Статус: Активный участник
Группы: Участники
Зарегистрирован: 15.05.2019(UTC)
Сообщений: 33
|
пересобрал JCPTomcatAdapter добавив инициализацию контекста (не знаю правильные ли передал параметры) Код:public SSLContext createSSLContext(List<String> negotiableProtocols) throws Exception {
SSLContext context;
context = new JCPSSLContext(Provider.ALGORITHM);
context.init(getKeyManagers(), getTrustManagers(), null);
return context;
}
вот что получаю при обращении на сервер Код:мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl a
INFO: Using SSLEngineImpl.
2019-05-20 15:26:56.508 INFO 9560 --- [nio-8002-exec-7] ru.CryptoPro.ssl.SSLLogger : Using SSLEngineImpl.
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_58 a
FINE: Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_47 <init>
FINE: ClientHello sessionId: {}
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** ClientHello, TLSv1.2
RandomCookie: GMT: 1541512464 bytes = { 242, 129, 34, 13, 6, 208, 182, 159, 232, 211, 164, 66, 76, 98, 4, 205, 79, 229, 135, 249, 237, 132, 58, 63, 76, 53, 78, 230 }
Session ID: {}
Cipher Suites: [TLS_CIPHER_2012, TLS_CIPHER_2001, Unknown 0xc0:0x28, Unknown 0xc0:0x27, Unknown 0xc0:0x14, Unknown 0xc0:0x13, Unknown 0x0:0x9f, Unknown 0x0:0x9e, Unknown 0x0:0x9d, Unknown 0x0:0x9c, Unknown 0x0:0x3d, Unknown 0x0:0x3c, Unknown 0x0:0x35, Unknown 0x0:0x2f, Unknown 0xc0:0x2c, Unknown 0xc0:0x2b, Unknown 0xc0:0x24, Unknown 0xc0:0x23, Unknown 0xc0:0xa, Unknown 0xc0:0x9, Unknown 0x0:0x6a, Unknown 0x0:0x40, Unknown 0x0:0x38, Unknown 0x0:0x32, Unknown 0x0:0xa, Unknown 0x0:0x13, Unknown 0x0:0x5, Unknown 0x0:0x4]
Compression Methods: { 0 }
Unsupported extension status_request, data: [1, 0, 0, 0, 0]
Extension elliptic_curves, curve names: {secp256r1, secp384r1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withRSA, SHA512withECDSA, SHA256withRSA, SHA384withRSA, SHA1withRSA, SHA256withECDSA, SHA384withECDSA, SHA1withECDSA, SHA1withDSA
Extension renegotiation_info, renegotiated_connection: <empty>
***
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_96 <init>
FINE: %% Initialized: [Session-4, SSL_NULL_WITH_NULL_NULL]
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 b
FINE: Check cipher suite: TLS_CIPHER_2012
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 b
FINE: Try to set cipher suite: TLS_CIPHER_2012
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 c
FINE: Setup private key and chain.
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Search for server containers with algorithm: GOST3410_2012_512
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Server container not found.
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Search for server containers with algorithm: GOST3410_2012_256
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Check if certificate server approach...
2019-05-20 15:26:56.513 INFO 9560 --- [nio-8002-exec-7] ru.CryptoPro.ssl.SSLLogger : %% Chosen server alias: server
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Certificate server matches. Check if DH available...
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Private key server is available. Test key...
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_37 a
FINE: server : private key checked (JCP).
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Private key server is available, key test passed.
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
INFO: %% Chosen server alias: server
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_96 a
FINE: %% Negotiating: [Session-4, TLS_CIPHER_2012]
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** ServerHello, TLSv1
RandomCookie: GMT: 1541512464 bytes = { 249, 107, 107, 152, 146, 37, 42, 10, 208, 7, 196, 2, 147, 62, 8, 60, 33, 31, 220, 234, 245, 95, 82, 98, 51, 56, 196, 227 }
Session ID: {92, 226, 157, 16, 234, 65, 78, 218, 234, 192, 111, 128, 107, 36, 162, 248, 162, 131, 199, 255, 22, 223, 148, 150, 194, 57, 77, 189, 198, 115, 65, 31}
Cipher Suite: TLS_CIPHER_2012
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Cipher suite: TLS_CIPHER_2012
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** Certificate message
chain [0] = [
[
Version: V3
Subject: CN=ivanov, SURNAME=Иванов, GIVENNAME=Дмитрий Олегович, C=RU
Signature Algorithm: 1.2.643.7.1.1.3.2, OID = 1.2.643.7.1.1.3.2
Key: ru.CryptoPro.JCP.Key.GostPublicKey
Validity: [From: Mon May 20 09:19:36 MSK 2019,
To: Tue Aug 20 09:29:36 MSK 2019]
Issuer: CN="Тестовый подчиненный УЦ ООО \"КРИПТО-ПРО\" ГОСТ 2012 (УЦ 2.0)", O="ООО \"КРИПТО-ПРО\"", STREET=ул. Сущёвский вал д. 18, L=Москва, ST=77 Москва, C=RU, OID.1.2.643.3.131.1.1=#120C303037373137313037393931, OID.1.2.643.100.1=#120D31303337373030303835343434, EMAILADDRESS=info@cryptopro.ru
SerialNumber: [ 01f8016b 0053aab4 ae47d088 958021a5 a6]
Certificate Extensions: 12
[1]: ObjectId: 1.2.643.100.111 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 23 0C 21 D0 A1 D0 9A D0 97 D0 98 20 22 D0 9A .#.!........ "..
0010: D1 80 D0 B8 D0 BF D1 82 D0 BE D0 9F D1 80 D0 BE ................
0020: 20 43 53 50 22 CSP"
[2]: ObjectId: 1.2.643.100.112 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 82 01 0F 30 82 01 0B 0C 34 D0 A1 D0 9A D0 97 ....0....4......
0010: D0 98 20 22 D0 9A D1 80 D0 B8 D0 BF D1 82 D0 BE .. "............
0020: D0 9F D1 80 D0 BE 20 43 53 50 22 20 28 D0 B2 D0 ...... CSP" (...
0030: B5 D1 80 D1 81 D0 B8 D1 8F 20 34 2E 30 29 0C 31 ......... 4.0).1
0040: D0 9F D0 90 D0 9A 20 22 D0 9A D1 80 D0 B8 D0 BF ...... "........
0050: D1 82 D0 BE D0 9F D1 80 D0 BE 20 D0 A3 D0 A6 22 .......... ...."
0060: 20 D0 B2 D0 B5 D1 80 D1 81 D0 B8 D0 B8 20 32 2E ............ 2.
0070: 30 0C 4F D0 A1 D0 B5 D1 80 D1 82 D0 B8 D1 84 D0 0.O.............
0080: B8 D0 BA D0 B0 D1 82 20 D1 81 D0 BE D0 BE D1 82 ....... ........
0090: D0 B2 D0 B5 D1 82 D1 81 D1 82 D0 B2 D0 B8 D1 8F ................
00A0: 20 E2 84 96 20 D0 A1 D0 A4 2F 31 32 34 2D 33 33 ... ..../124-33
00B0: 38 30 20 D0 BE D1 82 20 31 31 2E 30 35 2E 32 30 80 .... 11.05.20
00C0: 31 38 0C 4F D0 A1 D0 B5 D1 80 D1 82 D0 B8 D1 84 18.O............
00D0: D0 B8 D0 BA D0 B0 D1 82 20 D1 81 D0 BE D0 BE D1 ........ .......
00E0: 82 D0 B2 D0 B5 D1 82 D1 81 D1 82 D0 B2 D0 B8 D1 ................
00F0: 8F 20 E2 84 96 20 D0 A1 D0 A4 2F 31 32 38 2D 33 . ... ..../128-3
0100: 35 39 32 20 D0 BE D1 82 20 31 37 2E 31 30 2E 32 592 .... 17.10.2
0110: 30 31 38 018
[3]: ObjectId: 1.3.6.1.4.1.311.21.10 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 0E 30 0C 30 0A 06 08 2B 06 01 05 05 07 03 01 ..0.0...+.......
[4]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 12 30 10 06 08 2A 85 03 02 02 2E 00 03 02 01 ..0...*.........
0010: 01 02 01 00 ....
[5]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://testca2012.cryptopro.ru/ocsp/ocsp.srf
,
accessMethod: caIssuers
accessLocation: URIName: http://testca2012.cryptopro.ru/aia/ffe4686092c8ec811319bb9635e35841f1812d9b.crt
]
]
[6]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: FF E4 68 60 92 C8 EC 81 13 19 BB 96 35 E3 58 41 ..h`........5.XA
0010: F1 81 2D 9B ..-.
]
[CN="Тестовый головной УЦ ООО \"КРИПТО-ПРО\" ГОСТ 2012 (УЦ 2.0)", O="ООО \"КРИПТО-ПРО\"", STREET=ул. Сущёвский вал д. 18, L=Москва, ST=77 Москва, C=RU, OID.1.2.643.3.131.1.1=#120C303037373137313037393931, OID.1.2.643.100.1=#120D31303337373030303835343434, EMAILADDRESS=info@cryptopro.ru]
SerialNumber: [ 01d139c6 00e5a955 b54a8f7d c8550a6f 66]
]
[7]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://testca2012.cryptopro.ru/cdp/ffe4686092c8ec811319bb9635e35841f1812d9b.crl]
]]
[8]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.2.643.100.113.1]
[] ]
[CertificatePolicyId: [1.2.643.100.113.2]
[] ]
]
[9]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
]
[10]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_Encipherment
Data_Encipherment
]
[11]: ObjectId: 2.5.29.16 Criticality=false
PrivateKeyUsage: [
From: Mon May 20 09:19:36 MSK 2019, To: Tue Aug 20 09:19:36 MSK 2019]
[12]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: CB 00 BA 81 98 61 7A BC 31 68 EE E7 F3 58 10 15 .....az.1h...X..
0010: 4B 39 9A 03 K9..
]
]
]
Algorithm: [1.2.643.7.1.1.3.2]
Signature:
0000: 2C 0A B1 F7 04 1F 35 45 C1 B2 FC EB 88 0F 80 97 ,.....5E........
0010: A4 98 68 74 7F 90 EA 45 57 A8 16 D8 F6 88 41 B2 ..ht...EW.....A.
0020: 95 D5 9D 17 04 2C F5 34 7A C9 2A 6F 5D 37 E1 83 .....,.4z.*o]7..
0030: 84 CB 83 01 9E 51 6D A0 58 6A E4 17 31 B2 80 E9 .....Qm.Xj..1...
]
***
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_44 <init>
FINE: Authorities list's size is 99 bytes, it will be send empty: false
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** CertificateRequest
Cert Types: Type-239, Type-238, Type-22, Type-21
Cert Authorities:
<CN=ivanov, SURNAME=Иванов, GIVENNAME=Дмитрий Олегович, C=RU>
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** ServerHelloDone
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl closeOutbound
FINE: https-jsse-nio-8002-exec-8 called closeOutbound()
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl h
FINE: https-jsse-nio-8002-exec-8 closeOutboundInternal()
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl a
FINE: https-jsse-nio-8002-exec-8, SEND TLSv1 ALERT: warning, description = close_notify
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl a
INFO: Using SSLEngineImpl.
2019-05-20 15:26:56.529 INFO 9560 --- [nio-8002-exec-8] ru.CryptoPro.ssl.SSLLogger : Using SSLEngineImpl.
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_58 a
FINE: Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_47 <init>
FINE: ClientHello sessionId: {}
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** ClientHello, TLSv1.2
RandomCookie: GMT: 1541512464 bytes = { 18, 239, 136, 217, 151, 70, 33, 239, 10, 0, 209, 238, 208, 113, 38, 150, 40, 252, 206, 164, 127, 255, 120, 248, 77, 189, 27, 103 }
Session ID: {}
Cipher Suites: [TLS_CIPHER_2012, TLS_CIPHER_2001, Unknown 0xc0:0x28, Unknown 0xc0:0x27, Unknown 0xc0:0x14, Unknown 0xc0:0x13, Unknown 0x0:0x9f, Unknown 0x0:0x9e, Unknown 0x0:0x9d, Unknown 0x0:0x9c, Unknown 0x0:0x3d, Unknown 0x0:0x3c, Unknown 0x0:0x35, Unknown 0x0:0x2f, Unknown 0xc0:0x2c, Unknown 0xc0:0x2b, Unknown 0xc0:0x24, Unknown 0xc0:0x23, Unknown 0xc0:0xa, Unknown 0xc0:0x9, Unknown 0x0:0x6a, Unknown 0x0:0x40, Unknown 0x0:0x38, Unknown 0x0:0x32, Unknown 0x0:0xa, Unknown 0x0:0x13, Unknown 0x0:0x5, Unknown 0x0:0x4]
Compression Methods: { 0 }
Unsupported extension status_request, data: [1, 0, 0, 0, 0]
Extension elliptic_curves, curve names: {secp256r1, secp384r1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withRSA, SHA512withECDSA, SHA256withRSA, SHA384withRSA, SHA1withRSA, SHA256withECDSA, SHA384withECDSA, SHA1withECDSA, SHA1withDSA
Extension renegotiation_info, renegotiated_connection: <empty>
***
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_96 <init>
FINE: %% Initialized: [Session-5, SSL_NULL_WITH_NULL_NULL]
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 b
FINE: Check cipher suite: TLS_CIPHER_2012
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 b
FINE: Try to set cipher suite: TLS_CIPHER_2012
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 c
FINE: Setup private key and chain.
