Hi, I have a problem with HttpClient. (All versions, seems to have the same)
When I try to connect an Https site (specifically so.n11.com) I got a connection reset error after the handshake is finalized. If I try to call the same URL with HttpUrlConnection, I dont get any errors. The browsers do not have any problems displaying this site. I started thinking that this could be a bug, or I am doing something wrong. I hope somebody can recognize this issue. The code I am running is pretty straightforward: The same code works for other HTTPS sites I tested. SSLConnectionSocketFactory sslConnectionFactory = new > SSLConnectionSocketFactory(sslContext,new String[] > {"TLSv1","TLSv1.1","TLSv1.2"},null, NoopHostnameVerifier.INSTANCE); > Registry<ConnectionSocketFactory> socketFactoryRegistry = > RegistryBuilder.<ConnectionSocketFactory>create() > .register("http", PlainConnectionSocketFactory.getSocketFactory()) > .register("https", sslConnectionFactory) > .build(); > PoolingHttpClientConnectionManager cm = new > PoolingHttpClientConnectionManager(socketFactoryRegistry); > cm.setDefaultMaxPerRoute(1); > CloseableHttpClient httpClient = HttpClientBuilder.create().build(); > HttpGet httpGet = new HttpGet("https://so.n11.com"); > httpClient.execute(httpGet); > System.out.println("I can never reach this point"); The exception I am receiving is: java.net.SocketException: Connection reset > at java.net.SocketInputStream.read(Unknown Source) > at java.net.SocketInputStream.read(Unknown Source) > at sun.security.ssl.InputRecord.readFully(Unknown Source) > at sun.security.ssl.InputRecord.read(Unknown Source) > at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) > at sun.security.ssl.SSLSocketImpl.readDataRecord(Unknown Source) > at sun.security.ssl.AppInputStream.read(Unknown Source) > at > org.apache.http.impl.io.SessionInputBufferImpl.streamRead(SessionInputBufferImpl.java:139) > at > org.apache.http.impl.io.SessionInputBufferImpl.fillBuffer(SessionInputBufferImpl.java:155) > at > org.apache.http.impl.io.SessionInputBufferImpl.readLine(SessionInputBufferImpl.java:284) > at > org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:140) > at > org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57) > at > org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:261) > at > org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:165) > at > org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:167) > at > org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:272) > at > org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:124) > at > org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:271) > at > org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184) > at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88) > at > org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) > at > org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) > at > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) > at > org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) > at HttpTest.main(HttpTest.java:102) My ssl debugged console output, The last line shows where it is crashing. keyStore is : keyStore type is : jks keyStore provider is : init keystore init keymanager of type SunX509 trustStore is: C:\Program Files\Java\jre7\lib\security\cacerts trustStore type is : jks trustStore provider is : init truststore adding as trusted cert: Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH Algorithm: RSA; Serial number: 0x4eb200670c035d4f Valid from Wed Oct 25 04:36:00 EDT 2006 until Sat Oct 25 04:36:00 EDT 2036 adding as trusted cert: Subject: EMAILADDRESS=i...