Rishi |
Last updated: Sep 16, 2019 11:15AM UTC
Mike, PortSwigger Agent |
Last updated: Sep 16, 2019 12:57PM UTC
Burp User |
Last updated: Sep 16, 2019 01:50PM UTC
Mike, PortSwigger Agent |
Last updated: Sep 17, 2019 07:27AM UTC
Burp User |
Last updated: Nov 21, 2019 12:03PM UTC
Ben, PortSwigger Agent |
Last updated: Nov 21, 2019 01:36PM UTC
Burp User |
Last updated: Dec 21, 2019 08:07PM UTC
Burp User |
Last updated: Dec 21, 2019 08:11PM UTC
Michelle, PortSwigger Agent |
Last updated: Dec 24, 2019 09:51AM UTC
varghese |
Last updated: Oct 25, 2020 12:06AM UTC
Liam, PortSwigger Agent |
Last updated: Oct 26, 2020 07:51AM UTC
Rahul |
Last updated: Nov 19, 2020 12:39AM UTC
Liam, PortSwigger Agent |
Last updated: Nov 19, 2020 09:55AM UTC
I am trying to implement CI/CD using AppCenter. I have synced my bitbucket branch with appcenter. When trying to build the code from appcenter, getting below error:
command]/Users/runner/work/1/s/gradlew clean :app:assembleRelease
Downloading https://services.gradle.org/distributions/gradle-7.0.2-bin.zip
Exception in thread "main" javax.net.ssl.SSLException: readHandshakeRecord
at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1309)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:435)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:197)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1570)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1498)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:268)
at org.gradle.wrapper.Download.downloadInternal(Download.java:87)
at org.gradle.wrapper.Download.download(Download.java:67)
at org.gradle.wrapper.Install$1.call(Install.java:68)
at org.gradle.wrapper.Install$1.call(Install.java:48)
at org.gradle.wrapper.ExclusiveFileAccessManager.access(ExclusiveFileAccessManager.java:69)
at org.gradle.wrapper.Install.createDist(Install.java:48)
at org.gradle.wrapper.WrapperExecutor.execute(WrapperExecutor.java:107)
at org.gradle.wrapper.GradleWrapperMain.main(GradleWrapperMain.java:63)
Suppressed: java.net.SocketException: Broken pipe (Write failed)
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:111)
at java.net.SocketOutputStream.write(SocketOutputStream.java:155)
at sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:81)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:355)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:267)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:438)
... 13 more
Caused by: java.net.SocketException: Broken pipe (Write failed)
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:111)
at java.net.SocketOutputStream.write(SocketOutputStream.java:155)
at sun.security.ssl.SSLSocketOutputRecord.flush(SSLSocketOutputRecord.java:251)
at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:89)
at sun.security.ssl.Finished$T12FinishedProducer.onProduceFinished(Finished.java:399)
at sun.security.ssl.Finished$T12FinishedProducer.produce(Finished.java:374)
at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:421)
at sun.security.ssl.ServerHelloDone$ServerHelloDoneConsumer.consume(ServerHelloDone.java:182)
at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:377)
at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:444)
at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:422)
at sun.security.ssl.TransportContext.dispatch(TransportContext.java:182)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:152)
at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1392)
at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1300)
... 14 more
Error: /Users/runner/work/1/s/gradlew failed with return code: 1
at ChildProcess.<anonymous> (/Users/runner/work/_tasks/Gradle_8d8eebd8-2b94-4c97-85af-839254cc6da4/1.128.0/node_modules/vsts-task-lib/toolrunner.js:569:30)
at emitTwo (events.js:106:13)
at ChildProcess.emit (events.js:191:7)
at maybeClose (internal/child_process.js:920:16)
at Socket.<anonymous> (internal/child_process.js:351:11)
at emitOne (events.js:96:13)
at Socket.emit (events.js:188:7)
at Pipe._handle.close [as _onclose] (net.js:509:12)
##[error]Error: /Users/runner/work/1/s/gradlew failed with return code: 1
Code is working fine in Android studio and able to build apk also.
Even tried to change from https to http for https://services.gradle.org/distributions/gradle-7.0.2-bin.zip but that also not worked
Please help me to solve this.
asked Sep 24, 2021 at 8:17
1
I dropped the distribution URL into my browser and noticed that it was being redirected to a different host from services.gradle.org, which might be causing a sporadic certificate problem for appcenter. So (regardless of how maintainable it’s going to be) I changed the host in gradle-wrapper.properties, and so far so good …
Try making the following change:
distributionUrl=https://downloads.gradle-dn.com/distributions/gradle-7.0.2-bin.zip
answered Nov 18, 2021 at 3:38
Matthew LoweMatthew Lowe
1,3501 gold badge17 silver badges28 bronze badges
On a Alfresco 7.0 CE repo successfully migrated from 5.2 with a high number of nodes I now get every morning around 4am a database connection exception from org.activiti.engine.impl.jobexecutor.AcquireJobsRunnableImpl which then breaks alfresco. Alfresco is configured against a postres 13 DB running on a separate server. I haven’t seen such an issue before.
Does anybody have a hint, idea?
Alfresco is configured with db.pool.max=350 (postgres: max_connections = 350) and there is only one application user connected the system. As a work around I now deactivated system.workflow.engine.activiti but would like understand the issue
2021-08-08 04:35:39,396 ERROR [org.activiti.engine.impl.jobexecutor.AcquireJobsRunnableImpl] [Thread-46] exception during job acquisition: Could not open JDBC Connection for transaction; nested exception is org.postgresql.util.PSQLException: SSL error: readHandshakeRecord org.springframework.transaction.CannotCreateTransactionException: Could not open JDBC Connection for transaction; nested exception is org.postgresql.util.PSQLException: SSL error: readHandshakeRecord at org.springframework.jdbc.datasource.DataSourceTransactionManager.doBegin(DataSourceTransactionManager.java:309) at org.springframework.transaction.support.AbstractPlatformTransactionManager.startTransaction(AbstractPlatformTransactionManager.java:400) at org.springframework.transaction.support.AbstractPlatformTransactionManager.getTransaction(AbstractPlatformTransactionManager.java:373) at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:137) at org.activiti.spring.SpringTransactionInterceptor.execute(SpringTransactionInterceptor.java:45) at org.activiti.engine.impl.interceptor.LogInterceptor.execute(LogInterceptor.java:31) at org.activiti.engine.impl.cfg.CommandExecutorImpl.execute(CommandExecutorImpl.java:40) at org.activiti.engine.impl.cfg.CommandExecutorImpl.execute(CommandExecutorImpl.java:35) at org.activiti.engine.impl.jobexecutor.AcquireJobsRunnableImpl.run(AcquireJobsRunnableImpl.java:54) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: org.postgresql.util.PSQLException: SSL error: readHandshakeRecord at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:43) at org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:534) at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:149) at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:213) at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:51) at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:223) at org.postgresql.Driver.makeConnection(Driver.java:465) at org.postgresql.Driver.connect(Driver.java:264) at org.apache.commons.dbcp.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:38) at org.apache.commons.dbcp.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:582) at org.apache.commons.pool.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:1188) at org.apache.commons.dbcp.PoolingDataSource.getConnection(PoolingDataSource.java:106) at org.apache.commons.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044) at org.springframework.jdbc.datasource.DataSourceTransactionManager.doBegin(DataSourceTransactionManager.java:265) ... 9 more Caused by: javax.net.ssl.SSLException: readHandshakeRecord at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1335) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:411) at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:41) ... 22 more Suppressed: java.net.SocketException: Broken pipe (Write failed) at java.base/java.net.SocketOutputStream.socketWrite0(Native Method) at java.base/java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:110) at java.base/java.net.SocketOutputStream.write(SocketOutputStream.java:150) at java.base/sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:81) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:380) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450) ... 24 more Caused by: java.net.SocketException: Broken pipe (Write failed) at java.base/java.net.SocketOutputStream.socketWrite0(Native Method) at java.base/java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:110) at java.base/java.net.SocketOutputStream.write(SocketOutputStream.java:150) at java.base/sun.security.ssl.SSLSocketOutputRecord.flush(SSLSocketOutputRecord.java:251) at java.base/sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:89) at java.base/sun.security.ssl.Finished$T13FinishedProducer.onProduceFinished(Finished.java:679) at java.base/sun.security.ssl.Finished$T13FinishedProducer.produce(Finished.java:658) at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:436) at java.base/sun.security.ssl.Finished$T13FinishedConsumer.onConsumeFinished(Finished.java:1011) at java.base/sun.security.ssl.Finished$T13FinishedConsumer.consume(Finished.java:874) at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421) at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:182) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:171) at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1418) at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1324) ... 25 more org.springframework.transaction.CannotCreateTransactionException: Could not open JDBC Connection for transaction; nested exception is org.postgresql.util.PSQLException: SSL error: Remote host terminated the handshake at org.springframework.jdbc.datasource.DataSourceTransactionManager.doBegin(DataSourceTransactionManager.java:309) at org.springframework.transaction.support.AbstractPlatformTransactionManager.startTransaction(AbstractPlatformTransactionManager.java:400) at org.springframework.transaction.support.AbstractPlatformTransactionManager.getTransaction(AbstractPlatformTransactionManager.java:373) at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:137) at org.activiti.spring.SpringTransactionInterceptor.execute(SpringTransactionInterceptor.java:45) at org.activiti.engine.impl.interceptor.LogInterceptor.execute(LogInterceptor.java:31) at org.activiti.engine.impl.cfg.CommandExecutorImpl.execute(CommandExecutorImpl.java:40) at org.activiti.engine.impl.cfg.CommandExecutorImpl.execute(CommandExecutorImpl.java:35) at org.activiti.engine.impl.jobexecutor.AcquireJobsRunnableImpl.run(AcquireJobsRunnableImpl.java:54) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: org.postgresql.util.PSQLException: SSL error: Remote host terminated the handshake at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:43) at org.postgresql.core.v3.ConnectionFactoryImpl.enableSSL(ConnectionFactoryImpl.java:534) at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:149) at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:213) at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:51) at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:223) at org.postgresql.Driver.makeConnection(Driver.java:465) at org.postgresql.Driver.connect(Driver.java:264) at org.apache.commons.dbcp.DriverConnectionFactory.createConnection(DriverConnectionFactory.java:38) at org.apache.commons.dbcp.PoolableConnectionFactory.makeObject(PoolableConnectionFactory.java:582) at org.apache.commons.pool.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:1188) at org.apache.commons.dbcp.PoolingDataSource.getConnection(PoolingDataSource.java:106) at org.apache.commons.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044) at org.springframework.jdbc.datasource.DataSourceTransactionManager.doBegin(DataSourceTransactionManager.java:265) ... 9 more Caused by: javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake at java.base/sun.security.ssl.SSLSocketImpl.handleEOF(SSLSocketImpl.java:1598) at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1426) at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1324) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:440) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:411) at org.postgresql.ssl.MakeSSL.convert(MakeSSL.java:41) ... 22 more Suppressed: java.net.SocketException: Broken pipe (Write failed) at java.base/java.net.SocketOutputStream.socketWrite0(Native Method) at java.base/java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:110) at java.base/java.net.SocketOutputStream.write(SocketOutputStream.java:150) at java.base/sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:81) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:380) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:292) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450) ... 24 more at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:483) at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:472) at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:160) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:110) at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1418) ... 26 more
The handshake between our Erlang server and Java client in our test suites started to fail when we upgraded to Erlang 24.1.
