javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.483 EST|SSLCipher.java:437|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472 javax.net.ssl|WARNING|01|main|2019-01-25 16:00:13.975 EST|SignatureScheme.java:282|Signature algorithm, ed25519, is not supported by the underlying providers javax.net.ssl|WARNING|01|main|2019-01-25 16:00:13.975 EST|SignatureScheme.java:282|Signature algorithm, ed448, is not supported by the underlying providers javax.net.ssl|INFO|01|main|2019-01-25 16:00:13.979 EST|AlpnExtension.java:161|No available application protocols javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.979 EST|SSLExtensions.java:235|Ignore, context unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.980 EST|SSLExtensions.java:235|Ignore, context unavailable extension: cookie javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.984 EST|SSLExtensions.java:235|Ignore, context unavailable extension: renegotiation_info javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.984 EST|PreSharedKeyExtension.java:624|No session to resume. javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.984 EST|SSLExtensions.java:235|Ignore, context unavailable extension: pre_shared_key javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.988 EST|ClientHello.java:651|Produced ClientHello handshake message ( "ClientHello": { "client version" : "TLSv1.2", "random" : "3A DD C7 6D 9D 92 75 87 A6 D8 72 07 D5 4F 4B F2 D3 D2 6D 41 FE 5F 4B 10 90 C8 D9 D0 52 13 A2 25", "session id" : "9C 6D 96 B1 4D 0E 19 34 19 63 B3 A8 29 B5 2B 6E 46 BD 43 4E 6B 38 8F 8E F2 47 5D A8 03 6C DC 9F", "cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]", "compression methods" : "00", "extensions" : [ "server_name (0)": { type=host_name (0), value=fzhou5.crd.com }, "status_request (5)": { "certificate status type": ocsp "OCSP status request": { "responder_id": "request extensions": { } } }, "supported_groups (10)": { "versions": [secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192] }, "ec_point_formats (11)": { "formats": [uncompressed] }, "signature_algorithms (13)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "signature_algorithms_cert (50)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "status_request_v2 (17)": { "cert status request": { "certificate status type": ocsp_multi "OCSP status request": { "responder_id": "request extensions": { } } } }, "extended_master_secret (23)": { }, "supported_versions (43)": { "versions": [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1] }, "psk_key_exchange_modes (45)": { "ke_modes": [psk_dhe_ke] }, "key_share (51)": { "client_shares": [ { "named group": secp256r1 "key_exchange": { 0000: 04 9B 71 16 C5 F4 7F 69 E6 E5 2D 25 4A 2E 15 CF ..q....i..-%J... 0010: 19 44 7E E8 04 4C 8F B8 82 EE A6 45 B2 1E 1D E8 .D...L.....E.... 0020: 72 9B 3F C5 29 96 C7 4B 06 34 1F 51 C2 1C EC D1 r.?.)..K.4.Q.... 0030: FC 33 F7 91 97 8D AB B1 7A 14 B4 F6 6C 79 03 C9 .3......z...ly.. 0040: 25 } }, ] } ] } ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.997 EST|ServerHello.java:866|Consuming ServerHello handshake message ( "ServerHello": { "server version" : "TLSv1.2", "random" : "A6 1D 94 82 D1 0A 14 99 5B 51 D4 14 D7 81 AB 6E 29 A1 FB 14 87 D3 6B 5C F1 0D BD 1F BD F9 C6 BF", "session id" : "9C 6D 96 B1 4D 0E 19 34 19 63 B3 A8 29 B5 2B 6E 46 BD 43 4E 6B 38 8F 8E F2 47 5D A8 03 6C DC 9F", "cipher suite" : "TLS_AES_128_GCM_SHA256(0x1301)", "compression methods" : "00", "extensions" : [ "supported_versions (43)": { "selected version": [TLSv1.3] }, "key_share (51)": { "server_share": { "named group": secp256r1 "key_exchange": { 0000: 04 49 05 12 BE D4 F6 C3 A3 34 88 D9 72 37 3D 49 .I.......4..r7=I 0010: 27 DF 92 A9 1F 39 FC 26 65 45 99 74 DD 9D 6C 9B '....9.&eE.t..l. 0020: 58 80 A4 33 D6 15 8C AB A4 47 51 A1 A1 25 29 5D X..3.....GQ..%)] 0030: A2 5C CB C5 D9 9C 82 7D 8C B7 2D F0 4F 0E 83 5E .\........-.O..