@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network Issuer: EMAILADDRESS=i...@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network Algorithm: RSA; Serial number: 0x1 Valid from Fri Jun 25 18:23:48 EDT 1999 until Tue Jun 25 18:23:48 EDT 2019 .............other certs are added here..................... trigger seeding of SecureRandom done seeding SecureRandom Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 Allow unsafe renegotiation: true Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false %% No cached client session *** ClientHello, TLSv1 RandomCookie: GMT: 1439249216 bytes = { 181, 51, 240, 91, 213, 128, 253, 130, 175, 1, 120, 144, 175, 47, 84, 255, 110, 176, 90, 12, 1, 222, 26, 228, 217, 253, 204, 183 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension server_name, server_name: [host_name: so.n11.com] *** main, WRITE: TLSv1 Handshake, length = 168 main, READ: TLSv1 Handshake, length = 81 *** ServerHello, TLSv1 RandomCookie: GMT: -248021780 bytes = { 64, 87, 126, 169, 131, 166, 131, 53, 47, 116, 132, 123, 96, 239, 214, 212, 205, 233, 60, 43, 47, 215, 42, 241, 70, 71, 193, 163 } Session ID: {160, 223, 84, 38, 21, 14, 47, 17, 44, 4, 143, 239, 27, 88, 141, 50, 135, 210, 22, 55, 10, 225, 144, 80, 32, 160, 166, 196, 53, 97, 173, 162} Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: <empty> *** %% Initialized: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA] ** TLS_RSA_WITH_AES_128_CBC_SHA main, READ: TLSv1 Handshake, length = 2811 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=www.n11.com, O=Dogus Planet Elektronik Ticaret ve Bilisim Hizmetleri A.S., OU=Dogus Planet IT, STREET=Resitpasa Mah. ITU Teknokent ARI-3 N:4/A-3 Ickapi No:8-9, L=Sariyer, ST=Istanbul, C=TR, OID.1.3.6.1.4.1.311.60.2.1.3=TR, SERIALNUMBER=824112, OID.2.5.4.15=Private Organization Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 22836644521018276508843000972511360511817142465792577836128935435959156931305947010784223146380337369761698668175134462105224854055862419613719124355757789290179807554826760077516112777710883109860118043817151287493315641961466739474383875608008783365165145348645068516141971909173260212386832124402015304544064531092387299432880310533962291809691804377688097843426102003484673487144027667161121551683699081796612343937318530829213637924448835944079059665915427348484513297817037245931982590522360400125477769611363538194862955227499328393935619714246489467507020716345946541974642275640240250388710544525695289196549 public exponent: 65537 Validity: [From: Fri Oct 31 04:02:29 EDT 2014, To: Thu Dec 29 06:26:06 EST 2016] Issuer: CN=GlobalSign Extended Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE SerialNumber: [ 1121bf16 2244ec94 9440daf8 7379f94c b34f] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: caIssuers accessLocation: URIName: http://secure.globalsign.com/cacert/gsextendvalsha2g2r2.crt , accessMethod: ocsp accessLocation: URIName: http://ocsp2.globalsign.com/gsextendvalsha2g2 ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: DA 40 77 43 65 1C F8 FE A7 E3 F4 64 82 3E 4D 43 .