Solved

client authentication and JSSE

Posted on 2002-07-11
6
1,744 Views
Last Modified: 2007-12-19
Hi all,
I need to do the client authentication while client is connecting to the server.
I am using netscape server 4.1 sp 9. & i have turned on the client authentication req. I have installed the server certificate and ca root in the server.

i have imported client certificate & ca root certificate in keystore using keytool for my client.

then using the java program, i am trying to access the index page of the server. But i am getting the error like
"main, SEND SSL v3.0 ALERT:  warning, description = no_certificate"


the detailed debug mode reply is:

-------------------debug starts here --------------
Setting uo System Properties.
Creating the URL Object.
URL Object=https://MADANK:443/index.html
keyStore is :
keyStore type is : jks
init keystore
init keymanager of type SunX509
trustStore is: cacerts
trustStore type is : jks
init truststore
adding as trusted cert: [
[
  Version: V3
  Subject: CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@7fa65e
  Validity: [From: Thu Jun 27 00:00:00 GMT+08:00 2002,
               To: Sun Jun 27 00:00:00 GMT+08:00 2004]
  Issuer: CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG
  SerialNumber: [    10f3]

Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 30 1B FF AA 21 30 68 AB   C1 62 2D 27 E7 A3 95 0F  0...!0h..b-'....
0010: 6E C8 7E 02                                        n...
]
]

[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL CA
   S/MIME CA
   Object Signing CA]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 30 1B FF AA 21 30 68 AB   C1 62 2D 27 E7 A3 95 0F  0...!0h..b-'....
0010: 6E C8 7E 02                                        n...
]

]

[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
  Key_CertSign
  Crl_Sign
]

[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 8F A2 18 46 67 DF 45 F4   CB 36 79 9D 03 6B 9F E3  ...Fg.E..6y..k..
0010: 56 43 0F DD 3D DC 19 40   79 3A EC 04 71 F3 4A CF  VC..=..@y:..q.J.
0020: 37 41 44 22 6A D7 BF 0B   9F 88 EA 6C B5 6D B2 3E  7AD"j......l.m.>
0030: BF 3C BD 50 C6 42 45 03   CA 3F B1 AC 26 2B 6D 99  .<.P.BE..?..&+m.
0040: 3E CB 1A 1F 87 93 77 C9   87 65 D8 2D 39 AE 0D 52  >.....w..e.-9..R
0050: D6 87 C3 D9 BE C4 16 82   9A 27 E1 6B 4F BD 84 C7  .........'.kO...
0060: C0 7E D8 81 5F 25 F1 A1   A7 37 57 AE 75 BD 36 82  ...._%...7W.u.6.
0070: 62 BE 36 71 AC E4 FE 39   AC 67 23 77 14 7B 6E B9  b.6q...9.g#w..n.

]
adding as trusted cert: [
[
  Version: V3
  Subject: EMAILADDRESS=personal-freemail@thawte.com, CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@43c8b3
  Validity: [From: Mon Jan 01 08:00:00 GMT+08:00 1996,
               To: Fri Jan 01 07:59:59 GMT+08:00 2021]
  Issuer: EMAILADDRESS=personal-freemail@thawte.com, CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  SerialNumber: [  0  ]

Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: C7 EC 92 7E 4E F8 F5 96   A5 67 62 2A A4 F0 4D 11  ....N....gb*..M.
0010: 60 D0 6F 8D 60 58 61 AC   26 BB 52 35 5C 08 CF 30  `.o.`Xa.&.R5\..0
0020: FB A8 4A 96 8A 1F 62 42   23 8C 17 0F F4 BA 64 9C  ..J...bB#.....d.
0030: 17 AC 47 29 DF 9D 98 5E   D2 6C 60 71 5C A2 AC DC  ..G)...^.l`q\...
0040: 79 E3 E7 6E 00 47 1F B5   0D 28 E8 02 9D E4 9A FD  y..n.G...(......
0050: 13 F4 A6 D9 7C B1 F8 DC   5F 23 26 09 91 80 73 D0  ........_#&...s.
0060: 14 1B DE 43 A9 83 25 F2   E6 9C 2F 15 CA FE A6 AB  ...C..%.../.....
0070: 8A 07 75 8B 0C DD 51 84   6B E4 F8 D1 CE 77 A2 81  ..u...Q.k....w..

]
adding as trusted cert: [
[
  Version: V3
  Subject: EMAILADDRESS=personal-basic@thawte.com, CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@feca64
  Validity: [From: Mon Jan 01 08:00:00 GMT+08:00 1996,
               To: Fri Jan 01 07:59:59 GMT+08:00 2021]
  Issuer: EMAILADDRESS=personal-basic@thawte.com, CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  SerialNumber: [  0  ]

Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: 2D E2 99 6B B0 3D 7A 89   D7 59 A2 94 01 1F 2B DD  -..k.=z..Y....+.
0010: 12 4B 53 C2 AD 7F AA A7   00 5C 91 40 57 25 4A 38  .KS......\.@W%J8
0020: AA 84 70 B9 D9 80 0F A5   7B 5C FB 73 C6 BD D7 8A  ..p......\.s....
0030: 61 5C 03 E3 2D 27 A8 17   E0 84 85 42 DC 5E 9B C6  a\..-'.....B.^..
0040: B7 B2 6D BB 74 AF E4 3F   CB A7 B7 B0 E0 5D BE 78  ..m.t..?.....].x
0050: 83 25 94 D2 DB 81 0F 79   07 6D 4F F4 39 15 5A 52  .%.....y.mO.9.ZR
0060: 01 7B DE 32 D6 4D 38 F6   12 5C 06 50 DF 05 5B BD  ...2.M8..\.P..[.
0070: 14 4B A1 DF 29 BA 3B 41   8D F7 63 56 A1 DF 22 B1  .K..).;A..cV..".

]
adding as trusted cert: [
[
  Version: V1
  Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@1cdeff
  Validity: [From: Mon Jan 29 08:00:00 GMT+08:00 1996,
               To: Thu Jan 08 07:59:59 GMT+08:00 2004]
  Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  SerialNumber: [    e49efdf3 3ae80ecf a5113e19 a4240232 ]

]
  Algorithm: [MD2withRSA]
  Signature:
0000: 61 70 EC 2F 3F 9E FD 2B   E6 68 54 21 B0 67 79 08  ap./?..+.hT!.gy.
0010: 0C 20 96 31 8A 0D 7A BE   B6 26 DF 79 2C 22 69 49  . .1..z..&.y,"iI
0020: 36 E3 97 77 62 61 A2 32   D7 7A 54 21 36 BA 02 C9  6..wba.2.zT!6...
0030: 34 E7 25 DA 44 35 B0 D2   5C 80 5D B3 94 F8 F9 AC  4.%.D5..\.].....
0040: EE A4 60 75 2A 1F 95 49   23 B1 4A 7C F4 B3 47 72  ..`u*..I#.J...Gr
0050: 21 5B 7E 97 AB 54 AC 62   E7 5D EC AE 9B D2 C9 B2  ![...T.b.]......
0060: 24 FB 82 AD E9 67 15 4B   BA AA A6 F0 97 A0 F6 B0  $....g.K........
0070: 97 57 00 C8 0C 3C 09 A0   82 04 BA 41 DA F7 99 A4  .W...<.....A....