^ 0040: B7 } }, } ] } ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.997 EST|SSLExtensions.java:167|Consumed extension: supported_versions javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.998 EST|ServerHello.java:962|Negotiated protocol version: TLSv1.3 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.998 EST|SSLExtensions.java:138|Ignore unsupported extension: server_name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.998 EST|SSLExtensions.java:138|Ignore unsupported extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.999 EST|SSLExtensions.java:138|Ignore unsupported extension: status_request javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.999 EST|SSLExtensions.java:138|Ignore unsupported extension: ec_point_formats javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.999 EST|SSLExtensions.java:138|Ignore unsupported extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.999 EST|SSLExtensions.java:138|Ignore unsupported extension: status_request_v2 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.999 EST|SSLExtensions.java:138|Ignore unsupported extension: extended_master_secret javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:13.999 EST|SSLExtensions.java:167|Consumed extension: supported_versions javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.000 EST|SSLExtensions.java:167|Consumed extension: key_share javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.000 EST|SSLExtensions.java:138|Ignore unsupported extension: renegotiation_info javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.000 EST|PreSharedKeyExtension.java:850|Handling pre_shared_key absence. javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.000 EST|SSLExtensions.java:182|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.000 EST|SSLExtensions.java:182|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.001 EST|SSLExtensions.java:182|Ignore unavailable extension: status_request javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.001 EST|SSLExtensions.java:182|Ignore unavailable extension: ec_point_formats javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.001 EST|SSLExtensions.java:182|Ignore unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.001 EST|SSLExtensions.java:182|Ignore unavailable extension: status_request_v2 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.001 EST|SSLExtensions.java:182|Ignore unavailable extension: extended_master_secret javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.001 EST|SSLExtensions.java:190|Ignore impact of unsupported extension: supported_versions javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.001 EST|SSLExtensions.java:190|Ignore impact of unsupported extension: key_share javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.001 EST|SSLExtensions.java:182|Ignore unavailable extension: renegotiation_info javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.002 EST|SSLExtensions.java:182|Ignore unavailable extension: pre_shared_key javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.008 EST|SSLCipher.java:1824|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.010 EST|SSLCipher.java:1978|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.010 EST|ChangeCipherSpec.java:232|Consuming ChangeCipherSpec message javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.018 EST|EncryptedExtensions.java:171|Consuming EncryptedExtensions handshake message ( "EncryptedExtensions": [ "server_name (0)": { }, "supported_groups (10)": { "versions": [x25519, secp256r1, x448, secp521r1, secp384r1] } ] ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.018 EST|SSLExtensions.java:167|Consumed extension: server_name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.019 EST|SSLExtensions.java:148|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.019 EST|SSLExtensions.java:167|Consumed extension: supported_groups javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.019 EST|SSLExtensions.java:190|Ignore impact of unsupported extension: server_name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.019 EST|SSLExtensions.java:182|Ignore unavailable extension: max_fragment_length javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.019 EST|SSLExtensions.java:190|Ignore impact of unsupported extension: supported_groups javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.020 EST|SSLExtensions.java:182|Ignore unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.023 EST|CertificateMessage.java:1148|Consuming server Certificate handshake message ( "Certificate": { "certificate_request_context": "", "certificate_list": [ { "certificate" : { "version" : "v3", "serial number" : "68 40 BD 95", "signature algorithm": "SHA256withRSA", "issuer" : "CN=FZHOU5.crd.com", "not before" : "2019-01-02 14:38:54.000 EST", "not after" : "2019-12-28 14:38:54.000 EST", "subject" : "CN=FZHOU5.crd.com", "subject public key" : "RSA", "extensions" : [ { ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: D5 8F 94 52 5A 30 31 BD 4C E2 37 17 E9 1B D7 18 ...RZ01.L.7..... 0010: 4E 87 B8 8B N... ] ] } ]} "extensions": { } }, ] } ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.024 EST|SSLExtensions.java:148|Ignore unavailable extension: status_request javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.088 EST|CertificateVerify.java:1128|Consuming CertificateVerify handshake message ( "CertificateVerify": { "signature algorithm": rsa_pss_rsae_sha256 "signature": { 0000: B6 11 D7 B4 56 00 F5 83 CD 80 0A 69 1E 1F 17 DF ....V......i.... 0010: 95 BA 68 33 E4 1C 9C A8 E9 D2 9D 4E D3 16 4E C4 ..h3.......N..N. 0020: 47 85 5D 4E 75 39 97 3A 61 A7 67 1D E3 6B 94 9D G.]Nu9.:a.g..k.. 0030: 0C A9 1F B7 DC 90 86 2A 48 7A B9 34 BA BF 53 5B .......*Hz.4..S[ 0040: 05 6C 89 A3 E7 7A A3 46 0A 51 27 DA FE D6 40 5D .l...z.F.Q'...@] 0050: 84 3A 60 70 8D FD 0F 9D E7 4F 74 0F AA 72 07 C1 .:`p.....Ot..r.. 0060: 5D 5D 8A 42 23 DB 00 83 0C 31 2C A0 42 CC 51 65 ]].B#....1,.B.Qe 0070: D8 FB 40 C9 F0 2C 99 50 FF 2E E9 79 42 8E 5B C6 ..@..,.P...yB.[. 0080: A4 8F 4B 9C C5 92 47 36 07 91 05 CD A9 18 48 9F ..K...G6......H. 0090: 19 B8 7E 43 E4 7C 77 58 99 6B B6 8D 17 28 A5 B9 ...C..wX.k...(.. 00A0: 0A 36 53 13 2F 37 22 70 90 23 30 4A A6 8D 8B EF .6S./7"p.#0J.... 00B0: 69 08 3D 53 D7 AE 4A B5 86 36 71 91 75 6F 6C B4 i.=S..J..6q.uol. 00C0: 7D 47 69 19 2E 3E 62 A6 0B 8A D6 00 74 C7 81 0B .Gi..>b.....t... 00D0: 22 1F 2C D5 D9 60 08 FA 7F B5 71 2C D2 FF 9D 39 ".,..`....q,...9 00E0: E0 A8 1B C0 0F 9E E2 CE 4E B7 9E 25 81 B1 16 7F ........N..%.... 00F0: AB 32 62 22 93 2D AF F4 20 83 F6 23 FA 4E A2 FE .2b".-.. ..#.N.. } } ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.090 EST|Finished.java:860|Consuming server Finished handshake message ( "Finished": { "verify data": { 0000: 86 D5 0E B9 01 53 81 0C 53 C0 B1 5B 8D 9A BB 01 .....S..S..[.... 0010: E8 7F F9 65 06 11 5A C2 30 C3 26 68 65 C9 99 05 ...e..Z.0.&he... }'} ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.092 EST|SSLCipher.java:1824|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.093 EST|Finished.java:658|Produced client Finished handshake message ( "Finished": { "verify data": { 0000: 5E C4 27 7A 6D 95 C2 72 87 7A F0 E7 DD E2 02 7A ^.'zm..r.z.....z 0010: DF 0C DA 07 7E B3 92 B0 DE 7C 10 64 E1 7A AF B6 ...........d.z.. }'} ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.094 EST|SSLCipher.java:1978|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.105 EST|NewSessionTicket.java:330|Consuming NewSessionTicket message ( "NewSessionTicket": { "ticket_lifetime" : "86,400", "ticket_age_add" : "", "ticket_nonce" : "00 00 00 00 00 00 00 00", "ticket" : "3C F7 85 1E FB 02 03 5F F4 44 F9 43 B3 14 A0 75 E3 B8 F0 52 1C FB 7F 2D DE 3B A5 06 04 72 54 93 3B A0 CB BA 7F 65 92 4B 5F 81 6C 55 4C 08 47 12 33 E4 9E B3 E5 BA 6B BB E6 95 F3 38 B5 A7 26 56 74 9C B0 20 FD D5 BF CD 69 76 E7 98 D3 95 D7 EB 10 BF 7C 3B A9 A4 48 8A 2D 23 58 81 D9 D4 B8 82 DB 14 DC 6C D6 52 8A 90 0B FF F0 23 D6 44 56 EA F9 17 51 85 D0 0D A9 77 9C E4 14 7E C5 D8 6B 6A E6 6A 74 93 0A 39 4A 04 47 63 DB 55 41 3D 46 8C CD 82 39 96 4C 5F 6E 54 C2 AD 30 54 54 6A EA 4B BF 94 9E 5F 21 7A 6B 65 77 D9 45 1D 3A 0A 27 72 22 E3 43 E5 39 C6 FF ED 87 