| Re: [jetty-users] keystore |
Lou.No improvement. Revised code and console shown below.Thanks.
-----
private void server_main(String[] args) {
try {
// === jetty.xml ===
// Setup Threadpool
QueuedThreadPool threadPool = new QueuedThreadPool();
threadPool.setMaxThreads(max_threads);
// Server
server = new Server(threadPool);
// Scheduler
server.addBean(new ScheduledExecutorScheduler());
// === jetty-http.xml ===
ServerConnector http = new ServerConnector(server, new HttpConnectionFactory());
http.setPort(port_http);
http.setIdleTimeout(idle_timeout);
server.addConnector(http);
// === jetty-https.xml ===
// SSL Context Factory
SslContextFactory sslContextFactory = new SslContextFactory();
HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(port_https);
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());
ServerConnector https = new ServerConnector(server,
new SslConnectionFactory(sslContextFactory,"http/1.1"),
new HttpConnectionFactory(https_config));
https.setPort(port_https);
sslContextFactory.setKeyStorePath(keystore);
sslContextFactory.setKeyStorePassword(keystore_ password);
sslContextFactory.setKeyManagerPassword( keymanager_password);
server.setConnectors(new Connector[] { http });
server.addConnector(https);
//
ResourceHandler resourceHandler = new ResourceHandler();
resourceHandler.setDirectoriesListed(true);
resourceHandler.setResourceBase(jetty_server_ root);
HandlerList handlers = new HandlerList();
handlers.addHandler(resourceHandler);
handlers.addHandler(new DefaultHandler()); // always last
server.setHandler(handlers);
server.setDumpAfterStart(true);
server.start();
server.join();
}
catch(Exception e) {
e.printStackTrace();
}
}
-----
2018-03-14 11:37:45.625:INFO::main: Logging initialized @351ms to org.eclipse.jetty.util.log.StdErrLog
2018-03-14 11:37:45.825:INFO:oejs.Server:main: jetty-9.4.8.v20171121, build timestamp: 2017-11-21T16:27:37-05:00, git hash: 82b8fb23f757335bb3329d540ce37a 2a2615f0a8
2018-03-14 11:37:45.922:INFO:oejs.AbstractConnector:main: Started ServerConnector@bce0c39e{HTTP/ 1.1,[http/1.1]}{0.0.0.0:8080}
IBMJSSE2 will not allow protocol SSLv3 per com.ibm.jsse2.disableSSLv3 set to TRUE or default
IBMJSSEProvider2 Build-Level: -20170331
2018-03-14 11:37:46.281:INFO:oejus.SslContextFactory:main: x509=X509@5e446688(jetty,h=[ org.apache.uima.ducc],w=[]) for SslContextFactory@1d40ef6d[ provider=null,keyStore=file:// /home/degenaro/eclipse- workspace.oxygen/jetty-test/ jetty_server/resources/ keystore,trustStore=null]
***
found key for : jetty
chain [0] = [
[
Version: V3
Subject: CN=org.apache.uima.ducc, OU=uima.ducc, O=Apache, L=Wilmington, ST=Delaware, C=USA
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: IBMJCE RSA Public Key:
modulus:
264440692950370382676703006967636202200868551680106479410624 816608998794798098038842940581 741867344536240453013789608461 716828571070274272505973120762 486426493567717211456823442458 781913093208907235757774607867 023903582433227912490768500906 933817330565915931746544680125 836896132318160061190172339298 604345826500652765762722811651 442146780261193562213964367647 139935939228939845673390812330 714161545364607683588288492178 507727783280335061973937299775 765589440977873167416346794259 274435627074776781271926466592 105570465250975916714984288016 087439338903493080482115063204 178266116200983753455395727347 82479701163777463
public exponent:
65537
Validity: [From: Wed Mar 07 15:56:33 EST 2018,
To: Sun Jul 23 16:56:33 EDT 2045]
Issuer: CN=org.apache.uima.ducc, OU=uima.ducc, O=Apache, L=Wilmington, ST=Delaware, C=USA
SerialNumber: [1372056716]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: d5 93 ce ef 56 40 f2 e8 54 f0 02 22 ed 77 36 fd ....V...T....w6.