This can be reproduced with the following program steps:
cd /tmp mkdir erlang-24.1-java-tls-handshare-failure cd erlang-24.1-java-tls-handshare-failure git clone https://github.com/michaelklishin/tls-gen.git make -C tls-gen/basic echo '-module(tls_cipher_negotiation). -export([start/0]). start() -> ssl:start(), {ok, ListenSocket} = ssl:listen(9999, [ {cacertfile, "/tmp/erlang-24.1-java-tls-handshare-failure/tls-gen/basic/result/ca_certificate.pem"}, {certfile, "/tmp/erlang-24.1-java-tls-handshare-failure/tls-gen/basic/result/server_certificate.pem"}, {keyfile, "/tmp/erlang-24.1-java-tls-handshare-failure/tls-gen/basic/result/server_key.pem"}, {verify, verify_peer}, {fail_if_no_peer_cert, false}, {log_level, debug} ]), {ok, TLSTransportSocket} = ssl:transport_accept(ListenSocket), {ok, _} = ssl:handshake(TLSTransportSocket), ok.' > /tmp/erlang-24.1-java-tls-handshare-failure/tls_cipher_negotiation.erl erlc tls_cipher_negotiation.erl erl -noshell -s tls_cipher_negotiation start -s init stop
In another terminal:
echo 'import javax.net.ssl.*; import java.net.Socket; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; public class TlsClient { public static void main(String[] args) throws Exception { System.setProperty("javax.net.debug", "ssl:handshake:verbose"); SSLContext sslContext = SSLContext.getInstance("TLSv1.2"); sslContext.init(null, new TrustManager[]{ new X509TrustManager() { @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { } @Override public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } } }, null); SSLSocketFactory ssf = sslContext.getSocketFactory(); Socket s = ssf.createSocket("127.0.0.1", 9999); ((SSLSocket) s).getSession(); } }' > TlsClient.java javac TlsClient.java java TlsClient
Here is the Erlang server output:
reading (307 bytes) TLS 1.2 Record Protocol, handshake
0000 - 16 03 03 01 2e 01 00 01 2a 03 03 1b 3f 02 06 51 ........*...?..Q
0010 - 4b d9 7f d5 2b 80 e5 ae d9 c7 f1 e2 4e b1 d5 24 K...+.......N..$
0020 - e1 e6 a5 4f a3 6b c2 f5 77 b7 17 00 00 5c c0 2c ...O.k..w.....,
0030 - c0 2b cc a9 c0 30 cc a8 c0 2f 00 9f cc aa 00 a3 .+...0.../......
0040 - 00 9e 00 a2 c0 24 c0 28 c0 23 c0 27 00 6b 00 6a .....$.(.#.'.k.j
0050 - 00 67 00 40 c0 2e c0 32 c0 2d c0 31 c0 26 c0 2a .g.@...2.-.1.&.*
0060 - c0 25 c0 29 c0 0a c0 14 c0 09 c0 13 00 39 00 38 .%.).........9.8
0070 - 00 33 00 32 c0 05 c0 0f c0 04 c0 0e 00 9d 00 9c .3.2............
0080 - 00 3d 00 3c 00 35 00 2f 00 ff 01 00 00 a5 00 05 .=.<.5./........
0090 - 00 05 01 00 00 00 00 00 0a 00 16 00 14 00 1d 00 ................
00a0 - 17 00 18 00 19 00 1e 01 00 01 01 01 02 01 03 01 ................
00b0 - 04 00 0b 00 02 01 00 00 11 00 09 00 07 02 00 04 ................
00c0 - 00 00 00 00 00 17 00 00 00 23 00 00 00 0d 00 2c .........#.....,
00d0 - 00 2a 04 03 05 03 06 03 08 07 08 08 08 04 08 05 .*..............
00e0 - 08 06 08 09 08 0a 08 0b 04 01 05 01 06 01 04 02 ................
00f0 - 03 03 03 01 03 02 02 03 02 01 02 02 00 2b 00 03 .............+..
0100 - 02 03 03 00 32 00 2c 00 2a 04 03 05 03 06 03 08 ....2.,.*.......
0110 - 07 08 08 08 04 08 05 08 06 08 09 08 0a 08 0b 04 ................
0120 - 01 05 01 06 01 04 02 03 03 03 01 03 02 02 03 02 ................
0130 - 01 02 02 ...
<<< TLS 1.2 Handshake, ClientHello
[{client_version,{3,3}},
{random,
<<27,63,2,6,81,75,217,127,213,43,128,229,174,217,199,241,226,78,177,213,
36,225,230,165,79,163,107,194,245,119,183,23>>},
{session_id,<<>>},
{cookie,undefined},
{cipher_suites,
["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_256_CBC_SHA","TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA","TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256","TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA","TLS_EMPTY_RENEGOTIATION_INFO_SCSV"]},
{compression_methods,[0]},
{extensions,
#{alpn => undefined,
client_hello_versions => {client_hello_versions,[{3,3}]},
ec_point_formats => {ec_point_formats,[0]},
elliptic_curves =>
{elliptic_curves,
[{1,3,101,110},
{1,2,840,10045,3,1,7},
{1,3,132,0,34},
{1,3,132,0,35},
{1,3,101,111}]},
next_protocol_negotiation => undefined,renegotiation_info => undefined,
signature_algs =>
{hash_sign_algos,
[{sha256,ecdsa},
{sha384,ecdsa},
{sha512,ecdsa},
{sha256,rsa_pss_rsae},
{sha384,rsa_pss_rsae},
{sha512,rsa_pss_rsae},
{sha256,rsa_pss_pss},
{sha384,rsa_pss_pss},
{sha512,rsa_pss_pss},
{sha256,rsa},
{sha384,rsa},
{sha512,rsa},
{sha256,dsa},
{sha224,ecdsa},
{sha224,rsa},
{sha224,dsa},
{sha,ecdsa},
{sha,rsa},
{sha,dsa}]},
signature_algs_cert =>
{signature_algorithms_cert,
[ecdsa_secp256r1_sha256,ecdsa_secp384r1_sha384,
ecdsa_secp521r1_sha512,eddsa_ed25519,eddsa_ed448,
rsa_pss_rsae_sha256,rsa_pss_rsae_sha384,rsa_pss_rsae_sha512,
rsa_pss_pss_sha256,rsa_pss_pss_sha384,rsa_pss_pss_sha512,
rsa_pkcs1_sha256,rsa_pkcs1_sha384,rsa_pkcs1_sha512,
{sha256,dsa},
{sha224,ecdsa},
{sha224,rsa},
{sha224,dsa},
ecdsa_sha1,rsa_pkcs1_sha1,
{sha,dsa}]},
sni => undefined,srp => undefined}}]
>>> TLS 1.2 Handshake, ServerHello
[{server_version,{3,3}},
{random,<<97,85,196,56,17,101,99,97,116,63,127,178,145,248,134,45,155,51,59,
40,244,203,95,170,68,79,87,78,71,82,68,1>>},
{session_id,<<106,129,229,227,149,175,162,111,202,98,248,61,116,5,78,223,114,
130,161,64,120,255,175,202,45,46,223,145,184,77,22,98>>},
{cipher_suite,"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"},
{compression_method,0},
{extensions,#{alpn => undefined,
ec_point_formats => {ec_point_formats,[0]},
max_frag_enum => undefined,
next_protocol_negotiation => undefined,
renegotiation_info => {renegotiation_info,<<0>>}}}]
writing (92 bytes) TLS 1.2 Record Protocol, handshake
0000 - 16 03 03 00 57 02 00 00 53 03 03 61 55 c4 38 11 ....W...S..aU.8.
