1
Obtention de l'erreur "org.apache.axis2.AxisFault: HTTP (403)" lors de l'appel d'un service Web sécurisé à partir de WebsphereApplicationServer7 (JRE 1.6). Le service est juste HTTPS et ne nécessite aucune authentification. J'ai importé le certificat dans le fichier de clés certifiées du serveur WebSphere via "Certificats signataires".Websphere Application Server Erreur SSL 403
Je peux appeler le même service via le même WebSphere JRE1.6 en tant que programme java autonome en ajoutant le certificat à la commande cacerts à l'aide de la commande keytool.
Toute aide est appréciée!
SSL journal d'échec DEBUG:
O Using SSLEngineImpl.
O SSLv3 protocol was requested but was not enabled
O SSLv3 protocol was requested but was not enabled
O
Is initial handshake: true
O Ignoring unsupported cipher suite: SSL_RSA_WITH_AES_128_GCM_SHA256
O Ignoring unsupported cipher suite: SSL_RSA_WITH_AES_128_CBC_SHA256
O Ignoring unsupported cipher suite: SSL_DHE_RSA_WITH_AES_128_GCM_SHA256
O Ignoring unsupported cipher suite: SSL_DHE_RSA_WITH_AES_128_CBC_SHA256
O Ignoring unsupported cipher suite: SSL_DHE_DSS_WITH_AES_128_GCM_SHA256
O Ignoring unsupported cipher suite: SSL_DHE_DSS_WITH_AES_128_CBC_SHA256
O %% Client cached [Session-7, SSL_RSA_WITH_AES_128_CBC_SHA]
O %% Try resuming [Session-7, SSL_RSA_WITH_AES_128_CBC_SHA] from port -1
O *** ClientHello, TLSv1
O RandomCookie: GMT: 1474467386 bytes = { 207 }
O Session ID: {16}
O Cipher Suites: [SSL_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_DHE_DSS_WITH_RC4_128_SHA, SSL_RENEGO_PROTECTION_REQUEST]
O Compression Methods: { 0 }
O ***
O [write] MD5 and SHA1 hashes: len = 97
O 0000: ......X.........
O ListenerContainer-1, WRITE: TLSv1 Handshake, length = 97
O [Raw write]: length = 102
O 0000: ....a......X....
O [Raw read]: length = 5
O 0000: 16 03 01 00 51 ....Q
O [Raw read]: length = 81
O 0000: 02 00 00 4d 03 01 58 e3 96 0b 5b d1 87 59 13 41 ...M..X......Y.A
O ListenerContainer-1, READ: TLSv1 Handshake, length = 81
O *** ServerHello, TLSv1
O RandomCookie: GMT: 1474467339 bytes = { 91 }
O Session ID: {16,128}
O Cipher Suite: SSL_RSA_WITH_AES_128_CBC_SHA
O Compression Method: 0
O Extension renegotiation_info, ri_length: 0, ri_connection_data: { null }
O ***
O JsseJCE: Using MessageDigest MD5 from provider IBMJCE version 1.2
O JsseJCE: Using MessageDigest SHA from provider IBMJCE version 1.2
O JsseJCE: Using KeyGenerator IbmTlsKeyMaterial from provider TBD via init
O CONNECTION KEYGEN:
O Client Nonce:
O Server Nonce:
O Master Secret:
O 0000: ..0..x.Q.....3..
O Client MAC write Secret:
O 0000: ..y..3..........
..M.
O Server MAC write Secret:
O 0000: 39 33 d2 cf a0 1c 20 fa e2 4f 02 a1 86 ff b5 c9 93.......O......
w..L
O Client write key:
O 0000: c7 3f fa 9b 84 98 44 bc 4d bb 69 5d 9d d2 71 db ......D.M.i...q.
O Server write key:
O 0000: dc df 01 38 e5 07 32 9e d4 1a b1 8a 5a e8 6f d4 ...8..2.....Z.o.