0010: 4c 3f bb 73L..s
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 96 5b c7 88 51 51 68 ce eb d6 61 dc ca b1 41 62 ....QQh...a...Ab
0010: b0 62 51 e2 ed de 88 8a bf 83 eb ef be 4d 13 32 .bQ..........M.2
0020: b9 82 64 2e 8a c8 bf 99 b2 a6 a2 cb fe 1b ba 88 ..d.............
0030: 13 12 36 67 1d 26 e6 e9 97 ae df 33 51 cd bd 1b ..6g.......3Q...
0040: 05 5b f5 62 db c5 a1 84 d0 b3 a0 1a f1 00 b7 74 ...b...........t
0050: f7 0d e1 3f e7 ab 36 59 9f d8 35 fa 3d bc c9 dd ......6Y..5.....
0060: 7c 13 3f f9 a3 b3 e8 e2 3b 2f 8b dd d4 39 0e 1d .............9..
0070: a9 ed 2c c9 d2 e5 e9 c9 99 84 62 4c fb a7 28 89 ..........bL....
0080: bf a3 c6 55 6e 13 09 63 e4 37 40 a5 c2 0d d7 4b ...Un..c.7.....K
0090: 1e b5 a3 02 31 5a 9d 84 c2 e1 b9 90 1d 0f 49 8a ....1Z........I.
00a0: d1 b8 d1 d1 4b bc a3 18 55 f7 de a2 6f 90 29 f2 ....K...U...o...
00b0: 99 7d 87 06 25 25 f1 8a 83 79 7b 52 9e 45 b2 ca .........y.R.E..
00c0: 0d 85 fa e2 7d b7 4c 9d ca 13 ab fd bc e1 6d c8 ......L.......m.
00d0: f1 4b 01 d2 1e 96 8f 50 68 24 ba e5 c4 f1 90 70 .K.....Ph......p
00e0: d9 00 36 fa 39 7e 34 4d 13 14 28 1d 43 e7 16 16 ..6.9.4M....C...
00f0: 2d a6 32 d5 57 19 08 a4 05 f6 f9 35 2b bc 8b 4d ..2.W......5...M
]
***
adding as trusted cert:
Subject: CN=org.apache.uima.ducc, OU=uima.ducc, O=Apache, L=Wilmington, ST=Delaware, C=USA
Issuer: CN=org.apache.uima.ducc, OU=uima.ducc, O=Apache, L=Wilmington, ST=Delaware, C=USA
Algorithm: RSA; Serial number: 0x51c7ec8c
Valid from Wed Mar 07 15:56:33 EST 2018 until Sun Jul 23 16:56:33 EDT 2045
Installed Providers =
IBMJSSE2
IBMJCE
IBMJGSSProvider
IBMCertPath
IBMSASL
IBMXMLCRYPTO
IBMXMLEnc
IBMSPNEGO
SUN
SSLContextImpl: Using X509ExtendedKeyManager org.eclipse.jetty.util.ssl.SniX509ExtendedKeyManager
SSLContextImpl: Using X509TrustManager com.ibm.jsse2.aB
JsseJCE: Using SecureRandom IBMSecureRandom from provider IBMJCE version 1.8
trigger seeding of SecureRandom
done seeding SecureRandom
IBMJSSE2 will enable CBC protection
JsseJCE: Using SecureRandom IBMSecureRandom from provider IBMJCE version 1.8
JsseJCE: Using signature SHA1withECDSA from provider TBD via init
JsseJCE: Using signature NONEwithECDSA from provider TBD via init
JsseJCE: Using KeyAgreement ECDH from provider IBMJCE version 1.8
JsseJCE: Using KeyFactory EC from provider IBMJCE version 1.8
JsseJCE: Using KeyPairGenerator EC from provider TBD via init
jdk.tls.client.protocols is defined as null
SSLv3 protocol was requested but was not enabled
SSLv3 protocol was requested but was not enabled
SUPPORTED: [TLSv1, TLSv1.1, TLSv1.2]
SERVER_DEFAULT: [TLSv1, TLSv1.1, TLSv1.2]
CLIENT_DEFAULT: [TLSv1, TLSv1.1, TLSv1.2]
IBMJSSE2 will enable CBC protection
Using SSLEngineImpl.
2018-03-14 11:37:47.170:INFO:oejs.AbstractConnector:main: Started ServerConnector@2909406e{SSL,[ ssl, http/1.1]}{0.0.0.0:8443}
org.eclipse.jetty.server.Server@74696830[9.4.8. v20171121] - STARTING
+= QueuedThreadPool@qtp-149401960{STARTED,8<=8<=10,i=4,q=0} - STARTED
| +- 21 qtp-149401960-21-acceptor-0@6793ecf3-ServerConnector@ bce0c39e{HTTP/1.1,[http/1.1]}{ 0.0.0.0:8080 } ACCEPTING RUNNABLE @ sun.nio.ch.ServerSocketChannelImpl. accept0(Native Method) prio=3
| +- 25 qtp-149401960-25 IDLE TIMED_WAITING @ sun.misc.Unsafe.park(Native Method)
| +- 26 qtp-149401960-26 IDLE TIMED_WAITING @ sun.misc.Unsafe.park(Native Method)
| +- 22 qtp-149401960-22 SELECTING RUNNABLE @ sun.nio.ch.EPollArrayWrapper.epollWait(Native Method)
| +- 23 qtp-149401960-23-acceptor-0@b20be6a6-ServerConnector@ 2909406e{SSL,[ssl, http/1.1]}{0.0.0.0:8443} ACCEPTING RUNNABLE @ sun.nio.ch. ServerSocketChannelImpl. accept0(Native Method) prio=3
| +- 24 qtp-149401960-24 IDLE TIMED_WAITING @ sun.misc.Unsafe.park(Native Method)
| +- 20 qtp-149401960-20 SELECTING RUNNABLE @ sun.nio.ch.EPollArrayWrapper.epollWait(Native Method)
| +- 27 qtp-149401960-27 IDLE TIMED_WAITING @ sun.misc.Unsafe.park(Native Method)
| +- jobs
+= org.eclipse.jetty.util.thread.ScheduledExecutorScheduler@ fed832b4 - STARTED
+= ServerConnector@bce0c39e{HTTP/1.1,[http/1.1]}{0.0.0.0:8080} - STARTED
| +~ org.eclipse.jetty.server.Server@74696830[9.4.8. v20171121] - STARTING
| +~ QueuedThreadPool@qtp-149401960{STARTED,8<=8<=10,i=4,q=0} - STARTED
| +~ org.eclipse.jetty.util.thread.ScheduledExecutorScheduler@ fed832b4 - STARTED
| +- org.eclipse.jetty.io.ArrayByteBufferPool@133cfd8a
| += HttpConnectionFactory@378c4a8b[HTTP/1.1] - STARTED
| | +- HttpConfiguration@83e8c34f{32768/8192,8192/8192,https://: 0,[]}
| += SelectorManager@ServerConnector@bce0c39e{HTTP/ 1.1,[http/1.1]}{0.0.0.0:8080} - STARTED
| | += ReservedThreadExecutor@d9a5f14a{s=0/1,p=0}@ SelectorManager@ ServerConnector@bce0c39e{HTTP/ 1.1,[http/1.1]}{0.0.0.0:8080} - STARTED
| | += org.eclipse.jetty.io.ManagedSelector@19be75b2 id=0 keys=0 selected=0 actions=0 - STARTED
| | += EatWhatYouKill@44d241bf/SelectorProducer@f642edac/ PRODUCING/ ReservedThreadExecutor@ d9a5f14a{s=0/1,p=0}@ SelectorManager@ ServerConnector@bce0c39e{HTTP/ 1.1,[http/1.1]}{0.0.0.0:8080} - STARTED
| | +- SelectorProducer@f642edac
| | +- keys
| | | +- sun.nio.ch.EPollSelectorImpl@9292aa36 keys=0
| | +- actions
| +- sun.nio.ch.ServerSocketChannelImpl[/0:0: 0:0:0:0:0:0:8080]
| +- qtp-149401960-21-acceptor-0@6793ecf3-ServerConnector@ bce0c39e{HTTP/1.1,[http/1.1]}{ 0.0.0.0:8080 }
+= ServerConnector@2909406e{SSL,[ssl, http/1.1]}{0.0.0.0:8443} - STARTED
| +~ org.eclipse.jetty.server.Server@74696830[9.4.8. v20171121] - STARTING
| +~ QueuedThreadPool@qtp-149401960{STARTED,8<=8<=10,i=4,q=0} - STARTED
| +~ org.eclipse.jetty.util.thread.ScheduledExecutorScheduler@ fed832b4 - STARTED
| +- org.eclipse.jetty.io.ArrayByteBufferPool@8d6ecdb
| += SslConnectionFactory@7f664c55{SSL->http/1.1} - STARTED
| | += SslContextFactory@1d40ef6d[provider=null,keyStore=file:// /home/degenaro/eclipse- workspace.oxygen/jetty-test/ jetty_server/resources/ keystore,trustStore=null] trustAll=false
keyStore is: /share/ibm-java-x86_64-8.0.4.6/jre/lib/security/cacerts
keyStore type is: jks
keyStore provider is:
init keystore
Finalizer thread, called close()
Finalizer thread, called closeInternal(true)
Finalizer thread, called closeSocket(true)
init keymanager of type IbmX509
