SSL

Accessing JBoss Management Console over Https in JBossAS7.1.2

Hi,

In this demonstration we will see how to access the JBoss Management Console over HTTPS in a secured manner, As it is desired in many production/secure environment to access the JBoss Management Console over https sothat the communication will be in SSL encrypted format. So in this example we will see how to configure the JBoss AS7.1.2 sothat we can connect to JBoss Management Console via SSL port 9991 (management-console-https socket binding).

Step1). First if all we will create Security certificates with the help of JDK provided utility “keytool”, So make sure that the JDK’s bin directory is added in your shell/command prompts PATH variable like following (We are creating the “chap8.keystore” inside “$JBOSS_HOME/standalone/configuration” directory):

.
[userone@localhost ~]$ cd /home/userone/jboss-as-7.1.2.Final/standalone/configuration/

[userone@localhost configuration]$ export PATH=/home/userone/MyJdks/jdk1.6.0_21/bin:$PATH

[userone@localhost configuration] keytool -genkey -keystore chap8.keystore -storepass rmi+ssl -keypass rmi+ssl -keyalg RSA -alias chapter8 -validity 3650 -dname "cn=chapter8 example,ou=admin book,dc=jboss,dc=org"
.

Step2). Make sure that the JBoss AS7.1.2 is running, In our case we started JBossAS7.1.2 “standalone-full.xml” profile.

.
[userone@localhost bin]$ ./standalone.sh -c standalone-full.xml
.

Step3). Now We will configure the <server-identities> for ManagementRealm By specifying the SSL informations. We will use the following CLI Commands in order to achieve the goal

[userone@localhost bin]$ cd /home/userone/jboss-as-7.1.2.Final/bin

[userone@localhost bin]$ ./jboss-cli.sh -c --controller=localhost:9999
.
[standalone@localhost:9999 /] /core-service=management/security-realm=ManagementRealm/server-identity=ssl:add(keystore-password="rmi+ssl", keystore-path="chap8.keystore", keystore-relative-to="jboss.server.config.dir", alias="chapter8",protocol="TLSv1")
{
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
    }
}


[standalone@localhost:9999 /] /socket-binding-group=standard-sockets/socket-binding=management-console-https/:add(port=9991,interface=management,fixed-port=false)
{
    "outcome" => "success",
    "response-headers" => {"process-state" => "reload-required"}
}


[standalone@localhost:9999 /] /core-service=management/management-interface=http-interface/:write-attribute(name=secure-socket-binding,value=management-console-https)
{
    "outcome" => "success",
    "response-headers" => {"process-state" => "reload-required"}
}


[standalone@localhost:9999 /] /core-service=management/management-interface=http-interface/:undefine-attribute(name=socket-binding)
{
    "outcome" => "success",
    "response-headers" => {"process-state" => "reload-required"}
}
.

Once your above CLI command is executed successfully you will notice the following in your JBossAS 7.1.2 configuration file “standalone-full.xml”:


    <management>
        <security-realms>
            <security-realm name="ManagementRealm">
                <server-identities>
                    <ssl protocol="TLSv1">
                        <keystore path="chap8.keystore" relative-to="jboss.server.config.dir" keystore-password="rmi+ssl" alias="chapter8"/>
                    </ssl>
                </server-identities>
                <authentication>
                    <local default-user="$local"/>
                    <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
                </authentication>
            </security-realm>
            <security-realm name="ApplicationRealm">
                <authentication>
                    <local default-user="$local" allowed-users="*"/>
                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
                </authentication>
                <authorization>
                    <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
                </authorization>
            </security-realm>
        </security-realms>
        <management-interfaces>
            <native-interface security-realm="ManagementRealm">
                <socket-binding native="management-native"/>
            </native-interface>
            <http-interface security-realm="ManagementRealm">
                <socket-binding https="management-console-https"/>
            </http-interface>
        </management-interfaces>
    </management>
    .
    .
    .
    .
    <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
        <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>
        <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
        <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>
         .
         .
        <socket-binding name="management-console-https" interface="management" port="9991" fixed-port="false"/>
         .
         .
        <outbound-socket-binding name="mail-smtp">
            <remote-destination host="localhost" port="25"/>
        </outbound-socket-binding>
    </socket-binding-group>

Step4). Now restart your JBoss AS 7.1.2 again as following:

.
[userone@localhost bin]$ ./standalone.sh -c standalone-full.xml 
.

Step5). Now Try to access the JBoss Management Console with the following URL:

https://localhost:9991/console

Achieving same in Domain Mode

In your “master” Host “$JBOSS_HOME/domain/configuration/host.xml” you will need to define the tag as following:

            <security-realm name="ManagementRealm">
                <server-identities>
                    <ssl protocol="TLSv1">
                        <keystore path="chap8.keystore" relative-to="jboss.domain.config.dir" keystore-password="rmi+ssl" alias="chapter8"/>
                    </ssl>
                </server-identities>
                <authentication>
                    <local default-user="$local"/>
                    <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
                </authentication>
            </security-realm>

Alter the “http-interface” as following in the same “master” host.xml file.

        <management-interfaces>
            <native-interface security-realm="ManagementRealm">
                <socket interface="management" port="${jboss.management.native.port:9999}"/>
            </native-interface>
            <http-interface security-realm="ManagementRealm">
                <socket interface="management" secure-port="9991"/>
            </http-interface>
        </management-interfaces>

Or you can use the following command to achieve the same:

/host=master/core-service=management/management-interface=http-interface/:write-attribute(name=secure-port,value=9991)
/host=master/core-service=management/management-interface=http-interface/:undefine-attribute(name=port)

Restart JBoss EAP6 and then check the CONSOLE output to see if you find the following:

[Host Controller] 10:00:04,445 INFO  [org.jboss.as] (Controller Boot Thread) JBAS015952: Admin console listening on https://127.0.0.1:9991

.
.
Thanks 🙂
MiddlewareMagic Team


Enabling SSL Communication for the Native Management Interface using CLI

Hi,

In this demonstration we will see how to configure Native Management Interface to use the SSL, As it is desired in many production/secure environment to access the JBoss via CLI utility over SSL sothat the communication will be in SSL encrypted format. So in this example we will see how to configure the JBoss AS7.1.2 sothat we can connect to it via SSL port 9443 (management-https socket binding).

Step1). First if all we will create Security certificates with the help of JDK provided utility “keytool”, So make sure that the JDK’s bin directory is added in your shell/command prompts PATH variable like following (We are creating the “chap8.keystore” inside “$JBOSS_HOME/standalone/configuration” directory):

.
[userone@localhost ~]$ cd /home/userone/jboss-as-7.1.2.Final/standalone/configuration/

[userone@localhost configuration]$ export PATH=/home/userone/MyJdks/jdk1.6.0_21/bin:$PATH

[userone@localhost configuration] keytool -genkey -keystore chap8.keystore -storepass rmi+ssl -keypass rmi+ssl -keyalg RSA -alias chapter8 -validity 3650 -dname "cn=chapter8 example,ou=admin book,dc=jboss,dc=org"
.

