1D CD A5 12 5E AE 91 4C 22 10 CF 45 8E 36 A6 55 ....^..L"..E.6.U
0280: 76 CC 15 BE 9F 5C 3B 45 D0 0C 07 F2 FA F4 E2 42 v....\;E.......B
0290: 6F E5 DF 5F AC EC 60 67 F8 B3 14 B0 F5 2E F6 F7 o.._..`g........
02A0: 97 7E FC 24 EA A0 7E 38 5E 25 0E 00 00 00 ...$...8^%....
main, WRITE: TLSv1 Handshake, length = 686
[Raw write]: length = 691
0000: 16 03 01 02 AE 02 00 00 4D 03 01 55 23 87 FB 9E ........M..U#...
0010: 30 1D 81 0D 3E 92 69 49 7C D7 A1 5F BB 85 B9 B1 0...>.iI..._....
0020: 7E 98 BC F2 95 A9 59 AA 36 72 01 20 55 23 87 FB ......Y.6r. U#..
0030: E0 F6 95 E4 E8 93 FA 43 D0 96 67 0B 2A 03 19 A4 .......C..g.*...
0040: AD 02 AF EE 7F CD D6 93 DB 81 53 09 00 04 00 00 ..........S.....
0050: 05 FF 01 00 01 00 0B 00 02 55 00 02 52 00 02 4F .........U..R..O
0060: 30 82 02 4B 30 82 01 B4 A0 03 02 01 02 02 04 55 0..K0..........U
0070: 23 6D DC 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 #m.0...*.H......
0080: 05 00 30 6A 31 0B 30 09 06 03 55 04 06 13 02 39 ..0j1.0...U....9
0090: 31 31 12 30 10 06 03 55 04 08 13 09 6B 61 72 6E 11.0...U....karn
00A0: 61 74 61 6B 61 31 12 30 10 06 03 55 04 07 13 09 ataka1.0...U....
00B0: 62 61 6E 67 61 6C 6F 72 65 31 12 30 10 06 03 55 bangalore1.0...U
00C0: 04 0A 13 09 64 65 76 65 6C 6F 70 65 72 31 10 30 ....developer1.0
00D0: 0E 06 03 55 04 0B 13 07 73 74 61 72 74 75 70 31 ...U....startup1
00E0: 0D 30 0B 06 03 55 04 03 13 04 4A 6F 68 6E 30 1E .0...U....John0.
00F0: 17 0D 31 35 30 34 30 37 30 35 34 30 34 34 5A 17 ..150407054044Z.
0100: 0D 31 35 30 37 30 36 30 35 34 30 34 34 5A 30 6A .150706054044Z0j
0110: 31 0B 30 09 06 03 55 04 06 13 02 39 31 31 12 30 1.0...U....911.0
0120: 10 06 03 55 04 08 13 09 6B 61 72 6E 61 74 61 6B ...U....karnatak
0130: 61 31 12 30 10 06 03 55 04 07 13 09 62 61 6E 67 a1.0...U....bang
0140: 61 6C 6F 72 65 31 12 30 10 06 03 55 04 0A 13 09 alore1.0...U....
0150: 64 65 76 65 6C 6F 70 65 72 31 10 30 0E 06 03 55 developer1.0...U
0160: 04 0B 13 07 73 74 61 72 74 75 70 31 0D 30 0B 06 ....startup1.0..
0170: 03 55 04 03 13 04 4A 6F 68 6E 30 81 9F 30 0D 06 .U....John0..0..
0180: 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 81 8D 00 .*.H............
0190: 30 81 89 02 81 81 00 AF F9 BC 0C 37 61 CF E9 A6 0..........7a...
01A0: 83 63 4D BD B9 D8 7D EC 26 04 4D D9 AE CA E1 A0 .cM.....&.M.....
01B0: 99 E8 AB FE 0E F2 F2 E6 7A C1 D5 43 0C BE 95 83 ........z..C....
01C0: 01 C0 A9 B9 A9 8E 19 42 A7 5A 12 66 26 E8 28 9B .......B.Z.f&.(.
01D0: A2 D5 BE 0A 3A 66 51 B3 94 4A E9 44 3A 96 64 5E ....:fQ..J.D:.d^
01E0: B4 25 84 82 CA 2B 86 65 1D 16 C4 97 D1 AA 0B D9 .%...+.e........
01F0: 4D 9F 9A C8 CC DD 2F 79 CB 1C 59 04 EE C0 B5 8D M...../y..Y.....
0200: 69 80 46 F5 DA FB 33 1E E1 78 55 7B 58 24 45 61 i.F...3..xU.X$Ea
0210: 8B AB DF C1 80 86 8B 02 03 01 00 01 30 0D 06 09 ............0...
0220: 2A 86 48 86 F7 0D 01 01 05 05 00 03 81 81 00 18 *.H.............
0230: 7D 3A 3D 98 43 E1 EA C8 CC 79 01 FF 8B BF E1 07 .:=.C....y......
0240: A9 12 2D 6D D6 47 74 FE 67 D0 CA 11 CE D6 90 9D ..-m.Gt.g.......
0250: BA 94 67 19 7C 24 FD B8 EA 45 14 A3 29 5D F7 6A ..g..$...E..)].j
0260: 4A EA 2E 29 42 2B 04 EC D1 FF E6 B0 A5 1C AA 2E J..)B+..........