trustStore is: /share/ibm-java-x86_64-8.0.4.6/jre/lib/security/cacerts
trustStore type is: jks
trustStore provider is:
init truststore
adding as trusted cert:
Subject: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU
Issuer: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU
Algorithm: RSA; Serial number: 0xd9083fbba967ca1a
Valid from Wed Dec 07 06:28:07 EST 2011 until Sat Jul 31 07:28:07 EDT 2038
adding as trusted cert:
Subject: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP
Issuer: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP
Algorithm: RSA; Serial number: 0x0
Valid from Tue Sep 30 00:20:49 EDT 2003 until Sat Sep 30 00:20:49 EDT 2023
adding as trusted cert:
Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a
Valid from Thu Nov 09 19:00:00 EST 2006 until Sun Nov 09 19:00:00 EST 2031
adding as trusted cert:
Subject: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 2 G3, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x445734245b81899b35f2ceb82b3b5ba726f07528
Valid from Thu Jan 12 13:59:32 EST 2012 until Sun Jan 12 13:59:32 EST 2042
adding as trusted cert:
Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x4
Valid from Mon Jun 21 00:00:00 EDT 1999 until Sun Jun 21 00:00:00 EDT 2020
adding as trusted cert:
Subject: EMAILADDRESS=info@xxxxxxxxxxxx, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: EMAILADDRESS=info@xxxxxxxxxxxx, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 20:19:54 EDT 1999 until Tue Jun 25 20:19:54 EDT 2019
adding as trusted cert:
Subject: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x18acb56afd69b6153a636cafdafac4a1
Valid from Sun Nov 26 19:00:00 EST 2006 until Wed Jul 16 19:59:59 EDT 2036
adding as trusted cert:
Subject: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP
Issuer: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP
Algorithm: RSA; Serial number: 0x0
Valid from Fri May 29 01:00:39 EDT 2009 until Tue May 29 01:00:39 EDT 2029
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Finalizer thread, called close()
Finalizer thread, called closeInternal(true)
Finalizer thread, called closeSocket(true)
Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6
Valid from Sun May 17 20:00:00 EDT 1998 until Tue Aug 01 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Issuer: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Mon Jun 21 00:00:00 EDT 1999 until Sun Jun 21 00:00:00 EDT 2020
adding as trusted cert:
Subject: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW
Issuer: OU=ePKI Root Certification Authority, O="Chunghwa Telecom Co., Ltd.", C=TW
Algorithm: RSA; Serial number: 0x15c8bd65475cafb897005ee406d2bc9d
Valid from Sun Dec 19 21:31:27 EST 2004 until Tue Dec 19 21:31:27 EST 2034
adding as trusted cert:
Subject: CN=AffirmTrust Commercial, O=AffirmTrust, C=US
Issuer: CN=AffirmTrust Commercial, O=AffirmTrust, C=US
Algorithm: RSA; Serial number: 0x7777062726a9b17c
Valid from Fri Jan 29 09:06:06 EST 2010 until Tue Dec 31 09:06:06 EST 2030
adding as trusted cert:
Subject: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL
Issuer: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL
Algorithm: RSA; Serial number: 0x444c0
Valid from Wed Oct 22 08:07:37 EDT 2008 until Mon Dec 31 07:07:37 EST 2029
adding as trusted cert:
Subject: EMAILADDRESS=personal-basic@thawte.com , CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: EMAILADDRESS=personal-basic@thawte.com , CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 19:00:00 EST 1995 until Thu Dec 31 18:59:59 EST 2020
adding as trusted cert:
Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b
Valid from Thu Jan 12 09:38:43 EST 2006 until Wed Dec 31 17:59:59 EST 2025
adding as trusted cert:
Subject: CN=Sonera Class2 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class2 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x1d
Valid from Fri Apr 06 03:29:40 EDT 2001 until Tue Apr 06 03:29:40 EDT 2021
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 02:00:00 EDT 2002 until Thu Nov 19 15:43:00 EST 2037
adding as trusted cert:
Subject: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Algorithm: EC; Serial number: 0x3cb2f4480a00e2feeb243b5e603ec36b
Valid from Sun Nov 04 19:00:00 EST 2007 until Mon Jan 18 18:59:59 EST 2038
adding as trusted cert:
Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Issuer: OU=Equifax Secure Certificate Authority, O=Equifax, C=US
Algorithm: RSA; Serial number: 0x35def4cf
Valid from Sat Aug 22 12:41:51 EDT 1998 until Wed Aug 22 12:41:51 EDT 2018
adding as trusted cert:
Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577
Valid from Thu Nov 09 19:00:00 EST 2006 until Sun Nov 09 19:00:00 EST 2031
adding as trusted cert:
Subject: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Thu Mar 04 00:00:00 EST 2004 until Sun Mar 04 00:00:00 EST 2029
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
Algorithm: RSA; Serial number: 0x4000000000121585308a2
Valid from Wed Mar 18 06:00:00 EDT 2009 until Sun Mar 18 06:00:00 EDT 2029
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000b9
Valid from Fri May 12 14:46:00 EDT 2000 until Mon May 12 19:59:00 EDT 2025
adding as trusted cert:
Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 13:39:16 EDT 2004 until Thu Jun 29 13:39:16 EDT 2034
adding as trusted cert:
Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Issuer: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB
Algorithm: RSA; Serial number: 0x1
Valid from Wed Dec 31 19:00:00 EST 2003 until Sun Dec 31 18:59:59 EST 2028
adding as trusted cert:
Subject: CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/ , O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Algorithm: RSA; Serial number: 0x7
Valid from Tue May 03 03:00:00 EDT 2011 until Sat May 03 03:00:00 EDT 2031
adding as trusted cert:
Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd
Valid from Fri Jul 09 14:10:42 EDT 1999 until Tue Jul 09 14:19:22 EDT 2019
adding as trusted cert:
Subject: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU
Issuer: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU
Algorithm: RSA; Serial number: 0x0
Valid from Tue Sep 30 12:13:43 EDT 2003 until Wed Sep 30 12:13:44 EDT 2037
adding as trusted cert:
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xcdba7f56f0dfe4bc54fe22acb372aa55
Valid from Sun Jan 28 19:00:00 EST 1996 until Tue Aug 01 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57
Valid from Thu Sep 30 20:00:00 EDT 1999 until Wed Jul 16 19:59:59 EDT 2036
adding as trusted cert:
Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Issuer: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE
Algorithm: RSA; Serial number: 0x40000000001154b5ac394
Valid from Tue Sep 01 08:00:00 EDT 1998 until Fri Jan 28 07:00:00 EST 2028
adding as trusted cert:
Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b