@wCe......d.>MC 0010: 13 22 31 02 ."1. ] ] [3]: ObjectId: 2.5.29.19 Criticality=false BasicConstraints:[ CA:false PathLen: undefined ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.globalsign.com/gs/gsextendvalsha2g2.crl] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [1.3.6.1.4.1.4146.1.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 26 68 74 74 70 73 3A 2F 2F 77 77 77 2E 67 6C .& https://www.gl 0010: 6F 62 61 6C 73 69 67 6E 2E 63 6F 6D 2F 72 65 70 obalsign.com/rep 0020: 6F 73 69 74 6F 72 79 2F ository/ ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 19 9D 52 D4 5D 21 D9 9B 34 AE 69 A7 B4 AE 1D EA ..R.]!..4.i..... 0010: 01 16 93 67 ...g ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 28 2D 42 BA 57 3C AF 1A 4B E8 97 50 B0 B6 11 06 (-B.W<..K..P.... 0010: 70 72 92 1A 25 83 F8 21 32 8E A2 7E 38 4F 1E 80 pr..%..!2...8O.. 0020: 48 25 50 2D E4 C8 AE CB 3B 94 18 DC 00 FE CF CA H%P-....;....... 0030: 6B D5 5F 72 1A 4C FF D1 41 B0 ED E7 49 06 D2 FD k._r.L..A...I... 0040: 9B CA 89 6E 4E 33 2B EE 85 CE A3 AE 5E BA 3B 56 ...nN3+.....^.;V 0050: 65 84 5A 43 33 C1 D4 06 6D 4C 98 00 B7 E4 8A 69 e.ZC3...mL.....i 0060: B9 56 0B 3F FA A6 BD 19 C9 FB CC 30 AB 4F 1E 9C .V.?.......0.O.. 0070: 0A 6C E8 4B DA B6 26 B2 20 81 1C 16 74 AD 34 A7 .l.K..&. ...t.4. 0080: 8C D6 E4 60 19 8F 41 9E 2C 1C 9A 21 0D F7 62 39 ...`..A.,..!..b9 0090: 10 A0 4F 2E 18 70 70 60 00 88 C1 F8 6C 3B 0C 68 ..O..pp`....l;.h 00A0: 62 5C FD 5E 35 51 A8 3D C7 D5 BF 78 03 A8 74 1A b\.^5Q.=...x..t. 00B0: FB 6B 50 A0 36 42 16 36 3C 5B CD 60 38 08 06 6A .kP.6B.6<[.`8..j 00C0: AA 67 B7 D4 E6 7A 8B 6B 77 6B 05 67 D1 88 68 0E .g...z.kwk.g..h. 00D0: 88 62 76 83 20 18 2F 72 DD 91 91 13 55 53 5A FC .bv. ./r....USZ. 00E0: 82 E9 1E FB DF F1 5F AE C6 04 DB 45 69 0B 04 38 ......_....Ei..8 00F0: 75 BD ED 0D 1F AE 6B 6D 1E EA 0E 1C 6F 42 4C 25 u.....km....oBL% ] chain [1] = [ [ Version: V3 Subject: CN=GlobalSign Extended Validation CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 20692545121192705092405399875689416275597327546962973690741146883608321881781548932874259264607405405821919372397851572311930571962344287019261678681503760836519538358426465125953767433400572674072012145502030347174099865398052927036123107330917599170883590029311075000964745788613042980084055476636747733880637074492577425731573013081070696586930500469603621400721003820193820122061857579582118659259010126818383230058089163517313498544019626528673455603854715135869762703162961091666004266797443259485594287862070970208959708347187322803241694112144804033788054120679393348853865967461591910068386373642566288179927 public exponent: 65537 Validity: [From: Thu Feb 20 05:00:00 EST 2014, To: Wed Dec 15 03:00:00 EST 2021] Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2 SerialNumber: [ 04000000 0001444e f04a55] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://ocsp.globalsign.com/rootr2 ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 9B E2 07 57 67 1C 1E C0 6A 06 DE 59 B4 9A 2D DF ...Wg...j..Y..-. 0010: DC 19 86 2E .... ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.globalsign.net/root-r2.crl] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.5.29.32.0] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 26 68 74 74 70 73 3A 2F 2F 77 77 77 2E 67 6C .