O Client write IV:
O 0000: a2 15 75 d4 8e d1 1b 4f 31 7b b1 e3 36 01 01 34 ..u....O1...6..4
O Server write IV:
O 0000: e6 46 38 f7 aa 03 f2 7e f4 fb 6b 9f cb 88 df 48 .F8.......k....H
O %% Server resumed [Session-7, SSL_RSA_WITH_AES_128_CBC_SHA]
O [read] MD5 and SHA1 hashes: len = 81
O 0000: 02 00 00 4d 03 01 58 e3 96 0b 5b d1 87 59 13 41 ...M..X......Y.A
O [Raw read]: length = 5
O 0000: 14 03 01 00 01 .....
O [Raw read]: length = 1
O 0000: 01 .
O ListenerContainer-1, READ: TLSv1 Change Cipher Spec, length = 1
O JsseJCE: Using cipher AES/CBC/NoPadding from provider TBD via init
O CipherBox: Using cipher AES/CBC/NoPadding from provider from init IBMJCE version 1.2
O JsseJCE: Using MAC HmacSHA1 from provider TBD via init
O MAC: Using MessageDigest HmacSHA1 from provider IBMJCE version 1.2
O [Raw read]: length = 5
O 0000: 16 03 01 00 30 ....0
O [Raw read]: length = 48
O 0000: 32 d4 5a 8e 54 a3 bc d6 e4 38 f4 fb 3a 85 fa e1 2.Z.T....8......
O ListenerContainer-1, READ: TLSv1 Handshake, length = 48
O 0000: 14 00 00 0c 13 9c d6 b0 ca a6 cd e1 81 dd 8b c1 ................
O *** Finished
O verify_data: { 19, 156, 214, 176, 202, 166, 205, 225, 129, 221, 139, 193 }
O ***
O JsseJCE: Using KeyGenerator IbmTlsPrf from provider TBD via init
O HandshakeMessage: TLS Keygenerator IbmTlsPrf from provider from init IBMJCE version 1.2
O [read] MD5 and SHA1 hashes: len = 16
O 0000: 14 00 00 0c 13 9c d6 b0 ca a6 cd e1 81 dd 8b c1 ................
O JsseJCE: Using KeyGenerator IbmTlsPrf from provider TBD via init
O HandshakeMessage: TLS Keygenerator IbmTlsPrf from provider from init IBMJCE version 1.2
O ListenerContainer-1, WRITE: TLSv1 Change Cipher Spec, length = 1
O JsseJCE: Using cipher AES/CBC/NoPadding from provider TBD via init
O CipherBox: Using cipher AES/CBC/NoPadding from provider from init IBMJCE version 1.2
O JsseJCE: Using MAC HmacSHA1 from provider TBD via init
O MAC: Using MessageDigest HmacSHA1 from provider IBMJCE version 1.2
O *** Finished
O verify_data: { 56, 215, 170, 111, 66, 74, 59, 26, 94, 46, 231, 190 }
O ***
O [write] MD5 and SHA1 hashes: len = 16
O 0000: 14 00 00 0c 38 d7 aa 6f 42 4a 3b 1a 5e 2e e7 be ....8..oBJ......
O Padded plaintext before ENCRYPTION: len = 48
O 0000: 14 00 00 0c 38 d7 aa 6f 42 4a 3b 1a 5e 2e e7 be ....8..oBJ......
O ListenerContainer-1, WRITE: TLSv1 Handshake, length = 48
O [Raw write]: length = 6
O 0000: 14 03 01 00 01 01 ......
O [Raw write]: length = 53
O 0000: 16 03 01 00 30 aa a8 a4 54 00 fd ba 45 1b d8 e2 ....0...T...E...
O Padded plaintext before ENCRYPTION: len = 496
O 0000: 50 4f 53 54 20 2f 49 6c 61 6e 69 53 65 72 76 69 POST..IlaniServi
ce.svc.HTTP.1.1.
.Host..otlsap
p1..enterpri
se.sun.co
m.8090..Accept..
application.soap
.xml.multipart.r
elated.text....U
ser.Agent..IBM.W
ebServices.1.0..
Cache.Control..n
o.cache..Pragma.
.no.cache..SOAPA
ction...http...t
empuri.org.IIlan
iService.P
O ListenerContainer-1, WRITE: TLSv1 Application Data, length = 472
O [Raw write (bb)]: length = 501
O 0000: 17 03 01 01 f0 be c2 0c b6 1a 50 47 bc 99 d5 c3 ..........PG....
0010: a9 01 b0 05 0e f2 0b a8 32 a0 19 6f 48 35 3f a4 ........2..oH5..
O Padded plaintext before ENCRYPTION: len = 32
O 0000: 3c a3 cc cf c4 13 b4 7e 35 a6 26 d7 0e 78 9e 66 ........5....x.f
0010: 9f a9 2e 22 2f 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a ................
O ListenerContainer-1, WRITE: TLSv1 Application Data, length = 1
O Padded plaintext before ENCRYPTION: len = 480
O 0000: 73 6f 61 70 65 6e 76 3a 45 6e 76 65 6c 6f 70 65 soapenv.Envelope
.xmlns.soapenv..
http...schemas.x
mlsoap.org.soap.
envelope....soap
env.Body..ns2.Ad
justBalanc
e.xmlns..http...
schemas.datacont
ract.org.2004.07
O ListenerContainer-1, WRITE: TLSv1 Application Data, length = 456
O [Raw write (bb)]: length = 522
O 0000: 17 03 01 00 20 8b 55 88 99 5b b5 b6 2d 04 a0 b2 ......U.........
0010: 62 88 01 77 f9 d7 7d 58 8c 13 3e 61 0d 55 ab d2 b..w...X...a.U..
O [Raw read]: length = 5
O 0000: 16 03 01 00 20 .....
O [Raw read]: length = 32
O 0000: 9d 7f 17 1a 16 ca 52 b8 8c f6 6e e9 81 a1 e9 47 ......R...n....G
0010: 03 6c ac d4 25 e9 5f 90 a2 48 f7 a2 7c fe 5e 6e .l.......H.....n
O ListenerContainer-1, READ: TLSv1 Handshake, length = 32
O 0000: 00 00 00 00 f6 20 dc f4 08 0c 1a 51 c3 79 9f 04 ...........Q.y..
0010: 73 a2 e1 ea 8a ca dd d4 07 07 07 07 07 07 07 07 s...............
O ListenerContainer-1, RENEGOTIATE
O
Is initial handshake: false
O Ignoring unsupported cipher suite: SSL_RSA_WITH_AES_128_GCM_SHA256
O Ignoring unsupported cipher suite: SSL_RSA_WITH_AES_128_CBC_SHA256
O Ignoring unsupported cipher suite: SSL_DHE_RSA_WITH_AES_128_GCM_SHA256
O Ignoring unsupported cipher suite: SSL_DHE_RSA_WITH_AES_128_CBC_SHA256
O Ignoring unsupported cipher suite: SSL_DHE_DSS_WITH_AES_128_GCM_SHA256
O Ignoring unsupported cipher suite: SSL_DHE_DSS_WITH_AES_128_CBC_SHA256
O *** HelloRequest (empty)
O %% Client cached [Session-7, SSL_RSA_WITH_AES_128_CBC_SHA]
O %% Try resuming [Session-7, SSL_RSA_WITH_AES_128_CBC_SHA] from port -1
O *** ClientHello, TLSv1
O RandomCookie: GMT: 1474467386 bytes = { 47, 48, 108, 24, 0, 145, 59, 124, 205, 83, 175, 151, 62, 250, 72, 23, 83, 219, 54, 35, 246, 240, 218, 216, 8, 185, 240, 129 }
O Session ID: {16, 48, 0, 0, 26, 118, 255, 9, 42, 147, 147, 244, 73, 27, 74, 188, 230, 10, 207, 45, 40, 144, 227, 82, 57, 194, 148, 119, 92, 41, 25, 128}
O Cipher Suites: [SSL_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_DHE_DSS_WITH_RC4_128_SHA]
O Compression Methods: { 0 }
O Extension renegotiation_info, ri_length: 12, ri_connection_data: { 56, 215, 170, 111, 66, 74, 59, 26, 94, 46, 231, 190 }
O ***
O [write] MD5 and SHA1 hashes: len = 114
O 0000: 01 00 00 6e 03 01 58 e3 96 3a 2f 30 6c 18 00 91 ...n..X....0l...
