Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

Beeping is cute, if you are in the office ;) -- Alan Cox

devel / comp.lang.java.programmer / Re: TLS 1.3 not selected with java 15

Re: TLS 1.3 not selected with java 15

<a9188c7b-810b-4197-9387-076ab4c28061n@googlegroups.com>

  copy mid

https://www.rocksolidbbs.com/devel/article-flat.php?id=130&group=comp.lang.java.programmer#130

  copy link   Newsgroups: comp.lang.java.programmer
X-Received: by 2002:ac8:7f46:0:b0:31e:9dba:acf3 with SMTP id g6-20020ac87f46000000b0031e9dbaacf3mr11516662qtk.556.1657875146561;
Fri, 15 Jul 2022 01:52:26 -0700 (PDT)
X-Received: by 2002:a05:6870:1490:b0:10c:3362:23c3 with SMTP id
k16-20020a056870149000b0010c336223c3mr10043725oab.73.1657875146298; Fri, 15
Jul 2022 01:52:26 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.lang.java.programmer
Date: Fri, 15 Jul 2022 01:52:25 -0700 (PDT)
In-Reply-To: <5fa052ba-a0c0-43a6-bcb1-0b190c71e637n@googlegroups.com>
Injection-Info: google-groups.googlegroups.com; posting-host=83.253.144.66; posting-account=1c_fOgoAAADuOXlL0A4-T9PUmVHtMSYd
NNTP-Posting-Host: 83.253.144.66
References: <5fa052ba-a0c0-43a6-bcb1-0b190c71e637n@googlegroups.com>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <a9188c7b-810b-4197-9387-076ab4c28061n@googlegroups.com>
Subject: Re: TLS 1.3 not selected with java 15
From: mikaelpetterson@hotmail.com (mike)
Injection-Date: Fri, 15 Jul 2022 08:52:26 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Lines: 427
 by: mike - Fri, 15 Jul 2022 08:52 UTC

I have now done more investigations and it does not seem related to the openjdk version. Here is my summary.
Any help/ideas is appreciated.
I hope it is more clear what the issue is.

//Mike

No available cipher suite for TLSv1.3 when runnning Tls13Test with maven but not as a single test in Eclipse.

Two unit tests each has it's onwn connections setup.

public void verifyTls13() throws Exception {

systemProperties.put("jdk.tls.client.protocols", "TLSv1.3");
System.setProperties(systemProperties);
System.out.println("Property TLS: " + System.getProperty("jdk.tls.client.protocols"));
Session session = client.openTlsSession(properties);
}

public void verifyTls12() throws Exception {

systemProperties.put("jdk.tls.client.protocols", "TLSv1.2");
System.setProperties(systemProperties);
System.out.println("Property TLS: " + System.getProperty("jdk.tls.client.protocols"));
Session session = client.openTlsSession(properties);
}

The socket for client using TLS is created with:

private static final String[] VERSIONS = new String[] { "TLSv1.2", "TLSv1.3" };
socket = getSSLSocketFactory().createSocket();
socket.connect(new InetSocketAddress(getHost(), getPort()), getConnectTimeoutMillis());
socket.setSoTimeout(1);
((SSLSocket) socket).setEnabledProtocols(VERSIONS);

Java version Vendor Windows Execution Result Chiper suites Supported versions
11.0.15 Azul Systems Win10 TestNG in Eclipse ( on single unit test with tls 1.3) ok "cipher suites" : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303)]" "versions": [TLSv1.3]
11.0.15 Azul Systems Win10 maven clean test nok javax.net.ssl|DEBUG|48|pool-27-thread-1|2022-07-15 10:07:37.459 CEST|HandshakeContext.java:305|No available cipher suite for TLSv1.3 "versions": [TLSv1.2]

When running 'maven clean test'

I can see in log that verifyTls12 has not been executed before so jdk.tls.client.protocols is not set to forcing TLS1.2

What am I missing here?

