trustStore is: CA/java/truststore.jks trustStore type is : jks trustStore provider is : init truststore adding as trusted cert: Subject: CN=tstprojekt, O=TST Projekt, ST=Bayern, C=DE Issuer: CN=tstprojekt, O=TST Projekt, ST=Bayern, C=DE Algorithm: RSA; Serial number: 0x36625e2 Valid from Mon Feb 17 16:14:22 CET 2014 until Sun May 18 17:14:22 CEST 2014 adding as trusted cert: Subject: EMAILADDRESS=saul.hazledine@jambit.com, CN=tstprojektCA, O=TST Projekt, ST=Bayern, C=DE Issuer: EMAILADDRESS=saul.hazledine@jambit.com, CN=tstprojektCA, O=TST Projekt, ST=Bayern, C=DE Algorithm: RSA; Serial number: 0xeabc3ee1c5f964f3 Valid from Mon Feb 17 16:14:21 CET 2014 until Sat Feb 16 16:14:21 CET 2019 trigger seeding of SecureRandom done seeding SecureRandom 2014/03/06 14:12:04:930 CET [DEBUG] RequestAddCookies - CookieSpec selected: best-match 2014/03/06 14:12:04:940 CET [DEBUG] RequestAuthCache - Auth cache not set in the context 2014/03/06 14:12:04:942 CET [DEBUG] PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://192.168.56.30:8083][total kept alive: 0; route allocated: 0 of 5; total allocated: 0 of 5] 2014/03/06 14:12:04:959 CET [DEBUG] PoolingHttpClientConnectionManager - Connection leased: [id: 0][route: {s}->https://192.168.56.30:8083][total kept alive: 0; route allocated: 1 of 5; total allocated: 1 of 5] 2014/03/06 14:12:04:971 CET [DEBUG] MainClientExec - Opening connection {s}->https://192.168.56.30:8083 2014/03/06 14:12:04:976 CET [DEBUG] HttpClientConnectionOperator - Connecting to /192.168.56.30:8083 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false %% No cached client session *** ClientHello, TLSv1 RandomCookie: GMT: 1394111525 bytes = { 86, 130, 189, 17, 53, 96, 3, 59, 12, 202, 87, 179, 0, 186, 112, 191, 134, 45, 106, 204, 20, 1, 75, 138, 52, 210, 79, 94 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} Extension ec_point_formats, formats: [uncompressed] *** main, WRITE: TLSv1 Handshake, length = 163 main, READ: TLSv1 Handshake, length = 2180 *** ServerHello, TLSv1 RandomCookie: GMT: 1394111525 bytes = { 64, 232, 50, 58, 185, 246, 129, 197, 91, 206, 39, 63, 72, 77, 42, 123, 162, 118, 75, 236, 237, 54, 5, 167, 224, 127, 40, 62 } Session ID: {83, 24, 116, 37, 237, 223, 152, 228, 122, 160, 11, 68, 144, 213, 192, 52, 12, 43, 149, 59, 23, 16, 204, 135, 163, 199, 46, 106, 101, 24, 79, 104} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: *** %% Initialized: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] ** TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=tstbounce11, O=TST Projekt, ST=Bayern, C=DE Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 18609330669488940266260546571336387112497023648397553986285623673522893779374368064312796078620802044926033827103443256803605157624783252826243476896604024368326917322262549818826961226292151530364022122384493350267643930974940832785406986263839185866241704794949578554184500850607948330127378859820559836090708248222552204364652222023348904243992427523681267167273026197494241911182284031872556928877715936560889937440935757845795965536145500226054471944869712612387132200722540333474099969967231242109082061538319694319846686237567749585036106105337520618613627300509165176147463193596377140164613736366275318355759 