0010 - 65 63 61 74 3f 7f b2 91 f8 86 2d 9b 33 3b 28 f4 ecat?.....-.3;(.
0020 - cb 5f aa 44 4f 57 4e 47 52 44 01 20 6a 81 e5 e3 ._.DOWNGRD. j...
0030 - 95 af a2 6f ca 62 f8 3d 74 05 4e df 72 82 a1 40 ...o.b.=t.N.r..@
0040 - 78 ff af ca 2d 2e df 91 b8 4d 16 62 c0 30 00 00 x...-....M.b.0..
0050 - 0b ff 01 00 01 00 00 0b 00 02 01 00 ............
>>> Handshake, Certificate
[{asn1_certificates,[<<48,130,3,131,48,130,2,107,160,3,2,1,2,2,1,1,48,13,6,9,
42,134,72,134,247,13,1,1,11,5,0,48,49,49,32,48,30,6,3,
85,4,3,12,23,84,76,83,71,101,110,83,101,108,102,83,105,
103,110,101,100,116,82,111,111,116,67,65,49,13,48,11,6,
3,85,4,7,12,4,36,36,36,36,48,30,23,13,50,49,48,57,51,48,
49,52,48,52,49,56,90,23,13,51,49,48,57,50,56,49,52,48,
52,49,56,90,48,44,49,25,48,23,6,3,85,4,3,12,16,97,99,
111,103,111,108,117,101,103,110,101,115,45,110,117,99,
49,15,48,13,6,3,85,4,10,12,6,115,101,114,118,101,114,48,
130,1,34,48,13,6,9,42,134,72,134,247,13,1,1,1,5,0,3,130,
1,15,0,48,130,1,10,2,130,1,1,0,230,116,106,94,57,229,
162,57,171,128,154,138,80,108,23,236,108,35,69,58,221,
139,117,230,183,21,202,148,229,4,103,18,136,35,219,47,
17,20,62,68,118,163,245,168,125,200,178,91,254,132,137,
31,64,7,60,125,108,106,162,44,69,116,73,219,133,31,177,
229,83,59,106,108,81,233,52,84,95,235,83,246,12,181,76,
63,200,233,39,213,87,107,99,109,70,15,52,35,227,223,194,
116,156,213,96,178,161,113,237,164,160,201,129,137,159,
128,20,171,66,172,166,23,106,138,215,31,56,137,83,46,22,
67,228,38,3,107,31,74,192,184,14,191,219,10,241,164,190,
57,85,141,121,168,216,67,149,214,192,8,158,136,231,231,
166,204,47,97,56,73,230,211,6,152,121,139,228,38,199,
211,212,191,134,204,87,202,42,179,234,123,169,155,207,
229,70,254,230,25,195,200,123,166,68,231,45,104,116,146,
222,116,133,176,5,61,178,83,215,214,241,169,47,96,112,
196,73,206,203,213,30,174,208,130,110,255,244,223,145,
28,213,122,241,157,133,89,132,95,251,159,22,92,110,189,
129,209,65,244,245,148,85,99,2,3,1,0,1,163,129,170,48,
129,167,48,9,6,3,85,29,19,4,2,48,0,48,11,6,3,85,29,15,4,
4,3,2,5,160,48,19,6,3,85,29,37,4,12,48,10,6,8,43,6,1,5,
5,7,3,1,48,56,6,3,85,29,17,4,49,48,47,130,16,97,99,111,
103,111,108,117,101,103,110,101,115,45,110,117,99,130,
16,97,99,111,103,111,108,117,101,103,110,101,115,45,110,
117,99,130,9,108,111,99,97,108,104,111,115,116,48,29,6,
3,85,29,14,4,22,4,20,109,132,123,161,120,164,83,167,190,
120,69,226,175,176,238,191,27,239,196,188,48,31,6,3,85,
29,35,4,24,48,22,128,20,37,196,55,200,154,108,130,16,96,
115,11,140,137,26,162,108,189,78,192,68,48,13,6,9,42,
134,72,134,247,13,1,1,11,5,0,3,130,1,1,0,161,52,103,13,
114,40,139,232,223,113,33,231,116,161,162,240,26,164,30,
234,83,149,119,139,230,72,53,209,211,105,129,210,56,168,
112,66,69,10,50,194,199,198,2,148,158,220,167,242,252,1,
63,118,116,49,123,12,230,67,220,188,131,106,44,125,136,
46,194,175,104,225,47,41,228,142,162,197,24,229,150,145,
71,231,146,236,172,62,171,34,36,2,68,195,132,57,168,141,
53,247,252,254,15,13,231,185,140,119,224,68,28,227,134,
235,219,84,165,150,222,189,247,95,26,108,123,31,193,25,
97,30,183,144,113,16,126,159,23,251,213,252,183,45,85,
205,81,174,166,183,140,24,162,188,101,96,202,182,174,31,
237,87,137,62,72,54,185,252,108,5,155,199,196,106,252,
113,239,39,225,204,164,65,167,149,21,2,139,244,178,146,
162,140,90,178,148,27,191,251,231,220,135,131,170,80,2,
116,101,16,10,100,81,224,24,179,121,103,153,38,194,62,
91,217,151,68,105,121,57,46,79,109,77,188,124,176,50,
169,253,61,178,16,53,73,208,32,203,155,115,41,148,225,
222,253,13,118,99,29,85,249,196,242>>,
<<48,130,3,80,48,130,2,56,160,3,2,1,2,2,20,37,87,54,
135,211,79,65,207,66,43,225,213,98,34,99,132,162,162,
125,218,48,13,6,9,42,134,72,134,247,13,1,1,11,5,0,48,
49,49,32,48,30,6,3,85,4,3,12,23,84,76,83,71,101,110,
83,101,108,102,83,105,103,110,101,100,116,82,111,111,
116,67,65,49,13,48,11,6,3,85,4,7,12,4,36,36,36,36,48,
30,23,13,50,49,48,57,51,48,49,52,48,52,49,56,90,23,
13,51,49,48,57,50,56,49,52,48,52,49,56,90,48,49,49,
32,48,30,6,3,85,4,3,12,23,84,76,83,71,101,110,83,101,
108,102,83,105,103,110,101,100,116,82,111,111,116,67,
65,49,13,48,11,6,3,85,4,7,12,4,36,36,36,36,48,130,1,
34,48,13,6,9,42,134,72,134,247,13,1,1,1,5,0,3,130,1,
15,0,48,130,1,10,2,130,1,1,0,207,178,56,111,91,246,
30,9,97,93,30,8,195,113,204,141,64,2,123,86,56,147,
136,130,3,139,245,135,127,10,66,219,14,165,1,109,111,
8,178,233,195,213,8,40,147,144,90,230,171,153,157,4,
158,51,181,167,120,74,229,6,207,155,73,172,142,72,83,
240,147,198,197,250,185,207,252,28,48,86,178,38,221,
137,246,123,223,196,170,165,97,234,62,70,73,95,136,
70,200,6,236,57,33,207,4,93,205,243,52,110,103,170,
192,251,116,25,75,26,185,25,196,48,22,50,43,231,216,
171,130,131,157,113,239,59,205,203,37,30,62,210,106,
158,203,166,48,138,93,186,85,149,159,183,121,5,100,
149,244,221,126,171,25,204,197,51,149,211,87,66,102,
54,228,143,100,160,241,246,11,69,238,106,239,9,145,
208,222,8,57,122,2,100,234,211,39,21,200,215,252,59,
248,184,113,58,122,98,121,111,182,33,9,52,67,158,9,
41,44,141,31,190,168,37,203,129,63,102,190,243,229,
62,63,25,218,15,14,90,9,33,25,251,96,75,191,81,214,5,
81,115,20,229,195,76,196,255,139,234,7,244,116,83,2,
3,1,0,1,163,96,48,94,48,11,6,3,85,29,15,4,4,3,2,1,6,
48,29,6,3,85,29,14,4,22,4,20,37,196,55,200,154,108,
130,16,96,115,11,140,137,26,162,108,189,78,192,68,48,
31,6,3,85,29,35,4,24,48,22,128,20,37,196,55,200,154,
108,130,16,96,115,11,140,137,26,162,108,189,78,192,
68,48,15,6,3,85,29,19,1,1,255,4,5,48,3,1,1,255,48,13,
6,9,42,134,72,134,247,13,1,1,11,5,0,3,130,1,1,0,160,
106,123,215,127,254,200,98,159,141,163,250,71,148,40,
48,26,234,166,239,69,40,239,91,16,117,254,96,243,60,
172,78,103,131,8,205,236,78,92,253,219,233,83,227,
231,117,91,144,252,77,228,128,105,14,138,221,215,210,
145,190,174,215,20,219,178,48,224,208,145,80,149,221,
168,210,91,163,120,26,10,253,248,133,33,186,37,61,
216,1,197,213,41,117,173,40,9,249,210,169,228,81,218,
232,167,232,139,227,165,47,30,38,92,144,41,153,40,
110,218,236,69,12,247,241,38,176,157,16,208,213,179,
107,193,58,228,48,63,192,133,50,193,119,12,175,94,34,
129,5,77,111,127,23,204,84,224,215,115,161,62,81,93,
12,76,35,86,137,70,38,25,134,115,16,176,70,113,15,60,
16,89,106,225,79,20,146,40,17,212,200,70,34,235,151,
70,254,127,128,163,57,152,115,78,248,178,166,245,24,
86,11,148,254,164,245,42,45,98,19,155,243,228,91,39,
175,99,244,246,235,52,52,225,111,12,227,11,169,241,
37,133,38,193,215,159,29,249,182,223,159,224,43,155,
152,196,104,236,229,247,61,121,139>>]}]
writing (1773 bytes) TLS 1.2 Record Protocol, handshake
0000 - 16 03 03 06 e8 0b 00 06 e4 00 06 e1 00 03 87 30 ...............0
0010 - 82 03 83 30 82 02 6b a0 03 02 01 02 02 01 01 30 ...0..k........0
0020 - 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 31 ...*.H........01
0030 - 31 20 30 1e 06 03 55 04 03 0c 17 54 4c 53 47 65 1 0...U....TLSGe
0040 - 6e 53 65 6c 66 53 69 67 6e 65 64 74 52 6f 6f 74 nSelfSignedtRoot
0050 - 43 41 31 0d 30 0b 06 03 55 04 07 0c 04 24 24 24 CA1.0...U....$$$
0060 - 24 30 1e 17 0d 32 31 30 39 33 30 31 34 30 34 31 $0...21093014041
0070 - 38 5a 17 0d 33 31 30 39 32 38 31 34 30 34 31 38 8Z..310928140418
0080 - 5a 30 2c 31 19 30 17 06 03 55 04 03 0c 10 61 63 Z0,1.0...U....ac
0090 - 6f 67 6f 6c 75 65 67 6e 65 73 2d 6e 75 63 31 0f ogoluegnes-nuc1.
