I am including the debug output by using -Djavax.net.debug=ssl when I ran my client program.
Now I am using a secure ftp wrapper from
www.glub.com on my windows 2000 ftp server.
Do I need to add the server's public key to my cacerts file? Do I need to have .keystore file?
How can I tell my client program to accept the key from the server always?
Any info is appreciated.
--------------------------------------------------
init context
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1018962994 bytes = { 117, 4, 105, 138, 146, 24, 91, 72, 159, 47, 1, 184, 140, 96, 44, 178, 41, 190, 232, 64, 118, 39, 169, 20, 6, 209, 103, 18 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
***
main, WRITE: TLSv1 Handshake, length = 59
main, WRITE: SSLv2 client hello message, length = 77
main, READ: TLSv1 Handshake, length = 684
*** ServerHello, TLSv1
RandomCookie: GMT: 1018962994 bytes = { 26, 193, 82, 201, 155, 60, 230, 112, 253, 6, 69, 177, 177, 104, 94, 58, 104, 164, 187, 24, 139, 20, 13, 31, 214, 152, 199, 110 }
Session ID: {61, 188, 36, 50, 18, 82, 137, 97, 172, 213, 112, 123, 98, 15, 248, 127, 141, 124, 175, 185, 25, 149, 40, 144, 60, 42, 15, 198, 40, 13, 229, 27}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
[
Version: V1
Subject: CN=127.0.0.1, OU=Secure FTP Wrapper, O=Org, L=Location, ST=CA, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@15f
Validity: [From: Sat Oct 26 17:42:51 PDT 2002,
To: Tue Oct 25 17:42:51 PDT 2005]
Issuer: CN=127.0.0.1, OU=Secure FTP Wrapper, O=Org, L=Location, ST=CA, C=US
SerialNumber: [ 3dbb368b]
]
Algorithm: [MD5withRSA]
Signature:
0000: 6B 60 7F 17 5A B1 86 83 A1 35 D0 45 85 1E D9 D6 k`..Z....5.E....
0010: 90 5E 09 32 C1 FC 77 78 C6 2C 9B 08 64 D7 0E 38 .^.2..wx.,..d..8
0020: 6E 34 C9 DC 44 B4 9D 30 A2 F1 38 25 D9 7E 98 7F n4..D..0..8%....
0030: CB 30 2B C0 29 8A 3D B4 EF 63 11 E7 14 49 BB 0B .0+.).=..c...I..
0040: 20 8A 42 CC 38 F2 D2 17 7D 4B BE E5 82 CB 9B 67 .B.8....K.....g
0050: 45 B8 F2 89 18 69 84 BD 5E 52 C0 56 48 4B BD 66 E....i..^R.VHK.f
0060: A2 16 B5 A5 B3 A0 13 71 5F B0 74 CF 31 99 5E 6E .......q_.t.1.^n
0070: C1 12 73 DC 9D 77 B5 02 6A 6F 12 1E 70 E8 1C 7D ..s..w..jo..p...
]
***
main, SEND TLSv1 ALERT: fatal, description = certificate_unknown
main, WRITE: TLSv1 Alert, length = 2
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Couldn't find trusted certificate
Exception:javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Couldn't find trusted certificate
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
--------------------------------------------------
[ October 27, 2002: Message edited by: Sri Nivas ]