Translate

2018년 11월 19일 월요일

[Java][WAS] Cannot support {Cipher_Suite_Name} with currently installed providers 에러







증상

1. WAS와의 https 통신 시 오류나거나 브라우저에서 https 요청 시 화면이 보이지 않음.

2. WAS SSL Debug Mode로 로그 확인 시 아래와 같이 보여짐
  - WebLogic 기준이며 다른 WAS의 경우 로그 내용이 조금 다를 수 있음
  - 링크: Java SSL/TLS 디버깅 방법


adding as trusted cert:
  Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
  Issuer:  CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
  Algorithm: RSA; Serial number: 0x4eb200670c035d4f
  Valid from Wed Oct 25 17:36:00 KST 2006 until Sat Oct 25 17:36:00 KST 2036

adding as trusted cert:
  Subject: EMAILADDRESS=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
  Issuer:  EMAILADDRESS=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
  Algorithm: RSA; Serial number: 0x1
  Valid from Sat Jun 26 07:23:48 KST 1999 until Wed Jun 26 07:23:48 KST 2019

 ... (생략)
  
adding as trusted cert:
  Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
  Issuer:  CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
  Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
  Valid from Thu Jan 12 23:38:43 KST 2006 until Thu Jan 01 07:59:59 KST 2026

***
found key for : -1303753
chain [0] = [
[
  Version: V3
  Subject: CN=1004lucifer.co.kr, OU=EssentialSSL, OU=Domain Control Validated
  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11

  Key:  Sun RSA public key, 2048 bits
  modulus: 19319582615916585659242504168620425718645805827542544076367519867696185914255069380391761611176711763236138015178105913610261666808872857200056763482936155569643030949239457411028215201921515321255031124246934902745856049360960670836525338369519121654874032318461670026264305484084598428913822501539221068776613953044504654851115864964367308713844772369157117624745722953692816540566398064822652451732109298212767353851785781635913505536564496201813943378891319017249826847579583045980923164684260313066681015718006951059405090156338883534361341902284360952736550062700032127303539038935239709551420745512789576784293
  public exponent: 65537
  Validity: [From: Tue Apr 03 09:00:00 KST 2018,
               To: Sat May 04 08:59:59 KST 2019]
  Issuer: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
  SerialNumber: [    c6307bba f5e77272 74358350 93316fc5]

Certificate Extensions: 10
[1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 81 F5 04 81 F2 00 F0   00 76 00 EE 4B BD B7 75  .........v..K..u
0010: CE 60 BA E1 42 69 1F AB   E1 9E 66 A3 0F 7E 5F B0  .`..Bi....f..._.
0020: 72 D8 83 00 C4 7B 89 7A   A8 FD CB 00 00 01 62 89  r......z......b.
0030: 33 2A 7B 00 00 04 03 00   47 30 45 02 20 47 A5 AC  3*......G0E. G..
0040: BB 4D 26 F4 F4 66 1B 57   05 F9 BF 43 BF 59 6C BD  .M&..f.W...C.Yl.
0050: FA F0 1E 3F 50 71 FC 0A   25 58 03 ED F1 02 21 00  ...?Pq..%X....!.
0060: E0 78 BA 37 2B A2 DD 09   55 5E 6C 75 FE EB B6 BF  .x.7+...U^lu....
0070: 49 6B 2B 15 BB 3D AC 67   27 F9 7E DB EE C7 6C 1A  Ik+..=.g'.....l.
0080: 00 76 00 74 7E DA 83 31   AD 33 10 91 21 9C CE 25  .v.t...1.3..!..%
0090: 4F 42 70 C2 BF FD 5E 42   20 08 C6 37 35 79 E6 10  OBp...^B ..75y..
00A0: 7B CC 56 00 00 01 62 89   33 29 DB 00 00 04 03 00  ..V...b.3)......
00B0: 47 30 45 02 21 00 84 1F   97 40 5E 11 60 D6 E0 33  G0E.!....@^.`..3
00C0: EE E4 01 B7 7F D6 D3 79   E7 62 4F 93 D6 6E DD D4  .......y.bO..n..
00D0: 7C 0C E5 E6 86 05 02 20   18 4B B4 77 C3 70 63 45  ....... .K.w.pcE
00E0: 14 CD 7F 16 37 2D 65 7C   5D A1 DF EA 3E 64 1F 1E  ....7-e.]...>d..
00F0: 24 1F 2B F8 FE 00 EA 5D                            $.+....]