& https://www.gl 0010: 6F 62 61 6C 73 69 67 6E 2E 63 6F 6D 2F 72 65 70 obalsign.com/rep 0020: 6F 73 69 74 6F 72 79 2F ository/ ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: DA 40 77 43 65 1C F8 FE A7 E3 F4 64 82 3E 4D 43 .@wCe......d.>MC 0010: 13 22 31 02 ."1. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 40 EF 12 90 83 74 96 8A F9 3A BA 9B 59 4A 33 D3 @....t...:..YJ3. 0010: EF 4C 13 2B B5 91 CB C9 96 ED 6E F5 6C 64 F1 C6 .L.+......n.ld.. 0020: 84 B2 46 59 5A 58 82 52 F1 34 A0 54 41 64 20 AB ..FYZX.R.4.TAd . 0030: D8 57 3B D4 14 74 71 18 36 CC 13 C1 C7 70 C0 F5 .W;..tq.6....p.. 0040: 45 66 0E 71 AE 87 AF 92 94 EB 71 40 09 F4 CC 77 Ef.q......q@...w 0050: F7 1B 93 85 8A 4A AE 33 85 E6 74 AE F5 10 A6 3E .....J.3..t....> 0060: C9 59 83 C3 F9 5C 96 F9 28 F7 34 7B E9 38 C6 91 .Y...\..(.4..8.. 0070: 3C 4F 71 58 75 FE E1 56 75 76 CD 40 C4 15 40 39 <OqXu..Vuv.@..@9 0080: A9 41 FD 64 10 0F 97 85 07 E8 79 64 D0 5B 4D 4C .A.d......yd.[ML 0090: 9B 27 97 D3 73 5E 92 7E 1F 48 E2 CA B9 05 97 4E .'..s^...H.....N 00A0: EF 2C 1C 6B 4D 8A 5F 78 53 95 CD 02 39 C2 2F E6 .,.kM._xS...9./. 00B0: 69 4F F6 71 D1 99 B5 7F 6D 20 DE 43 8F DB 00 1B iO.q....m .C.... 00C0: A3 3B 37 DE D1 3F 6D F3 B6 90 76 1D AC 9D 6F 84 .;7..?m...v...o. 00D0: 4F 24 94 09 76 E0 9D A8 4D F7 4D 37 8F A4 2F 5F O$..v...M.M7../_ 00E0: 4B 41 E4 49 16 97 CC 7B 6C AF 11 CA 96 54 09 8B KA.I....l....T.. 00F0: 24 51 AE 5D ED A2 F1 BB 53 10 4D 97 FA 1A 77 03 $Q.]....S.M...w. ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2 Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 21057703584475184807565557524537816321491861642060041763647257260224980509300477196924243590718942686590709107534863816871998744486217397041943036790668349398596465655712023148303173173625617456109014852791089527884590320201838663822684972532489783525944263241117811947512306928924706019699374824809368116805968844700689553244922646662031817428598871924656385681991340984751484716908148967287908171187321560857250025694833777855463632395686856225456740364321799926634676042609958611723658984406384068047734580405304178873193147583468071249577706812402337331306461396767845742998827081874578148453783909473879293336463 public exponent: 65537 Validity: [From: Fri Dec 15 03:00:00 EST 2006, To: Wed Dec 15 03:00:00 EST 2021] Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2 SerialNumber: [ 04000000 00010f86 26e60d] Certificate Extensions: 5 [1]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: 9B E2 07 57 67 1C 1E C0 6A 06 DE 59 B4 9A 2D DF ...Wg...j..Y..-. 0010: DC 19 86 2E .... ] ] [2]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:2147483647 ] [3]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.globalsign.net/root-r2.crl] ]] [4]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [5]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 9B E2 07 57 67 1C 1E C0 6A 06 DE 59 B4 9A 2D DF ...Wg...j..Y..-. 0010: DC 19 86 2E .... ] ] ] Algorithm: [SHA1withRSA] Signature: 0000: 99 81 53 87 1C 68 97 86 91 EC E0 4A B8 44 0B AB ..S..h.....J.D.. 0010: 81 AC 27 4F D6 C1 B8 1C 43 78 B3 0C 9A FC EA 2C ..'O....Cx....., 0020: 3C 6E 61 1B 4D 4B 29 F5 9F 05 1D 26 C1 B8 E9 83 <na.MK)....&.... 0030: 00 62 45 B6 A9 08 93 B9 A9 33 4B 18 9A C2 F8 87 .bE......3K..... 0040: 88 4E DB DD 71 34 1A C1 54 DA 46 3F E0 D3 2A AB .N..q4..T.F?..