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Search for server containers with algorithm: GOST3410_2012_512
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Server container not found.
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Search for server containers with algorithm: GOST3410_2012_256
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Check if certificate server approach...
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Certificate server matches. Check if DH available...
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Private key server is available. Test key...
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_37 a
FINE: server : private key checked (JCP).
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Private key server is available, key test passed.
2019-05-20 15:26:56.534 INFO 9560 --- [nio-8002-exec-8] ru.CryptoPro.ssl.SSLLogger : %% Chosen server alias: server
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
INFO: %% Chosen server alias: server
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_96 a
FINE: %% Negotiating: [Session-5, TLS_CIPHER_2012]
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** ServerHello, TLSv1
RandomCookie: GMT: 1541512464 bytes = { 247, 211, 15, 121, 205, 59, 11, 130, 112, 91, 230, 144, 189, 76, 135, 75, 14, 92, 244, 124, 99, 162, 247, 100, 13, 14, 211, 73 }
Session ID: {92, 226, 157, 16, 153, 13, 50, 57, 104, 187, 251, 195, 107, 19, 6, 9, 247, 41, 107, 59, 163, 72, 62, 33, 97, 212, 99, 2, 214, 9, 65, 15}
Cipher Suite: TLS_CIPHER_2012
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_101 a
FINE: Cipher suite: TLS_CIPHER_2012
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** Certificate message
chain [0] = [
[
Version: V3
Subject: CN=ivanov, SURNAME=Иванов, GIVENNAME=Дмитрий Олегович, C=RU
Signature Algorithm: 1.2.643.7.1.1.3.2, OID = 1.2.643.7.1.1.3.2
Key: ru.CryptoPro.JCP.Key.GostPublicKey
Validity: [From: Mon May 20 09:19:36 MSK 2019,
To: Tue Aug 20 09:29:36 MSK 2019]
Issuer: CN="Тестовый подчиненный УЦ ООО \"КРИПТО-ПРО\" ГОСТ 2012 (УЦ 2.0)", O="ООО \"КРИПТО-ПРО\"", STREET=ул. Сущёвский вал д. 18, L=Москва, ST=77 Москва, C=RU, OID.1.2.643.3.131.1.1=#120C303037373137313037393931, OID.1.2.643.100.1=#120D31303337373030303835343434, EMAILADDRESS=info@cryptopro.ru
SerialNumber: [ 01f8016b 0053aab4 ae47d088 958021a5 a6]
Certificate Extensions: 12
[1]: ObjectId: 1.2.643.100.111 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 23 0C 21 D0 A1 D0 9A D0 97 D0 98 20 22 D0 9A .#.!........ "..
0010: D1 80 D0 B8 D0 BF D1 82 D0 BE D0 9F D1 80 D0 BE ................
0020: 20 43 53 50 22 CSP"
[2]: ObjectId: 1.2.643.100.112 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 82 01 0F 30 82 01 0B 0C 34 D0 A1 D0 9A D0 97 ....0....4......
0010: D0 98 20 22 D0 9A D1 80 D0 B8 D0 BF D1 82 D0 BE .. "............
0020: D0 9F D1 80 D0 BE 20 43 53 50 22 20 28 D0 B2 D0 ...... CSP" (...
0030: B5 D1 80 D1 81 D0 B8 D1 8F 20 34 2E 30 29 0C 31 ......... 4.0).1
0040: D0 9F D0 90 D0 9A 20 22 D0 9A D1 80 D0 B8 D0 BF ...... "........
0050: D1 82 D0 BE D0 9F D1 80 D0 BE 20 D0 A3 D0 A6 22 .......... ...."
0060: 20 D0 B2 D0 B5 D1 80 D1 81 D0 B8 D0 B8 20 32 2E ............ 2.
0070: 30 0C 4F D0 A1 D0 B5 D1 80 D1 82 D0 B8 D1 84 D0 0.O.............
0080: B8 D0 BA D0 B0 D1 82 20 D1 81 D0 BE D0 BE D1 82 ....... ........
0090: D0 B2 D0 B5 D1 82 D1 81 D1 82 D0 B2 D0 B8 D1 8F ................
00A0: 20 E2 84 96 20 D0 A1 D0 A4 2F 31 32 34 2D 33 33 ... ..../124-33
00B0: 38 30 20 D0 BE D1 82 20 31 31 2E 30 35 2E 32 30 80 .... 11.05.20
00C0: 31 38 0C 4F D0 A1 D0 B5 D1 80 D1 82 D0 B8 D1 84 18.O............
00D0: D0 B8 D0 BA D0 B0 D1 82 20 D1 81 D0 BE D0 BE D1 ........ .......
00E0: 82 D0 B2 D0 B5 D1 82 D1 81 D1 82 D0 B2 D0 B8 D1 ................
00F0: 8F 20 E2 84 96 20 D0 A1 D0 A4 2F 31 32 38 2D 33 . ... ..../128-3
0100: 35 39 32 20 D0 BE D1 82 20 31 37 2E 31 30 2E 32 592 .... 17.10.2
0110: 30 31 38 018
[3]: ObjectId: 1.3.6.1.4.1.311.21.10 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 0E 30 0C 30 0A 06 08 2B 06 01 05 05 07 03 01 ..0.0...+.......
[4]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 12 30 10 06 08 2A 85 03 02 02 2E 00 03 02 01 ..0...*.........
0010: 01 02 01 00 ....
[5]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://testca2012.cryptopro.ru/ocsp/ocsp.srf
,
accessMethod: caIssuers
accessLocation: URIName: http://testca2012.cryptopro.ru/aia/ffe4686092c8ec811319bb9635e35841f1812d9b.crt
]
]
[6]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: FF E4 68 60 92 C8 EC 81 13 19 BB 96 35 E3 58 41 ..h`........5.XA
0010: F1 81 2D 9B ..-.
]
[CN="Тестовый головной УЦ ООО \"КРИПТО-ПРО\" ГОСТ 2012 (УЦ 2.0)", O="ООО \"КРИПТО-ПРО\"", STREET=ул. Сущёвский вал д. 18, L=Москва, ST=77 Москва, C=RU, OID.1.2.643.3.131.1.1=#120C303037373137313037393931, OID.1.2.643.100.1=#120D31303337373030303835343434, EMAILADDRESS=info@cryptopro.ru]
SerialNumber: [ 01d139c6 00e5a955 b54a8f7d c8550a6f 66]
]
[7]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://testca2012.cryptopro.ru/cdp/ffe4686092c8ec811319bb9635e35841f1812d9b.crl]
]]
[8]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.2.643.100.113.1]
[] ]
[CertificatePolicyId: [1.2.643.100.113.2]
[] ]
]
[9]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
]
[10]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_Encipherment
Data_Encipherment
]
[11]: ObjectId: 2.5.29.16 Criticality=false
PrivateKeyUsage: [
From: Mon May 20 09:19:36 MSK 2019, To: Tue Aug 20 09:19:36 MSK 2019]
[12]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: CB 00 BA 81 98 61 7A BC 31 68 EE E7 F3 58 10 15 .....az.1h...X..
0010: 4B 39 9A 03 K9..
]
]
]
Algorithm: [1.2.643.7.1.1.3.2]
Signature:
0000: 2C 0A B1 F7 04 1F 35 45 C1 B2 FC EB 88 0F 80 97 ,.....5E........
0010: A4 98 68 74 7F 90 EA 45 57 A8 16 D8 F6 88 41 B2 ..ht...EW.....A.
0020: 95 D5 9D 17 04 2C F5 34 7A C9 2A 6F 5D 37 E1 83 .....,.4z.*o]7..
0030: 84 CB 83 01 9E 51 6D A0 58 6A E4 17 31 B2 80 E9 .....Qm.Xj..1...