Step2). Make sure that the JBoss AS7.1.2 is running, In our case we started JBossAS7.1.2 “standalone-full.xml” profile.

.
[userone@localhost bin]$ ./standalone.sh -c standalone-full.xml
.

Step3). Now We will configure the <server-identities> for ManagementRealm By specifying the SSL informations. We will use the following CLI Commands in order to achieve the goal

[userone@localhost bin]$ cd /home/userone/jboss-as-7.1.2.Final/bin

[userone@localhost bin]$ ./jboss-cli.sh -c --controller=localhost:9999

[standalone@localhost:9999 /] /core-service=management/security-realm=ManagementRealm/server-identity=ssl:add(keystore-password="rmi+ssl", keystore-path="chap8.keystore", keystore-relative-to="jboss.server.config.dir", alias="chapter8",protocol="TLSv1")


{
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
    }
}


[standalone@localhost:9999 /] /core-service=management/management-interface=native-interface/:write-attribute(name=socket-binding,value=management-https)


{
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
    }
}

Once your above CLI command is executed successfully you will notice the following in your JBossAS 7.1.2 configuration file “standalone-full.xml”:


    <management>
        <security-realms>
            <security-realm name="ManagementRealm">
                <server-identities>
                    <ssl protocol="TLSv1">
                        <keystore path="chap8.keystore" relative-to="jboss.server.config.dir" keystore-password="rmi+ssl" alias="chapter8"/>
                    </ssl>
                </server-identities>
                <authentication>
                    <local default-user="$local"/>
                    <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
                </authentication>
            </security-realm>
            <security-realm name="ApplicationRealm">
                <authentication>
                    <local default-user="$local" allowed-users="*"/>
                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
                </authentication>
                <authorization>
                    <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
                </authorization>
            </security-realm>
        </security-realms>
        <management-interfaces>
            <native-interface security-realm="ManagementRealm">
                <socket-binding native="management-https"/>
            </native-interface>
            <http-interface security-realm="ManagementRealm">
                <socket-binding http="management-http"/>
            </http-interface>
        </management-interfaces>
    </management>

Step4). Now restart your JBoss AS 7.1.2 again as following:
-Djavax.net.debug=all This System property will give us more details about the SSL Communication so we enabled it just to varify if the SSL configuration is working properly or not.

.
[userone@localhost bin]$ ./standalone.sh -c standalone-full.xml  -Djavax.net.debug=all
.

Step5). Now there will be a slignt change in the way we used to connect to the JBoss Via CLI command, It will be happening via “management-https” (9443) now as following:

.
[userone@localhost bin]$ ./jboss-cli.sh -c --controller=localhost:9443
Unable to connect due to unrecognised server certificate
Subject    - CN=chapter8 example,OU=admin book,DC=jboss,DC=org
Issuer     - CN=chapter8 example, OU=admin book, DC=jboss, DC=org
Valid From - Sat Sep 15 20:13:01 IST 2012
Valid To   - Tue Sep 13 20:13:01 IST 2022
MD5 : 20:c7:41:56:34:c2:15:49:e3:95:84:ab:19:fc:1f:ca
SHA1 : c9:c0:b4:8b:82:18:6b:3d:35:c3:1e:26:7f:52:e5:8c:ab:93:35:78

Accept certificate? [N]o, [T]emporarily, [P]ermenantly : T
[standalone@localhost:9443 /] 

.

.
.
Thanks 🙂
MiddlewareMagic Team


Configuring Https Connector using CLI on JBossAS 7.1.2 & Testing with Java TestClient

Hi,

In this demonstration we will see how to configure Https connector using CLI commands on JBossAS 7.1.2 sothat we can access server deployed resources over SSL on secure port 8443. We will also see how to access the resources over HTTPS through a simple standalone java based client program.

NOTE: This demo can be downloaded from Github:
https://github.com/jaysensharma/MiddlewareMagicDemos/tree/master/SSL_With_CLI_&_JavaBased_TestClient

Step1). First if all we will create Security certificates with the help of JDK provided utility “keytool”, So make sure that the JDK’s bin directory is added in your shell/command prompts PATH variable like following (We are creating the “chap8.keystore” inside “$JBOSS_HOME/standalone/configuration” directory):

.
[userone@localhost ~]$ cd /home/userone/jboss-as-7.1.2.Final/standalone/configuration/

[userone@localhost configuration]$ export PATH=/home/userone/MyJdks/jdk1.6.0_21/bin:$PATH

[userone@localhost configuration] keytool -genkey -keystore chap8.keystore -storepass rmi+ssl -keypass rmi+ssl -keyalg RSA -alias chapter8 -validity 3650 -dname "cn=chapter8 example,ou=admin book,dc=jboss,dc=org"
.

Step2). Make sure that the JBoss AS7.1.2 is running, In our case we started JBossAS7.1.2 “standalone-full.xml” profile.

.
[userone@localhost bin]$ ./standalone.sh -c standalone-full.xml
.

Step3). Now We will configure the Https connector to listen on Secured port “8443” on our JBoss, we will take help of the CLI utility in order to configure the same:

[userone@localhost bin]$ cd /home/userone/jboss-as-7.1.2.Final/bin

[userone@localhost bin]$ ./jboss-cli.sh -c --controller=localhost:9999

[standalone@localhost:9999 /] /subsystem=web/connector=https/:add(socket-binding=https,scheme=https,protocol=HTTP/1.1,secure=true,enabled=true,enable-lookups=false)
{"outcome" => "success"}


[standalone@localhost:9999 /] /subsystem=web/connector=https/ssl=configuration:add(name="ssl",key-alias="chapter8",password="rmi+ssl",certificate-key-file="${jboss.server.config.dir}/chap8.keystore",protocol="TLSv1",verify-client="false",certificate-file="${jboss.server.config.dir}/chap8.keystore")
{"outcome" => "success"}

Once your above CLI command is executed successfully you will notice the following in your JBossAS 7.1.2 configuration file “standalone-full.xml”:

        <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
            <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
            <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
                <ssl name="ssl" 
                     key-alias="chapter8" 
                     password="rmi+ssl" 
                     certificate-key-file="${jboss.server.config.dir}/chap8.keystore" 
                     protocol="TLSv1" 
                     verify-client="false" 
                     certificate-file="${jboss.server.config.dir}/chap8.keystore"/>
            </connector>
            <virtual-server name="default-host" enable-welcome-root="true">
                <alias name="localhost"/>
                <alias name="example.com"/>
            </virtual-server>
        </subsystem>

You will notice the following kind of message in your JBossAS7.1.2 console which says that HTTPS connector is started and listening on 8443 port.