0270: 79 3D 30 B5 D7 1D CD A5 12 5E AE 91 4C 22 10 CF y=0......^..L"..
0280: 45 8E 36 A6 55 76 CC 15 BE 9F 5C 3B 45 D0 0C 07 E.6.Uv....\;E...
0290: F2 FA F4 E2 42 6F E5 DF 5F AC EC 60 67 F8 B3 14 ....Bo.._..`g...
02A0: B0 F5 2E F6 F7 97 7E FC 24 EA A0 7E 38 5E 25 0E ........$...8^%.
02B0: 00 00 00 ...
[Raw read]: length = 5
0000: 15 03 01 00 02 .....
[Raw read]: length = 2
0000: 02 2E ..
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT: fatal, certificate_unknown
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
Priv exp --- null
Exception occurred .... javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown Source)
at sun.nio.cs.StreamDecoder.readBytes(Unknown Source)
at sun.nio.cs.StreamDecoder.implRead(Unknown Source)
at sun.nio.cs.StreamDecoder.read(Unknown Source)
at java.io.InputStreamReader.read(Unknown Source)
at java.io.BufferedReader.fill(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at java.io.BufferedReader.readLine(Unknown Source)
at com.betterprogrammer.test.SSLServer.main(SSLServer.java:36)
und Debugger Log von SSLServer
keyStore is : C:\Program Files\Java\jre6\bin\server.jks
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
***
found key for : server
chain [0] = [
[
Version: V3
Subject: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 123574216535049538229649138532732037450344660032008107623318896073877130816352911991676317388894985357571552005101850107090892510303976778984089005629672968049771222968340272946467454151597928015519714376040070285997043906750602810147154555100812394706180558167843570971003367893266814158255391999837062858379
public exponent: 65537
Validity: [From: Tue Apr 07 11:10:44 IST 2015,
To: Mon Jul 06 11:10:44 IST 2015]
Issuer: CN=John, OU=startup, O=developer, L=bangalore, ST=karnataka, C=91
SerialNumber: [ 55236ddc]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 18 7D 3A 3D 98 43 E1 EA C8 CC 79 01 FF 8B BF E1 ..:=.C....y.....
0010: 07 A9 12 2D 6D D6 47 74 FE 67 D0 CA 11 CE D6 90 ...-m.Gt.g......
0020: 9D BA 94 67 19 7C 24 FD B8 EA 45 14 A3 29 5D F7 ...g..$...E..)].
0030: 6A 4A EA 2E 29 42 2B 04 EC D1 FF E6 B0 A5 1C AA jJ..)B+.........
0040: 2E 79 3D 30 B5 D7 1D CD A5 12 5E AE 91 4C 22 10 .y=0......^..L".
0050: CF 45 8E 36 A6 55 76 CC 15 BE 9F 5C 3B 45 D0 0C .E.6.Uv....\;E..
0060: 07 F2 FA F4 E2 42 6F E5 DF 5F AC EC 60 67 F8 B3 .....Bo.._..`g..
0070: 14 B0 F5 2E F6 F7 97 7E FC 24 EA A0 7E 38 5E 25 .........$...8^%
]
***
trustStore is: C:\Program Files\Java\jre6\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0x4eb200670c035d4f
Valid from Wed Oct 25 14:06:00 IST 2006 until Sat Oct 25 14:06:00 IST 2036
adding as trusted cert:
Subject: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: [email protected], CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Sat Jun 26 03:53:48 IST 1999 until Wed Jun 26 03:53:48 IST 2019
adding as trusted cert:
Subject: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Algorithm: RSA; Serial number: 0x344ed55720d5edec49f42fce37db2b6d
Valid from Fri Nov 17 05:30:00 IST 2006 until Thu Jul 17 05:29:59 IST 2036
...................
......................
.........................
IST 2021
adding as trusted cert:
Subject: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x15ac6e9419b2794b41f627a9c3180f1f
Valid from Wed Apr 02 05:30:00 IST 2008 until Wed Dec 02 05:29:59 IST 2037
adding as trusted cert:
Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1b6
Valid from Fri Aug 14 20:20:00 IST 1998 until Thu Aug 15 05:29:00 IST 2013
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Sat Jul 10 00:01:20 IST 1999 until Wed Jul 10 00:10:36 IST 2019
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Fri Jun 25 00:27:21 IST 1999 until Tue Jun 25 00:36:30 IST 2019
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 12:59:40 IST 2001 until Tue Apr 06 12:59:40 IST 2021
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 20:08:43 IST 2006 until Thu Jan 01 04:29:59 IST 2026
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
matching alias: server
main, called closeSocket()
Java hat auch einen Truststore für die JVM in jre/lib/security /. Der Schlüssel ist, dass jedes Ende, das das Cert der gegnerischen Seite validieren wird, dem Zertifikat, das das Cert der gegnerischen Seite unterzeichnet hat, direkt oder über eine Kette, für die es die öffentlichen Schlüssel hat, vertrauen muss. Trust-Stores sind nur Sammlungen von Zertifikaten, die für das Signieren von End-Entity-Zertifikaten oder Sub-CA-Zertifikaten vertrauenswürdig sind. – gobbly