]
***
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_44 <init>
FINE: Authorities list's size is 99 bytes, it will be send empty: false
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** CertificateRequest
Cert Types: Type-239, Type-238, Type-22, Type-21
Cert Authorities:
<CN=ivanov, SURNAME=Иванов, GIVENNAME=Дмитрий Олегович, C=RU>
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** ServerHelloDone
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_42 f
FINE: *** Certificate message
***
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl a
SEVERE: https-jsse-nio-8002-exec-10, fatal error: 42: null cert chain
javax.net.ssl.SSLHandshakeException: null cert chain
at ru.CryptoPro.ssl.cl_2.a(Unknown Source)
at ru.CryptoPro.ssl.SSLEngineImpl.a(Unknown Source)
at ru.CryptoPro.ssl.cl_58.a(Unknown Source)
at ru.CryptoPro.ssl.cl_58.a(Unknown Source)
at ru.CryptoPro.ssl.cl_101.a(Unknown Source)
at ru.CryptoPro.ssl.cl_101.a(Unknown Source)
at ru.CryptoPro.ssl.cl_58.u(Unknown Source)
at ru.CryptoPro.ssl.cl_59.a(Unknown Source)
at ru.CryptoPro.ssl.cl_59.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at ru.CryptoPro.ssl.cl_60.run(Unknown Source)
at org.apache.tomcat.util.net.SecureNioChannel.tasks(SecureNioChannel.java:423)
at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:483)
at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:238)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1392)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
2019-05-20 15:26:56.542 ERROR 9560 --- [io-8002-exec-10] ru.CryptoPro.ssl.SSLLogger : https-jsse-nio-8002-exec-10, fatal error: 42: null cert chain
javax.net.ssl.SSLHandshakeException: null cert chain
at ru.CryptoPro.ssl.cl_2.a(Unknown Source) ~[cpSSL.jar:40035]
at ru.CryptoPro.ssl.SSLEngineImpl.a(Unknown Source) [cpSSL.jar:40035]
at ru.CryptoPro.ssl.cl_58.a(Unknown Source) [cpSSL.jar:40035]
at ru.CryptoPro.ssl.cl_58.a(Unknown Source) [cpSSL.jar:40035]
at ru.CryptoPro.ssl.cl_101.a(Unknown Source) [cpSSL.jar:40035]
at ru.CryptoPro.ssl.cl_101.a(Unknown Source) [cpSSL.jar:40035]
at ru.CryptoPro.ssl.cl_58.u(Unknown Source) [cpSSL.jar:40035]
at ru.CryptoPro.ssl.cl_59.a(Unknown Source) [cpSSL.jar:40035]
at ru.CryptoPro.ssl.cl_59.run(Unknown Source) [cpSSL.jar:40035]
at java.security.AccessController.doPrivileged(Native Method) [na:1.8.0_211]
at ru.CryptoPro.ssl.cl_60.run(Unknown Source) [cpSSL.jar:40035]
at org.apache.tomcat.util.net.SecureNioChannel.tasks(SecureNioChannel.java:423) [tomcat-embed-core-9.0.17.jar:9.0.17]
at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:483) [tomcat-embed-core-9.0.17.jar:9.0.17]
at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:238) [tomcat-embed-core-9.0.17.jar:9.0.17]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1392) [tomcat-embed-core-9.0.17.jar:9.0.17]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-9.0.17.jar:9.0.17]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_211]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_211]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-9.0.17.jar:9.0.17]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_211]
2019-05-20 15:26:56.542 ERROR 9560 --- [io-8002-exec-10] ru.CryptoPro.ssl.SSLLogger : https-jsse-nio-8002-exec-10 fatal: engine already closed. Rethrowing
2019-05-20 15:26:56.542 ERROR 9560 --- [io-8002-exec-10] ru.CryptoPro.ssl.SSLLogger : javax.net.ssl.SSLHandshakeException: null cert chain
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.cl_96 invalidate
FINE: %% Invalidated: [Session-5, TLS_CIPHER_2012]
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl a
FINE: https-jsse-nio-8002-exec-10, SEND TLSv1 ALERT: fatal, description = bad_certificate
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl a
SEVERE: https-jsse-nio-8002-exec-10 fatal: engine already closed. Rethrowing
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl a
SEVERE: javax.net.ssl.SSLHandshakeException: null cert chain
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl closeOutbound
FINE: https-jsse-nio-8002-exec-10 called closeOutbound()
мая 20, 2019 3:26:56 PM ru.CryptoPro.ssl.SSLEngineImpl h
FINE: https-jsse-nio-8002-exec-10 closeOutboundInternal()
|