.
20:37:05,691 INFO  [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-7) Starting Coyote HTTP/1.1 on http-localhost/127.0.0.1:8443
.

Step4). Still it is better to restart your JBoss Server and then deploy any Test Web Application on it which we will try to access over SSL through a simple JAVA based standalone client.

Testing with a Https Based Standalone Java Client

Step5). Now write a simple Java program “TestHttpsClient.java” as following:

import java.io.*;
import java.net.*;
import java.security.cert.X509Certificate;
import javax.net.ssl.*;

public class TestHttpsClient implements javax.net.ssl.X509TrustManager {

	public static void main(String[] args) throws Exception {
		TestHttpsClient test=new TestHttpsClient();
		String resourceURL="https://localhost:8443/test/index.jsp";
		String UserName = "test";  // this is just dummy credentials we dont need it until WebApplication asks for Basic Auth Credentials
		String Password = "test";
		InputStream InputStream=test.doHttpsUrlConnectionAction(resourceURL, UserName, Password);
	}


	public InputStream doHttpsUrlConnectionAction(String resourceURL,String UserName,String Password) throws Exception {
		URL url;
		int responseCode = 0;
		// ###########
		SSLContext sc = SSLContext.getInstance("SSLv3");
		TrustManager[] tma = { new TestHttpsClient() };
		sc.init(null, tma, null);
		SSLSocketFactory ssf = sc.getSocketFactory();
		HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
		// ###########
		HttpsURLConnection connection = null;

		String nurl = resourceURL;
		System.out.println("nt resourceURL = " + resourceURL);
		HostnameVerifier hv = new HostnameVerifier() {
			                  public boolean verify(String urlHostName, SSLSession session) {
				                                System.out.println("Warning: URL Host: " + urlHostName+ " vs. " + session.getPeerHost());
				                                return true;
			                                        }
		                                             };

		HttpsURLConnection.setDefaultHostnameVerifier(hv);
		try {
			url = new URL(nurl);
			connection = (HttpsURLConnection) url.openConnection();

                        //  Following two lines can be uncommented if you want your client to pass Basic Authentication Credentials as well
                        //
			//  String encoding = encodeUsernamePasswordBase64(UserName,Password);
			//  connection.setRequestProperty("Authorization", "Basic " + encoding);
                        //

			System.out.println("Conn established " + connection);
			connection.setDoInput(true);
			connection.setDoOutput(true);
			connection.setRequestMethod("GET");
			responseCode = connection.getResponseCode();
			System.out.println("response code : " + responseCode);
			connection.connect();
		} catch (Exception e) {
			System.err.println(e);
		}

		InputStream inputStream = null;
		try {
			inputStream = connection.getInputStream();
			System.out.println("Received Data: as Following:nn");
                        StringBuilder sb=new StringBuilder();
                        BufferedInputStream bis = new BufferedInputStream(inputStream);
                        while (bis.available() > 0) 
                          {
                             System.out.print((char)bis.read());
                          }
                        bis.close();
                        inputStream.close();

		} catch (Exception e) {
			System.err.println(e);
		}
		return inputStream;
	}

	public void checkClientTrusted(X509Certificate[] chain, String authType) {
	}

	public void checkServerTrusted(X509Certificate[] chain, String authType) {
	}

	public X509Certificate[] getAcceptedIssuers() {
		return null;
	}


        //      Following method can be uncommented if you want to sent the Basic authentication credential as well 

	//public String encodeUsernamePasswordBase64(String UserName,String Password) {
	//	String userPassword = UserName + ":" + Password;
	//	byte[] encodedByte = org.apache.commons.codec.binary.Base64.encodeBase64(userPassword.getBytes());
	//	String encodedBase64String = new String(encodedByte);
	//	return encodedBase64String;
	//}
 }

Step6). Now we will compile and test the above program as following:

[userone@localhost standalone]$ javac -d . TestHttpsClient.java 
[userone@localhost standalone]$ java TestHttpsClient 

	 resourceURL = https://localhost:8443/test/index.jsp
Conn established sun.net.www.protocol.https.DelegateHttpsURLConnection:https://localhost:8443/test/index.jsp
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
[userone@localhost standalone]$

We can see that the program is throwing SSL Error and the Handshake is failing. So we need to know how to debug it and what kind of trouble shooting steps are needed.

Troubleshooting “Received fatal alert: handshake_failure”

Step7). As we do not know what is failing and how to troubleshoot this issue so lets add the following JAVA_OPTS on both client and server side. Edit the “$JBOSS_HOME/bin/standalone.conf” file and then add the following java option somewhere at the end of the file then restart your JBossAS 7.1.2:

JAVA_OPTS="$JAVA_OPTS  -Djavax.net.debug=all"

Step8). Now add the same JAVA_OPTION on the client side as well to see what we get:


[userone@localhost standalone]$ java -Djavax.net.debug=all TestHttpsClient 
.
.
trigger seeding of SecureRandom
done seeding SecureRandom

	 resourceURL = https://localhost:8443/test/index.jsp
Conn established sun.net.www.protocol.https.DelegateHttpsURLConnection:https://localhost:8443/test/index.jsp
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1345238221 bytes = { 105, 167, 167, 204, 97, 58, 22, 192, 82, 217, 200, 202, 181, 7, 25, 79, 228, 159, 44, 247, 106, 185, 240, 130, 26, 152, 20, 178 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods:  { 0 }
***
[write] MD5 and SHA1 hashes:  len = 73
0000: 01 00 00 45 03 01 50 2F   B5 CD 69 A7 A7 CC 61 3A  ...E..P/..i...a:
0010: 16 C0 52 D9 C8 CA B5 07   19 4F E4 9F 2C F7 6A B9  ..R......O..,.j.
0020: F0 82 1A 98 14 B2 00 00   1E 00 04 00 05 00 2F 00  ............../.
0030: 33 00 32 00 0A 00 16 00   13 00 09 00 15 00 12 00  3.2.............
0040: 03 00 08 00 14 00 11 01   00                       .........
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes:  len = 98
0000: 01 03 01 00 39 00 00 00   20 00 00 04 01 00 80 00  ....9... .......
0010: 00 05 00 00 2F 00 00 33   00 00 32 00 00 0A 07 00  ..../..3..2.....
0020: C0 00 00 16 00 00 13 00   00 09 06 00 40 00 00 15  ............@...
0030: 00 00 12 00 00 03 02 00   80 00 00 08 00 00 14 00  ................
0040: 00 11 50 2F B5 CD 69 A7   A7 CC 61 3A 16 C0 52 D9  ..P/..i...a:..R.
0050: C8 CA B5 07 19 4F E4 9F   2C F7 6A B9 F0 82 1A 98  .....O..,.j.....
0060: 14 B2                                              ..
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
0000: 80 62 01 03 01 00 39 00   00 00 20 00 00 04 01 00  .b....9... .....
0010: 80 00 00 05 00 00 2F 00   00 33 00 00 32 00 00 0A  ....../..3..2...
0020: 07 00 C0 00 00 16 00 00   13 00 00 09 06 00 40 00  ..............@.
0030: 00 15 00 00 12 00 00 03   02 00 80 00 00 08 00 00  ................
0040: 14 00 00 11 50 2F B5 CD   69 A7 A7 CC 61 3A 16 C0  ....P/..i...a:..
0050: 52 D9 C8 CA B5 07 19 4F   E4 9F 2C F7 6A B9 F0 82  R......O..,.j...
0060: 1A 98 14 B2                                        ....
[Raw read]: length = 5
0000: 15 03 01 00 02                                     .....
[Raw read]: length = 2
0000: 02 28                                              .(
main, READ: TLSv1 Alert, length = 2
main, RECV TLSv1 ALERT:  fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

Step9). On the JBossAS7.1.2 console i was able to see the following kind of reason for the SSL Handshake after enabling the debug:

21:03:33,010 INFO  [stdout] (http-localhost/127.0.0.1:8443-Acceptor-0) Allow unsafe renegotiation: false
21:03:33,010 INFO  [stdout] (http-localhost/127.0.0.1:8443-Acceptor-0) Allow legacy hello messages: true
21:03:33,010 INFO  [stdout] (http-localhost/127.0.0.1:8443-Acceptor-0) Is initial handshake: true
21:03:33,010 INFO  [stdout] (http-localhost/127.0.0.1:8443-Acceptor-0) Is secure renegotiation: false
21:03:33,012 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) http-localhost/127.0.0.1:8443-1, setSoTimeout(60000) called
21:03:33,069 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) [Raw read]: length = 5
21:03:33,070 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) 0000: 80 62 01 03 01                                     .b...
21:03:33,070 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) http-localhost/127.0.0.1:8443-1, handling exception: javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled
21:03:33,071 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) http-localhost/127.0.0.1:8443-1, SEND TLSv1 ALERT:  fatal, description = handshake_failure
21:03:33,071 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) http-localhost/127.0.0.1:8443-1, WRITE: TLSv1 Alert, length = 2
21:03:33,072 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) [Raw write]: length = 7
21:03:33,072 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) 0000: 15 03 01 00 02 02 28                               ......(
21:03:33,072 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) http-localhost/127.0.0.1:8443-1, called closeSocket()
21:03:33,073 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) http-localhost/127.0.0.1:8443-1, IOException in getSession():  javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled
21:03:33,073 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) http-localhost/127.0.0.1:8443-1, called close()
21:03:33,073 INFO  [stdout] (http-localhost/127.0.0.1:8443-1) http-localhost/127.0.0.1:8443-1, called closeInternal(true)
.

What was the Cause of handshake failure ?

Notice JBossAS 7.1.2 is cmplaining that “SSLv2Hello” is disabled which means the client is not sending a proper SSL Protocol.

http-localhost/127.0.0.1:8443-1, handling exception: javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled

Step10). So now as we know that the client is not using a proper protocol to send the request so we will try adding the following JAVA_OPTS [ -Dhttps.protocols=TLSv1 ] on the client side in order to use the TLSv1 protocol for communication:

[userone@localhost standalone]$ java -Djavax.net.debug=all  -Dhttps.protocols=TLSv1 TestHttpsClient 
.
.
trigger seeding of SecureRandom
done seeding SecureRandom

	 resourceURL = https://localhost:8443/test/index.jsp
Conn established sun.net.www.protocol.https.DelegateHttpsURLConnection:https://localhost:8443/test/index.jsp
%% No cached client session
*** ClientHello, TLSv1
RandomCookie:  GMT: 1345238823 bytes = { 59, 48, 212, 175, 197, 249, 200, 221, 96, 72, 203, 206, 27, 95, 71, 211, 123, 182, 131, 91, 91, 236, 19, 6, 159, 175, 93, 210 }
Session ID:  {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods:  { 0 }
***
[write] MD5 and SHA1 hashes:  len = 73
0000: 01 00 00 45 03 01 50 2F   B7 27 3B 30 D4 AF C5 F9  ...E..P/.';0....
0010: C8 DD 60 48 CB CE 1B 5F   47 D3 7B B6 83 5B 5B EC  ..`H..._G....[[.
0020: 13 06 9F AF 5D D2 00 00   1E 00 04 00 05 00 2F 00  ....]........./.
0030: 33 00 32 00 0A 00 16 00   13 00 09 00 15 00 12 00  3.2.............
0040: 03 00 08 00 14 00 11 01   00                       .........
main, WRITE: TLSv1 Handshake, length = 73
[Raw write]: length = 78
0000: 16 03 01 00 49 01 00 00   45 03 01 50 2F B7 27 3B  ....I...E..P/.';
0010: 30 D4 AF C5 F9 C8 DD 60   48 CB CE 1B 5F 47 D3 7B  0......`H..._G..
0020: B6 83 5B 5B EC 13 06 9F   AF 5D D2 00 00 1E 00 04  ..[[.....]......
0030: 00 05 00 2F 00 33 00 32   00 0A 00 16 00 13 00 09  .../.3.2........
0040: 00 15 00 12 00 03 00 08   00 14 00 11 01 00        ..............
[Raw read]: length = 5
0000: 16 03 01 02 8B                                     .....
[Raw read]: length = 651
0000: 02 00 00 46 03 01 50 2F   B7 27 A2 82 8C F5 F3 F7  ...F..P/.'......
0010: 5F EE 55 CA 25 5E 83 5A   1D C8 39 2E 07 8C FE E0  _.U.%^.Z..9.....
0020: 67 8C 41 0C F4 01 20 50   2F B7 27 01 EA 77 CD 5D  g.A... P/.'..w.]
0030: 66 82 11 AC 11 96 9B 6E   8B AD 8D 8E 59 81 C9 D4  f......n....Y...
0040: 62 A0 CD 96 1F 96 0F 00   04 00 0B 00 02 39 00 02  b............9..
0050: 36 00 02 33 30 82 02 2F   30 82 01 98 A0 03 02 01  6..30../0.......
0060: 02 02 04 50 2F AE 0A 30   0D 06 09 2A 86 48 86 F7  ...P/..0...*.H..
0070: 0D 01 01 05 05 00 30 5C   31 13 30 11 06 0A 09 92  ......01.0.....
0080: 26 89 93 F2 2C 64 01 19   16 03 6F 72 67 31 15 30  &...,d....org1.0
0090: 13 06 0A 09 92 26 89 93   F2 2C 64 01 19 16 05 6A  .....&...,d....j
00A0: 62 6F 73 73 31 13 30 11   06 03 55 04 0B 13 0A 61  boss1.0...U....a
00B0: 64 6D 69 6E 20 62 6F 6F   6B 31 19 30 17 06 03 55  dmin book1.0...U
00C0: 04 03 13 10 63 68 61 70   74 65 72 38 20 65 78 61  ....chapter8 exa
00D0: 6D 70 6C 65 30 1E 17 0D   31 32 30 38 31 38 31 35  mple0...12081815
00E0: 30 30 32 36 5A 17 0D 32   32 30 38 31 36 31 35 30  0026Z..220816150
00F0: 30 32 36 5A 30 5C 31 13   30 11 06 0A 09 92 26 89  026Z01.0.....&.
0100: 93 F2 2C 64 01 19 16 03   6F 72 67 31 15 30 13 06  ..,d....org1.0..
0110: 0A 09 92 26 89 93 F2 2C   64 01 19 16 05 6A 62 6F  ...&...,d....jbo
0120: 73 73 31 13 30 11 06 03   55 04 0B 13 0A 61 64 6D  ss1.0...U....adm
0130: 69 6E 20 62 6F 6F 6B 31   19 30 17 06 03 55 04 03  in book1.0...U..
0140: 13 10 63 68 61 70 74 65   72 38 20 65 78 61 6D 70  ..chapter8 examp
0150: 6C 65 30 81 9F 30 0D 06   09 2A 86 48 86 F7 0D 01  le0..0...*.H....
0160: 01 01 05 00 03 81 8D 00   30 81 89 02 81 81 00 9F  ........0.......
0170: F5 D8 05 FD 40 7F E8 BB   92 10 39 EB 19 C9 E5 58  ....@.....9....X
0180: 4E 11 18 32 75 8A 49 53   4A 18 BF 3E C1 09 5C F1  N..2u.ISJ..>...
0190: 1D C2 96 8C 86 29 A2 1D   8F 51 2E B8 15 7F 6E C0  .....)...Q....n.
01A0: 20 8A 50 47 C8 A1 4A C7   77 CD CC EB 9C 11 24 E2   .PG..J.w.....$.
01B0: EE E6 98 9A 38 C9 9E FF   AF AC E7 8C D4 29 17 4E  ....8........).N
01C0: 8A 7E 89 C8 52 27 A0 D1   9F DF 7D D0 D9 7B EB 22  ....R'........."
01D0: 9E 80 6F 11 DD 5B 60 9C   74 DB A5 77 F4 B6 F2 46  ..o..[`.t..w...F
01E0: DC D1 18 A4 E9 16 73 43   F6 ED 11 5B 1C 25 5B 02  ......sC...[.%[.
01F0: 03 01 00 01 30 0D 06 09   2A 86 48 86 F7 0D 01 01  ....0...*.H.....
0200: 05 05 00 03 81 81 00 09   0F C7 47 4C 20 61 FF 59  ..........GL a.Y
0210: 2F 8C 3E 46 B1 32 CE 09   36 F3 25 AF 2C 37 D5 DA  /.>F.2..6.%.,7..
0220: 54 78 D3 4B EA 78 78 F4   B4 C1 DC BF 4E 11 CE 03  Tx.K.xx.....N...
0230: 6D 57 F5 07 2F CA 02 B6   23 B3 40 26 F4 3C 9E 09  mW../...#.@&.<..
0240: 75 16 F9 94 AF B4 EF C4   C1 0E A7 F9 5F 2F 70 18  u..........._/p.
0250: C0 B5 09 16 E2 A6 BC 86   EF 7F A4 E1 F5 C2 35 C6  ..............5.
0260: F4 09 BB 93 A8 23 91 E4   F1 42 59 53 89 47 F1 04  .....#...BYS.G..
0270: B5 CE 30 C0 BE 7A 9E D0   D2 57 B5 61 B0 F1 1A D2  ..0..z...W.a....
0280: C6 C5 4E 10 4C FC 6F 0E   00 00 00                 ..N.L.o....
main, READ: TLSv1 Handshake, length = 651
*** ServerHello, TLSv1
RandomCookie:  GMT: 1345238823 bytes = { 162, 130, 140, 245, 243, 247, 95, 238, 85, 202, 37, 94, 131, 90, 29, 200, 57, 46, 7, 140, 254, 224, 103, 140, 65, 12, 244, 1 }
Session ID:  {80, 47, 183, 39, 1, 234, 119, 205, 93, 102, 130, 17, 172, 17, 150, 155, 110, 139, 173, 141, 142, 89, 129, 201, 212, 98, 160, 205, 150, 31, 150, 15}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
***
%% Created:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes:  len = 74
0000: 02 00 00 46 03 01 50 2F   B7 27 A2 82 8C F5 F3 F7  ...F..P/.'......
0010: 5F EE 55 CA 25 5E 83 5A   1D C8 39 2E 07 8C FE E0  _.U.%^.Z..9.....
0020: 67 8C 41 0C F4 01 20 50   2F B7 27 01 EA 77 CD 5D  g.A... P/.'..w.]
0030: 66 82 11 AC 11 96 9B 6E   8B AD 8D 8E 59 81 C9 D4  f......n....Y...
0040: 62 A0 CD 96 1F 96 0F 00   04 00                    b.........
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=chapter8 example, OU=admin book, DC=jboss, DC=org
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 1024 bits
  modulus: 112327961955793427294788693539127054708342991554979642795375341813812315606410953443425170876453687812657572324528850546265317609032949186934642585274247999052696216659140187935451881753515565277516661450297298499364056248126550289023310877209666305304254207350144517608476196856386756508895595865011272820059
  public exponent: 65537
  Validity: [From: Sat Aug 18 20:30:26 IST 2012,
               To: Tue Aug 16 20:30:26 IST 2022]
  Issuer: CN=chapter8 example, OU=admin book, DC=jboss, DC=org
  SerialNumber: [    502fae0a]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 09 0F C7 47 4C 20 61 FF   59 2F 8C 3E 46 B1 32 CE  ...GL a.Y/.>F.2.
0010: 09 36 F3 25 AF 2C 37 D5   DA 54 78 D3 4B EA 78 78  .6.%.,7..Tx.K.xx
0020: F4 B4 C1 DC BF 4E 11 CE   03 6D 57 F5 07 2F CA 02  .....N...mW../..
0030: B6 23 B3 40 26 F4 3C 9E   09 75 16 F9 94 AF B4 EF  .#.@&.<..u......
0040: C4 C1 0E A7 F9 5F 2F 70   18 C0 B5 09 16 E2 A6 BC  ....._/p........
0050: 86 EF 7F A4 E1 F5 C2 35   C6 F4 09 BB 93 A8 23 91  .......5......#.
0060: E4 F1 42 59 53 89 47 F1   04 B5 CE 30 C0 BE 7A 9E  ..BYS.G....0..z.
0070: D0 D2 57 B5 61 B0 F1 1A   D2 C6 C5 4E 10 4C FC 6F  ..W.a......N.L.o

]
***
[read] MD5 and SHA1 hashes:  len = 573
0000: 0B 00 02 39 00 02 36 00   02 33 30 82 02 2F 30 82  ...9..6..30../0.
0010: 01 98 A0 03 02 01 02 02   04 50 2F AE 0A 30 0D 06  .........P/..0..
0020: 09 2A 86 48 86 F7 0D 01   01 05 05 00 30 5C 31 13  .*.H........01.
0030: 30 11 06 0A 09 92 26 89   93 F2 2C 64 01 19 16 03  0.....&...,d....
0040: 6F 72 67 31 15 30 13 06   0A 09 92 26 89 93 F2 2C  org1.0.....&...,
0050: 64 01 19 16 05 6A 62 6F   73 73 31 13 30 11 06 03  d....jboss1.0...
0060: 55 04 0B 13 0A 61 64 6D   69 6E 20 62 6F 6F 6B 31  U....admin book1
0070: 19 30 17 06 03 55 04 03   13 10 63 68 61 70 74 65  .0...U....chapte
0080: 72 38 20 65 78 61 6D 70   6C 65 30 1E 17 0D 31 32  r8 example0...12
0090: 30 38 31 38 31 35 30 30   32 36 5A 17 0D 32 32 30  0818150026Z..220
00A0: 38 31 36 31 35 30 30 32   36 5A 30 5C 31 13 30 11  816150026Z01.0.
00B0: 06 0A 09 92 26 89 93 F2   2C 64 01 19 16 03 6F 72  ....&...,d....or
00C0: 67 31 15 30 13 06 0A 09   92 26 89 93 F2 2C 64 01  g1.0.....&...,d.
00D0: 19 16 05 6A 62 6F 73 73   31 13 30 11 06 03 55 04  ...jboss1.0...U.
00E0: 0B 13 0A 61 64 6D 69 6E   20 62 6F 6F 6B 31 19 30  ...admin book1.0
00F0: 17 06 03 55 04 03 13 10   63 68 61 70 74 65 72 38  ...U....chapter8
0100: 20 65 78 61 6D 70 6C 65   30 81 9F 30 0D 06 09 2A   example0..0...*
0110: 86 48 86 F7 0D 01 01 01   05 00 03 81 8D 00 30 81  .H............0.
0120: 89 02 81 81 00 9F F5 D8   05 FD 40 7F E8 BB 92 10  ..........@.....
0130: 39 EB 19 C9 E5 58 4E 11   18 32 75 8A 49 53 4A 18  9....XN..2u.ISJ.
0140: BF 3E C1 09 5C F1 1D C2   96 8C 86 29 A2 1D 8F 51  .>........)...Q
0150: 2E B8 15 7F 6E C0 20 8A   50 47 C8 A1 4A C7 77 CD  ....n. .PG..J.w.
0160: CC EB 9C 11 24 E2 EE E6   98 9A 38 C9 9E FF AF AC  ....$.....8.....
0170: E7 8C D4 29 17 4E 8A 7E   89 C8 52 27 A0 D1 9F DF  ...).N....R'....
0180: 7D D0 D9 7B EB 22 9E 80   6F 11 DD 5B 60 9C 74 DB  ....."..o..[`.t.
0190: A5 77 F4 B6 F2 46 DC D1   18 A4 E9 16 73 43 F6 ED  .w...F......sC..
01A0: 11 5B 1C 25 5B 02 03 01   00 01 30 0D 06 09 2A 86  .[.%[.....0...*.
01B0: 48 86 F7 0D 01 01 05 05   00 03 81 81 00 09 0F C7  H...............
01C0: 47 4C 20 61 FF 59 2F 8C   3E 46 B1 32 CE 09 36 F3  GL a.Y/.>F.2..6.
01D0: 25 AF 2C 37 D5 DA 54 78   D3 4B EA 78 78 F4 B4 C1  %.,7..Tx.K.xx...
01E0: DC BF 4E 11 CE 03 6D 57   F5 07 2F CA 02 B6 23 B3  ..N...mW../...#.
01F0: 40 26 F4 3C 9E 09 75 16   F9 94 AF B4 EF C4 C1 0E  @&.<..u.........
0200: A7 F9 5F 2F 70 18 C0 B5   09 16 E2 A6 BC 86 EF 7F  .._/p...........
0210: A4 E1 F5 C2 35 C6 F4 09   BB 93 A8 23 91 E4 F1 42  ....5......#...B
0220: 59 53 89 47 F1 04 B5 CE   30 C0 BE 7A 9E D0 D2 57  YS.G....0..z...W
0230: B5 61 B0 F1 1A D2 C6 C5   4E 10 4C FC 6F           .a......N.L.o
*** ServerHelloDone
[read] MD5 and SHA1 hashes:  len = 4
0000: 0E 00 00 00                                        ....
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
[write] MD5 and SHA1 hashes:  len = 134
0000: 10 00 00 82 00 80 32 75   DE 6E 2E 5A F9 1C 5E AF  ......2u.n.Z..^.
0010: F9 58 7C 27 5D 83 3A 08   4C 09 1E 31 9C E9 DF F3  .X.'].:.L..1....
0020: E9 C9 7F 78 04 73 FA 43   F1 8F 2C 9F D0 F8 E1 4D  ...x.s.C..,....M
0030: 5E C8 A4 17 EB C9 68 B5   67 DE CD 34 3E 4B 55 E5  ^.....h.g..4>KU.
0040: 38 F3 AD 5A 23 D1 5D 11   89 B5 3C F5 F7 B3 A8 A9  8..Z#.]...<.....
0050: EE 79 BD B5 5D 96 F1 B1   48 4F BF E8 16 81 A1 EB  .y..]...HO......
0060: 65 77 ED 21 9C 29 4A 80   12 86 1D 82 9D A8 1E 63  ew.!.)J........c
0070: 7F 2A AA 40 06 97 70 4D   BF D7 C0 D2 27 87 F0 11  .*.@..pM....'...
0080: 3A C2 99 ED 87 1C                                  :.....
main, WRITE: TLSv1 Handshake, length = 134
[Raw write]: length = 139
0000: 16 03 01 00 86 10 00 00   82 00 80 32 75 DE 6E 2E  ...........2u.n.
0010: 5A F9 1C 5E AF F9 58 7C   27 5D 83 3A 08 4C 09 1E  Z..^..X.'].:.L..
0020: 31 9C E9 DF F3 E9 C9 7F   78 04 73 FA 43 F1 8F 2C  1.......x.s.C..,
0030: 9F D0 F8 E1 4D 5E C8 A4   17 EB C9 68 B5 67 DE CD  ....M^.....h.g..
0040: 34 3E 4B 55 E5 38 F3 AD   5A 23 D1 5D 11 89 B5 3C  4>KU.8..Z#.]...<
0050: F5 F7 B3 A8 A9 EE 79 BD   B5 5D 96 F1 B1 48 4F BF  ......y..]...HO.
