-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
306 lines (277 loc) · 12.1 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
== jurl - java utility to inspect a web address ==
Useful for detecting java cacerts issues, printing all the headers etc
== Installation & Usage Instructions ==
git clone git://github.com/ahtik/jurl.git
cd jurl
ant -Djurl=https://myurl.com
== Sample jurl.out output ==
ant -Djurl=https://mail.google.com
(( Please note that the same command for https://gmail.com fails due to Hostname Verifier failure ))
jurl.out:
====== JURL -- Java URL Inspector
=== java.* properties ===
java.runtime.name=Java(TM) SE Runtime Environment
java.vm.version=19.0-b09
java.vm.vendor=Sun Microsystems Inc.
java.vendor.url=http://java.sun.com/
java.vm.name=Java HotSpot(TM) Client VM
java.vm.specification.name=Java Virtual Machine Specification
java.runtime.version=1.6.0_23-b05
java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment
java.endorsed.dirs=C:\Java\jdk1.6.0_23\jre\lib\endorsed
java.io.tmpdir=C:\DOCUME~1\ahtik\LOCALS~1\Temp\
java.vm.specification.vendor=Sun Microsystems Inc.
java.specification.name=Java Platform API Specification
java.class.version=50.0
java.awt.printerjob=sun.awt.windows.WPrinterJob
java.specification.version=1.6
java.vm.specification.version=1.0
java.home=C:\Java\jdk1.6.0_23\jre
java.specification.vendor=Sun Microsystems Inc.
java.vm.info=mixed mode, sharing
java.version=1.6.0_23
java.ext.dirs=C:\Java\jdk1.6.0_23\jre\lib\ext;C:\WINDOWS\Sun\Java\lib\ext
java.vendor=Sun Microsystems Inc.
java.vendor.url.bug=http://java.sun.com/cgi-bin/bugreport.cgi
=== Connecting to https://mail.google.com ===
trustStore is: C:\Java\jdk1.6.0_23\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0x4eb200670c035d4f
Valid from Wed Oct 25 11:36:00 EEST 2006 until Sat Oct 25 11:36:00 EEST 2036
/SKIPPED/
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 16:38:43 EET 2006 until Thu Jan 01 00:59:59 EET 2026
trigger seeding of SecureRandom
done seeding SecureRandom
main, setSoTimeout(0) called
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1291169042 bytes = { 20, 154, 167, 100, 4, 65, 171, 90, 141, 165, 195, 22, 254, 4, 196, 12, 249, 170, 239, 208, 129, 18, 19, 39, 61, 140, 224, 4 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
***
main, WRITE: TLSv1 Handshake, length = 75
main, WRITE: SSLv2 client hello message, length = 101
main, READ: TLSv1 Handshake, length = 81
*** ServerHello, TLSv1
RandomCookie: GMT: 1291169044 bytes = { 120, 122, 205, 209, 145, 246, 25, 144, 188, 22, 109, 85, 251, 172, 242, 222, 82, 248, 211, 196, 119, 214, 204, 147, 210, 123, 222, 222 }
Session ID: {241, 140, 210, 98, 55, 181, 188, 206, 158, 2, 243, 246, 99, 127, 43, 251, 166, 142, 144, 19, 202, 219, 104, 116, 50, 144, 199, 102, 52, 26, 30, 62}
Cipher Suite: SSL_RSA_WITH_RC4_128_SHA
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
main, READ: TLSv1 Handshake, length = 1626
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: CN=mail.google.com, O=Google Inc, L=Mountain View, ST=California, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 152491705322563972192887583523678445314711734334266057071961328501334716695971287724785617859903977038951808613916813440592334235621022183140296291353440321659682450979357710584852815479943657884825102455001273827974562341304118879743929772329505595168932646226094744439310014777926497538839711922655414233939
public exponent: 65537
Validity: [From: Fri Dec 18 02:00:00 EET 2009,
To: Mon Dec 19 01:59:59 EET 2011]
Issuer: CN=Thawte SGC CA, O=Thawte Consulting (Pty) Ltd., C=ZA
SerialNumber: [ 1f19f6de 35dd63a1 42918ad5 2cc0ab12]
Certificate Extensions: 4
[1]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.thawte.com/ThawteSGCCA.crl]
]]
[2]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
2.16.840.1.113730.4.1
]
[3]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.thawte.com,
accessMethod: 1.3.6.1.5.5.7.48.2
accessLocation: URIName: http://www.thawte.com/repository/Thawte_SGC_CA.crt]
]
[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 89 C8 EE ED F7 B1 CB EC 91 3F 67 6B C7 9E D3 72 .........?gk...r
0010: AA 3E 04 49 51 D4 28 87 35 9D 67 84 F9 92 F5 04 .>.IQ.(.5.g.....