 ... (생략)

[4]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: AD BD 98 7A 34 B4 26 F7   FA C4 26 54 EF 03 BD E0  ...z4.&...&T....
0010: 24 CB 54 1A                                        $.T.
]
]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: B0 9B E0 85 25 C2 D6 23   E2 0F 96 06 92 9D 41 98  ....%..#......A.
0010: 9C D9 84 79 81 D9 1E 5B   14 07 23 36 65 8F B0 D8  ...y...[..#6e...
0020: 77 BB AC 41 6C 47 60 83   51 B0 F9 32 3D E7 FC F6  w..AlG`.Q..2=...
0030: 26 13 C7 80 16 A5 BF 5A   FC 87 CF 78 79 89 21 9A  &......Z...xy.!.
0040: E2 4C 07 0A 86 35 BC F2   DE 51 C4 D2 96 B7 DC 7E  .L...5...Q......
0050: 4E EE 70 FD 1C 39 EB 0C   02 51 14 2D 8E BD 16 E0  N.p..9...Q.-....
0060: C1 DF 46 75 E7 24 AD EC   F4 42 B4 85 93 70 10 67  ..Fu.$...B...p.g
0070: BA 9D 06 35 4A 18 D3 2B   7A CC 51 42 A1 7A 63 D1  ...5J..+z.QB.zc.
0080: E6 BB A1 C5 2B C2 36 BE   13 0D E6 BD 63 7E 79 7B  ....+.6.....c.y.
0090: A7 09 0D 40 AB 6A DD 8F   8A C3 F6 F6 8C 1A 42 05  ...@.j........B.
00A0: 51 D4 45 F5 9F A7 62 21   68 15 20 43 3C 99 E7 7C  Q.E...b!h. C<...
00B0: BD 24 D8 A9 91 17 73 88   3F 56 1B 31 38 18 B4 71  .$....s.?V.18..q
00C0: 0F 9A CD C8 0E 9E 8E 2E   1B E1 8C 98 83 CB 1F 31  ...............1
00D0: F1 44 4C C6 04 73 49 76   60 0F C7 F8 BD 17 80 6B  .DL..sIv`......k
00E0: 2E E9 CC 4C 0E 5A 9A 79   0F 20 0A 2E D5 9E 63 26  ...L.Z.y. ....c&
00F0: 1E 55 92 94 D8 82 17 5A   7B D0 BC C7 8F 4E 86 04  .U.....Z.....N..

]
***
trigger seeding of SecureRandom
done seeding SecureRandom
Using SSLEngineImpl.
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
<2018. 11. 8 오후 2시 53분 28초 KST> <Error> <Server> <BEA-002608> <The ListenThread because of an error: java.lang.IllegalArgumentException: Cannot support TLS_RSA_WITH_AES_256_CBC_SHA with currently installed providers
java.lang.IllegalArgumentException: Cannot support TLS_RSA_WITH_AES_256_CBC_SHA with currently installed providers
        at sun.security.ssl.CipherSuiteList.<init>(CipherSuiteList.java:92)
        at sun.security.ssl.SSLEngineImpl.setEnabledCipherSuites(SSLEngineImpl.java:2003)
        at weblogic.security.SSL.jsseadapter.JaSSLEngine$9.run(JaSSLEngine.java:240)
        at weblogic.security.SSL.jsseadapter.JaSSLEngine.doAction(JaSSLEngine.java:813)
        at weblogic.security.SSL.jsseadapter.JaSSLEngine.setEnabledCipherSuites(JaSSLEngine.java:238)
        at weblogic.server.channels.DynamicJSSEListenThread.registerSocket(DynamicJSSEListenThread.java:73)
        at weblogic.server.channels.DynamicListenThread.run(DynamicListenThread.java:188)
        at java.lang.Thread.run(Thread.java:745)
>
<2018. 11. 8 오후 2시 54분 06초 KST> <Info> <Health> <BEA-310002> <73% of the total memory in the server is free>

<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param verbose initialized to: true>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param packagePrefix initialized to: jsp_servlet>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param compilerclass initialized to: null>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param compileCommand initialized to: javac>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param compilerval initialized to: javac>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param pageCheckSeconds initialized to: -1>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param encoding initialized to: EUC_KR>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param superclass initialized to null>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: param workingDir initialized to: /app/wls1036/domains/{Domain_Name}/servers/{Server}/tmp/_WL_user/{Context_Name}/40ruv0>
<2018. 11. 8 오후 4시 37분 57초 KST> <Info> <ServletContext-> <BEA-000000> <JspServlet: initialization complete>
<2018. 11. 8 오후 4시 38분 06초 KST> <Info> <Health> <BEA-310002> <90% of the total memory in the server is free>
<2018. 11. 8 오후 4시 39분 06초 KST> <Info> <Health> <BEA-310002> <75% of the total memory in the server is free>






원인

- 현재 사용하는 Java 버전이 해당 암호화 알고리즘을 지원하지 않음.
 (링크: JDK의 암호화 알고리즘 키 제한 이슈)




해결방법

1. 암호화 알고리즘 unlimited 가능한 Java 버전으로 업데이트
2. JCE 설치하여 알고리즘 unlimited 로 변경
 - 링크: 암호화 알고리즘 unlimited Java버전 및 JCE 설치방법

3. 현재 버전의 Java가 사용가능한 Cipher Suite를 사용
 - 링크: WebLogic에서 Cipher Suites 강제 지정방법
 1) JCE 에서만 사용가능한 256이상의 Cipher Suite 제외
 2) JCE 에서만 사용가능한 ECDSA, ECDH, ECDHE, ECDH_anon Cipher Suite 제외
 3) 위 두가지 항목 외 다른 128 이하의 알고리즘 사용
  - 링크: Java6 사용가능한 알고리즘
  - 링크: Java7 사용가능한 알고리즘





Java 사용가능한 암호화 알고리즘 unlimit로 변경, 또는 사용가능한 Cipher Suite 지정 시 아래와 같이 SSL/TLS Debug Log 가 보여지며 정상적으로 https 웹페이지가 보여지게 된다.


Using SSLEngineImpl.
Using SSLEngineImpl.
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
[Raw read]: length = 5
0000: 16 03 01 02 00                                     .....
[Raw read]: length = 512
0000: 01 00 01 FC 03 03 A0 5A   00 75 9C 6D C9 5E 03 E1  .......Z.u.m.^..

 ... (생략)

01F0: 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00  ................
ExecuteThread: '0' for queue: 'weblogic.socket.Muxer', READ: TLSv1 Handshake, length = 512
*** ClientHello, Unknown-3.3
RandomCookie:  GMT: -1604714379 bytes = { 156, 109, 201, 94, 3, 225, 63, 73, 153, 17, 151, 135, 210, 113, 250, 3, 154, 197, 104, 53, 99, 226, 201, 194, 117, 162, 238, 252 }
Session ID:  {187, 60, 89, 212, 171, 218, 61, 231, 49, 86, 29, 95, 208, 199, 21, 202, 207, 241, 134, 115, 208, 143, 51, 44, 233, 111, 4, 227, 89, 185, 76, 90}
Cipher Suites: [Unknown 0xea:0xea, Unknown 0x13:0x1, Unknown 0x13:0x2, Unknown 0x13:0x3, Unknown 0xc0:0x2b, Unknown 0xc0:0x2f, Unknown 0xc0:0x2c, Unknown 0xc0:0x30, Unknown 0xcc:0xa9, Unknown 0xcc:0xa8, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, Unknown 0x0:0x9c, Unknown 0x0:0x9d, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods:  { 0 }1004lucifer
Unsupported extension type_10794, data:
Extension renegotiation_info, renegotiated_connection: <empty>
Unsupported extension type_23, data:
Unsupported extension type_35, data:
Unsupported extension signature_algorithms, data: 00:12:04:03:08:04:04:01:05:03:08:05:05:01:08:06:06:01:02:01
Unsupported extension status_request, data: 01:00:00:00:00
Unsupported extension type_18, data:
Unsupported extension type_16, data: 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31
Unsupported extension type_30032, data:
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_51, data: 00:29:2a:2a:00:01:00:00:1d:00:20:06:f0:ca:25:17:1c:50:6e:de:31:28:37:04:3b:fb:2e:da:48:a8:a0:c6:bf:c7:aa:2e:df:88:8c:71:1f:28:3e
Unsupported extension type_45, data: 01:01
Unsupported extension type_43, data: 0a:fa:fa:03:04:03:03:03:02:03:01
Extension elliptic_curves, curve names: {unknown curve 10794, unknown curve 29, secp256r1, secp384r1}
Unsupported extension type_27, data: 02:00:02
Unsupported extension type_19018, data: 00
Unsupported extension type_21, data: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
***
[read] MD5 and SHA1 hashes:  len = 512
0000: 01 00 01 FC 03 03 A0 5A   00 75 9C 6D C9 5E 03 E1  .......Z.u.m.^..
0010: 3F 49 99 11 97 87 D2 71   FA 03 9A C5 68 35 63 E2  ?I.....q....h5c.

 ... (생략)

01E0: 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00  ................
01F0: 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00  ................
%% Created:  [Session-7, TLS_RSA_WITH_AES_256_CBC_SHA]
*** ServerHello, TLSv1
RandomCookie:  GMT: 1524735920 bytes = { 9, 76, 209, 227, 25, 103, 244, 70, 88, 21, 251, 61, 166, 58, 205, 105, 11, 162, 10, 194, 197, 150, 141, 56, 20, 249, 253, 225 }
Session ID:  {91, 226, 160, 176, 184, 206, 91, 215, 68, 249, 89, 109, 144, 215, 240, 108, 140, 87, 22, 10, 147, 64, 211, 83, 239, 191, 23, 24, 235, 211, 130, 158}
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suiteTLS_RSA_WITH_AES_256_CBC_SHA
*** Certificate chain
chain [0] = [
[1004lucifer
  Version: V3
  Subject: CN=1004lucifer.co.kr, OU=EssentialSSL, OU=Domain Control Validated
  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11

  Key:  Sun RSA public key, 2048 bits
  modulus: 19319582615916585659242504168620425718645805827542544076367519867696185914255069380391761611176711763236138015178105913610261666808872857200056763482936155569643030949239457411028215201921515321255031124246934902745856049360960670836525338369519121654874032318461670026264305484084598428913822501539221068776613953044504654851115864964367308713844772369157117624745722953692816540566398064822652451732109298212767353851785781635913505536564496201813943378891319017249826847579583045980923164684260313066681015718006951059405090156338883534361341902284360952736550062700032127303539038935239709551420745512789576784293
  public exponent: 65537
  Validity: [From: Tue Apr 03 09:00:00 KST 2018,
               To: Sat May 04 08:59:59 KST 2019]
  Issuer: CN=COMODO RSA Domain Validation Secure Server CA, O=COMODO CA Limited, L=Salford, ST=Greater Manchester, C=GB
  SerialNumber: [    c6307bba f5e77272 74358350 93316fc5]

Certificate Extensions: 10
[1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
Extension unknown: DER encoded OCTET string =

 ... (생략)

00D0: F1 44 4C C6 04 73 49 76   60 0F C7 F8 BD 17 80 6B  .DL..sIv`......k
00E0: 2E E9 CC 4C 0E 5A 9A 79   0F 20 0A 2E D5 9E 63 26  ...L.Z.y. ....c&
00F0: 1E 55 92 94 D8 82 17 5A   7B D0 BC C7 8F 4E 86 04  .U.....Z.....N..

]
***
*** ServerHelloDone
[write] MD5 and SHA1 hashes:  len = 5768
0000: 02 00 00 4D 03 01 5B E2   A0 B0 09 4C D1 E3 19 67  ...M..[....L...g
0010: F4 46 58 15 FB 3D A6 3A   CD 69 0B A2 0A C2 C5 96  .FX..=.:.i......
0020: 8D 38 14 F9 FD E1 20 5B   E2 A0 B0 B8 CE 5B D7 44  .8.... [.....[.D
0030: F9 59 6D 90 D7 F0 6C 8C   57 16 0A 93 40 D3 53 EF  .Ym...l.W...@.S.
0040: BF 17 18 EB D3 82 9E 00   2F 00 00 05 FF 01 00 01  ......../.......
0050: 00 0B 00 16 2F 00 16 2C   00 06 62 30 82 06 5E 30  ..../..,..b0..^0
0060: 82 05 46 A0 03 02 01 02   02 11 00 C6 30 7B BA F5  ..F.........0...
0070: E7 72 72 74 35 83 50 93   31 6F C5 30 0D 06 09 2A  .rrt5.P.1o.0...*
1004lucifer
 ... (생략)