55 26 7C A1 61 B4 68 41 6F E8 06 B6 19 F0 09 DD 7C B2 47 AE DE 2B 6F", "extensions" : [ ] } ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.106 EST|NewSessionTicket.java:330|Consuming NewSessionTicket message ( "NewSessionTicket": { "ticket_lifetime" : "86,400", "ticket_age_add" : "", "ticket_nonce" : "00 00 00 00 00 00 00 01", "ticket" : "3C F7 85 1E FB 02 03 5F F4 44 F9 43 B3 14 A0 75 D7 B4 C4 B8 8B 8B BB 41 E4 B1 E4 79 CF 61 E7 BC 5C 33 A8 01 5A 9D 29 01 C2 AA 86 20 73 F7 52 C6 EF CA C7 8B 7C 81 60 AE 64 CC 26 84 FF 40 82 4E 3B AF 1C D2 DB 3B 59 D0 47 AB 0B 22 2F 05 D6 9D 35 77 69 EC D0 8F EE C6 B3 6B 26 09 E2 2D A0 62 B4 95 E2 4A 29 DE 0E 73 38 27 11 97 99 A6 01 7B D5 5C CE 70 28 A2 98 30 57 27 2E 6C 0D BA 2B B3 03 0C 25 97 05 30 67 D8 85 83 C4 20 66 27 AC 4A F8 80 41 77 3C 40 F0 18 49 5A C6 22 74 7B 51 64 42 7E 01 32 5E 73 FB 45 6D 11 51 37 E1 69 CF 46 D9 6E AF B1 BE D8 92 64 1B F5 F7 51 66 F9 D2 6E 5F DE 56 27 F5 9A 49 92 E0 60 E5 13 D5 0E 16 4D", "extensions" : [ ] } ) 0_getProtocolVersion=HTTP/1.1 0_getStatusCode=200 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.185 EST|SSLSocketImpl.java:473|duplex close of SSLSocket javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.201 EST|SSLSocketImpl.java:1380|close the SSL connection (passive) javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.206 EST|ServerNameExtension.java:255|Unable to indicate server name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.206 EST|SSLExtensions.java:235|Ignore, context unavailable extension: server_name javax.net.ssl|INFO|01|main|2019-01-25 16:00:14.207 EST|AlpnExtension.java:161|No available application protocols javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.208 EST|SSLExtensions.java:235|Ignore, context unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.208 EST|SSLExtensions.java:235|Ignore, context unavailable extension: cookie javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.210 EST|SSLExtensions.java:235|Ignore, context unavailable extension: renegotiation_info javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.211 EST|PreSharedKeyExtension.java:660|Found resumable session. Preparing PSK message. javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.216 EST|ClientHello.java:651|Produced ClientHello handshake message ( "ClientHello": { "client version" : "TLSv1.2", "random" : "34 AA CE CF 2A 0A 9B 37 19 C2 2F AB 07 02 CD 50 6C 66 96 0E 3C 66 57 8D F8 52 07 87 18 3A 74 A8", "session id" : "", "cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]", "compression methods" : "00", "extensions" : [ "status_request (5)": { "certificate status type": ocsp "OCSP status request": { "responder_id": "request extensions": { } } }, "supported_groups (10)": { "versions": [secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192] }, "ec_point_formats (11)": { "formats": [uncompressed] }, "signature_algorithms (13)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "signature_algorithms_cert (50)": { "signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1] }, "status_request_v2 (17)": { "cert status request": { "certificate status type": ocsp_multi "OCSP status request": { "responder_id": "request extensions": { } } } }, "extended_master_secret (23)": { }, "supported_versions (43)": { "versions": [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1] }, "psk_key_exchange_modes (45)": { "ke_modes": [psk_dhe_ke] }, "key_share (51)": { "client_shares": [ { "named group": secp256r1 "key_exchange": { 0000: 04 3E EB 7B 83 30 6B 18 5B 84 68 37 27 6E 5F 55 .>...0k.[.h7'n_U 0010: E6 34 4D A3 7F C0 A6 B0 10 30 44 07 3A 6C 58 50 .4M......0D.:lXP 0020: 3A DB D5 BC 0B 23 11 FB B1 DC 72 54 A8 7F C8 09 :....#....rT.... 0030: F4 CF C9 BF CF 20 A9 2F 38 7C 50 C7 EE 9F F9 B6 ..... ./8.P..... 0040: 6F } }, ] }, "pre_shared_key (41)": { "PreSharedKey": { "identities" : " {3C F7 85 1E FB 02 03 5F F4 44 F9 43 B3 14 A0 75 D7 B4 C4 B8 8B 8B BB 41 E4 B1 E4 79 CF 61 E7 BC 5C 33 A8 01 5A 9D 29 01 C2 AA 86 20 73 F7 52 C6 EF CA C7 8B 7C 81 60 AE 64 CC 26 84 FF 40 82 4E 3B AF 1C D2 DB 3B 59 D0 47 AB 0B 22 2F 05 D6 9D 35 77 69 EC D0 8F EE C6 B3 6B 26 09 E2 2D A0 62 B4 95 E2 4A 29 DE 0E 73 38 27 11 97 99 A6 01 7B D5 5C CE 70 28 A2 98 30 57 27 2E 6C 0D BA 2B B3 03 0C 25 97 05 30 67 D8 85 83 C4 20 66 27 AC 4A F8 80 41 77 3C 40 F0 18 49 5A C6 22 74 7B 51 64 42 7E 01 32 5E 73 FB 45 6D 11 51 37 E1 69 CF 46 D9 6E AF B1 BE D8 92 64 1B F5 F7 51 66 F9 D2 6E 5F DE 56 27 F5 9A 49 92 E0 60 E5 13 D5 0E 16 4D,-845719304}", "binders" : " {E4 8A 98 88 29 D3 11 58 5B 99 F8 05 B3 D3 6A DA 11 00 BB 83 38 8B 10 4C 78 65 18 D5 AC A5 44 2D}", } } ] } ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.226 EST|ServerHello.java:866|Consuming ServerHello handshake message ( "ServerHello": { "server version" : "TLSv1.2", "random" : "CB 54 2A B1 D1 2D FB 5B A4 97 4F EB FE F7 5D 02 4E 2C B9 62 7C 8F BB E6 65 C9 F6 F8 F2 7D FB 16", "session id" : "", "cipher suite" : "TLS_AES_128_GCM_SHA256(0x1301)", "compression methods" : "00", "extensions" : [ "supported_versions (43)": { "selected version": [TLSv1.3] }, "key_share (51)": { "server_share": { "named group": secp256r1 "key_exchange": { 0000: 04 C9 46 54 3B 96 26 51 D0 0F 66 09 4D EB 29 D3 ..FT;.&Q..f.M.). 0010: 2B 66 F1 EB 87 33 78 B4 55 CA CC B7 4D AB 4B 93 +f...3x.U...M.K. 0020: 76 B3 90 7D 0B 41 1F E8 AA 71 36 64 5D 18 5D 2D v....A...q6d].]- 0030: 58 34 DD DB 9F 07 87 36 F0 0F E4 AC 7F 44 83 44 X4.....6.....D.D 0040: D8 } }, }, "pre_shared_key (41)": { "PreSharedKey": { "selected_identity" : "0x0000", } } ] } ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.226 EST|SSLExtensions.java:167|Consumed extension: supported_versions javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.226 EST|ServerHello.java:962|Negotiated protocol version: TLSv1.3 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.227 EST|SSLExtensions.java:138|Ignore unsupported extension: server_name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.227 EST|SSLExtensions.java:138|Ignore unsupported extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.227 EST|SSLExtensions.java:138|Ignore unsupported extension: status_request javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.227 EST|SSLExtensions.java:138|Ignore unsupported extension: ec_point_formats javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.227 EST|SSLExtensions.java:138|Ignore unsupported extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.228 EST|SSLExtensions.java:138|Ignore unsupported extension: status_request_v2 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.228 EST|SSLExtensions.java:138|Ignore unsupported extension: extended_master_secret javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.228 EST|SSLExtensions.java:167|Consumed extension: supported_versions javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.229 EST|SSLExtensions.java:167|Consumed extension: key_share javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.230 EST|SSLExtensions.java:138|Ignore unsupported extension: renegotiation_info javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.231 EST|PreSharedKeyExtension.java:817|Received pre_shared_key extension: ( "PreSharedKey": { "selected_identity" : "0x0000", } ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.234 EST|PreSharedKeyExtension.java:831|Resuming session: ( Session(1548450014000|TLS_AES_128_GCM_SHA256) ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.234 EST|SSLExtensions.java:167|Consumed extension: pre_shared_key javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.235 EST|ServerHello.java:1156|Using PSK to derive early secret javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.235 EST|SSLExtensions.java:182|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.235 EST|SSLExtensions.java:182|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.235 EST|SSLExtensions.java:182|Ignore unavailable extension: status_request javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.236 EST|SSLExtensions.java:182|Ignore unavailable extension: ec_point_formats javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.236 EST|SSLExtensions.java:182|Ignore unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.237 EST|SSLExtensions.java:182|Ignore unavailable extension: status_request_v2 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.237 EST|SSLExtensions.java:182|Ignore unavailable extension: extended_master_secret javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.237 EST|SSLExtensions.java:190|Ignore impact of unsupported extension: supported_versions javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.237 EST|SSLExtensions.java:190|Ignore impact of unsupported extension: key_share javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.238 EST|SSLExtensions.java:182|Ignore unavailable extension: renegotiation_info javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.238 EST|SSLExtensions.java:190|Ignore impact of unsupported extension: pre_shared_key javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.245 EST|SSLCipher.java:1824|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.246 EST|SSLCipher.java:1978|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.246 EST|ChangeCipherSpec.java:232|Consuming ChangeCipherSpec message javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.247 EST|EncryptedExtensions.java:171|Consuming EncryptedExtensions handshake message ( "EncryptedExtensions": [ "supported_groups (10)": { "versions": [x25519, secp256r1, x448, secp521r1, secp384r1] } ] ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.247 EST|SSLExtensions.java:148|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.247 EST|SSLExtensions.java:148|Ignore unavailable extension: max_fragment_length javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.247 EST|SSLExtensions.java:167|Consumed extension: supported_groups javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.247 EST|SSLExtensions.java:182|Ignore unavailable extension: server_name javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.248 EST|SSLExtensions.java:182|Ignore unavailable extension: max_fragment_length javax.net.ssl|WARNING|01|main|2019-01-25 16:00:14.248 EST|SSLExtensions.java:190|Ignore impact of unsupported extension: supported_groups javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.248 EST|SSLExtensions.java:182|Ignore unavailable extension: application_layer_protocol_negotiation javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.249 EST|Finished.java:860|Consuming server Finished handshake message ( "Finished": { "verify data": { 0000: 35 5D DD 31 8B 18 EF B4 A9 3A F1 F9 FD 34 7F CA 5].1.....:...4.. 0010: AA BE 08 7D F6 6D 70 6A 29 FE 61 04 88 1E 71 FF .....mpj).a...q. }'} ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.249 EST|SSLCipher.java:1824|KeyLimit read side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.250 EST|Finished.java:658|Produced client Finished handshake message ( "Finished": { "verify data": { 0000: 95 E9 F2 A4 F9 AC BE 6B FC AA 08 D4 66 08 C8 1C .......k....f... 0010: D3 A7 4D 97 99 60 5A 33 4E D4 C0 F0 7F 96 61 7F ..M..`Z3N.....a. }'} ) javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.251 EST|SSLCipher.java:1978|KeyLimit write side: algorithm = AES/GCM/NOPADDING:KEYUPDATE countdown value = 137438953472 javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.251 EST|SSLSocketImpl.java:473|duplex close of SSLSocket javax.net.ssl|DEBUG|01|main|2019-01-25 16:00:14.252 EST|SSLSocketImpl.java:1380|close the SSL connection (passive) javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at java.base/sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:526) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:464) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:397) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:394) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) at TestHttpClient.makeRequest(TestHttpClient.java:33) at TestHttpClient.main(TestHttpClient.java:18) 1_executing HttpRequest encountered Exception: peer not authenticated