O Padded plaintext before ENCRYPTION: len = 144
O 0000: 01 00 00 6e 03 01 58 e3 96 3a 2f 30 6c 18 00 91 ...n..X....0l...
O ListenerContainer-1, WRITE: TLSv1 Handshake, length = 144
O [Raw write]: length = 149
O 0000: 16 03 01 00 90 39 0c d3 85 c2 c7 a6 db 1b 19 c9 .....9..........
O [Raw read]: length = 5
O 0000: 16 03 01 03 c0 .....
O [Raw read]: length = 960
O 0000: 52 a5 c4 98 5e 3a ba 29 0c 5d 33 ba e7 a6 f6 9d R.........3.....
O ListenerContainer-1, READ: TLSv1 Handshake, length = 960
O 0000: 02 00 00 65 03 01 58 e3 96 0b d1 0f ec fc 78 bd ...e..X.......x.
O *** ServerHello, TLSv1
O RandomCookie: GMT: 1474467339 bytes = { 209, 15, 236, 252, 120, 189, 229, 92, 195, 178, 12, 253, 84, 35, 32, 141, 135, 199, 74, 135, 129, 147, 179, 39, 140, 238, 136, 245 }
O Session ID: {227, 16, 0, 0, 137, 23, 115, 18, 172, 166, 216, 5, 39, 117, 98, 130, 126, 247, 92, 123, 95, 173, 213, 94, 76, 116, 115, 203, 213, 63, 223, 177}
O Cipher Suite: SSL_RSA_WITH_AES_128_CBC_SHA
O Compression Method: 0
O Extension renegotiation_info, ri_length: 24, ri_connection_data: { 56, 215, 170, 111, 66, 74, 59, 26, 94, 46, 231, 190, 19, 156, 214, 176, 202, 166, 205, 225, 129, 221, 139, 193 }
O ***
O JsseJCE: Using MessageDigest MD5 from provider IBMJCE version 1.2
O JsseJCE: Using MessageDigest SHA from provider IBMJCE version 1.2
O RI_Extension verification complete
O %% Initialized: [Session-8, SSL_RSA_WITH_AES_128_CBC_SHA]
O ** SSL_RSA_WITH_AES_128_CBC_SHA
O [read] MD5 and SHA1 hashes: len = 105
O 0000: 02 00 00 65 03 01 58 e3 96 0b d1 0f ec fc 78 bd ...e..X.......x.
O *** Certificate chain
O chain [0] = [
[
Version: V3
Subject: CN=OTLS..enterprise.sun.com
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: IBMJCE RSA Public Key:
modulus:
23553703497639596335070510257137281846668772458655810320677790628829221930261149412925591183146781723536526781277172608739916146526544854651533994944277413821681774452388324836206810729946188205549925379818388956830834110706891819099617718057830110501768074462851693346833893969477290813937343022841978362903738008267590984351543136396192926768606970581686949544516090193350198903123024609160656153681262348428606470586055201848713219772934786602559592543952662556702629365940208481126300406324501533729138789679650468030591267044786502786266360792591465166026083070678688183035912219682765397505679240220734169611841
public exponent:
65537
Validity: [From: Mon Feb 27 07:21:04 EST 2017,
To: Mon Feb 26 19:00:00 EST 2018]
Issuer: CN=OTLS..enterprise.sun.com
SerialNumber: [157540854616312716013046194484672082663]
Certificate Extensions: 2
[1]: ObjectId: 2.5.29.37 Criticality=false
ExtKeyUsage [
1.3.6.1.5.5.7.3.1]
[2]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 95 2e 1f 6b bf f4 08 1b 05 bc af 0b 83 2b d5 9e ...k............