public exponent: 65537 Validity: [From: Thu Mar 06 11:56:30 CET 2014, To: Fri Mar 06 11:56:30 CET 2015] Issuer: EMAILADDRESS=saul.hazledine@jambit.com, CN=tstprojektCA, O=TST Projekt, ST=Bayern, C=DE SerialNumber: [ 11] Certificate Extensions: 5 [1]: ObjectId: 2.16.840.1.113730.1.13 Criticality=false Extension unknown: DER encoded OCTET string = 0000: 04 1F 16 1D 4F 70 65 6E 53 53 4C 20 47 65 6E 65 ....OpenSSL Gene 0010: 72 61 74 65 64 20 43 65 72 74 69 66 69 63 61 74 rated Certificat 0020: 65 e [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 45 38 23 98 7B E8 46 B2 BE 9F 1A C1 67 29 64 D9 E8#...F.....g)d. 0010: D7 B9 30 0A ..0. ] ] [3]: ObjectId: 2.5.29.19 Criticality=false BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ IPAddress: 192.168.56.30 ] [5]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: AC C1 2B 86 1F 36 3C E1 4E 30 35 BE E0 3E 9B B1 ..+..6<.N05..>.. 0010: F6 29 78 BB .)x. ] ] ] Algorithm: [SHA1withRSA] Signature: 0000: 65 B2 36 54 8C BA 0A 02 27 D8 89 BB 8E 00 81 A1 e.6T....'....... 0010: 3D D5 F4 4D 0F 88 8E 45 2C 7F 0E 8C 6D CA 24 15 =..M...E,...m.$. 0020: F7 D8 47 EC 98 FF 23 4E 43 33 E8 23 5B EA 7C 6F ..G...#NC3.#[..o 0030: 65 28 2B CF B0 0C 9E 6B 87 25 5A F4 A3 59 6B C6 e(+....k.%Z..Yk. 0040: 95 C1 13 AE AA 45 E2 F4 DD 8F 12 F2 62 AF 49 EC .....E......b.I. 0050: 35 D4 15 5E B8 D8 63 8B BF A3 4E AE F1 E9 88 F3 5..^..c...N..... 0060: DD 30 E0 20 3E 7B 49 10 F2 8A 9D 5D BC B0 99 08 .0. >.I....].... 0070: B8 03 CA 59 0A 80 2D 87 E6 6A 12 20 81 38 94 82 ...Y..-..j. .8.. ] chain [1] = [ [ Version: V3 Subject: EMAILADDRESS=saul.hazledine@jambit.com, CN=tstprojektCA, O=TST Projekt, ST=Bayern, C=DE Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 1024 bits modulus: 147570881504645885487005756979657312350895080874986473503131942686843335182799772066440808812478290896899196349927425161577425228303543774740040584216046542836028918683869177639763925379213116764175921252067053110976717586556715228948822722610401013299634933679178010512484404712924759678611594850313942305931 public exponent: 65537 Validity: [From: Mon Feb 17 16:14:21 CET 2014, To: Sat Feb 16 16:14:21 CET 2019] Issuer: EMAILADDRESS=saul.hazledine@jambit.com, CN=tstprojektCA, O=TST Projekt, ST=Bayern, C=DE SerialNumber: [ eabc3ee1 c5f964f3] Certificate Extensions: 3 [1]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 45 38 23 98 7B E8 46 B2 BE 9F 1A C1 67 29 64 D9 E8#...F.....g)d. 0010: D7 B9 30 0A ..0. ] ] [2]: ObjectId: 2.5.29.19 Criticality=false BasicConstraints:[ CA:true PathLen:2147483647 ] [3]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 45 38 23 98 7B E8 46 B2 BE 9F 1A C1 67 29 64 D9 E8#...F.....g)d. 0010: D7 B9 30 0A ..0. ] ] ] Algorithm: [SHA1withRSA] Signature: 0000: A7 EB 46 93 44 15 C7 A1 E9 F2 EC 8E A8 A9 E7 B1 ..F.D........... 0010: 2A 9B 85 31 0D A4 89 A7 BF 94 7C 72 3C 36 20 47 *..1.......r<6 G 0020: 23 21 D0 24 5A 76 30 07 88 07 9C 76 42 37 10 68 #!.$Zv0....vB7.h 0030: B1 42 93 AF F5 DF 5E 01 6A 2C 88 35 90 EB 40 C5 .B....^.j,.5..@. 0040: EF 4B 86 D8 01 D4 09 89 5F 03 23 E4 7B 66 61 A4 .K......_.#..fa. 0050: 18 96 C0 B9 AF FA 50 19 52 A0 F4 10 FA 9B EB 64 ......P.R......d 0060: 41 4F F4 5D 78 BC 4C 45 FA 17 1E 0A 52 59 3C A4 AO.]x.LE....RY<. 0070: 2B BD FC 07 B3 E0 F1 67 D8 D1 95 A2 51 B0 B0 DA +......g....Q... ] *** Found trusted certificate: [ [ Version: V3 Subject: EMAILADDRESS=saul.hazledine@jambit.com, CN=tstprojektCA, O=TST Projekt, ST=Bayern, C=DE Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 1024 bits modulus: 147570881504645885487005756979657312350895080874986473503131942686843335182799772066440808812478290896899196349927425161577425228303543774740040584216046542836028918683869177639763925379213116764175921252067053110976717586556715228948822722610401013299634933679178010512484404712924759678611594850313942305931 public exponent: 65537 Validity: [From: Mon Feb 17 16:14:21 CET 2014, To: Sat Feb 16 16:14:21 CET 2019] Issuer: EMAILADDRESS=saul.hazledine@jambit.com, CN=tstprojektCA, O=TST Projekt, ST=Bayern, C=DE SerialNumber: [ eabc3ee1 c5f964f3] Certificate Extensions: 3 [1]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 45 38 23 98 7B E8 46 B2 BE 9F 1A C1 67 29 64 D9 E8#...F.....g)d. 0010: D7 B9 30 0A ..0. ] ] [2]: ObjectId: 2.5.29.19 Criticality=false BasicConstraints:[ CA:true PathLen:2147483647 ] [3]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 45 38 23 98 7B E8 46 B2 BE 9F 1A C1 67 29 64 D9 E8#...F.....g)d. 0010: D7 B9 30 0A ..0. ] ] ] Algorithm: [SHA1withRSA] Signature: 0000: A7 EB 46 93 44 15 C7 A1 E9 F2 EC 8E A8 A9 E7 B1 ..F.D........... 0010: 2A 9B 85 31 0D A4 89 A7 BF 94 7C 72 3C 36 20 47 *..1.......r<6 G 0020: 23 21 D0 24 5A 76 30 07 88 07 9C 76 42 37 10 68 #!.$Zv0....vB7.h 0030: B1 42 93 AF F5 DF 5E 01 6A 2C 88 35 90 EB 40 C5 .B....^.j,.5..@. 0040: EF 4B 86 D8 01 D4 09 89 5F 03 23 E4 7B 66 61 A4 .K......_.#..fa. 0050: 18 96 C0 B9 AF FA 50 19 52 A0 F4 10 FA 9B EB 64 ......P.R......d 0060: 41 4F F4 5D 78 BC 4C 45 FA 17 1E 0A 52 59 3C A4 AO.]x.LE....RY<. 0070: 2B BD FC 07 B3 E0 F1 67 D8 D1 95 A2 51 B0 B0 DA +......g....Q... ] *** ECDH ServerKeyExchange Server key: Sun EC public key, 256 bits public x coord: 27815085722805424790444015147811278713727454940840349588915901367339986286941 public y coord: 101648775836346313537347421792940894544936729709199269733319883951191290901960 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) *** CertificateRequest Cert Types: RSA, DSS, ECDSA Cert Authorities: *** ServerHelloDone *** Certificate chain *** *** ECDHClientKeyExchange ECDH Public value: { 4, 131, 38, 197, 104, 253, 134, 152, 49, 17, 49, 215, 161, 150, 235, 237, 161, 223, 44, 250, 69, 12, 115, 152, 217, 15, 62, 108, 242, 51, 182, 107, 181, 188, 99, 13, 74, 95, 40, 247, 238, 240, 62, 182, 39, 100, 39, 214, 82, 193, 85, 226, 237, 62, 206, 226, 200, 181, 197, 42, 96, 99, 94, 73, 136 } main, WRITE: TLSv1 Handshake, length = 77 SESSION KEYGEN: PreMaster Secret: 0000: 41 38 0C CB F9 A1 0F 8A CB 9C 5C 99 E1 30 A6 C0 A8........\..0.. 0010: 9F E9 73 BE 9C 62 52 F8 17 1E 85 C8 BB 3C 2E 91 ..s..bR......<.. CONNECTION KEYGEN: Client Nonce: 0000: 53 18 74 25 56 82 BD 11 35 60 03 3B 0C CA 57 B3 S.t%V...5`.;..W. 0010: 00 BA 70 BF 86 2D 6A CC 14 01 4B 8A 34 D2 4F 5E ..p..-j...K.4.O^ Server Nonce: 0000: 53 18 74 25 40 E8 32 3A B9 F6 81 C5 5B CE 27 3F S.t%@.2:....[.'? 0010: 48 4D 2A 7B A2 76 4B EC ED 36 05 A7 E0 7F 28 3E HM*..vK..6....(> Master Secret: 0000: 95 7D C9 78 DA 46 5A 53 C8 8F 68 00 E4 94 79 79 ...x.FZS..h...yy 0010: 3F FB BC 11 27 0F 2D 36 B5 FC F6 9E 48 35 D1 DB ?...'.-6....H5.. 0020: E1 20 BE 08 29 A5 1D 2D 9D 56 F9 FE 80 8D F4 0D . ..)..-.V...... Client MAC write Secret: 0000: F7 3E B1 C9 D9 0D E0 ED E7 02 7F 77 FB E4 64 9C .>.........w..d. 0010: B1 F1 9E 5B ...[ Server MAC write Secret: 0000: 96 BD B6 D7 11 FF 29 93 9F 04 3F 39 AE 85 80 76 ......)...?9...v 0010: EA 43 0B F3 .C.. Client write key: 0000: B6 54 25 2E DD 9C B1 CC D0 21 E3 0D 97 18 01 51 .T%......!.....Q 0010: 5C 21 3C 04 45 D3 38 B1 34 D2 CE 55 F8 BD EB AB \!<.E.8.4..U.... Server write key: 0000: 6D 8D D5 0E 9F F5 C9 DA B7 7B A6 CA 62 03 12 95 m...........b... 0010: A6 E3 8B 6A 06 87 9A 21 22 67 96 EE 02 99 6C 97 ...j...!"g....l. Client write IV: 0000: AC FF 9A 34 5D F3 F1 1B E8 83 F8 0A 39 03 6C 54 ...4].......9.lT Server write IV: 0000: AA 50 2A C6 F6 44 40 D3 2E AB DC 44 21 66 83 9A .P*..D@....D!f.. main, WRITE: TLSv1 Change Cipher Spec, length = 1 *** Finished verify_data: { 121, 115, 43, 121, 59, 226, 175, 5, 197, 196, 238, 250 } *** main, WRITE: TLSv1 Handshake, length = 48 main, waiting for close_notify or alert: state 1 main, received EOFException: error main, Exception while waiting for close javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake main, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake %% Invalidated: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] main, SEND TLSv1 ALERT: fatal, description = handshake_failure main, WRITE: TLSv1 Alert, length = 32 main, Exception sending alert: java.net.SocketException: Broken pipe main, called closeSocket() 2014/03/06 14:12:05:786 CET [DEBUG] DefaultManagedHttpClientConnection - http-outgoing-0: Shutdown connection 2014/03/06 14:12:05:787 CET [DEBUG] MainClientExec - Connection discarded 2014/03/06 14:12:05:787 CET [DEBUG] DefaultManagedHttpClientConnection - http-outgoing-0: Close connection 2014/03/06 14:12:05:788 CET [DEBUG] PoolingHttpClientConnectionManager - Connection released: [id: 0][route: {s}->https://192.168.56.30:8083][total kept alive: 0; route allocated: 0 of 5; total allocated: 0 of 5] Remote host closed connection during handshake