0020: 99 6A E7 43 03 C8 F2 DB 92 0F 55 6B E3 12 06 AA .j.C......Uk....
0030: D7 71 EB A3 41 E0 DF 66 4D 54 AE 77 A9 C5 F0 8D .q..A..fMT.w....
0040: 6B 67 08 04 5E A2 3B CD C2 3E BF C7 50 A2 AB 90 kg..^.;..>..P...
0050: 7A 0F B1 3A 7A 26 03 49 F5 C9 F3 F6 B6 BD 1E 48 z..:z&.I.......H
0060: 6E 06 3C F6 7A BE C2 E1 DA 03 AB EC A4 7E AF 35 n.<.z..........5
0070: 1F 38 F3 13 B7 CF 53 D0 EC 1A C8 8E 76 10 D4 0D .8....S.....v...
]
chain [1] = [
[
Version: V3
Subject: CN=Thawte SGC CA, O=Thawte Consulting (Pty) Ltd., C=ZA
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 149451361202983228678853174673260064915210015568755178121835896813476102975849608236160530025148408068015676874970828987319389099279139710312057178233282042183735250436322343778113029297475176407559067041567861008582560880872235118626093670157751685892563822841241263685435061247717973073679225111084128559129
public exponent: 65537
Validity: [From: Thu May 13 03:00:00 EEST 2004,
To: Tue May 13 02:59:59 EEST 2014]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
SerialNumber: [ 30000002]
Certificate Extensions: 7
[1]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false
NetscapeCertType [
SSL CA
S/MIME CA
]
[2]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.verisign.com/pca3.crl]
]]
[3]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
CN=PrivateLabel3-15
]
[4]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
clientAuth
2.16.840.1.113730.4.1
2.16.840.1.113733.1.8.1
]
[5]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_CertSign
Crl_Sign
]
[6]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: 1.3.6.1.5.5.7.48.1
accessLocation: URIName: http://ocsp.thawte.com]
]
[7]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 55 AC 63 EA DE A1 DD D2 90 5F 9F 0B CE 76 BE 13 U.c......_...v..
0010: 51 8F 93 D9 05 2B C8 1B 77 4B AD 69 50 A1 EE DE Q....+..wK.iP...
0020: DC FD DB 07 E9 E8 39 94 DC AB 72 79 2F 06 BF AB ......9...ry/...
0030: 81 70 C4 A8 ED EA 53 34 ED EF 1E 53 D9 06 C7 56 .p....S4...S...V
0040: 2B D1 5C F4 D1 8A 8E B4 2B B1 37 90 48 08 42 25 +.\.....+.7.H.B%
0050: C5 3E 8A CB 7F EB 6F 04 D1 6D C5 74 A2 F7 A2 7C .>....o..m.t....
0060: 7B 60 3C 77 CD 0E CE 48 02 7F 01 2F B6 9B 37 E0 .`<w...H.../..7.
0070: 2A 2A 36 DC D5 85 D6 AC E5 3F 54 6F 96 1E 05 AF **6......?To....
]
***
Found trusted certificate:
[
[
Version: V1
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 141400322044550516865173371773024584879899609644618927642375342633349057300960400037232334924701046781298765077061770383151646234219179990772047200045837817821582483532549791304588064624083040538534190301571832597441704620988055765289140138246856927863523873759538652326729606982847841094220861282830980236711
public exponent: 65537
Validity: [From: Mon Jan 29 02:00:00 EET 1996,
To: Thu Aug 03 02:59:59 EEST 2028]
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
SerialNumber: [ 3c9131cb 1ff6d01b 0e9ab8d0 44bf12be]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 10 72 52 A9 05 14 19 32 08 41 F0 C5 6B 0A CC 7E .rR....2.A..k...
0010: 0F 21 19 CD E4 67 DC 5F A9 1B E6 CA E8 73 9D 22 .!...g._.....s."
0020: D8 98 6E 73 03 61 91 C5 7C B0 45 40 6E 44 9D 8D ..ns.a....E@nD..
0030: B0 B1 96 74 61 2D 0D A9 45 D2 A4 92 2A D6 9A 75 ...ta-..E...*..u
0040: 97 6E 3F 53 FD 45 99 60 1D A8 2B 4C F9 5E A7 09 .n?S.E.`..+L.^..
0050: D8 75 30 D7 D2 65 60 3D 67 D6 48 55 75 69 3F 91 .u0..e`=g.HUui?.
0060: F5 48 0B 47 69 22 69 82 96 BE C9 C8 38 86 4A 7A .H.Gi"i.....8.Jz
0070: 2C 73 19 48 69 4E 6B 7C 65 BF 0F FC 70 CE 88 90 ,s.HiNk.e...p...
]
main, READ: TLSv1 Handshake, length = 4
*** ServerHelloDone
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 134
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 56 36 28 78 CC 0D CB 96 74 CA 41 73 AF DA ..V6(x....t.As..
0010: 13 E4 CB 1A 6D 9D 4A 60 B3 C6 D3 37 9A 7E F1 D5 ....m.J`...7....
0020: ED F1 79 43 AB AE 49 65 BF 7E 8D 9E B1 85 00 6D ..yC..Ie.......m
CONNECTION KEYGEN:
Client Nonce:
0000: 4D F6 AD 12 14 9A A7 64 04 41 AB 5A 8D A5 C3 16 M......d.A.Z....
0010: FE 04 C4 0C F9 AA EF D0 81 12 13 27 3D 8C E0 04 ...........'=...
Server Nonce:
0000: 4D F6 AD 14 78 7A CD D1 91 F6 19 90 BC 16 6D 55 M...xz........mU
0010: FB AC F2 DE 52 F8 D3 C4 77 D6 CC 93 D2 7B DE DE ....R...w.......
Master Secret:
0000: 74 6A 4F 35 CE 2A 35 62 32 EB 0F E1 2C AA 15 B7 tjO5.*5b2...,...
0010: 1B DC 68 F9 23 86 84 9E B7 2F 74 4A 95 84 49 42 ..h.#..../tJ..IB
0020: B8 CF 08 AC 87 54 F1 6F 45 54 55 78 4D BF 64 E5 .....T.oETUxM.d.
Client MAC write Secret:
0000: 58 23 4F 11 3C D9 1F 6F 92 B6 1D C7 54 C6 31 A2 X#O.<..o....T.1.
0010: 04 A1 11 A2 ....
Server MAC write Secret:
0000: 88 3E FD FC CD 92 A3 1B FC F7 D3 F1 BC 1A D8 7C .>..............
0010: 2C F8 7F 35 ,..5
Client write key:
0000: 2D 40 58 94 60 3D 67 46 A3 D4 04 E4 63 9D 51 85 -@X.`=gF....c.Q.
Server write key:
0000: 35 6F 67 33 16 66 79 04 F2 70 50 90 25 B2 47 EA 5og3.fy..pP.%.G.
... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 150, 197, 98, 40, 19, 100, 205, 73, 146, 104, 202, 162 }
***
main, WRITE: TLSv1 Handshake, length = 36
main, READ: TLSv1 Change Cipher Spec, length = 1
main, READ: TLSv1 Handshake, length = 36
*** Finished
verify_data: { 255, 59, 12, 190, 43, 206, 128, 43, 189, 118, 42, 136 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
main, setSoTimeout(0) called
main, WRITE: TLSv1 Application Data, length = 133
main, READ: TLSv1 Application Data, length = 376
Protocol version: HTTP/1.1
Status code: 200
Reason: OK
Status: HTTP/1.1 200 OK
=== HEADERS ===
Cache-Control=private, max-age=604800
Expires=Tue, 14 Jun 2011 00:36:37 GMT
Date=Tue, 14 Jun 2011 00:36:37 GMT
Refresh=0;URL=https://mail.google.com/mail/
Content-Type=text/html; charset=ISO-8859-1
X-Content-Type-Options=nosniff
X-Frame-Options=SAMEORIGIN
X-XSS-Protection=1; mode=block
Content-Length=234
Server=GSE
=== EOF ===