]
O ***
O Found trusted certificate:
O [
[
Version: V3
Subject: CN=OTLS..enterprise.sun.com
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: IBMJCE RSA Public Key:
modulus:
23553703497639596335070510257137281846668772458655810320677790628829221930261149412925591183146781723536526781277172608739916146526544854651533994944277413821681774452388324836206810729946188205549925379818388956830834110706891819099617718057830110501768074462851693346833893969477290813937343022841978362903738008267590984351543136396192926768606970581686949544516090193350198903123024609160656153681262348428606470586055201848713219772934786602559592543952662556702629365940208481126300406324501533729138789679650468030591267044786502786266360792591465166026083070678688183035912219682765397505679240220734169611841
public exponent:
65537
Validity: [From: Mon Feb 27 07:21:04 EST 2017,
To: Mon Feb 26 19:00:00 EST 2018]
Issuer: CN=OTLS..enterprise.sun.com
SerialNumber: [157540854616312716013046194484672082663]
Certificate Extensions: 2
[1]: ObjectId: 2.5.29.37 Criticality=false
ExtKeyUsage [
1.3.6.1.5.5.7.3.1]
[2]: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
Key_Encipherment
Data_Encipherment
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 95 2e 1f 6b bf f4 08 1b 05 bc af 0b 83 2b d5 9e ...k............
]
O [read] MD5 and SHA1 hashes: len = 806
O 0000: 0b 00 03 22 00 03 1f 00 03 1c 30 82 03 18 30 82 ..........0...0.
0010: 02 00 a0 03 02 01 02 02 10 76 85 43 d2 e9 21 07 .........v.C....
O *** CertificateRequest
O Cert Types: RSA, DSS, ECDSA
O Cert Authorities:
O <Empty>
O [read] MD5 and SHA1 hashes: len = 10
O 0000: 0d 00 00 06 03 01 02 40 00 00 ..........
O *** ServerHelloDone
O [read] MD5 and SHA1 hashes: len = 4
O 0000: 0e 00 00 00 ....
O ClientHandshaker: KeyManager com.ibm.ws.ssl.core.WSX509KeyManager
O matching alias: default
O *** Certificate chain
O chain [0] = [
[
Version: V3
Subject: CN=XQ1..enterprise.sun.com, OU=XQ1Node01Cell, OU=XQ1Node01, O=IBM, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: IBMJCE RSA Public Key:
modulus:
110843921622147780318384621158214764705470317393194727986877851877285223474158936772266058764800503835209829711284711944290493529045508433479261112669514928128534895563063819307253434406155487303648611935061998559156762974027014248792380105199377095915876433187824227059900869413289818622830165728007892211197
public exponent:
65537
Validity: [From: Sun Mar 05 17:32:19 EST 2017,
To: Mon Mar 05 17:32:19 EST 2018]
Issuer: CN=XQ1..enterprise.sun.com, OU=Root Certificate, OU=XQ1Node01Cell, OU=XQ1Node01, O=IBM, C=US
SerialNumber: [32229148073970]
Certificate Extensions: 2
[1]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: ProfileUUID:was70profile1-BASE-8665f1be-6c91-4f3f-9737-7ea56a84c9a7]]
[2]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 4c 25 62 5f 59 c0 a9 87 L.b.Y...
]
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 64 3c 9d e8 00 ca f0 f9 9a 33 10 a1 16 39 3a 6d d........3...9.m
]
O chain [1] = [
[
Version: V3
Subject: CN=XQ1..enterprise.sun.com, OU=Root Certificate, OU=XQ1Node01Cell, OU=XQ1Node01, O=IBM, C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: IBMJCE RSA Public Key:
modulus:
133709287124393792230601765881699139284227312626945278928615499964607234524332116007234980646619761347476316748109684673947697597508730909561799232875111817433344405710867175697607140981134928059514395419168832779709507872705080489476741742323610788920900244447196181703106638720154734901400895308937603956483
public exponent:
65537
Validity: [From: Thu Dec 15 12:44:52 EST 2011,
To: Fri Dec 11 12:44:52 EST 2026]
Issuer: CN=XQ1..enterprise.sun.com, OU=Root Certificate, OU=XQ1Node01Cell, OU=XQ1Node01, O=IBM, C=US
SerialNumber: [14851033508608]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
[2]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
[RFC822Name: ProfileUUID:was70profile1-BASE-8665f1be-6c91-4f3f-9737-7ea56a84c9a7]]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 4b be 7e 6a 81 18 dc 91 K..j....