0060: E8 16 81 A1 EB 65 77 ED   21 9C 29 4A 80 12 86 1D  .....ew.!.)J....
0070: 82 9D A8 1E 63 7F 2A AA   40 06 97 70 4D BF D7 C0  ....c.*.@..pM...
0080: D2 27 87 F0 11 3A C2 99   ED 87 1C                 .'...:.....
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 7E AA A8 36 E5 83   D8 6B 8E 5D 58 FD 7F CD  .....6...k.]X...
0010: D0 3F 2E 13 22 AA F0 4B   DB FB 69 DF 49 D6 41 94  .?.."..K..i.I.A.
0020: 25 69 46 F4 41 4E 35 26   5F 24 83 31 A3 81 4B 8D  %iF.AN5&_$.1..K.
CONNECTION KEYGEN:
Client Nonce:
0000: 50 2F B7 27 3B 30 D4 AF   C5 F9 C8 DD 60 48 CB CE  P/.';0......`H..
0010: 1B 5F 47 D3 7B B6 83 5B   5B EC 13 06 9F AF 5D D2  ._G....[[.....].
Server Nonce:
0000: 50 2F B7 27 A2 82 8C F5   F3 F7 5F EE 55 CA 25 5E  P/.'......_.U.%^
0010: 83 5A 1D C8 39 2E 07 8C   FE E0 67 8C 41 0C F4 01  .Z..9.....g.A...
Master Secret:
0000: 53 99 13 E9 DE C8 EB 85   D8 4F E4 52 D9 9E 91 DE  S........O.R....
0010: FD FE F0 2E B5 E2 65 F6   96 A4 48 C1 E0 4D 74 EB  ......e...H..Mt.
0020: 3E AC 50 84 3A C0 5C 08   ED 7F BC 39 DF E5 FA 02  >.P.:.....9....
Client MAC write Secret:
0000: 93 58 54 31 D6 18 0A FE   BC FF 40 86 66 1C 95 A5  .XT1......@.f...
Server MAC write Secret:
0000: F5 F9 2E 64 12 A2 F3 6B   6B 69 C2 AA 36 14 AA 2C  ...d...kki..6..,
Client write key:
0000: 0F AF E3 10 1C 9B 24 A4   C8 0C 01 E1 FC 64 4F 55  ......$......dOU
Server write key:
0000: 72 04 94 3B 1E 2C DA 21   35 D7 ED CA A7 B7 3C 02  r..;.,.!5.....<.
... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
[Raw write]: length = 6
0000: 14 03 01 00 01 01                                  ......
*** Finished
verify_data:  { 199, 153, 29, 209, 100, 86, 200, 134, 249, 145, 192, 14 }
***
[write] MD5 and SHA1 hashes:  len = 16
0000: 14 00 00 0C C7 99 1D D1   64 56 C8 86 F9 91 C0 0E  ........dV......
Padded plaintext before ENCRYPTION:  len = 32
0000: 14 00 00 0C C7 99 1D D1   64 56 C8 86 F9 91 C0 0E  ........dV......
0010: E0 C0 5C E7 78 59 C8 72   7C 8E A5 C8 6B 90 C0 75  ...xY.r....k..u
main, WRITE: TLSv1 Handshake, length = 32
[Raw write]: length = 37
0000: 16 03 01 00 20 1C 00 C9   12 EE AE 76 26 82 5F CC  .... ......v&._.
0010: 65 93 CA 0C 84 70 A0 34   94 46 C9 86 AE AC A2 23  e....p.4.F.....#
0020: A4 6F EF DB 64                                     .o..d
[Raw read]: length = 5
0000: 14 03 01 00 01                                     .....
[Raw read]: length = 1
0000: 01                                                 .
main, READ: TLSv1 Change Cipher Spec, length = 1
[Raw read]: length = 5
0000: 16 03 01 00 20                                     .... 
[Raw read]: length = 32
0000: 38 14 9D A8 51 FA B5 58   CE 7A E2 8A 0F E6 5E 45  8...Q..X.z....^E
0010: D3 4D 65 CF 1C 7B 44 C6   01 BD 69 42 2A 66 DB 8A  .Me...D...iB*f..
main, READ: TLSv1 Handshake, length = 32
Padded plaintext after DECRYPTION:  len = 32
0000: 14 00 00 0C 76 99 74 92   C7 45 2B ED AC 2D 2F 7A  ....v.t..E+..-/z
0010: 24 3E 7A 7A F9 1B 07 9F   1F 99 E6 DC 3C 2C 2B 7E  $>zz........<,+.
*** Finished
verify_data:  { 118, 153, 116, 146, 199, 69, 43, 237, 172, 45, 47, 122 }
***
%% Cached client session: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
[read] MD5 and SHA1 hashes:  len = 16
0000: 14 00 00 0C 76 99 74 92   C7 45 2B ED AC 2D 2F 7A  ....v.t..E+..-/z
Warning: URL Host: localhost vs. localhost
Padded plaintext before ENCRYPTION:  len = 183
0000: 47 45 54 20 2F 74 65 73   74 2F 69 6E 64 65 78 2E  GET /test/index.
0010: 6A 73 70 20 48 54 54 50   2F 31 2E 31 0D 0A 55 73  jsp HTTP/1.1..Us
0020: 65 72 2D 41 67 65 6E 74   3A 20 4A 61 76 61 2F 31  er-Agent: Java/1
0030: 2E 36 2E 30 5F 32 31 0D   0A 48 6F 73 74 3A 20 6C  .6.0_21..Host: l
0040: 6F 63 61 6C 68 6F 73 74   3A 38 34 34 33 0D 0A 41  ocalhost:8443..A
0050: 63 63 65 70 74 3A 20 74   65 78 74 2F 68 74 6D 6C  ccept: text/html
0060: 2C 20 69 6D 61 67 65 2F   67 69 66 2C 20 69 6D 61  , image/gif, ima
0070: 67 65 2F 6A 70 65 67 2C   20 2A 3B 20 71 3D 2E 32  ge/jpeg, *; q=.2
0080: 2C 20 2A 2F 2A 3B 20 71   3D 2E 32 0D 0A 43 6F 6E  , */*; q=.2..Con
0090: 6E 65 63 74 69 6F 6E 3A   20 6B 65 65 70 2D 61 6C  nection: keep-al
00A0: 69 76 65 0D 0A 0D 0A C9   B3 D8 80 FB 69 A2 16 CA  ive.........i...