]
adding as trusted cert: [
[
  Version: V3
  Subject: EMAILADDRESS=personal-premium@thawte.com, CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@7471e0
  Validity: [From: Mon Jan 01 08:00:00 GMT+08:00 1996,
               To: Fri Jan 01 07:59:59 GMT+08:00 2021]
  Issuer: EMAILADDRESS=personal-premium@thawte.com, CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
  SerialNumber: [  0  ]

Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: 69 36 89 F7 34 2A 33 72   2F 6D 3B D4 22 B2 B8 6F  i6..4*3r/m;."..o
0010: 9A C5 36 66 0E 1B 3C A1   B1 75 5A E6 FD 35 D3 F8  ..6f..<..uZ..5..
0020: A8 F2 07 6F 85 67 8E DE   2B B9 E2 17 B0 3A A0 F0  ...o.g..+....:..
0030: 0E A2 00 9A DF F3 14 15   6E BB C8 85 5A 98 80 F9  ........n...Z...
0040: FF BE 74 1D 3D F3 FE 30   25 D1 37 34 67 FA A5 71  ..t.=..0%.74g..q
0050: 79 30 61 29 72 C0 E0 2C   4C FB 56 E4 3A A8 6F E5  y0a)r..,L.V.:.o.
0060: 32 59 52 DB 75 28 50 59   0C F8 0B 19 E4 AC D9 AF  2YR.u(PY........
0070: 96 8D 2F 50 DB 07 C3 EA   1F AB 33 E0 F5 2B 31 89  ../P......3..+1.

]
adding as trusted cert: [
[
  Version: V3
  Subject: EMAILADDRESS=server-certs@thawte.com, CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@66e815
  Validity: [From: Thu Aug 01 08:00:00 GMT+08:00 1996,
               To: Fri Jan 01 07:59:59 GMT+08:00 2021]
  Issuer: EMAILADDRESS=server-certs@thawte.com, CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  SerialNumber: [    01]

Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: 07 FA 4C 69 5C FB 95 CC   46 EE 85 83 4D 21 30 8E  ..Li\...F...M!0.
0010: CA D9 A8 6F 49 1A E6 DA   51 E3 60 70 6C 84 61 11  ...oI...Q.`pl.a.
0020: A1 1A C8 48 3E 59 43 7D   4F 95 3D A1 8B B7 0B 62  ...H>YC.O.=....b
0030: 98 7A 75 8A DD 88 4E 4E   9E 40 DB A8 CC 32 74 B9  .zu...NN.@...2t.
0040: 6F 0D C6 E3 B3 44 0B D9   8A 6F 9A 29 9B 99 18 28  o....D...o.)...(
0050: 3B D1 E3 40 28 9A 5A 3C   D5 B5 E7 20 1B 8B CA A4  ;..@(.Z<... ....
0060: AB 8D E9 51 D9 E2 4C 2C   59 A9 DA B9 B2 75 1B F6  ...Q..L,Y....u..
0070: 42 F2 EF C7 F2 18 F9 89   BC A3 FF 8A 23 2E 70 47  B...........#.pG

]
adding as trusted cert: [
[
  Version: V1
  Subject: OU=Class 4 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@c6f579
  Validity: [From: Mon Jan 29 08:00:00 GMT+08:00 1996,
               To: Sat Jan 01 07:59:59 GMT+08:00 2000]
  Issuer: OU=Class 4 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  SerialNumber: [    02a60000 01]

]
  Algorithm: [MD2withRSA]
  Signature:
0000: 53 DD D3 F0 9C 24 7E 40   AA E2 FC 00 1A D7 DA 0C  S....$.@........
0010: FC 32 61 B8 15 0D 96 F3   FA 57 1B 7F 33 7C AF E9  .2a......W..3...
0020: 98 9A 61 C8 7A B3 B7 FF   B1 DC 99 83 DC AC 12 FC  ..a.z...........
0030: 70 C9 1F 38 42 ED 44 F6   80 2E 5B 6B 33 69 AC 9C  p..8B.D...[k3i..
0040: D3 5C E7 5F 5A 18 C7 B1   2D 79 04 96 41 91 99 41  .\._Z...-y..A..A
0050: B1 3C 0D BA 84 39 C6 3B   97 F0 26 C9 8E EE BD CC  .<...9.;..&.....
0060: 42 95 FF 1E C7 02 3F 54   0C 78 F5 BC AA 60 7C 02  B.....?T.x...`..
0070: 69 E8 DC AC E2 02 76 61   C4 3E 03 EA D2 8A 24 D1  i.....va.>....$.

]
adding as trusted cert: [
[
  Version: V1
  Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@228a02
  Validity: [From: Mon Jan 29 08:00:00 GMT+08:00 1996,
               To: Wed Jan 08 07:59:59 GMT+08:00 2020]
  Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  SerialNumber: [    325033cf 50d156f3 5c81ad65 5c4fc825 ]

]
  Algorithm: [MD2withRSA]
  Signature:
0000: 4B 44 66 60 68 64 E4 98   1B F3 B0 72 E6 95 89 7C  KDf`hd.....r....
0010: DD 7B B3 95 C0 1D 2E D8   D8 19 D0 2D 34 3D C6 50  ...........-4=.P
0020: 9A 10 86 8C AA 3F 3B A8   04 FC 37 52 95 C3 D9 C9  .....?;...7R....
0030: DB CD F2 86 06 C4 B1 1B   F0 82 88 30 42 8E 17 50  ...........0B..P
0040: 1C 64 7A B8 3E 99 49 74   97 FC AC 02 43 FB 96 0C  .dz.>.It....C...
0050: 56 04 25 0C 7C 7C 87 9D   24 A7 D8 F0 32 29 B5 A4  V.%.....$...2)..
0060: DF 5D A2 4C C5 16 32 A8   42 F6 45 A6 B6 36 B9 E0  .].L..2.B.E..6..
0070: BF 65 36 93 C2 D2 D7 6B   DC DE 59 D6 A2 35 F8 45  .e6....k..Y..5.E

]
adding private entry as trusted cert: [
[
  Version: V3
  Subject: CN=nuctest, OU=ebt, O=nucleus software solutions, L=singapore, ST=singapore, C=SG
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  Sun DSA Public Key
    Parameters:DSA
        p:     fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
    455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
    6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
    83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
        q:     9760508f 15230bcc b292b982 a2eb840b f0581cf5
        g:     f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
    5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
    3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
    cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

  y:
    c9f94d19 2ed1c25d b6954653 9ee10af7 5de4e47b 2be066e8 13c9a470 bba1c817
    f3f15bfd ccf42029 88849627 6b9f8bd4 0120ae12 468c7040 aa2fc988 439a2f13
    0a7f77c9 8517f5cd 8537a7fc 9afdd124 e9b27332 4262f8cb 9ab4ae12 30768293
    e2590628 044d4e1a dd0c4f89 bc7e99ea e38c5028 79ff533d 48de759c 844f6e61

  Validity: [From: Wed Jul 10 12:17:14 GMT+08:00 2002,
               To: Thu Jul 10 12:17:14 GMT+08:00 2003]
  Issuer: CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG
  SerialNumber: [    10fa]

Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: E3 29 51 7B B3 BC D8 25   06 43 B5 0F 40 C9 DF D1  .)Q....%.C..@...
0010: 2C 34 02 83                                        ,4..
]
]

[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL client
   SSL server
]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 30 1B FF AA 21 30 68 AB   C1 62 2D 27 E7 A3 95 0F  0...!0h..b-'....
0010: 6E C8 7E 02                                        n...
]

]

[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: vaibhav.sakorikar@citicorp.com]]

[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
  Non_repudiation
  Key_Encipherment
  Data_Encipherment
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: 92 51 EF 16 5E DB 2F D5   E7 85 7D 8E 3B 52 5B D7  .Q..^./.....;R[.
0010: 3F 01 85 91 F8 2E 96 59   F7 C6 52 07 BF E2 97 99  ?......Y..R.....
0020: 58 36 66 26 8B C5 03 0C   63 25 A7 51 81 CF AC 0B  X6f&....c%.Q....
0030: 15 82 C3 C6 40 86 BF 75   EC 9F E2 1C 72 BC D6 F6  ....@..u....r...
0040: 09 A9 CE 6D D8 EF B9 5D   90 3E CB 71 1B 58 6C D1  ...m...].>.q.Xl.
0050: 69 A9 AC BF 75 C2 86 7D   25 0C F8 D3 6E B0 D1 2C  i...u...%...n..,
0060: 55 3A 23 0C 16 08 24 E5   A1 58 68 DD 0A A9 E9 BF  U:#...$..Xh.....
0070: 46 ED 7A 35 13 B0 3D 39   41 12 B9 ED 71 DF BF 7B  F.z5..=9A...q...

]
adding as trusted cert: [
[
  Version: V1
  Subject: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
  Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@d63e39
  Validity: [From: Wed Nov 09 08:00:00 GMT+08:00 1994,
               To: Fri Jan 08 07:59:59 GMT+08:00 2010]
  Issuer: OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US
  SerialNumber: [    02ad667e 4e45fe5e 576f3c98 195eddc0 ]

]
  Algorithm: [MD2withRSA]
  Signature:
0000: 65 DD 7E E1 B2 EC B0 E2   3A E0 EC 71 46 9A 19 11  e.......:..qF...
0010: B8 D3 C7 A0 B4 03 40 26   02 3E 09 9C E1 12 B3 D1  ......@&.>......
0020: 5A F6 37 A5 B7 61 03 B6   5B 16 69 3B C6 44 08 0C  Z.7..a..[.i;.D..
0030: 88 53 0C 6B 97 49 C7 3E   35 DC 6C B9 BB AA DF 5C  .S.k.I.>5.l....\
0040: BB 3A 2F 93 60 B6 A9 4B   4D F2 20 F7 CD 5F 7F 64  .:/.`..KM. .._.d
0050: 7B 8E DC 00 5C D7 FA 77   CA 39 16 59 6F 0E EA D3  ....\..w.9.Yo...
0060: B5 83 7F 4D 4D 42 56 76   B4 C9 5F 04 F8 38 F8 EB  ...MMBVv.._..8..
0070: D2 5F 75 5F CD 7B FC E5   8E 80 7C FC 50           ._u_........P

]
adding as trusted cert: [
[
  Version: V3
  Subject: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@8f4fb3
  Validity: [From: Thu Aug 01 08:00:00 GMT+08:00 1996,
               To: Fri Jan 01 07:59:59 GMT+08:00 2021]
  Issuer: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
  SerialNumber: [    01]

Certificate Extensions: 1
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: 26 48 2C 16 C2 58 FA E8   16 74 0C AA AA 5F 54 3F  &H,..X...t..._T?
0010: F2 D7 C9 78 60 5E 5E 6E   37 63 22 77 36 7E B2 17  ...x`^^n7c"w6...
0020: C4 34 B9 F5 08 85 FC C9   01 38 FF 4D BE F2 16 42  .4.......8.M...B
0030: 43 E7 BB 5A 46 FB C1 C6   11 1F F1 4A B0 28 46 C9  C..ZF......J.(F.
0040: C3 C4 42 7D BC FA AB 59   6E D5 B7 51 88 11 E3 A4  ..B....Yn..Q....
0050: 85 19 6B 82 4C A4 0C 12   AD E9 A4 AE 3F F1 C3 49  ..k.L.......?..I
0060: 65 9A 8C C5 C8 3E 25 B7   94 99 BB 92 32 71 07 F0  e....>%.....2q..
0070: 86 5E ED 50 27 A6 0D A6   23 F9 BB CB A6 07 14 42  .^.P'...#......B

]
adding as trusted cert: [
[
  Version: V1
  Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  Signature Algorithm: MD2withRSA, OID = 1.2.840.113549.1.1.2

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@ba6c83
  Validity: [From: Mon Jan 29 08:00:00 GMT+08:00 1996,
               To: Thu Jan 08 07:59:59 GMT+08:00 2004]
  Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
  SerialNumber: [    ba5ac94c 053b92d6 a7b6df4e d053920d ]

]
  Algorithm: [MD2withRSA]
  Signature:
0000: B6 00 1F 93 57 A4 07 A7   40 CE 65 40 3F 55 5E ED  ....W...@.e@?U^.
0010: EF FA 54 49 A5 30 D6 21   7C 61 87 EE 83 93 0B BF  ..TI.0.!.a......
0020: B4 33 F2 98 AC 9F 06 BF   4E A8 CE 14 81 4C CB 04  .3......N....L..
0030: 4E 58 C3 CF 5F EE 7C D7   9A 6F CB 41 8A B7 7F 81  NX.._....o.A....
0040: B8 FF 84 61 C6 27 43 65   1D 0C EC B1 00 0A DD 1B  ...a.'Ce........
0050: A4 BB C7 78 20 28 B2 A2   DD 36 95 2E E1 54 4F BF  ...x (...6...TO.
0060: 60 B9 77 68 11 99 23 E8   EA 52 E8 AA 00 4E 67 4E  `.wh..#..R...NgN
0070: BB 90 B5 45 9B 46 EB 8E   16 EF C4 33 5B 33 3D D5  ...E.F.....3[3=.