]
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 7f 18 a5 d0 88 a1 95 d4 2c 8e b9 51 13 21 b5 df ...........Q....
]
O ***
O JsseJCE: Choose KeyGenerator for IbmTlsRsaPremasterSecret.
O JsseJCE: Using KeyGenerator IbmTlsRsaPremasterSecret from provider TBD via init
O JsseJCE: Using cipher RSA/SSL/PKCS1Padding from provider TBD via init
O PreMasterSecret: Using cipher for wrap RSA/SSL/PKCS1Padding from provider from init IBMJCE version 1.2
O *** ClientKeyExchange, RSA PreMasterSecret, TLSv1
O [write] MD5 and SHA1 hashes: len = 1857
O 0000: ...7..4...0...0.
O Padded plaintext before ENCRYPTION: len = 1888
O 0000: ...7..4...0...0.
O ListenerContainer-1, WRITE: TLSv1 Handshake, length = 1888
O SESSION KEYGEN:
O PreMaster Secret:
O 0000: ........Q.J...K.
O [email protected]
O JsseJCE: Using KeyGenerator IbmTlsMasterSecret from provider TBD via init
O JsseJCE: Using KeyGenerator IbmTlsKeyMaterial from provider TBD via init
O CONNECTION KEYGEN:
O Client Nonce:
O 0000: 58 e3 96 3a 2f 30 6c 18 00 91 3b 7c cd 53 af 97 X....0l......S..
O Server Nonce:
O 0000: 58 e3 96 0b d1 0f ec fc 78 bd e5 5c c3 b2 0c fd X.......x.......
O Master Secret:
O 0000: 31 f7 d1 f5 85 14 c3 3f b4 86 26 04 e9 5d 4a 80 1.............J.
O Client MAC write Secret:
O 0000: 3d f9 24 a2 e8 6b a3 3a 1d cb 1d 89 c4 92 14 dd .....k..........
O Server MAC write Secret:
O 0000: ...W......m.Z..2
O Client write key:
O 0000: p..9....U..f....
O Server write key:
O 0000: 12 69 bf 32 56 85 16 a8 ef f4 56 f7 2e 59 99 62 .i.2V.....V..Y.b
O Client write IV:
O 0000: fe 71 85 da 9e c1 4c 9b 2d 78 47 6d 6b 0b 14 47 .q....L..xGmk..G
O Server write IV:
O 0000: b6 00 6c c6 06 89 77 96 73 54 97 77 2b 92 91 6c ..l...w.sT.w...l
O JsseJCE: Using signature RSAforSSL from provider TBD via init
O JsseJCE: Using MessageDigest MD5 from provider IBMJCE version 1.2
O JsseJCE: Using MessageDigest SHA from provider IBMJCE version 1.2
O Signatures: Using signature RSA from provider from initSignIBMJCE version 1.2
O *** CertificateVerify
O [write] MD5 and SHA1 hashes: len = 134
O 0000: 0f 00 00 82 00 80 8f 81 da ae ea d9 b0 80 7d f3 ................
O JsseJCE: Using KeyGenerator IbmTlsPrf from provider TBD via init
O HandshakeMessage: TLS Keygenerator IbmTlsPrf from provider from init IBMJCE version 1.2
O Padded plaintext before ENCRYPTION: len = 160
O 0000: 0f 00 00 82 00 80 8f 81 da ae ea d9 b0 80 7d f3 ................
O ListenerContainer-1, WRITE: TLSv1 Handshake, length = 160
O Padded plaintext before ENCRYPTION: len = 32
O 0000: ....R..u.iAt7.q.