00B0: 87 1A DD 7B 85 29 77                               .....)w
main, WRITE: TLSv1 Application Data, length = 183
[Raw write]: length = 188
0000: 17 03 01 00 B7 9C 55 72   D7 0D 18 85 09 23 B7 2D  ......Ur.....#.-
0010: E9 8A A7 B7 A2 48 44 B3   7D CB 60 DE 44 7E F8 9C  .....HD...`.D...
0020: FE E8 46 DD 99 25 90 44   B3 8B CE B2 6A 83 38 2E  ..F..%.D....j.8.
0030: F8 F0 DF 4B 4E 08 58 37   D2 39 5F EB 44 B7 38 86  ...KN.X7.9_.D.8.
0040: A2 9A 70 74 33 AA 02 0F   62 05 29 57 7E C5 DF 87  ..pt3...b.)W....
0050: 35 06 EF 5C 4D 96 CF F0   84 73 10 60 BD B0 10 BF  5..M....s.`....
0060: 1C 18 FE 81 AD B8 08 DD   CF 2C 69 42 41 09 11 AD  .........,iBA...
0070: ED 48 45 8D A7 E2 F8 8D   9B 89 BF 9A F4 00 1F BB  .HE.............
0080: 21 02 10 FE B5 4E 55 BD   63 4C 2E 4B E0 8B C9 84  !....NU.cL.K....
0090: C6 E3 18 39 3F A9 F3 87   52 67 F7 6E 44 91 12 98  ...9?...Rg.nD...
00A0: C3 3C 87 AD 82 9C EF F2   8B E2 A6 C2 FA 96 10 08  .<..............
00B0: F0 D9 82 EA F8 9B 26 44   2F 04 09 A5              ......&D/...
[Raw read]: length = 5
0000: 17 03 01 01 20                                     .... 
[Raw read]: length = 288
0000: DF F0 E4 38 81 CE 54 3B   AD 8E 58 08 4D F8 2F 32  ...8..T;..X.M./2
0010: A6 1A 79 EC 5F 5D CC 77   FD 71 65 9B DC C5 A2 40  ..y._].w.qe....@
0020: B0 1A 52 5B BD 46 1F DD   18 85 95 FC F3 82 8E 6A  ..R[.F.........j
0030: D3 DC DB A1 F9 8B A8 C1   62 63 C2 6B BB 95 78 C7  ........bc.k..x.
0040: 89 59 A4 02 D9 C0 35 66   11 7E 6E B8 43 96 7C FD  .Y....5f..n.C...
0050: AE 47 CB 64 52 AB FA DA   40 01 2A 4B AD FD 30 10  .G.dR...@.*K..0.
0060: 40 2A 8D 4B E4 B5 49 E3   CA C5 02 8E 5B C8 66 84  @*.K..I.....[.f.
0070: D2 75 49 48 28 77 90 26   92 E1 48 A9 F1 9A 78 23  .uIH(w.&..H...x#
0080: 90 D1 02 15 89 0F 4D 8A   D7 30 04 17 F5 6E F0 ED  ......M..0...n..
0090: 32 92 1A 9D 5D 27 68 FD   9E BA 52 AD DA 45 2E 66  2...]'h...R..E.f
00A0: 33 A5 D6 B5 05 96 25 6C   F4 C0 20 24 24 A9 A1 87  3.....%l.. $$...
00B0: 02 DE 05 7E DA 9F 7A B3   7F 00 E2 CB 87 1B 6F 09  ......z.......o.
00C0: 1E 3E 6C 90 7C 3E 34 34   F3 FD B5 29 8F 8D 6D 88  .>l..>44...)..m.
00D0: 12 BE 0A B4 B2 5A 12 C4   4F 96 3F 8B 9A 2A 30 46  .....Z..O.?..*0F
00E0: 4C D5 8C C5 03 78 B9 36   AD FA 0A 9E BB 85 35 E0  L....x.6......5.
00F0: E6 AD 70 74 2D E2 F7 BF   7B B8 12 F8 7F 83 E1 92  ..pt-...........
0100: 4F 40 A8 30 BF 4C E6 5D   47 1A 0B 5C 5A 47 A4 6E  O@.0.L.]G..ZG.n
0110: 35 89 0E E7 42 18 AC F5   26 1B DD B1 7A A9 FC 99  5...B...&...z...
main, READ: TLSv1 Application Data, length = 288
Padded plaintext after DECRYPTION:  len = 288
0000: 48 54 54 50 2F 31 2E 31   20 32 30 30 20 4F 4B 0D  HTTP/1.1 200 OK.
0010: 0A 53 65 72 76 65 72 3A   20 41 70 61 63 68 65 2D  .Server: Apache-
0020: 43 6F 79 6F 74 65 2F 31   2E 31 0D 0A 58 2D 50 6F  Coyote/1.1..X-Po
0030: 77 65 72 65 64 2D 42 79   3A 20 4A 53 50 2F 32 2E  wered-By: JSP/2.
0040: 32 0D 0A 53 65 74 2D 43   6F 6F 6B 69 65 3A 20 4A  2..Set-Cookie: J
0050: 53 45 53 53 49 4F 4E 49   44 3D 53 75 79 36 68 4E  SESSIONID=Suy6hN
0060: 50 4B 49 31 54 5A 56 36   36 6A 46 78 4D 76 70 41  PKI1TZV66jFxMvpA
0070: 55 70 3B 20 50 61 74 68   3D 2F 74 65 73 74 3B 20  Up; Path=/test; 
0080: 53 65 63 75 72 65 0D 0A   43 6F 6E 74 65 6E 74 2D  Secure..Content-
0090: 54 79 70 65 3A 20 74 65   78 74 2F 68 74 6D 6C 3B  Type: text/html;
00A0: 63 68 61 72 73 65 74 3D   49 53 4F 2D 38 38 35 39  charset=ISO-8859
00B0: 2D 31 0D 0A 43 6F 6E 74   65 6E 74 2D 4C 65 6E 67  -1..Content-Leng
00C0: 74 68 3A 20 33 33 0D 0A   44 61 74 65 3A 20 53 61  th: 33..Date: Sa
00D0: 74 2C 20 31 38 20 41 75   67 20 32 30 31 32 20 31  t, 18 Aug 2012 1
00E0: 35 3A 33 39 3A 32 31 20   47 4D 54 0D 0A 0D 0A 48  5:39:21 GMT....H
00F0: 65 6C 6C 6C 6C 6C 6C 6C   6C 6C 6C 6C 6C 6F 6F 6F  ellllllllllllooo
0100: 6F 6F 6F 6F 6F 6F 6F 6F   6F 6F 6F 6F 6F 6F 6F 0A  ooooooooooooooo.
0110: FF EB 8A CF 9F 1D 78 F3   94 ED 45 9A B2 B0 A9 DB  ......x...E.....
response code : 200
Received Data: as Following:


Helllllllllllloooooooooooooooooo

.
.
Thanks 🙂
MiddlewareMagic Team


Copyright © 2010-2012 Middleware Magic. All rights reserved. |