]
init context
trigger seeding of SecureRandom
done seeding SecureRandom
URLConnection Object=sun.net.www.protocol.https.DelegateHttpsURLConnection:https://MADANK:443/index.html
%% No cached client session
*** ClientHello, v3.1
RandomCookie:  GMT: 1026390547 bytes = { 253, 107, 158, 38, 37, 76, 10, 103, 251, 172, 105, 193, 174, 123, 15, 141, 82, 158, 154, 81, 238, 143, 177, 44, 85, 135, 16, 36 }
Session ID:  {}
Cipher Suites:  { 0, 5, 0, 4, 0, 9, 0, 10, 0, 18, 0, 19, 0, 3, 0, 17 }
Compression Methods:  { 0 }
***
[write] MD5 and SHA1 hashes:  len = 59
0000: 01 00 00 37 03 01 3D 2D   7A 13 FD 6B 9E 26 25 4C  ...7..=-z..k.&%L
0010: 0A 67 FB AC 69 C1 AE 7B   0F 8D 52 9E 9A 51 EE 8F  .g..i.....R..Q..
0020: B1 2C 55 87 10 24 00 00   10 00 05 00 04 00 09 00  .,U..$..........
0030: 0A 00 12 00 13 00 03 00   11 01 00                 ...........
main, WRITE:  SSL v3.1 Handshake, length = 59
[write] MD5 and SHA1 hashes:  len = 77
0000: 01 03 01 00 24 00 00 00   20 00 00 05 00 00 04 01  ....$... .......
0010: 00 80 00 00 09 06 00 40   00 00 0A 07 00 C0 00 00  .......@........
0020: 12 00 00 13 00 00 03 02   00 80 00 00 11 3D 2D 7A  .............=-z
0030: 13 FD 6B 9E 26 25 4C 0A   67 FB AC 69 C1 AE 7B 0F  ..k.&%L.g..i....
0040: 8D 52 9E 9A 51 EE 8F B1   2C 55 87 10 24           .R..Q...,U..$
main, WRITE:  SSL v2, contentType = 22, translated length = 16310
main, READ:  SSL v3.0 Handshake, length = 1729
*** ServerHello, v3.0
RandomCookie:  GMT: -16177 bytes = { 222, 185, 174, 78, 105, 77, 190, 60, 82, 3, 167, 73, 163, 30, 248, 168, 150, 202, 87, 43, 251, 144, 150, 32, 211, 83, 176, 162 }
Session ID:  {0, 0, 126, 98, 196, 138, 142, 250, 233, 50, 165, 24, 12, 140, 40, 125, 210, 80, 228, 235, 220, 93, 69, 59, 223, 243, 48, 3, 171, 75, 243, 63}
Cipher Suite:  { 0, 4 }
Compression Method: 0
***
%% Created:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes:  len = 74
0000: 02 00 00 46 03 00 00 00   C1 CF DE B9 AE 4E 69 4D  ...F.........NiM
0010: BE 3C 52 03 A7 49 A3 1E   F8 A8 96 CA 57 2B FB 90  .<R..I......W+..
0020: 96 20 D3 53 B0 A2 20 00   00 7E 62 C4 8A 8E FA E9  . .S.. ...b.....
0030: 32 A5 18 0C 8C 28 7D D2   50 E4 EB DC 5D 45 3B DF  2....(..P...]E;.
0040: F3 30 03 AB 4B F3 3F 00   04 00                    .0..K.?...
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=madan.nucleussoftware.com.sg, OU=ebt, O=nucleus software solutions, L=singapore, ST=Singapore, C=SG
  Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@66a22b
  Validity: [From: Fri Jul 05 10:56:02 GMT+08:00 2002,
               To: Sat Jul 05 10:56:02 GMT+08:00 2003]
  Issuer: CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG
  SerialNumber: [    10f5]

Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 09 58 DD 09 3B 97 45 FD   7F 52 C4 4B 7D BD 70 66  .X..;.E..R.K..pf
0010: 77 B0 1B 2B                                        w..+
]
]

[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL client
   SSL server
]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 30 1B FF AA 21 30 68 AB   C1 62 2D 27 E7 A3 95 0F  0...!0h..b-'....
0010: 6E C8 7E 02                                        n...
]

]

[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: ts.kumar@citicorp.com]]

[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
  Non_repudiation
  Key_Encipherment
  Data_Encipherment
]

]
  Algorithm: [MD5withRSA]
  Signature:
0000: 37 DD AE AD 51 97 A0 65   36 8D A7 1F 00 78 C1 FD  7...Q..e6....x..
0010: 1E 85 1F 41 8B 4B BF 13   FF C3 E3 79 B0 28 2A 4E  ...A.K.....y.(*N
0020: EA FE 08 F5 1B E2 6C A3   56 5F 42 A5 F7 5C A6 E0  ......l.V_B..\..
0030: E7 6E 49 9C 1C 3B 97 0B   A5 4C 48 32 03 96 4F C7  .nI..;...LH2..O.
0040: ED ED 12 15 F3 0C E7 3B   98 E2 F0 86 0E 97 10 D4  .......;........
0050: 3F 47 DB 7F A2 C5 48 CD   31 64 88 C5 30 D9 36 57  ?G....H.1d..0.6W
0060: 28 54 77 C5 A2 C7 6C 25   F3 CF 91 A6 0C DA 0F 92  (Tw...l%........
0070: 92 2B B8 4F 90 33 00 19   35 0E 7E 1A AA 61 53 09  .+.O.3..5....aS.

]
chain [1] = [
[
  Version: V3
  Subject: CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@20cc56
  Validity: [From: Thu Jun 27 00:00:00 GMT+08:00 2002,
               To: Sun Jun 27 00:00:00 GMT+08:00 2004]
  Issuer: CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG
  SerialNumber: [    10f3]

Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 30 1B FF AA 21 30 68 AB   C1 62 2D 27 E7 A3 95 0F  0...!0h..b-'....
0010: 6E C8 7E 02                                        n...
]
]

[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL CA
   S/MIME CA
   Object Signing CA]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 30 1B FF AA 21 30 68 AB   C1 62 2D 27 E7 A3 95 0F  0...!0h..b-'....
0010: 6E C8 7E 02                                        n...
]

]

[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
  Key_CertSign
  Crl_Sign
]

[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 8F A2 18 46 67 DF 45 F4   CB 36 79 9D 03 6B 9F E3  ...Fg.E..6y..k..
0010: 56 43 0F DD 3D DC 19 40   79 3A EC 04 71 F3 4A CF  VC..=..@y:..q.J.
0020: 37 41 44 22 6A D7 BF 0B   9F 88 EA 6C B5 6D B2 3E  7AD"j......l.m.>
0030: BF 3C BD 50 C6 42 45 03   CA 3F B1 AC 26 2B 6D 99  .<.P.BE..?..&+m.
0040: 3E CB 1A 1F 87 93 77 C9   87 65 D8 2D 39 AE 0D 52  >.....w..e.-9..R
0050: D6 87 C3 D9 BE C4 16 82   9A 27 E1 6B 4F BD 84 C7  .........'.kO...
0060: C0 7E D8 81 5F 25 F1 A1   A7 37 57 AE 75 BD 36 82  ...._%...7W.u.6.
0070: 62 BE 36 71 AC E4 FE 39   AC 67 23 77 14 7B 6E B9  b.6q...9.g#w..n.

]
***
stop on trusted cert: [
[
  Version: V3
  Subject: CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@20cc56
  Validity: [From: Thu Jun 27 00:00:00 GMT+08:00 2002,
               To: Sun Jun 27 00:00:00 GMT+08:00 2004]
  Issuer: CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG
  SerialNumber: [    10f3]

Certificate Extensions: 5
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 30 1B FF AA 21 30 68 AB   C1 62 2D 27 E7 A3 95 0F  0...!0h..b-'....
0010: 6E C8 7E 02                                        n...
]
]

[2]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
   SSL CA
   S/MIME CA
   Object Signing CA]

[3]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 30 1B FF AA 21 30 68 AB   C1 62 2D 27 E7 A3 95 0F  0...!0h..b-'....
0010: 6E C8 7E 02                                        n...
]

]

[4]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  DigitalSignature
  Key_CertSign
  Crl_Sign
]

[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 8F A2 18 46 67 DF 45 F4   CB 36 79 9D 03 6B 9F E3  ...Fg.E..6y..k..
0010: 56 43 0F DD 3D DC 19 40   79 3A EC 04 71 F3 4A CF  VC..=..@y:..q.J.
0020: 37 41 44 22 6A D7 BF 0B   9F 88 EA 6C B5 6D B2 3E  7AD"j......l.m.>
0030: BF 3C BD 50 C6 42 45 03   CA 3F B1 AC 26 2B 6D 99  .<.P.BE..?..&+m.
0040: 3E CB 1A 1F 87 93 77 C9   87 65 D8 2D 39 AE 0D 52  >.....w..e.-9..R
0050: D6 87 C3 D9 BE C4 16 82   9A 27 E1 6B 4F BD 84 C7  .........'.kO...
0060: C0 7E D8 81 5F 25 F1 A1   A7 37 57 AE 75 BD 36 82  ...._%...7W.u.6.
0070: 62 BE 36 71 AC E4 FE 39   AC 67 23 77 14 7B 6E B9  b.6q...9.g#w..n.