O ListenerContainer-1, WRITE: TLSv1 Change Cipher Spec, length = 32
O JsseJCE: Using cipher AES/CBC/NoPadding from provider TBD via init
O CipherBox: Using cipher AES/CBC/NoPadding from provider from init IBMJCE version 1.2
O JsseJCE: Using MAC HmacSHA1 from provider TBD via init
O MAC: Using MessageDigest HmacSHA1 from provider IBMJCE version 1.2
O *** Finished
O verify_data: { 100 }
O ***
O [write] MD5 and SHA1 hashes: len = 16
O 0000: .....g........jd
O Padded plaintext before ENCRYPTION: len = 48
O 0000: .....g........jd
O ListenerContainer-1, WRITE: TLSv1 Handshake, length = 48
O [Raw write]: length = 1893
O 0000: 16 03 01 07 60 30 e0 6b 5b 53 27 32 30 1a b2 be .....0.k.S.20...
O [Raw write]: length = 165
O 0000: 16 03 01 00 a0 42 1b 86 be 1e ac 1d 81 23 74 44 .....B........tD
O [Raw write]: length = 37
O 0000: 14 03 01 00 20 24 21 46 20 90 77 7a 1d 02 81 b2 .......F..wz....
O [Raw write]: length = 53
O 0000: ....0.3.a...x...
O [Raw read]: length = 5
O 0000: 14 03 01 00 20 .....
O [Raw read]: length = 32
O 0000: ...m.....x..0...
O ListenerContainer-1, READ: TLSv1 Change Cipher Spec, length = 32
O 0000: .O.......nJ...g.
O JsseJCE: Using cipher AES/CBC/NoPadding from provider TBD via init
O CipherBox: Using cipher AES/CBC/NoPadding from provider from init IBMJCE version 1.2
O JsseJCE: Using MAC HmacSHA1 from provider TBD via init
O MAC: Using MessageDigest HmacSHA1 from provider IBMJCE version 1.2
O [Raw read]: length = 5
O 0000: 16 03 01 00 30 ....0
O [Raw read]: length = 48
O 0000: 04 93 78 76 db 42 1d af 85 e9 bd 2b b8 7a d6 e6 ..xv.B.......z..
O ListenerContainer-1, READ: TLSv1 Handshake, length = 48
O 0000: 14 00 00 0c 77 2e ab 89 d0 91 9c 47 12 35 00 40 ....w......G.5..
O *** Finished
O verify_data: { 119, 46, 171, 137, 208, 145, 156, 71, 18, 53, 0, 64 }
O ***
O JsseJCE: Using KeyGenerator IbmTlsPrf from provider TBD via init
O HandshakeMessage: TLS Keygenerator IbmTlsPrf from provider from init IBMJCE version 1.2
O cached session [Session-8, SSL_RSA_WITH_AES_128_CBC_SHA]
O %% Cached client session: [Session-8, SSL_RSA_WITH_AES_128_CBC_SHA]
O [read] MD5 and SHA1 hashes: len = 16
O 0000: ....w......G.5..
O [Raw read (bb)]: length = 37
O 0000: 17 03 01 00 20 c4 23 30 6c 3e 32 03 92 8a a8 b8 .......0l.2.....
O Padded plaintext after DECRYPTION: len = 32
O 0000: 48 de e8 a9 44 bf cf 82 73 c1 a2 4c b7 01 8c 12 H...D...s..L....
O [Raw read (bb)]: length = 1429
O 0000: 17 03 01 05 90 ed 7b 79 7c b6 e2 b4 2e 17 54 68 .......y......Th
O Padded plaintext after DECRYPTION: len = 1424
O 0000: TTP.1.1.403.Forb
idden..Content.T
ype..text.html..
Server.http.eq
uiv..Content.Typ
e..content..text
.html..charset.i
so.8859.1......t
itle.403...Forbi
dden..Access.is.
denied...title..