00a0 - 30 0d 06 03 55 04 0a 0c 06 73 65 72 76 65 72 30 0...U....server0
00b0 - 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 .."0...*.H......
00c0 - 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 .......0........
00d0 - e6 74 6a 5e 39 e5 a2 39 ab 80 9a 8a 50 6c 17 ec .tj^9..9....Pl..
00e0 - 6c 23 45 3a dd 8b 75 e6 b7 15 ca 94 e5 04 67 12 l#E:..u.......g.
00f0 - 88 23 db 2f 11 14 3e 44 76 a3 f5 a8 7d c8 b2 5b .#./..>Dv...}..[
0100 - fe 84 89 1f 40 07 3c 7d 6c 6a a2 2c 45 74 49 db ....@.<}lj.,EtI.
0110 - 85 1f b1 e5 53 3b 6a 6c 51 e9 34 54 5f eb 53 f6 ....S;jlQ.4T_.S.
0120 - 0c b5 4c 3f c8 e9 27 d5 57 6b 63 6d 46 0f 34 23 ..L?..'.WkcmF.4#
0130 - e3 df c2 74 9c d5 60 b2 a1 71 ed a4 a0 c9 81 89 ...t..`..q......
0140 - 9f 80 14 ab 42 ac a6 17 6a 8a d7 1f 38 89 53 2e ....B...j...8.S.
0150 - 16 43 e4 26 03 6b 1f 4a c0 b8 0e bf db 0a f1 a4 .C.&.k.J........
0160 - be 39 55 8d 79 a8 d8 43 95 d6 c0 08 9e 88 e7 e7 .9U.y..C........
0170 - a6 cc 2f 61 38 49 e6 d3 06 98 79 8b e4 26 c7 d3 ../a8I....y..&..
0180 - d4 bf 86 cc 57 ca 2a b3 ea 7b a9 9b cf e5 46 fe ....W.*..{....F.
0190 - e6 19 c3 c8 7b a6 44 e7 2d 68 74 92 de 74 85 b0 ....{.D.-ht..t..
01a0 - 05 3d b2 53 d7 d6 f1 a9 2f 60 70 c4 49 ce cb d5 .=.S..../`p.I...
01b0 - 1e ae d0 82 6e ff f4 df 91 1c d5 7a f1 9d 85 59 ....n......z...Y
01c0 - 84 5f fb 9f 16 5c 6e bd 81 d1 41 f4 f5 94 55 63 ._...n...A...Uc
01d0 - 02 03 01 00 01 a3 81 aa 30 81 a7 30 09 06 03 55 ........0..0...U
01e0 - 1d 13 04 02 30 00 30 0b 06 03 55 1d 0f 04 04 03 ....0.0...U.....
01f0 - 02 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 ...0...U.%..0...
0200 - 2b 06 01 05 05 07 03 01 30 38 06 03 55 1d 11 04 +.......08..U...
0210 - 31 30 2f 82 10 61 63 6f 67 6f 6c 75 65 67 6e 65 10/..acogoluegne
0220 - 73 2d 6e 75 63 82 10 61 63 6f 67 6f 6c 75 65 67 s-nuc..acogolueg
0230 - 6e 65 73 2d 6e 75 63 82 09 6c 6f 63 61 6c 68 6f nes-nuc..localho
0240 - 73 74 30 1d 06 03 55 1d 0e 04 16 04 14 6d 84 7b st0...U......m.{
0250 - a1 78 a4 53 a7 be 78 45 e2 af b0 ee bf 1b ef c4 .x.S..xE........
0260 - bc 30 1f 06 03 55 1d 23 04 18 30 16 80 14 25 c4 .0...U.#..0...%.
0270 - 37 c8 9a 6c 82 10 60 73 0b 8c 89 1a a2 6c bd 4e 7..l..`s.....l.N
0280 - c0 44 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 .D0...*.H.......
0290 - 00 03 82 01 01 00 a1 34 67 0d 72 28 8b e8 df 71 .......4g.r(...q
02a0 - 21 e7 74 a1 a2 f0 1a a4 1e ea 53 95 77 8b e6 48 !.t.......S.w..H
02b0 - 35 d1 d3 69 81 d2 38 a8 70 42 45 0a 32 c2 c7 c6 5..i..8.pBE.2...
02c0 - 02 94 9e dc a7 f2 fc 01 3f 76 74 31 7b 0c e6 43 ........?vt1{..C
02d0 - dc bc 83 6a 2c 7d 88 2e c2 af 68 e1 2f 29 e4 8e ...j,}....h./)..
02e0 - a2 c5 18 e5 96 91 47 e7 92 ec ac 3e ab 22 24 02 ......G....>."$.
02f0 - 44 c3 84 39 a8 8d 35 f7 fc fe 0f 0d e7 b9 8c 77 D..9..5........w
0300 - e0 44 1c e3 86 eb db 54 a5 96 de bd f7 5f 1a 6c .D.....T....._.l
0310 - 7b 1f c1 19 61 1e b7 90 71 10 7e 9f 17 fb d5 fc {...a...q.~.....
0320 - b7 2d 55 cd 51 ae a6 b7 8c 18 a2 bc 65 60 ca b6 .-U.Q.......e`..
0330 - ae 1f ed 57 89 3e 48 36 b9 fc 6c 05 9b c7 c4 6a ...W.>H6..l....j
0340 - fc 71 ef 27 e1 cc a4 41 a7 95 15 02 8b f4 b2 92 .q.'...A........
0350 - a2 8c 5a b2 94 1b bf fb e7 dc 87 83 aa 50 02 74 ..Z..........P.t
0360 - 65 10 0a 64 51 e0 18 b3 79 67 99 26 c2 3e 5b d9 e..dQ...yg.&.>[.
0370 - 97 44 69 79 39 2e 4f 6d 4d bc 7c b0 32 a9 fd 3d .Diy9.OmM.|.2..=
0380 - b2 10 35 49 d0 20 cb 9b 73 29 94 e1 de fd 0d 76 ..5I. ..s).....v
0390 - 63 1d 55 f9 c4 f2 00 03 54 30 82 03 50 30 82 02 c.U.....T0..P0..
03a0 - 38 a0 03 02 01 02 02 14 25 57 36 87 d3 4f 41 cf 8.......%W6..OA.
03b0 - 42 2b e1 d5 62 22 63 84 a2 a2 7d da 30 0d 06 09 B+..b"c...}.0...