Single TestNG test log
=====================
javax.net.ssl|DEBUG|53|pool-6-thread-1|2022-07-14 16:06:13.510 CEST|SSLExtension.java:824|System property jdk.tls.client.disableExtensions is set to 'null'
javax.net.ssl|WARNING|53|pool-6-thread-1|2022-07-14 16:06:13.511 CEST|ServerNameExtension.java:266|Unable to indicate server name
javax.net.ssl|DEBUG|53|pool-6-thread-1|2022-07-14 16:06:13.511 CEST|SSLExtensions.java:272|Ignore, context unavailable extension: server_name
javax.net.ssl|INFO|53|pool-6-thread-1|2022-07-14 16:06:13.513 CEST|AlpnExtension.java:182|No available application protocols
javax.net.ssl|DEBUG|53|pool-6-thread-1|2022-07-14 16:06:13.513 CEST|SSLExtensions.java:272|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|ALL|53|pool-6-thread-1|2022-07-14 16:06:13.516 CEST|SignatureScheme.java:417|Ignore inactive signature scheme: dsa_sha256
javax.net.ssl|ALL|53|pool-6-thread-1|2022-07-14 16:06:13.516 CEST|SignatureScheme.java:393|Ignore unsupported signature scheme: ecdsa_sha224
javax.net.ssl|ALL|53|pool-6-thread-1|2022-07-14 16:06:13.516 CEST|SignatureScheme.java:393|Ignore unsupported signature scheme: rsa_sha224
javax.net.ssl|ALL|53|pool-6-thread-1|2022-07-14 16:06:13.516 CEST|SignatureScheme.java:393|Ignore unsupported signature scheme: dsa_sha224
javax.net.ssl|ALL|53|pool-6-thread-1|2022-07-14 16:06:13.517 CEST|SignatureScheme.java:417|Ignore inactive signature scheme: dsa_sha1
javax.net.ssl|ALL|53|pool-6-thread-1|2022-07-14 16:06:13.517 CEST|SignatureScheme.java:417|Ignore inactive signature scheme: rsa_md5
javax.net.ssl|DEBUG|53|pool-6-thread-1|2022-07-14 16:06:13.518 CEST|SSLExtensions.java:272|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|53|pool-6-thread-1|2022-07-14 16:06:13.552 CEST|PreSharedKeyExtension.java:661|No session to resume.
javax.net.ssl|DEBUG|53|pool-6-thread-1|2022-07-14 16:06:13.553 CEST|SSLExtensions.java:272|Ignore, context unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|53|pool-6-thread-1|2022-07-14 16:06:13.555 CEST|ClientHello.java:641|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "C29CB7B08F99A229E9199175DE1B51CAD3A7562C2FC2EDF24FA9C7975442C722",
"session id" : "A567033F5D72F3DF3E3B6694E1D2C0F945ED426B69E85546F2FD138C5698B9B6",
"cipher suites" : "[TLS_AES_256_GCM_SHA384(0x1302), TLS_AES_128_GCM_SHA256(0x1301), TLS_CHACHA20_POLY1305_SHA256(0x1303)]",
"compression methods" : "00",
"extensions" : [
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha1, rsa_pkcs1_sha1]
},
"supported_versions (43)": {
"versions": [TLSv1.3]
},
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha1, rsa_pkcs1_sha1]
},
"key_share (51)": {
"client_shares": [
{
"named group": x25519
"key_exchange": {
0000: A1 2A 36 81 E0 84 49 13 3E 60 46 51 92 04 E4 C4 .*6...I.>`FQ....
0010: 80 08 15 E0 4B 9E 7C 39 B7 9B EE 38 E8 0B 71 5D ....K...9...8..q]
}
},
{
"named group": secp256r1
"key_exchange": {
0000: 04 DF 0C 96 B6 99 02 B1 A0 57 86 CA DA 32 8D 93 ..........W...2..
0010: 9D CF 6A 7B 47 28 FD 5F 23 C3 20 EC 8E DA 83 BE ..j.G(.._#. .....
0020: DB E0 F8 9E 20 CB A3 70 CB 35 FF 75 62 3C 58 20 .... ...p.5.ub<X
0030: 64 B1 CC 50 29 37 00 FA E2 9B 28 C5 8C 5F 24 BA d..P)7.....(.._$.
0040: 6B
}
},
]
}
]
} )

'maven clean test' log
=====================
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.839 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:298|Ignore unsupported cipher suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV for TLSv1.3
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.840 CEST|HandshakeContext.java:305|No available cipher suite for TLSv1.3
javax.net.ssl|ALL|AE|pool-39-thread-1|2022-07-14 15:05:07.841 CEST|SignatureScheme.java:394|Ignore unsupported signature scheme: ed25519
javax.net.ssl|ALL|AE|pool-39-thread-1|2022-07-14 15:05:07.841 CEST|SignatureScheme.java:394|Ignore unsupported signature scheme: ed448
javax.net.ssl|ALL|AE|pool-39-thread-1|2022-07-14 15:05:07.841 CEST|SignatureScheme.java:413|Ignore disabled signature scheme: rsa_md5
javax.net.ssl|INFO|AE|pool-39-thread-1|2022-07-14 15:05:07.841 CEST|AlpnExtension.java:182|No available application protocols
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.841 CEST|SSLExtensions.java:260|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.841 CEST|SessionTicketExtension.java:408|Stateless resumption supported
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.841 CEST|SSLExtensions.java:260|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|AE|pool-39-thread-1|2022-07-14 15:05:07.842 CEST|ClientHello.java:652|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "FC 46 09 1C B5 8B C0 33 D1 51 19 E4 CC F5 A0 CC 4B 8A 28 C0 DE 35 E0 59 6B 46 A2 D8 5F E3 7E A0",
"session id" : "",
"cipher suites" : "[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA9), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCA8), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256(0xCCAA), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"server_name (0)": {
type=host_name (0), value=seroius07825.sero.gic.ericsson.se
},
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [x25519, secp256r1, secp384r1, secp521r1, x448, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
}
},
"extended_master_secret (23)": {
<empty>
},
"session_ticket (35)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.2]
}
]

SubjectRepliesAuthor
o TLS 1.3 not selected with java 15

By: mike on Thu, 14 Jul 2022

4mike
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor