Server verify and end handshake



Received a problem - you need to go to the client end to find out why
 main, RECV TLSv1.2 ALERT:  fatal, certificate_unknown 
 %% Invalidated:  [Session-1, SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384] 
 main, called closeSocket() 
 main, handling exception: javax.net.ssl.SSLHandshakeException: 
 Received fatal alert: certificate_unknown 

The Client send the key value to use
*** ECDHClientKeyExchange
ECDH Public value:  {
 }
JsseJCE:  Using KeyFactory EC from provider IBMJCE version 1.8
JsseJCE:  Using KeyFactory EC from provider IBMJCE version 1.8
JsseJCE:  Using KeyAgreement ECDH from provider IBMJCE version 1.8
ECDHCrypt:  ECDH KeyAgreement  from provider from initIBMJCE version 1.8
SESSION KEYGEN:
PreMaster Secret:
javax.crypto.spec.SecretKeySpec@5e624290
JsseJCE:  Using KeyGenerator IbmTlsExtendedMasterSecret from provider TBD via init
JsseJCE:  Using KeyGenerator IbmTls12KeyMaterial from provider TBD via init
CONNECTION KEYGEN:
Client Nonce:Data omitted
Server Nonce:Data omitted
Master Secret:Data omitted
Client write key:Data omitted
Server write key:Data omitted
Client write IV:Data omitted
Server write IV:Data omitted
Read more data
Default Executor-thread-32, READ: TLSv1.2 Handshake, length = 520
Validate the certificate using the specified Signature Algorithm
*** CertificateVerify
Signature Algorithm SHA512withRSA
JsseJCE:  Using signature SHA512withRSA from provider TBD via init
Signatures:  Using signature RSA from provider from initVerifyIBMJCE version 1.8
Default Executor-thread-32, READ: TLSv1.2 Change Cipher Spec, length = 1
JsseJCE:  Using cipher AES/GCM/NoPadding from provider TBD via init
Default Executor-thread-32, READ: TLSv1.2 Handshake, length = 40
CipherBox actually does the encryption of data, there will be one of 
these before each send
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
*** Finished
All finished - just send some data down to the client to confirm the encrption works
verify_data:  {
 }
***
JsseJCE:  Using KeyGenerator IbmTls12Prf from provider TBD via init
HandshakeMessage:  TLS Keygenerator IbmTlsPrf  from provider from init IBMJCE version 1.8
JsseJCE:  Using KeyGenerator IbmTls12Prf from provider TBD via init
HandshakeMessage:  TLS Keygenerator IbmTlsPrf  from provider from init IBMJCE version 1.8
Default Executor-thread-32, WRITE: TLSv1.2 Change Cipher Spec, length = 1
JsseJCE:  Using cipher AES/GCM/NoPadding from provider TBD via init
*** Finished
verify_data:  {
 }
***
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
Default Executor-thread-32, WRITE: TLSv1.2 Handshake, length = 40
%% Cached server session: [Session-1, SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
Default Executor-thread-32, WRITE: TLSv1.2 Application Data, length = 878
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
Default Executor-thread-32, WRITE: TLSv1.2 Application Data, length = 5
Default Executor-thread-32, called closeOutbound()
Default Executor-thread-32, closeOutboundInternal()
Default Executor-thread-32
The remote end closed the session
, SEND TLSv1.2 ALERT:
warning,
description = close_notify
CipherBox:  Using cipher AES/GCM/NoPadding from provider from init IBMJCE version 1.8
Default Executor-thread-32, WRITE: TLSv1.2 Alert, length = 26
Default Executor-thread-32, called closeInbound()
Default Executor-thread-32, closeInboundInternal()
Default Executor-thread-32, closeOutboundInternal()

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s