03c0 - 2a 86 48 86 f7 0d 01 01 0b 05 00 30 31 31 20 30 *.H........011 0
03d0 - 1e 06 03 55 04 03 0c 17 54 4c 53 47 65 6e 53 65 ...U....TLSGenSe
03e0 - 6c 66 53 69 67 6e 65 64 74 52 6f 6f 74 43 41 31 lfSignedtRootCA1
03f0 - 0d 30 0b 06 03 55 04 07 0c 04 24 24 24 24 30 1e .0...U....$$$$0.
0400 - 17 0d 32 31 30 39 33 30 31 34 30 34 31 38 5a 17 ..210930140418Z.
0410 - 0d 33 31 30 39 32 38 31 34 30 34 31 38 5a 30 31 .310928140418Z01
0420 - 31 20 30 1e 06 03 55 04 03 0c 17 54 4c 53 47 65 1 0...U....TLSGe
0430 - 6e 53 65 6c 66 53 69 67 6e 65 64 74 52 6f 6f 74 nSelfSignedtRoot
0440 - 43 41 31 0d 30 0b 06 03 55 04 07 0c 04 24 24 24 CA1.0...U....$$$
0450 - 24 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 $0.."0...*.H....
0460 - 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 .........0......
0470 - 01 00 cf b2 38 6f 5b f6 1e 09 61 5d 1e 08 c3 71 ....8o[...a]...q
0480 - cc 8d 40 02 7b 56 38 93 88 82 03 8b f5 87 7f 0a ..@.{V8.........
0490 - 42 db 0e a5 01 6d 6f 08 b2 e9 c3 d5 08 28 93 90 B....mo......(..
04a0 - 5a e6 ab 99 9d 04 9e 33 b5 a7 78 4a e5 06 cf 9b Z......3..xJ....
04b0 - 49 ac 8e 48 53 f0 93 c6 c5 fa b9 cf fc 1c 30 56 I..HS.........0V
04c0 - b2 26 dd 89 f6 7b df c4 aa a5 61 ea 3e 46 49 5f .&...{....a.>FI_
04d0 - 88 46 c8 06 ec 39 21 cf 04 5d cd f3 34 6e 67 aa .F...9!..]..4ng.
04e0 - c0 fb 74 19 4b 1a b9 19 c4 30 16 32 2b e7 d8 ab ..t.K....0.2+...
04f0 - 82 83 9d 71 ef 3b cd cb 25 1e 3e d2 6a 9e cb a6 ...q.;..%.>.j...
0500 - 30 8a 5d ba 55 95 9f b7 79 05 64 95 f4 dd 7e ab 0.].U...y.d...~.
0510 - 19 cc c5 33 95 d3 57 42 66 36 e4 8f 64 a0 f1 f6 ...3..WBf6..d...
0520 - 0b 45 ee 6a ef 09 91 d0 de 08 39 7a 02 64 ea d3 .E.j......9z.d..
0530 - 27 15 c8 d7 fc 3b f8 b8 71 3a 7a 62 79 6f b6 21 '....;..q:zbyo.!
0540 - 09 34 43 9e 09 29 2c 8d 1f be a8 25 cb 81 3f 66 .4C..),....%..?f
0550 - be f3 e5 3e 3f 19 da 0f 0e 5a 09 21 19 fb 60 4b ...>?....Z.!..`K
0560 - bf 51 d6 05 51 73 14 e5 c3 4c c4 ff 8b ea 07 f4 .Q..Qs...L......
0570 - 74 53 02 03 01 00 01 a3 60 30 5e 30 0b 06 03 55 tS......`0^0...U
0580 - 1d 0f 04 04 03 02 01 06 30 1d 06 03 55 1d 0e 04 ........0...U...
0590 - 16 04 14 25 c4 37 c8 9a 6c 82 10 60 73 0b 8c 89 ...%.7..l..`s...
05a0 - 1a a2 6c bd 4e c0 44 30 1f 06 03 55 1d 23 04 18 ..l.N.D0...U.#..
05b0 - 30 16 80 14 25 c4 37 c8 9a 6c 82 10 60 73 0b 8c 0...%.7..l..`s..
05c0 - 89 1a a2 6c bd 4e c0 44 30 0f 06 03 55 1d 13 01 ...l.N.D0...U...
05d0 - 01 ff 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 ....0....0...*.H
05e0 - 86 f7 0d 01 01 0b 05 00 03 82 01 01 00 a0 6a 7b ..............j{
05f0 - d7 7f fe c8 62 9f 8d a3 fa 47 94 28 30 1a ea a6 ....b....G.(0...
0600 - ef 45 28 ef 5b 10 75 fe 60 f3 3c ac 4e 67 83 08 .E(.[.u.`.<.Ng..
0610 - cd ec 4e 5c fd db e9 53 e3 e7 75 5b 90 fc 4d e4 ..N...S..u[..M.
0620 - 80 69 0e 8a dd d7 d2 91 be ae d7 14 db b2 30 e0 .i............0.
0630 - d0 91 50 95 dd a8 d2 5b a3 78 1a 0a fd f8 85 21 ..P....[.x.....!
0640 - ba 25 3d d8 01 c5 d5 29 75 ad 28 09 f9 d2 a9 e4 .%=....)u.(.....
0650 - 51 da e8 a7 e8 8b e3 a5 2f 1e 26 5c 90 29 99 28 Q......./.&.).(
0660 - 6e da ec 45 0c f7 f1 26 b0 9d 10 d0 d5 b3 6b c1 n..E...&......k.
0670 - 3a e4 30 3f c0 85 32 c1 77 0c af 5e 22 81 05 4d :.0?..2.w..^"..M
0680 - 6f 7f 17 cc 54 e0 d7 73 a1 3e 51 5d 0c 4c 23 56 o...T..s.>Q].L#V
0690 - 89 46 26 19 86 73 10 b0 46 71 0f 3c 10 59 6a e1 .F&..s..Fq.<.Yj.
06a0 - 4f 14 92 28 11 d4 c8 46 22 eb 97 46 fe 7f 80 a3 O..(...F"..F....
06b0 - 39 98 73 4e f8 b2 a6 f5 18 56 0b 94 fe a4 f5 2a 9.sN.....V.....*
06c0 - 2d 62 13 9b f3 e4 5b 27 af 63 f4 f6 eb 34 34 e1 -b....['.c...44.
06d0 - 6f 0c e3 0b a9 f1 25 85 26 c1 d7 9f 1d f9 b6 df o.....%.&.......
06e0 - 9f e0 2b 9b 98 c4 68 ec e5 f7 3d 79 8b ..+...h...=y.
>>> Handshake, ServerKeyExchange
[{params,{server_ecdh_params,{namedCurve,{1,2,840,10045,3,1,7}},
<<4,226,219,44,105,72,63,246,161,208,122,194,1,
149,127,34,12,230,121,146,175,87,77,152,101,
149,17,151,244,184,250,95,249,159,224,109,38,
227,213,140,146,63,182,85,35,25,37,17,2,7,121,
117,19,225,214,90,35,8,28,70,148,53,54,183,67>>}},
{params_bin,<<3,0,23,65,4,226,219,44,105,72,63,246,161,208,122,194,1,149,127,
34,12,230,121,146,175,87,77,152,101,149,17,151,244,184,250,95,
249,159,224,109,38,227,213,140,146,63,182,85,35,25,37,17,2,7,
121,117,19,225,214,90,35,8,28,70,148,53,54,183,67>>},
{hashsign,{sha256,rsa_pss_rsae}},
{signature,<<89,166,152,162,181,192,197,201,143,28,40,157,111,3,125,58,30,
254,237,232,164,38,91,113,172,154,252,9,30,224,204,231,221,183,
250,241,46,32,207,32,56,168,240,227,195,29,231,162,111,158,144,
236,191,24,179,201,59,210,19,189,241,57,89,43,174,144,159,65,
24,86,187,210,176,194,73,124,243,87,130,135,128,226,213,44,119,
15,193,79,81,236,26,123,39,198,115,216,114,7,66,126,149,212,
222,246,3,6,188,185,254,224,81,206,146,236,159,17,243,241,37,
87,52,186,169,152,62,67,76,91,65,167,39,154,43,29,164,243,195,
235,222,122,133,94,18,204,207,1,120,62,240,9,128,102,76,180,34,
75,236,86,171,55,217,107,106,4,157,117,59,14,67,25,54,12,40,64,
156,40,255,55,191,125,52,227,71,203,246,211,120,200,242,199,
228,28,165,201,1,137,83,147,12,217,49,65,106,65,1,11,65,37,152,
178,95,248,113,128,161,230,49,241,58,171,29,243,27,186,244,117,
118,77,50,229,189,219,61,34,215,182,129,0,86,96,39,28,196,232,
183,30,103,159,88,35,152,173,168,212,43,21>>}]
writing (338 bytes) TLS 1.2 Record Protocol, handshake
0000 - 16 03 03 01 4d 0c 00 01 49 03 00 17 41 04 e2 db ....M...I...A...
0010 - 2c 69 48 3f f6 a1 d0 7a c2 01 95 7f 22 0c e6 79 ,iH?...z...."..y
0020 - 92 af 57 4d 98 65 95 11 97 f4 b8 fa 5f f9 9f e0 ..WM.e......_...
0030 - 6d 26 e3 d5 8c 92 3f b6 55 23 19 25 11 02 07 79 m&....?.U#.%...y
0040 - 75 13 e1 d6 5a 23 08 1c 46 94 35 36 b7 43 08 04 u...Z#..F.56.C..
0050 - 01 00 59 a6 98 a2 b5 c0 c5 c9 8f 1c 28 9d 6f 03 ..Y.........(.o.
0060 - 7d 3a 1e fe ed e8 a4 26 5b 71 ac 9a fc 09 1e e0 }:.....&[q......
0070 - cc e7 dd b7 fa f1 2e 20 cf 20 38 a8 f0 e3 c3 1d ....... . 8.....
0080 - e7 a2 6f 9e 90 ec bf 18 b3 c9 3b d2 13 bd f1 39 ..o.......;....9
0090 - 59 2b ae 90 9f 41 18 56 bb d2 b0 c2 49 7c f3 57 Y+...A.V....I|.W
00a0 - 82 87 80 e2 d5 2c 77 0f c1 4f 51 ec 1a 7b 27 c6 .....,w..OQ..{'.
00b0 - 73 d8 72 07 42 7e 95 d4 de f6 03 06 bc b9 fe e0 s.r.B~..........
00c0 - 51 ce 92 ec 9f 11 f3 f1 25 57 34 ba a9 98 3e 43 Q.......%W4...>C
00d0 - 4c 5b 41 a7 27 9a 2b 1d a4 f3 c3 eb de 7a 85 5e L[A.'.+......z.^
00e0 - 12 cc cf 01 78 3e f0 09 80 66 4c b4 22 4b ec 56 ....x>...fL."K.V
00f0 - ab 37 d9 6b 6a 04 9d 75 3b 0e 43 19 36 0c 28 40 .7.kj..u;.C.6.(@
0100 - 9c 28 ff 37 bf 7d 34 e3 47 cb f6 d3 78 c8 f2 c7 .(.7.}4.G...x...
0110 - e4 1c a5 c9 01 89 53 93 0c d9 31 41 6a 41 01 0b ......S...1AjA..
0120 - 41 25 98 b2 5f f8 71 80 a1 e6 31 f1 3a ab 1d f3 A%.._.q...1.:...
0130 - 1b ba f4 75 76 4d 32 e5 bd db 3d 22 d7 b6 81 00 ...uvM2...="....
0140 - 56 60 27 1c c4 e8 b7 1e 67 9f 58 23 98 ad a8 d4 V`'.....g.X#....
0150 - 2b 15 +.
>>> Handshake, CertificateRequest
[{certificate_types,<<64,1,2>>},
{hashsign_algorithms,
{signature_algorithms,
[ecdsa_secp521r1_sha512,ecdsa_secp384r1_sha384,
ecdsa_secp256r1_sha256,rsa_pss_pss_sha512,rsa_pss_pss_sha384,
rsa_pss_pss_sha256,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,
rsa_pss_rsae_sha256,eddsa_ed25519,eddsa_ed448,
{sha512,ecdsa},
{sha512,rsa},
{sha384,ecdsa},
{sha384,rsa},
{sha256,ecdsa},
{sha256,rsa},
{sha224,ecdsa},
{sha224,rsa},
{sha,ecdsa},
{sha,rsa},
{sha,dsa}]}},
{certificate_authorities,<<>>}]
writing (15 bytes) TLS 1.2 Record Protocol, handshake
0000 - 16 03 03 00 0a 0d 00 00 06 03 40 01 02 00 00 ..........@....
>>> Handshake, ServerHelloDone
[]
writing (9 bytes) TLS 1.2 Record Protocol, handshake
0000 - 16 03 03 00 04 0e 00 00 00 .........
reading (7 bytes) TLS 1.2 Record Protocol, alert
0000 - 15 03 03 00 02 02 2f ....../
{"init terminating in do_boot",{{badmatch,{error,{tls_alert,{illegal_parameter,"TLS server: In state certify received CLIENT ALERT: Fatal - Illegal Parametern"}}}},[{tls_cipher_negotiation,start,0,[{file,"tls_cipher_negotiation.erl"},{line,15}]},{init,start_em,1,[]},{init,do_boot,3,[]}]}}
init terminating in do_boot ({{badmatch,{error,{tls_alert,{_}}}},[{tls_cipher_negotiation,start,0,[{_},{_}]},{init,start_em,1,[]},{init,do_boot,3,[]}]})
Crash dump is being written to: erl_crash.dump...done
Here is the Java client output:
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.320 CEST|SSLCipher.java:466|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|WARNING|10|main|2021-09-30 16:08:16.384 CEST|ServerNameExtension.java:266|Unable to indicate server name
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.384 CEST|SSLExtensions.java:272|Ignore, context unavailable extension: server_name
javax.net.ssl|INFO|10|main|2021-09-30 16:08:16.385 CEST|AlpnExtension.java:182|No available application protocols
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.385 CEST|SSLExtensions.java:272|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.386 CEST|SessionTicketExtension.java:408|Stateless resumption supported
javax.net.ssl|ALL|10|main|2021-09-30 16:08:16.388 CEST|SignatureScheme.java:412|Ignore disabled signature scheme: rsa_md5
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.388 CEST|SSLExtensions.java:272|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.394 CEST|ClientHello.java:652|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "8D48B4EC6B5166006191C943D0C478274BA14CE2F34273A2F5AB51FCC3A9713B",
"session id" : "",
"cipher suites" : "[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA9), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA8), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
}
},
"extended_master_secret (23)": {
<empty>
},
"session_ticket (35)": {
<empty>
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"supported_versions (43)": {
"versions": [TLSv1.2]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
}
]
}
)
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.449 CEST|ServerHello.java:888|Consuming ServerHello handshake message (
"ServerHello": {
"server version" : "TLSv1.2",
"random" : "6155C4D014AB41D9CE23B6EDD15A2DC72146FFBBABECCAA5444F574E47524401",
"session id" : "02BCED39D74FEF8D86B7D97E5B8C508EBADCDE31113F7B505C339473A2228E82",
"cipher suite" : "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030)",
"compression methods" : "00",
"extensions" : [
"renegotiation_info (65,281)": {
"renegotiated connection": [<no renegotiated connection>]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
}
]
}
)
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.449 CEST|SSLExtensions.java:185|Ignore unavailable extension: supported_versions
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.449 CEST|ServerHello.java:984|Negotiated protocol version: TLSv1.2
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.450 CEST|SSLExtensions.java:204|Consumed extension: renegotiation_info
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.450 CEST|SSLExtensions.java:185|Ignore unavailable extension: server_name
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.450 CEST|SSLExtensions.java:185|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.450 CEST|SSLExtensions.java:185|Ignore unavailable extension: status_request
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.450 CEST|SSLExtensions.java:204|Consumed extension: ec_point_formats
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.450 CEST|SSLExtensions.java:185|Ignore unavailable extension: status_request_v2
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.451 CEST|SSLExtensions.java:185|Ignore unavailable extension: session_ticket
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.451 CEST|SSLExtensions.java:204|Consumed extension: renegotiation_info
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.451 CEST|SSLExtensions.java:219|Ignore unavailable extension: server_name
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.451 CEST|SSLExtensions.java:219|Ignore unavailable extension: max_fragment_length
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.451 CEST|SSLExtensions.java:219|Ignore unavailable extension: status_request
javax.net.ssl|WARNING|10|main|2021-09-30 16:08:16.451 CEST|SSLExtensions.java:227|Ignore impact of unsupported extension: ec_point_formats
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.451 CEST|SSLExtensions.java:219|Ignore unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.451 CEST|SSLExtensions.java:219|Ignore unavailable extension: status_request_v2
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.452 CEST|SSLExtensions.java:219|Ignore unavailable extension: extended_master_secret
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.452 CEST|SSLExtensions.java:219|Ignore unavailable extension: session_ticket
javax.net.ssl|WARNING|10|main|2021-09-30 16:08:16.452 CEST|SSLExtensions.java:227|Ignore impact of unsupported extension: renegotiation_info
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.466 CEST|CertificateMessage.java:366|Consuming server Certificate handshake message (
"Certificates": [
"certificate" : {
"version" : "v3",
"serial number" : "01",
"signature algorithm": "SHA256withRSA",
"issuer" : "L=$$$$, CN=TLSGenSelfSignedtRootCA",
"not before" : "2021-09-30 16:04:18.000 CEST",
"not after" : "2031-09-28 16:04:18.000 CEST",
"subject" : "O=server, CN=acogoluegnes-nuc",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 25 C4 37 C8 9A 6C 82 10 60 73 0B 8C 89 1A A2 6C %.7..l..`s.....l
0010: BD 4E C0 44 .N.D
]
]
},
{
ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:false
PathLen: undefined
]
},
{
ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
]
},
{
ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: acogoluegnes-nuc
DNSName: acogoluegnes-nuc
DNSName: localhost
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 6D 84 7B A1 78 A4 53 A7 BE 78 45 E2 AF B0 EE BF m...x.S..xE.....
0010: 1B EF C4 BC ....