Mise à jour: journal ssl tronquée réussie à partir autonome IBM Java JRE client.
IBMJSSE2 to send SCSV Cipher Suite on initial ClientHello
JsseJCE: Using SecureRandom IBMSecureRandom from provider IBMJCE version 1.2
*** ServerHello, TLSv1
Cipher Suite: SSL_RSA_WITH_AES_128_CBC_SHA
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
JsseJCE: Choose KeyGenerator for IbmTlsRsaPremasterSecret.
JsseJCE: Using KeyGenerator IbmTlsRsaPremasterSecret from provider TBD via init
JsseJCE: Using cipher RSA/SSL/PKCS1Padding from provider TBD via init
PreMasterSecret: Using cipher for wrap RSA/SSL/PKCS1Padding from provider from init IBMJCE version 1.2
JsseJCE: Using KeyGenerator IbmTlsPrf from provider TBD via init
HandshakeMessage: TLS Keygenerator IbmTlsPrf from provider from init IBMJCE version 1.2
main, WRITE: TLSv1 Change Cipher Spec, length = 1
JsseJCE: Using cipher AES/CBC/NoPadding from provider TBD via init
CipherBox: Using cipher AES/CBC/NoPadding from provider from init IBMJCE version 1.2
JsseJCE: Using MAC HmacSHA1 from provider TBD via init
main, READ: TLSv1 Change Cipher Spec, length = 1
JsseJCE: Using cipher AES/CBC/NoPadding from provider TBD via init
CipherBox: Using cipher AES/CBC/NoPadding from provider from init IBMJCE version 1.2
*** ServerHello, TLSv1
Cipher Suite: SSL_RSA_WITH_AES_128_CBC_SHA
*** ServerHelloDone
[read] MD5 and SHA1 hashes: len = 4
0000: 0e 00 00 00 ....
ClientHandshaker: KeyManager com.ibm.jsse2.aJ
JsseJCE: Using KeyAgreement ECDH from provider IBMJCE version 1.2
JsseJCE: Using signature SHA1withECDSA from provider TBD via init
JsseJCE: Using signature NONEwithECDSA from provider TBD via init
JsseJCE: Using KeyFactory EC from provider IBMJCE version 1.2
JsseJCE: Using KeyPairGenerator EC from provider TBD via init
JsseJce: EC is available
*** Certificate chain
***
JsseJCE: Choose KeyGenerator for IbmTlsRsaPremasterSecret.
JsseJCE: Using KeyGenerator IbmTlsRsaPremasterSecret from provider TBD via init
JsseJCE: Using cipher RSA/SSL/PKCS1Padding from provider TBD via init
PreMasterSecret: Using cipher for wrap RSA/SSL/PKCS1Padding from provider from init IBMJCE version 1.2
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
JsseJCE: Using cipher AES/CBC/NoPadding from provider TBD via init
CipherBox: Using cipher AES/CBC/NoPadding from provider from init IBMJCE version 1.2
JsseJCE: Using MAC HmacSHA1 from provider TBD via init
MAC: Using MessageDigest HmacSHA1 from provider IBMJCE version 1.2
*** Finished
verify_data: { 216, 231, 207, 130, 172, 141, 204, 125, 55, 250, 84, 30 }
***
JsseJCE: Using KeyGenerator IbmTlsPrf from provider TBD via init
HandshakeMessage: TLS Keygenerator IbmTlsPrf from provider from init IBMJCE version 1.2
cached session [Session-2, SSL_RSA_WITH_AES_128_CBC_SHA]
%% Cached client session: [Session-2, SSL_RSA_WITH_AES_128_CBC_SHA]
main, READ: TLSv1 Application Data, length = 720
TTP.1.1.200.OK..
Cache.Control..p
rivate..Content.
Qu'est-ce chiffre est négocié lorsque vous testez un client java de ligne de commande? le 403 vient clairement du serveur principal. – covener
@covener S'il vous plaît voir les mises à jour. – Kgan
pas de chance, malheureusement, cela doit vraiment être débogué au serveur d'origine e il renvoie 403. – covener