]
[read] MD5 and SHA1 hashes:  len = 1521
0000: 0B 00 05 ED 00 05 EA 00   03 09 30 82 03 05 30 82  ..........0...0.
0010: 02 6E A0 03 02 01 02 02   02 10 F5 30 0D 06 09 2A  .n.........0...*
0020: 86 48 86 F7 0D 01 01 04   05 00 30 75 31 0B 30 09  .H........0u1.0.
0030: 06 03 55 04 06 13 02 53   47 31 12 30 10 06 03 55  ..U....SG1.0...U
0040: 04 08 13 09 53 69 6E 67   61 70 6F 72 65 31 12 30  ....Singapore1.0
0050: 10 06 03 55 04 07 13 09   53 69 6E 67 61 70 6F 72  ...U....Singapor
0060: 65 31 12 30 10 06 03 55   04 0A 13 09 43 69 74 69  e1.0...U....Citi
0070: 67 72 6F 75 70 31 0C 30   0A 06 03 55 04 0B 13 03  group1.0...U....
0080: 65 62 74 31 1C 30 1A 06   03 55 04 03 13 13 43 65  ebt1.0...U....Ce
0090: 72 74 69 66 69 63 61 74   65 20 4D 61 6E 61 67 65  rtificate Manage
00A0: 72 30 1E 17 0D 30 32 30   37 30 35 30 32 35 36 30  r0...02070502560
00B0: 32 5A 17 0D 30 33 30 37   30 35 30 32 35 36 30 32  2Z..030705025602
00C0: 5A 30 81 8F 31 0B 30 09   06 03 55 04 06 13 02 53  Z0..1.0...U....S
00D0: 47 31 12 30 10 06 03 55   04 08 13 09 53 69 6E 67  G1.0...U....Sing
00E0: 61 70 6F 72 65 31 12 30   10 06 03 55 04 07 13 09  apore1.0...U....
00F0: 73 69 6E 67 61 70 6F 72   65 31 23 30 21 06 03 55  singapore1#0!..U
0100: 04 0A 13 1A 6E 75 63 6C   65 75 73 20 73 6F 66 74  ....nucleus soft
0110: 77 61 72 65 20 73 6F 6C   75 74 69 6F 6E 73 31 0C  ware solutions1.
0120: 30 0A 06 03 55 04 0B 13   03 65 62 74 31 25 30 23  0...U....ebt1%0#
0130: 06 03 55 04 03 13 1C 6D   61 64 61 6E 2E 6E 75 63  ..U....madan.nuc
0140: 6C 65 75 73 73 6F 66 74   77 61 72 65 2E 63 6F 6D  leussoftware.com
0150: 2E 73 67 30 81 9F 30 0D   06 09 2A 86 48 86 F7 0D  .sg0..0...*.H...
0160: 01 01 01 05 00 03 81 8D   00 30 81 89 02 81 81 00  .........0......
0170: BF CF B4 F1 E4 67 20 48   94 5D F2 BD 6B 8F C2 63  .....g H.]..k..c
0180: 67 A4 EC 0E AD 24 B3 F7   97 46 79 DE 1B BB 8B E2  g....$...Fy.....
0190: 7F 7A 0D FA 8F 1B 54 E9   7E 04 B1 9C 50 A4 7C E6  .z....T.....P...
01A0: 7A 21 92 92 21 DC 5C 27   48 48 DD 77 1C D6 77 36  z!..!.\'HH.w..w6
01B0: B6 39 A2 CA 20 86 09 A5   CC 9B F7 58 80 FD 85 AA  .9.. ......X....
01C0: 8D 90 6E 60 05 3F B0 B0   02 D0 18 04 CC 8C 35 B6  ..n`.?........5.
01D0: FE 43 3D 7E 69 78 FF E4   01 8D BD 6E E7 CE FF 90  .C=.ix.....n....
01E0: 91 9A 0A ED 0F 31 10 E6   2F 3F 54 67 C9 70 52 49  .....1../?Tg.pRI
01F0: 02 03 01 00 01 A3 81 88   30 81 85 30 11 06 09 60  ........0..0...`
0200: 86 48 01 86 F8 42 01 01   04 04 03 02 06 C0 30 0E  .H...B........0.
0210: 06 03 55 1D 0F 01 01 FF   04 04 03 02 04 F0 30 1D  ..U...........0.
0220: 06 03 55 1D 0E 04 16 04   14 09 58 DD 09 3B 97 45  ..U.......X..;.E
0230: FD 7F 52 C4 4B 7D BD 70   66 77 B0 1B 2B 30 1F 06  ..R.K..pfw..+0..
0240: 03 55 1D 23 04 18 30 16   80 14 30 1B FF AA 21 30  .U.#..0...0...!0
0250: 68 AB C1 62 2D 27 E7 A3   95 0F 6E C8 7E 02 30 20  h..b-'....n...0
0260: 06 03 55 1D 11 04 19 30   17 81 15 74 73 2E 6B 75  ..U....0...ts.ku
0270: 6D 61 72 40 63 69 74 69   63 6F 72 70 2E 63 6F 6D  mar@citicorp.com
0280: 30 0D 06 09 2A 86 48 86   F7 0D 01 01 04 05 00 03  0...*.H.........
0290: 81 81 00 37 DD AE AD 51   97 A0 65 36 8D A7 1F 00  ...7...Q..e6....
02A0: 78 C1 FD 1E 85 1F 41 8B   4B BF 13 FF C3 E3 79 B0  x.....A.K.....y.
02B0: 28 2A 4E EA FE 08 F5 1B   E2 6C A3 56 5F 42 A5 F7  (*N......l.V_B..
02C0: 5C A6 E0 E7 6E 49 9C 1C   3B 97 0B A5 4C 48 32 03  \...nI..;...LH2.
02D0: 96 4F C7 ED ED 12 15 F3   0C E7 3B 98 E2 F0 86 0E  .O........;.....
02E0: 97 10 D4 3F 47 DB 7F A2   C5 48 CD 31 64 88 C5 30  ...?G....H.1d..0
02F0: D9 36 57 28 54 77 C5 A2   C7 6C 25 F3 CF 91 A6 0C  .6W(Tw...l%.....
0300: DA 0F 92 92 2B B8 4F 90   33 00 19 35 0E 7E 1A AA  ....+.O.3..5....
0310: 61 53 09 00 02 DB 30 82   02 D7 30 82 02 40 A0 03  aS....0...0..@..
0320: 02 01 02 02 02 10 F3 30   0D 06 09 2A 86 48 86 F7  .......0...*.H..
0330: 0D 01 01 05 05 00 30 75   31 0B 30 09 06 03 55 04  ......0u1.0...U.
0340: 06 13 02 53 47 31 12 30   10 06 03 55 04 08 13 09  ...SG1.0...U....
0350: 53 69 6E 67 61 70 6F 72   65 31 12 30 10 06 03 55  Singapore1.0...U
0360: 04 07 13 09 53 69 6E 67   61 70 6F 72 65 31 12 30  ....Singapore1.0
0370: 10 06 03 55 04 0A 13 09   43 69 74 69 67 72 6F 75  ...U....Citigrou
0380: 70 31 0C 30 0A 06 03 55   04 0B 13 03 65 62 74 31  p1.0...U....ebt1
0390: 1C 30 1A 06 03 55 04 03   13 13 43 65 72 74 69 66  .0...U....Certif
03A0: 69 63 61 74 65 20 4D 61   6E 61 67 65 72 30 1E 17  icate Manager0..
03B0: 0D 30 32 30 36 32 36 31   36 30 30 30 30 5A 17 0D  .020626160000Z..
03C0: 30 34 30 36 32 36 31 36   30 30 30 30 5A 30 75 31  040626160000Z0u1
03D0: 0B 30 09 06 03 55 04 06   13 02 53 47 31 12 30 10  .0...U....SG1.0.
03E0: 06 03 55 04 08 13 09 53   69 6E 67 61 70 6F 72 65  ..U....Singapore
03F0: 31 12 30 10 06 03 55 04   07 13 09 53 69 6E 67 61  1.0...U....Singa
0400: 70 6F 72 65 31 12 30 10   06 03 55 04 0A 13 09 43  pore1.0...U....C
0410: 69 74 69 67 72 6F 75 70   31 0C 30 0A 06 03 55 04  itigroup1.0...U.