]
]
}
]},
"certificate" : {
"version" : "v3",
"serial number" : "25573687D34F41CF422BE1D562226384A2A27DDA",
"signature algorithm": "SHA256withRSA",
"issuer" : "L=$$$$, CN=TLSGenSelfSignedtRootCA",
"not before" : "2021-09-30 16:04:18.000 CEST",
"not after" : "2031-09-28 16:04:18.000 CEST",
"subject" : "L=$$$$, CN=TLSGenSelfSignedtRootCA",
"subject public key" : "RSA",
"extensions" : [
{
ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 25 C4 37 C8 9A 6C 82 10 60 73 0B 8C 89 1A A2 6C %.7..l..`s.....l
0010: BD 4E C0 44 .N.D
]
]
},
{
ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
},
{
ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
},
{
ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 25 C4 37 C8 9A 6C 82 10 60 73 0B 8C 89 1A A2 6C %.7..l..`s.....l
0010: BD 4E C0 44 .N.D
]
]
}
]}
]
)
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.475 CEST|ECDHServerKeyExchange.java:514|Consuming ECDH ServerKeyExchange handshake message (
"ECDH ServerKeyExchange": {
"parameters": {
"named group": "secp256r1"
"ecdh public": {
0000: 04 BA 4A 28 01 E1 AA 22 08 D2 96 AF E1 B3 CC 24 ..J(...".......$
0010: 85 74 A7 4D 50 87 B3 E4 53 57 72 59 7A D5 EC 93 .t.MP...SWrYz...
0020: C3 FB D5 A1 76 78 05 F9 20 38 64 85 9C E0 19 68 ....vx.. 8d....h
0030: BF 4D 09 C9 F5 7B 6A 10 7A 75 48 74 B6 A0 FF 3C .M....j.zuHt...<
0040: D5 .
},
},
"digital signature": {
"signature algorithm": "rsa_pss_rsae_sha256"
"signature": {
0000: 46 C9 B9 A4 40 22 81 5E 6F 7F 40 36 C7 4F 05 F6 F...@".^o.@6.O..
0010: AA 90 CE A0 29 C5 93 D3 4F 9E 1D 76 6F 71 A3 AF ....)...O..voq..
0020: B6 D9 55 60 9D 30 8E 2E 2B C2 26 A5 90 84 7A AB ..U`.0..+.&...z.
0030: 75 6A E4 8F 32 29 21 EA 6A CA 15 2B D9 0B 4E CF uj..2)!.j..+..N.
0040: A4 CD A2 E4 A5 7C 25 78 8A 84 58 B0 DB 61 36 12 ......%x..X..a6.
0050: 31 73 A2 7A 73 9C 05 CC 61 CD 37 E3 1D 73 77 1F 1s.zs...a.7..sw.
0060: EA 46 BA 61 BC 88 52 C5 8B 7C 9B 28 BA 14 CA 12 .F.a..R....(....
0070: 10 E9 28 9C F0 22 97 44 57 65 D8 B7 F9 A0 CC 20 ..(..".DWe.....
0080: 52 5B D2 44 C1 89 34 5B 96 67 BB 10 46 1A 1C 83 R[.D..4[.g..F...
0090: 7A 0D CF D4 3F C4 98 61 CA C3 41 D9 FC 79 F4 B7 z...?..a..A..y..
00A0: 42 CF 4F EA 63 06 B7 D4 47 19 73 48 25 5F 93 36 B.O.c...G.sH%_.6
00B0: 05 0B 17 A2 DE A7 1D EA 42 5F 5E 68 25 88 88 6E ........B_^h%..n
00C0: 5F 7C 3B F1 03 83 B8 69 78 E2 CE 2A 54 69 38 EA _.;....ix..*Ti8.
00D0: B6 E5 22 30 E5 F0 D2 10 D8 33 45 99 D1 A5 80 C4 .."0.....3E.....
00E0: 2D 7F 73 FB 92 3F 96 34 79 B8 FE 8A C9 D9 BA 91 -.s..?.4y.......
00F0: 33 08 01 99 FB 45 77 D1 D3 A6 4C 7B A7 9E D4 D3 3....Ew...L.....
},
}
}
)
javax.net.ssl|ERROR|10|main|2021-09-30 16:08:16.476 CEST|TransportContext.java:363|Fatal (ILLEGAL_PARAMETER): Invalid CertificateRequest handshake message: no sufficient data (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Invalid CertificateRequest handshake message: no sufficient data
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:358)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:314)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:305)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestMessage.<init>(CertificateRequest.java:453)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestConsumer.consume(CertificateRequest.java:672)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1500)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1415)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450)
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:915)
at java.base/sun.security.ssl.SSLSocketImpl.getSession(SSLSocketImpl.java:366)
at TlsClient.main(TlsClient.java:30)}
)
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.476 CEST|SSLSocketImpl.java:1749|close the underlying socket
javax.net.ssl|DEBUG|10|main|2021-09-30 16:08:16.477 CEST|SSLSocketImpl.java:1775|close the SSL connection (passive)
javax.net.ssl|ERROR|10|main|2021-09-30 16:08:16.478 CEST|SSLSocketImpl.java:369|handshake failed (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Invalid CertificateRequest handshake message: no sufficient data
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:358)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:314)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:305)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestMessage.<init>(CertificateRequest.java:453)
at java.base/sun.security.ssl.CertificateRequest$T12CertificateRequestConsumer.consume(CertificateRequest.java:672)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:201)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1500)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1415)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:450)
at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:915)
at java.base/sun.security.ssl.SSLSocketImpl.getSession(SSLSocketImpl.java:366)
at TlsClient.main(TlsClient.java:30)}
)
Attached is the crash dump.
erl_crash.zip
-
VoidrayX
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Jul 12, 2015 11:21 am
[Solved]TLS Error:reading acknowledgement record from packet
Hosting the server behind my dlink DIR-868L Router on my Windows 8.1 PC
Port forwarded UDP 1194
When I connect to the server using android i get
Code: Select all
TLS Error: reading acknowledgement record from packet
Then I tried using static mini, I could connect however there was no internet access
Please Help! Im only know the the basic terms and stuff so try to keep the instructions simple.
Thanks!
Heres my server config
Code: Select all
port 1194
proto udp
dev tun
ca "C:\Program Files\OpenVPN\easy-rsa\keys\ca.crt"
cert "C:\Program Files\OpenVPN\easy-rsa\keys\server.crt"
key "C:\Program Files\OpenVPN\easy-rsa\keys\server.key" # This file should be kept secret
dh "C:\Program Files\OpenVPN\easy-rsa\keys\dh1024.pem"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
And Client config
Code: Select all
client
dev tun
proto udp
remote XXX.XXX.XX.48 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
comp-lzo
verb 3
Log
Code: Select all
Sun Jul 12 20:21:02 2015 OpenVPN 2.3.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO]
[PKCS11] [IPv6] built on Jul 9 2015
Sun Jul 12 20:21:02 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Sun Jul 12 20:21:02 2015 NOTE: your local LAN uses the extremely common subnet a
ddress 192.168.0.x or 192.168.1.x. Be aware that this might create routing conf
licts if you connect to the VPN server from public locations such as internet ca
fes that use the same subnet.
Sun Jul 12 20:21:02 2015 Note: cannot open openvpn-status.log for WRITE
Sun Jul 12 20:21:02 2015 Note: cannot open ipp.txt for READ/WRITE
Sun Jul 12 20:21:02 2015 Diffie-Hellman initialized with 1024 bit key
Sun Jul 12 20:21:02 2015 Socket Buffers: R=[65536->65536] S=[65536->65536]
Sun Jul 12 20:21:02 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Jul 12 20:21:02 2015 open_tun, tt->ipv6=0
Sun Jul 12 20:21:02 2015 TAP-WIN32 device [Ethernet 3] opened: \.Global{2CC68
BF1-045D-4F1B-B64E-1D5B14912043}.tap
Sun Jul 12 20:21:02 2015 TAP-Windows Driver Version 9.21
Sun Jul 12 20:21:02 2015 Notified TAP-Windows driver to set a DHCP IP/netmask of
10.8.0.1/255.255.255.252 on interface {2CC68BF1-045D-4F1B-B64E-1D5B14912043} [D
HCP-serv: 10.8.0.2, lease-time: 31536000]
Sun Jul 12 20:21:02 2015 Sleeping for 10 seconds...
Sun Jul 12 20:21:12 2015 NOTE: FlushIpNetTable failed on interface [44] {2CC68BF
1-045D-4F1B-B64E-1D5B14912043} (status=5) : Access is denied.
Sun Jul 12 20:21:12 2015 C:WINDOWSsystem32route.exe ADD 10.8.0.0 MASK 255.255
.255.0 10.8.0.2
Sun Jul 12 20:21:12 2015 ROUTE: route addition failed using CreateIpForwardEntry
: Access is denied. [status=5 if_index=44]
Sun Jul 12 20:21:12 2015 Route addition via IPAPI failed [adaptive]
Sun Jul 12 20:21:12 2015 Route addition fallback to route.exe
Sun Jul 12 20:21:12 2015 env_block: add PATH=C:WindowsSystem32;C:WINDOWS;C:W
INDOWSSystem32Wbem
Sun Jul 12 20:21:12 2015 ERROR: Windows route add command failed [adaptive]: ret
urned error code 1
Sun Jul 12 20:21:12 2015 UDPv4 link local (bound): [undef]
Sun Jul 12 20:21:12 2015 UDPv4 link remote: [undef]
Sun Jul 12 20:21:12 2015 MULTI: multi_init called, r=256 v=256
Sun Jul 12 20:21:12 2015 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Sun Jul 12 20:21:12 2015 IFCONFIG POOL LIST
Sun Jul 12 20:21:12 2015 Initialization Sequence Completed
Sun Jul 12 20:21:33 2015 192.168.0.1:57837 TLS: Initial packet from [AF_INET]192
.168.0.1:57837, sid=2c8a2582 5527d384
Sun Jul 12 20:21:33 2015 192.168.0.103:57837 TLS: Initial packet from [AF_INET]1
92.168.0.103:57837, sid=2c8a2582 5527d384
Sun Jul 12 20:21:35 2015 192.168.0.103:57837 TLS Error: reading acknowledgement
record from packet
Sun Jul 12 20:21:40 2015 192.168.0.103:57837 TLS Error: reading acknowledgement
record from packet
Sun Jul 12 20:21:47 2015 192.168.0.103:57837 TLS Error: reading acknowledgement
record from packet
Sun Jul 12 20:22:03 2015 192.168.0.103:57837 TLS Error: reading acknowledgement
record from packet
Sun Jul 12 20:22:31 2015 192.168.0.1:33974 TLS: Initial packet from [AF_INET]192
.168.0.1:33974, sid=2bf071de 28bcbad4
Sun Jul 12 20:22:33 2015 192.168.0.103:57837 TLS Error: TLS key negotiation fail
ed to occur within 60 seconds (check your network connectivity)
Sun Jul 12 20:22:33 2015 192.168.0.103:57837 TLS Error: TLS handshake failed
Sun Jul 12 20:22:33 2015 192.168.0.103:57837 SIGUSR1[soft,tls-error] received, c
lient-instance restarting
Sun Jul 12 20:22:33 2015 192.168.0.1:57837 TLS Error: TLS key negotiation failed
to occur within 60 seconds (check your network connectivity)
Sun Jul 12 20:22:33 2015 192.168.0.1:57837 TLS Error: TLS handshake failed
Sun Jul 12 20:22:33 2015 192.168.0.1:57837 SIGUSR1[soft,tls-error] received, cli
ent-instance restarting
Sun Jul 12 20:23:01 2015 read UDPv4: Connection reset by peer (WSAECONNRESET) (c
ode=10054)
Sun Jul 12 20:23:31 2015 192.168.0.1:33974 TLS Error: TLS key negotiation failed
to occur within 60 seconds (check your network connectivity)
Sun Jul 12 20:23:31 2015 192.168.0.1:33974 TLS Error: TLS handshake failed
Sun Jul 12 20:23:31 2015 192.168.0.1:33974 SIGUSR1[soft,tls-error] received, cli
ent-instance restarting
-
Traffic
- OpenVPN Protagonist
- Posts: 4066
- Joined: Sat Aug 09, 2014 11:24 am
Re: TLS Error: reading acknowledgement record from packet
Post
by Traffic » Sun Jul 12, 2015 4:29 pm
Did you run your server as administrator ?
-
VoidrayX
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Jul 12, 2015 11:21 am
Re: TLS Error: reading acknowledgement record from packet
Post
by VoidrayX » Mon Jul 13, 2015 10:22 am
Traffic wrote:Did you run your server as administrator ?
Hello, I couldnt find an option to run it as administrator so i did openvpn server.ovpn using the administrator CMD
Didnt seem to make a difference.
Heres the log anyway
Code: Select all
C:WINDOWSsystem32>cd "C:Program FilesOpenVPNbin"
C:Program FilesOpenVPNbin>openvpn server.ovpn
Mon Jul 13 18:18:36 2015 OpenVPN 2.3.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO]
[PKCS11] [IPv6] built on Jul 9 2015
Mon Jul 13 18:18:36 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.08
Mon Jul 13 18:18:36 2015 NOTE: your local LAN uses the extremely common subnet a
ddress 192.168.0.x or 192.168.1.x. Be aware that this might create routing conf
licts if you connect to the VPN server from public locations such as internet ca
fes that use the same subnet.
Mon Jul 13 18:18:36 2015 Diffie-Hellman initialized with 1024 bit key
Mon Jul 13 18:18:36 2015 Socket Buffers: R=[65536->65536] S=[65536->65536]
Mon Jul 13 18:18:36 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jul 13 18:18:36 2015 open_tun, tt->ipv6=0
Mon Jul 13 18:18:36 2015 TAP-WIN32 device [Ethernet 3] opened: \.Global{2CC68
BF1-045D-4F1B-B64E-1D5B14912043}.tap
Mon Jul 13 18:18:36 2015 TAP-Windows Driver Version 9.21
Mon Jul 13 18:18:36 2015 Notified TAP-Windows driver to set a DHCP IP/netmask of
10.8.0.1/255.255.255.252 on interface {2CC68BF1-045D-4F1B-B64E-1D5B14912043} [D
HCP-serv: 10.8.0.2, lease-time: 31536000]
Mon Jul 13 18:18:36 2015 Sleeping for 10 seconds...
Mon Jul 13 18:18:46 2015 Successful ARP Flush on interface [44] {2CC68BF1-045D-4
F1B-B64E-1D5B14912043}
Mon Jul 13 18:18:46 2015 C:WINDOWSsystem32route.exe ADD 10.8.0.0 MASK 255.255
.255.0 10.8.0.2
Mon Jul 13 18:18:46 2015 ROUTE: CreateIpForwardEntry succeeded with dwForwardMet
ric1=20 and dwForwardType=4
Mon Jul 13 18:18:46 2015 Route addition via IPAPI succeeded [adaptive]
Mon Jul 13 18:18:46 2015 UDPv4 link local (bound): [undef]
Mon Jul 13 18:18:46 2015 UDPv4 link remote: [undef]
Mon Jul 13 18:18:46 2015 MULTI: multi_init called, r=256 v=256
Mon Jul 13 18:18:46 2015 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Mon Jul 13 18:18:46 2015 IFCONFIG POOL LIST
Mon Jul 13 18:18:46 2015 Initialization Sequence Completed
Mon Jul 13 18:20:01 2015 192.168.0.1:53192 TLS: Initial packet from [AF_INET]192
.168.0.1:53192, sid=be4096f3 326efc01
Mon Jul 13 18:20:01 2015 192.168.0.103:53192 TLS: Initial packet from [AF_INET]1
92.168.0.103:53192, sid=be4096f3 326efc01
Mon Jul 13 18:20:01 2015 192.168.0.103:53192 TLS Error: reading acknowledgement
record from packet
Mon Jul 13 18:20:03 2015 192.168.0.103:53192 TLS Error: reading acknowledgement
record from packet
Mon Jul 13 18:20:07 2015 192.168.0.103:53192 TLS Error: reading acknowledgement
record from packet
Mon Jul 13 18:20:15 2015 192.168.0.103:53192 TLS Error: reading acknowledgement
record from packet
Mon Jul 13 18:20:20 2015 C:WINDOWSsystem32route.exe DELETE 10.8.0.0 MASK 255.
255.255.0 10.8.0.2
Mon Jul 13 18:20:20 2015 Route deletion via IPAPI succeeded [adaptive]
Mon Jul 13 18:20:20 2015 Closing TUN/TAP interface
Mon Jul 13 18:20:20 2015 SIGTERM[hard,] received, process exiting
C:Program FilesOpenVPNbin>
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: TLS Error: reading acknowledgement record from packet
Post
by maikcat » Tue Jul 14, 2015 6:42 am
When I connect to the server using android i get
is your android located in the same network with your openvpn server?
Michael.
-
VoidrayX
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Jul 12, 2015 11:21 am
Re: TLS Error: reading acknowledgement record from packet
Post
by VoidrayX » Tue Jul 14, 2015 10:59 am
maikcat wrote:
When I connect to the server using android i get
is your android located in the same network with your openvpn server?
Michael.
It is when i try to test connection to the server. It worked when trying with a static server.
And these mod approval take sooooo long
-
maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: TLS Error: reading acknowledgement record from packet
Post
by maikcat » Thu Jul 16, 2015 10:59 am
It is when i try to test connection to the server. It worked when trying with a static server.
avoid connecting to your routers wan ip while in the lan,
use a different internet connection for your tests.
And these mod approval take sooooo long
2 things about that,
your first posts only require approval , not ALL of them
i am the only active mod (hopefully i am not) with a full time job and a family , be patient.
Michael.
-
VoidrayX
- OpenVpn Newbie
- Posts: 4
- Joined: Sun Jul 12, 2015 11:21 am
Re: TLS Error: reading acknowledgement record from packet
Post
by VoidrayX » Fri Jul 17, 2015 1:02 am
maikcat wrote:
It is when i try to test connection to the server. It worked when trying with a static server.
avoid connecting to your routers wan ip while in the lan,
use a different internet connection for your tests.
I tested over mobile data and it worked! Thanks alot for the help