*. 0050: 6D 54 22 F5 3A 62 CD 20 6F BA 29 89 D7 DD 91 EE mT".:b. o.)..... 0060: D3 5C A2 3E A1 5B 41 F5 DF E5 64 43 2D E9 D5 39 .\.>.[A...dC-..9 0070: AB D2 A2 DF B7 8B D0 C0 80 19 1C 45 C0 2D 8C E8 ...........E.-.. 0080: F8 2D A4 74 56 49 C5 05 B5 4F 15 DE 6E 44 78 39 .-.tVI...O..nDx9 0090: 87 A8 7E BB F3 79 18 91 BB F4 6F 9D C1 F0 8C 35 .....y....o....5 00A0: 8C 5D 01 FB C3 6D B9 EF 44 6D 79 46 31 7E 0A FE .]...m..DmyF1... 00B0: A9 82 C1 FF EF AB 6E 20 C4 50 C9 5F 9D 4D 9B 17 ......n .P._.M.. 00C0: 8C 0C E5 01 C9 A0 41 6A 73 53 FA A5 50 B4 6E 25 ......AjsS..P.n% 00D0: 0F FB 4C 18 F4 FD 52 D9 8E 69 B1 E8 11 0F DE 88 ..L...R..i...... 00E0: D8 FB 1D 49 F7 AA DE 95 CF 20 78 C2 60 12 DB 25 ...I..... x.`..% 00F0: 40 8C 6A FC 7E 42 38 40 64 12 F7 9E 81 E1 93 2E @.j..B8@d....... ] main, READ: TLSv1 Handshake, length = 4 *** ServerHelloDone *** ClientKeyExchange, RSA PreMasterSecret, TLSv1 main, WRITE: TLSv1 Handshake, length = 262 SESSION KEYGEN: PreMaster Secret: 0000: 03 01 21 B5 D6 C8 83 20 13 CE 9D 81 F5 A8 8A 41 ..!.... .......A 0010: DF 7C 00 1F DC 55 1E 03 F5 B9 A6 AE FE F5 EF 8F .....U.......... 0020: D8 30 2C 83 3C 66 40 9E D2 EF 06 88 16 AB 4F 87 .0,.<f@.......O. CONNECTION KEYGEN: Client Nonce: 0000: 56 C9 33 40 B5 33 F0 5B D5 80 FD 82 AF 01 78 90 V.3@.3.[......x. 0010: AF 2F 54 FF 6E B0 5A 0C 01 DE 1A E4 D9 FD CC B7 ./T.n.Z......... Server Nonce: 0000: F1 37 7D EC 40 57 7E A9 83 A6 83 35 2F 74 84 7B .7..@W.....5/t.. 0010: 60 EF D6 D4 CD E9 3C 2B 2F D7 2A F1 46 47 C1 A3 `.....<+/.*.FG.. Master Secret: 0000: 6D 69 DA AA B3 B5 32 CB 23 3A 65 0E B9 82 0D A0 mi....2.#:e..... 0010: F1 BA CC 1D 5C 40 AE 40 5F A2 C5 93 4D 1A A0 4E ....\@.@_...M..N 0020: A0 87 22 6E FF D9 64 05 8F 92 EF 8D AE 07 49 54 .."n..d.......IT Client MAC write Secret: 0000: C8 43 0C 40 43 8B B0 CE 7A 2F 0E 1F 03 D3 54 B8 .C.@C...z/....T. 0010: DE 34 8F 90 .4.. Server MAC write Secret: 0000: 6E 93 C2 22 EA EF 6B 2D 28 E1 65 8E 34 48 32 1E n.."..k-(.e.4H2. 0010: 95 21 57 ED .!W. Client write key: 0000: AE 53 70 D1 87 6C 8B 09 E0 17 84 19 F1 6E 48 47 .Sp..l.......nHG Server write key: 0000: 27 4C EC 7F 63 08 FA EA 47 FB 1C F3 05 90 D3 9E 'L..c...G....... Client write IV: 0000: CD FC 9B 82 6C 44 5E 83 FF 64 B1 B8 E1 76 87 97 ....lD^..d...v.. Server write IV: 0000: 4F 4B 7D D1 22 0F 57 1A 87 8D 67 51 F1 95 87 EA OK..".W...gQ.... main, WRITE: TLSv1 Change Cipher Spec, length = 1 *** Finished verify_data: { 102, 197, 238, 191, 74, 233, 79, 51, 129, 63, 254, 62 } *** main, WRITE: TLSv1 Handshake, length = 48 main, READ: TLSv1 Change Cipher Spec, length = 1 main, READ: TLSv1 Handshake, length = 48 *** Finished verify_data: { 126, 240, 234, 164, 31, 72, 200, 61, 37, 219, 129, 50 } *** %% Cached client session: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA] main, WRITE: TLSv1 Application Data, length = 176 main, handling exception: java.net.SocketException: Connection reset %% Invalidated: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA] main, SEND TLSv1 ALERT: fatal, description = unexpected_message main, WRITE: TLSv1 Alert, length = 32 main, Exception sending alert: java.net.SocketException: Connection reset by peer: socket write error main, called closeSocket() main, called close() main, called closeInternal(true)