0420: 0B 13 03 65 62 74 31 1C   30 1A 06 03 55 04 03 13  ...ebt1.0...U...
0430: 13 43 65 72 74 69 66 69   63 61 74 65 20 4D 61 6E  .Certificate Man
0440: 61 67 65 72 30 81 9F 30   0D 06 09 2A 86 48 86 F7  ager0..0...*.H..
0450: 0D 01 01 01 05 00 03 81   8D 00 30 81 89 02 81 81  ..........0.....
0460: 00 D8 CD 89 5E 29 72 36   49 4E 9E 76 86 79 0C 5A  ....^)r6IN.v.y.Z
0470: CC D6 8B 3B FC E5 71 A0   13 42 7D 30 D1 03 A5 19  ...;..q..B.0....
0480: 99 AB 0C 70 1C F8 67 46   AD 7D A2 02 F7 97 98 0C  ...p..gF........
0490: 9D 5D 39 14 D2 CA FF AC   31 AF EA 91 E4 36 A2 46  .]9.....1....6.F
04A0: A0 E1 E9 CF F0 95 63 19   DD 91 23 6E 48 49 02 9B  ......c...#nHI..
04B0: 28 3A 7B BF 62 94 69 B9   11 EF 56 BF A6 87 7B 7D  (:..b.i...V.....
04C0: 05 E8 16 AD 18 62 41 E2   CF 50 5C 86 D5 34 D6 56  .....bA..P\..4.V
04D0: C5 D3 87 C5 F0 E5 69 2B   F8 25 AD F1 78 F9 8E 72  ......i+.%..x..r
04E0: C3 02 03 01 00 01 A3 76   30 74 30 11 06 09 60 86  .......v0t0...`.
04F0: 48 01 86 F8 42 01 01 04   04 03 02 00 07 30 0F 06  H...B........0..
0500: 03 55 1D 13 01 01 FF 04   05 30 03 01 01 FF 30 1D  .U.......0....0.
0510: 06 03 55 1D 0E 04 16 04   14 30 1B FF AA 21 30 68  ..U......0...!0h
0520: AB C1 62 2D 27 E7 A3 95   0F 6E C8 7E 02 30 1F 06  ..b-'....n...0..
0530: 03 55 1D 23 04 18 30 16   80 14 30 1B FF AA 21 30  .U.#..0...0...!0
0540: 68 AB C1 62 2D 27 E7 A3   95 0F 6E C8 7E 02 30 0E  h..b-'....n...0.
0550: 06 03 55 1D 0F 01 01 FF   04 04 03 02 01 86 30 0D  ..U...........0.
0560: 06 09 2A 86 48 86 F7 0D   01 01 05 05 00 03 81 81  ..*.H...........
0570: 00 8F A2 18 46 67 DF 45   F4 CB 36 79 9D 03 6B 9F  ....Fg.E..6y..k.
0580: E3 56 43 0F DD 3D DC 19   40 79 3A EC 04 71 F3 4A  .VC..=..@y:..q.J
0590: CF 37 41 44 22 6A D7 BF   0B 9F 88 EA 6C B5 6D B2  .7AD"j......l.m.
05A0: 3E BF 3C BD 50 C6 42 45   03 CA 3F B1 AC 26 2B 6D  >.<.P.BE..?..&+m
05B0: 99 3E CB 1A 1F 87 93 77   C9 87 65 D8 2D 39 AE 0D  .>.....w..e.-9..
05C0: 52 D6 87 C3 D9 BE C4 16   82 9A 27 E1 6B 4F BD 84  R.........'.kO..
05D0: C7 C0 7E D8 81 5F 25 F1   A1 A7 37 57 AE 75 BD 36  ....._%...7W.u.6
05E0: 82 62 BE 36 71 AC E4 FE   39 AC 67 23 77 14 7B 6E  .b.6q...9.g#w..n
05F0: B9                                                 .
*** CertificateRequest
Cert Types: RSA, DSS,
Cert Authorities:
<CN=Certificate Manager, OU=ebt, O=Citigroup, L=Singapore, ST=Singapore, C=SG>
[read] MD5 and SHA1 hashes:  len = 130
0000: 0D 00 00 7E 02 01 02 00   79 00 77 30 75 31 0B 30  ........y.w0u1.0
0010: 09 06 03 55 04 06 13 02   53 47 31 12 30 10 06 03  ...U....SG1.0...
0020: 55 04 08 13 09 53 69 6E   67 61 70 6F 72 65 31 12  U....Singapore1.
0030: 30 10 06 03 55 04 07 13   09 53 69 6E 67 61 70 6F  0...U....Singapo
0040: 72 65 31 12 30 10 06 03   55 04 0A 13 09 43 69 74  re1.0...U....Cit
0050: 69 67 72 6F 75 70 31 0C   30 0A 06 03 55 04 0B 13  igroup1.0...U...
0060: 03 65 62 74 31 1C 30 1A   06 03 55 04 03 13 13 43  .ebt1.0...U....C
0070: 65 72 74 69 66 69 63 61   74 65 20 4D 61 6E 61 67  ertificate Manag
0080: 65 72                                              er
*** ServerHelloDone
[read] MD5 and SHA1 hashes:  len = 4
0000: 0E 00 00 00                                        ....
main, SEND SSL v3.0 ALERT:  warning, description = no_certificate
main, WRITE:  SSL v3.0 Alert, length = 2
JsseJCE: Using JSSE internal implementation for cipher RSA/ECB/PKCS1Padding
*** ClientKeyExchange, RSA PreMasterSecret, v3.0
Random Secret:  { 3, 0, 203, 253, 182, 177, 18, 110, 93, 70, 89, 196, 67, 108, 221, 70, 6, 232, 9, 236, 136, 103, 51, 112, 106, 8, 166, 41, 55, 76, 113, 15, 57, 17, 180, 199, 86, 88, 108, 239, 158, 82
, 27, 0, 49, 111, 117, 224 }
[write] MD5 and SHA1 hashes:  len = 132
0000: 10 00 00 80 A9 21 F1 43   1F E9 64 57 37 1C 4B 12  .....!.C..dW7.K.
0010: AF 27 53 0D 30 27 70 BB   E3 37 83 11 B0 39 0B 83  .'S.0'p..7...9..
0020: FD FB 91 11 D1 8E 63 78   12 DE 59 CB 6C 00 68 CD  ......cx..Y.l.h.
0030: 12 7E B0 92 0F DB 5F F6   18 A6 02 3B F2 B7 D7 6F  ......_....;...o
0040: C1 97 B7 19 80 5E A3 74   58 BD F7 7F 21 B6 54 96  .....^.tX...!.T.
0050: B7 8A DC B6 68 0C C9 AF   B2 2E D4 58 7A FC 44 96  ....h......Xz.D.
0060: 7A 66 D0 63 06 A8 0E EE   7A 27 94 40 4E 39 EC CF  zf.c....z'.@N9..
0070: DC 6E AE 08 A3 CC B1 7B   EB 3B 6F 45 0C 3B D6 13  .n.......;oE.;..
0080: 09 A4 75 B5                                        ..u.
main, WRITE:  SSL v3.0 Handshake, length = 132
SESSION KEYGEN:
PreMaster Secret:
0000: 03 00 CB FD B6 B1 12 6E   5D 46 59 C4 43 6C DD 46  .......n]FY.Cl.F
0010: 06 E8 09 EC 88 67 33 70   6A 08 A6 29 37 4C 71 0F  .....g3pj..)7Lq.
0020: 39 11 B4 C7 56 58 6C EF   9E 52 1B 00 31 6F 75 E0  9...VXl..R..1ou.
CONNECTION KEYGEN:
Client Nonce:
0000: 3D 2D 7A 13 FD 6B 9E 26   25 4C 0A 67 FB AC 69 C1  =-z..k.&%L.g..i.
0010: AE 7B 0F 8D 52 9E 9A 51   EE 8F B1 2C 55 87 10 24  ....R..Q...,U..$
Server Nonce:
0000: 00 00 C1 CF DE B9 AE 4E   69 4D BE 3C 52 03 A7 49  .......NiM.<R..I