00A0: 6E 58 12 7E 70 8E 8F 15   91 16 6E 73 00 BE 56 74  nX..p.....ns..Vt
00B0: 6B 8A DC 1B 03 ED 84 6C   0B 1B 04 5A 4A 9E 4C E9  k......l...ZJ.L.
00C0: 93 71 5A 64 0F 80 8C F8   FD AC C0 0D 10 E6 E0 FB  .qZd............
00D0: BB 70 77 E3 64 78 55 46   25 DE 28 9B 2C 8C 3A 57  .pw.dxUF%.(.,.:W
00E0: AC 9B 37 54 DA 75 61 82   70 3B F9 6A 94 C1 40 FD  ..7T.ua.p;.j..@.
00F0: 1B 70 13 74 EA 18 49 3E   37 D7 FF 8F 0C 79 FF 3F  .p.t..I>7....y.?
0100: 4B 03 B8 C4 76 88                                  K...v.
ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', READ: TLSv1 Handshake, length = 262
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
SESSION KEYGEN:
PreMaster Secret:
0000: 03 03 CD A9 64 4D 64 7A   8A 5C 85 5B 17 51 E0 C8  ....dMdz.\.[.Q..
0010: A8 53 45 F0 F1 41 0E DA   34 A8 1D C0 3B F8 C4 9F  .SE..A..4...;...
0020: 4C 58 BA 69 3E 48 B5 EC   F1 F8 93 C6 44 50 72 4E  LX.i>H......DPrN
1004lucifer
 ... (생략)

0000: 14 03 01 00 01                                     .....
[Raw read]: length = 1
0000: 01                                                 .
ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', READ: TLSv1 Change Cipher Spec, length = 1
[Raw read]: length = 5
0000: 16 03 01 00 30                                     ....0
[Raw read]: length = 48
0000: BD 9A FD 56 62 93 0F D4   73 FC A2 2A A7 33 11 CB  ...Vb...s..*.3..
0010: 57 A8 C7 29 68 71 D6 9F   3A ED A5 3A BF 58 AF F9  W..)hq..:..:.X..
0020: DD 1C 39 B3 3F 8D E0 0D   3D 6C 6C 52 AF D8 01 84  ..9.?...=llR....
ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', READ: TLSv1 Handshake, length = 48
Padded plaintext after DECRYPTION:  len = 48
0000: 14 00 00 0C 43 E2 9C 2B   46 5D 79 35 47 01 6C 41  ....C..+F]y5G.lA
0010: E8 C5 56 60 E7 31 4C 98   AD 2A FD EF D1 24 F4 CA  ..V`.1L..*...$..
0020: AB A6 77 1D 0B 0B 0B 0B   0B 0B 0B 0B 0B 0B 0B 0B  ..w.............
*** Finished
verify_data:  { 67, 226, 156, 43, 70, 93, 121, 53, 71, 1, 108, 65 }
***
[read] MD5 and SHA1 hashes:  len = 16
0000: 14 00 00 0C 43 E2 9C 2B   46 5D 79 35 47 01 6C 41  ....C..+F]y5G.lA
ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data:  { 192, 232, 219, 79, 38, 8, 16, 9, 216, 119, 248, 145 }
***
[write] MD5 and SHA1 hashes:  len = 16
0000: 14 00 00 0C C0 E8 DB 4F   26 08 10 09 D8 77 F8 91  .......O&....w..
Padded plaintext before ENCRYPTION:  len = 48
0000: 14 00 00 0C C0 E8 DB 4F   26 08 10 09 D8 77 F8 91  .......O&....w..
0010: 02 72 D8 02 70 D0 74 1D   DC 80 21 20 5D EB 5F 0E  .r..p.t...! ]._.
0020: F1 F6 DC 5E 0B 0B 0B 0B   0B 0B 0B 0B 0B 0B 0B 0B  ...^............
ExecuteThread: '2' for queue: 'weblogic.socket.Muxer', WRITE: TLSv1 Handshake, length = 48
%% Cached server session: [Session-7, TLS_RSA_WITH_AES_256_CBC_SHA]
[Raw write]: length = 6
0000: 14 03 01 00 01 01                                  ......
[Raw write]: length = 53
0000: 16 03 01 00 30 2F 73 F6   0E B7 DD 21 BC D7 D9 BE  ....0/s....!....
0010: 02 77 E6 96 7C 4D 4C 89   A5 1B C9 A5 78 2C 8F D8  .w...ML.....x,..

 ... (생략)






참고
 - https://docs.oracle.com/middleware/11119/wls/SECMG/ssl.htm#SECMG502


댓글 없음 :

댓글 쓰기