0010: A3 1E F8 A8 96 CA 57 2B   FB 90 96 20 D3 53 B0 A2  ......W+... .S..
Master Secret:
0000: E2 C1 22 F2 58 EE 6A A6   4C 17 48 76 BA 4B ED 87  ..".X.j.L.Hv.K..
0010: D0 05 0C 94 6A 34 AA E7   62 0D 48 86 DD FF EB B4  ....j4..b.H.....
0020: 3F 75 20 2C 55 E5 71 EA   90 00 D2 D9 54 2B 83 8C  ?u ,U.q.....T+..
Client MAC write Secret:
0000: 8F 01 06 38 4D 8C 13 8F   0C 9B 62 19 77 BA 8F A9  ...8M.....b.w...
Server MAC write Secret:
0000: 95 19 0E 55 92 7B CA AB   2A B9 DB 9B 60 06 39 4C  ...U....*...`.9L
Client write key:
0000: 9B D2 6E 52 3A E7 DF 65   CE EB 38 C7 AC C1 C9 7D  ..nR:..e..8.....
Server write key:
0000: C0 DB 47 A3 A0 D3 BC CE   9C 22 8A E1 C2 9C DE A6  ..G......"......
... no IV for cipher
main, WRITE:  SSL v3.0 Change Cipher Spec, length = 1
JsseJCE: Using JSSE internal implementation for cipher RC4
*** Finished, v3.0
MD5 Hash:  { 241, 200, 240, 83, 34, 165, 70, 171, 178, 103, 254, 18, 189, 60, 212, 101 }
SHA1 Hash:  { 20, 6, 233, 73, 123, 106, 20, 143, 177, 40, 20, 222, 243, 240, 248, 74, 185, 186, 8, 112 }
***
[write] MD5 and SHA1 hashes:  len = 40
0000: 14 00 00 24 F1 C8 F0 53   22 A5 46 AB B2 67 FE 12  ...$...S".F..g..
0010: BD 3C D4 65 14 06 E9 49   7B 6A 14 8F B1 28 14 DE  .<.e...I.j...(..
0020: F3 F0 F8 4A B9 BA 08 70                            ...J...p
Plaintext before ENCRYPTION:  len = 56
0000: 14 00 00 24 F1 C8 F0 53   22 A5 46 AB B2 67 FE 12  ...$...S".F..g..
0010: BD 3C D4 65 14 06 E9 49   7B 6A 14 8F B1 28 14 DE  .<.e...I.j...(..
0020: F3 F0 F8 4A B9 BA 08 70   58 79 58 0D 0F 1F 16 1B  ...J...pXyX.....
0030: BC 85 14 0F 77 DC 2F EE                            ....w./.
main, WRITE:  SSL v3.0 Handshake, length = 56
main, READ:  SSL v3.0 Change Cipher Spec, length = 1
JsseJCE: Using JSSE internal implementation for cipher RC4
main, READ:  SSL v3.0 Handshake, length = 56
Plaintext after DECRYPTION:  len = 56
0000: 14 00 00 24 5F 7B 3D A6   5D 93 48 EA 76 B1 01 F3  ...$_.=.].H.v...
0010: 06 3F 3D 4B 6F 30 F1 04   45 9D 53 8A 48 46 E4 5B  .?=Ko0..E.S.HF.[
0020: AE E4 71 D9 C1 78 C5 C2   D2 56 3B D8 61 68 E1 AC  ..q..x...V;.ah..
0030: AD 98 D5 91 0A 22 DE 81                            ....."..
*** Finished, v3.0
MD5 Hash:  { 95, 123, 61, 166, 93, 147, 72, 234, 118, 177, 1, 243, 6, 63, 61, 75 }
SHA1 Hash:  { 111, 48, 241, 4, 69, 157, 83, 138, 72, 70, 228, 91, 174, 228, 113, 217, 193, 120, 197, 194 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
[read] MD5 and SHA1 hashes:  len = 40
0000: 14 00 00 24 5F 7B 3D A6   5D 93 48 EA 76 B1 01 F3  ...$_.=.].H.v...
0010: 06 3F 3D 4B 6F 30 F1 04   45 9D 53 8A 48 46 E4 5B  .?=Ko0..E.S.HF.[
0020: AE E4 71 D9 C1 78 C5 C2                            ..q..x..
urlHostMADANK
ssls[Session-1, SSL_RSA_WITH_RC4_128_MD5]
Plaintext before ENCRYPTION:  len = 171
0000: 47 45 54 20 2F 69 6E 64   65 78 2E 68 74 6D 6C 20  GET /index.html
0010: 48 54 54 50 2F 31 2E 31   0D 0A 55 73 65 72 2D 41  HTTP/1.1..User-A
0020: 67 65 6E 74 3A 20 4A 61   76 61 31 2E 34 2E 30 0D  gent: Java1.4.0.
0030: 0A 48 6F 73 74 3A 20 4D   41 44 41 4E 4B 3A 34 34  .Host: MADANK:44
0040: 33 0D 0A 41 63 63 65 70   74 3A 20 74 65 78 74 2F  3..Accept: text/
0050: 68 74 6D 6C 2C 20 69 6D   61 67 65 2F 67 69 66 2C  html, image/gif,
0060: 20 69 6D 61 67 65 2F 6A   70 65 67 2C 20 2A 3B 20   image/jpeg, *;
0070: 71 3D 2E 32 2C 20 2A 2F   2A 3B 20 71 3D 2E 32 0D  q=.2, */*; q=.2.
0080: 0A 43 6F 6E 6E 65 63 74   69 6F 6E 3A 20 6B 65 65  .Connection: kee
0090: 70 2D 61 6C 69 76 65 0D   0A 0D 0A 35 00 59 83 62  p-alive....5.Y.b
00A0: 47 81 B5 4A A0 18 5C C8   8E 06 27                 G..J..\...'
main, WRITE:  SSL v3.0 Application Data, length = 171
main, READ:  SSL v3.0 Application Data, length = 177
Plaintext after DECRYPTION:  len = 177
0000: 48 54 54 50 2F 31 2E 31   20 34 30 33 20 46 6F 72  HTTP/1.1 403 For
0010: 62 69 64 64 65 6E 0D 0A   53 65 72 76 65 72 3A 20  bidden..Server:
0020: 4E 65 74 73 63 61 70 65   2D 45 6E 74 65 72 70 72  Netscape-Enterpr
0030: 69 73 65 2F 34 2E 31 0D   0A 44 61 74 65 3A 20 54  ise/4.1..Date: T
0040: 68 75 2C 20 31 31 20 4A   75 6C 20 32 30 30 32 20  hu, 11 Jul 2002
0050: 31 32 3A 33 30 3A 32 34   20 47 4D 54 0D 0A 43 6F  12:30:24 GMT..Co
0060: 6E 74 65 6E 74 2D 6C 65   6E 67 74 68 3A 20 31 34  ntent-length: 14
0070: 32 0D 0A 43 6F 6E 74 65   6E 74 2D 74 79 70 65 3A  2..Content-type:
0080: 20 74 65 78 74 2F 68 74   6D 6C 0D 0A 43 6F 6E 6E   text/html..Conn
0090: 65 63 74 69 6F 6E 3A 20   63 6C 6F 73 65 0D 0A 0D  ection: close...
00A0: 0A 7D 51 D6 E3 25 ED 8F   CB 46 81 FA 9E 85 3A CD  ..Q..%...F....:.
00B0: 35                                                 5
IOException java.io.IOException: Server returned HTTP response code: 403 for URL: https://MADANK:443/index.html
java.io.IOException: Server returned HTTP response code: 403 for URL: https://MADANK:443/index.html
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:691)
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA6275)
        at Tester.main(Tester.java:69)


-------------------debug ends here ---------------

0
Comment
Question by:kulsmadya
6 Comments
 
LVL 35

Expert Comment

by:girionis
Comment Utility
 Well the 403 HTTP error code means that the directory you are trying to access is forbidden. Are you sure public access is available for the directory you are trying to access? Which server are you using? Can you check the configuration files?
0
 

Author Comment

by:kulsmadya
Comment Utility
public access is not available to the server.

I have made the settings in server, so that, the client who will try to access any page of the server, will be authenticated first..

Its like mutual authentication between client & server before client proceeds to access the page from server..

0
 

Author Comment

by:kulsmadya
Comment Utility
this is the code which  i used to access the server page

----------code starts here -------------
 try{

   System.out.println("Setting uo System Properties.");
   System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
   System.setProperty("javax.net.ssl.trustStore", "cacerts");
   System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
   System.setProperty("javax.net.debug","all");
   System.getProperties().put("java.protocol.handler.pkgs", "HTTPClient");
   Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());

     System.out.println("Creating the URL Object.");
 
   URL url = new URL("https", "MADANK", 443, "/index.html");
   System.out.println("URL Object="+url);
   HttpsURLConnection urlconn =(HttpsURLConnection) url.openConnection();
   System.out.println("URLConnection Object="+urlconn);
      urlconn.setHostnameVerifier(
      new HostnameVerifier()
      {
      public boolean verify( String urlHost, SSLSession ssls ){

           System.out.println("urlHost"+urlHost);
           System.out.println("ssls"+ssls);

      if( !urlHost.equals( ssls.getPeerHost() ) ){
                System.out.println( "certificate <" + ssls.getPeerHost() +
                "> does not match host <" + urlHost + "> but " +
                "continuing anyway" );
            }
      return true;
   }} );


   urlconn.setDoOutput(true);
   urlconn.setDoInput(true);
   urlconn.setUseCaches(false);
   urlconn.setDefaultUseCaches(false);


   urlconn.setAllowUserInteraction(true);
   InputStream i=urlconn.getInputStream();
     System.out.println("InputStream="+i);

     BufferedReader bi=new BufferedReader(new InputStreamReader(i));
     System.out.println("BufferedReader Object ="+bi);
     String s="";
     while((s = bi.readLine()) != null)
     {
          System.out.println(s);

     }
     i.close();
     bi.close();

  }catch(MalformedURLException ex){

   System.out.println("MalformedURLException "+ex);
   ex.printStackTrace();

  }catch(IOException ex){
   System.out.println("IOException "+ex);
   ex.printStackTrace();
  }
  catch(Exception ex){
     System.out.println("Exception "+ex);
     ex.printStackTrace();
  }
----------code ends here -----------------
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Expert Comment

by:RichardMartin
Comment Utility
"I have imported client certificate & ca root certificate in keystore using keytool for my client."

It is not enough simply to install it into a JVM keystore on the client. Netscape needs access to the public/private key pair to agree an SSL key with the server. You need to import the client certificate and private key into Netscape using the Communicator|Tools|Security Info...|Certificates|Yours|Import a certificate... feature. (Making sure you are importing both the certificate and private key, e.g. in a PKCS#12 file.)

If the client certificate is self-signed, you will, of course, have to imported it into your server as a trusted certificate as well.

Hope this helps,
Rich

0
 
LVL 5

Expert Comment

by:vemul
Comment Utility
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

- PAQ'ed and points not refunded

Please leave any comments here within the
next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER !

vemul
Cleanup Volunteer
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
Comment Utility
Question placed in PAQ

Computer101
E-E Admin
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

An old method to applying the Singleton pattern in your Java code is to check if a static instance, defined in the same class that needs to be instantiated once and only once, is null and then create a new instance; otherwise, the pre-existing insta…
Java functions are among the best things for programmers to work with as Java sites can be very easy to read and prepare. Java especially simplifies many processes in the coding industry as it helps integrate many forms of technology and different d…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now