Valid from Fri Jul 09 14:31:20 EDT 1999 until Tue Jul 09 14:40:36 EDT 2019
adding as trusted cert:
Subject: CN=AffirmTrust Networking, O=AffirmTrust, C=US
Issuer: CN=AffirmTrust Networking, O=AffirmTrust, C=US
Algorithm: RSA; Serial number: 0x7c4f04391cd4992d
Valid from Fri Jan 29 09:08:24 EST 2010 until Tue Dec 31 09:08:24 EST 2030
adding as trusted cert:
Subject: CN=AffirmTrust Premium, O=AffirmTrust, C=US
Issuer: CN=AffirmTrust Premium, O=AffirmTrust, C=US
Algorithm: RSA; Serial number: 0x6d8c1446b1a60aee
Valid from Fri Jan 29 09:10:36 EST 2010 until Mon Dec 31 09:10:36 EST 2040
adding as trusted cert:
Subject: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x2d1bfc4a178da391ebe7fff58b45be0b
Valid from Sun Jan 28 19:00:00 EST 1996 until Tue Aug 01 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510
Valid from Thu Mar 23 09:10:23 EST 2006 until Wed Dec 31 17:59:59 EST 2025
adding as trusted cert:
Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Issuer: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE
Algorithm: RSA; Serial number: 0x20000bf
Valid from Wed May 17 10:01:00 EDT 2000 until Sat May 17 19:59:00 EDT 2025
adding as trusted cert:
Subject: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US
Issuer: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 28 02:00:00 EDT 2002 until Tue Sep 29 10:08:00 EDT 2037
adding as trusted cert:
Subject: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU
Issuer: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU
Algorithm: RSA; Serial number: 0xae8219053f5e8271
Valid from Wed Dec 07 06:29:21 EST 2011 until Sat Jul 31 07:29:21 EDT 2038
adding as trusted cert:
Subject: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x15ac6e9419b2794b41f627a9c3180f1f
Valid from Tue Apr 01 20:00:00 EDT 2008 until Tue Dec 01 18:59:59 EST 2037
adding as trusted cert:
Subject: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU
Issuer: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU
Algorithm: RSA; Serial number: 0xa3da427ea4b1aeda
Valid from Fri Aug 01 08:29:50 EDT 2008 until Sat Jul 31 08:29:50 EDT 2038
adding as trusted cert:
Subject: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0x4f1bd42f54bb2f4b
Valid from Wed Oct 25 04:32:46 EDT 2006 until Sat Oct 25 04:32:46 EDT 2036
adding as trusted cert:
Subject: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
Issuer: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
Algorithm: RSA; Serial number: 0x4a538c28
Valid from Tue Jul 07 13:25:54 EDT 2009 until Sat Dec 07 12:55:54 EST 2030
adding as trusted cert:
Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039
Valid from Thu Nov 09 19:00:00 EST 2006 until Sun Nov 09 19:00:00 EST 2031
adding as trusted cert:
Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Issuer: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 29 13:06:20 EDT 2004 until Thu Jun 29 13:06:20 EDT 2034
adding as trusted cert:
Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 06:48:38 EDT 2000 until Sat May 30 06:48:38 EDT 2020
adding as trusted cert:
Subject: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE
Issuer: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE
Algorithm: RSA; Serial number: 0x1
Valid from Wed Oct 01 06:29:56 EDT 2008 until Sat Oct 01 19:59:59 EDT 2033
adding as trusted cert:
Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989
Valid from Fri Jul 09 13:28:50 EDT 1999 until Tue Jul 09 13:36:58 EDT 2019
adding as trusted cert:
Subject: CN=Class 2 Primary CA, O=Certplus, C=FR
Issuer: CN=Class 2 Primary CA, O=Certplus, C=FR
Algorithm: RSA; Serial number: 0x85bd4bf3d8dae369f694d75fc3a54423
Valid from Wed Jul 07 13:05:00 EDT 1999 until Sat Jul 06 19:59:59 EDT 2019
adding as trusted cert:
Subject: EMAILADDRESS=premium-server@thawte.com , CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: EMAILADDRESS=premium-server@thawte.com , CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 20:00:00 EDT 1996 until Thu Dec 31 18:59:59 EST 2020
adding as trusted cert:
Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Algorithm: RSA; Serial number: 0x23456
Valid from Tue May 21 00:00:00 EDT 2002 until Sat May 21 00:00:00 EDT 2022
adding as trusted cert:
Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0x4eb200670c035d4f
Valid from Wed Oct 25 04:36:00 EDT 2006 until Sat Oct 25 04:36:00 EDT 2036
adding as trusted cert:
Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a
Valid from Thu Sep 30 20:00:00 EDT 1999 until Wed Jul 16 19:59:59 EDT 2036
adding as trusted cert:
Subject: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, ST=Arizona, C=US
Algorithm: RSA; Serial number: 0x0
Valid from Mon Aug 31 20:00:00 EDT 2009 until Thu Dec 31 18:59:59 EST 2037
adding as trusted cert:
Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Issuer: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net
Algorithm: RSA; Serial number: 0x3863def8
Valid from Fri Dec 24 12:50:51 EST 1999 until Tue Jul 24 10:15:12 EDT 2029
adding as trusted cert:
Subject: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Algorithm: RSA; Serial number: 0x344ed55720d5edec49f42fce37db2b6d
Valid from Thu Nov 16 19:00:00 EST 2006 until Wed Jul 16 19:59:59 EDT 2036
adding as trusted cert:
Subject: EMAILADDRESS=server-certs@thawte.com , CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: EMAILADDRESS=server-certs@thawte.com , CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x1
Valid from Wed Jul 31 20:00:00 EDT 1996 until Thu Dec 31 18:59:59 EST 2020
adding as trusted cert:
Subject: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Algorithm: RSA; Serial number: 0x0
Valid from Mon Aug 31 20:00:00 EDT 2009 until Thu Dec 31 18:59:59 EST 2037
adding as trusted cert:
Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4
Valid from Thu Sep 30 20:00:00 EDT 1999 until Wed Jul 16 19:59:59 EDT 2036
adding as trusted cert:
Subject: EMAILADDRESS=personal-freemail@xxxxxxxxxx , CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: EMAILADDRESS=personal-freemail@xxxxxxxxxx , CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x123df0e7da2a2247a43889e08aeec967
Valid from Sun Dec 31 19:00:00 EST 1995 until Fri Jan 01 18:59:59 EST 2021
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: EC; Serial number: 0x2f80fe238c0e220f486712289187acb3
Valid from Sun Nov 04 19:00:00 EST 2007 until Mon Jan 18 18:59:59 EST 2038
adding as trusted cert:
Subject: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
Issuer: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US
Algorithm: RSA; Serial number: 0x456b5054
Valid from Mon Nov 27 15:23:42 EST 2006 until Fri Nov 27 15:53:42 EST 2026
adding as trusted cert:
Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Issuer: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE
Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606
Valid from Wed Mar 22 10:54:28 EST 2006 until Wed Dec 31 17:59:59 EST 2025
adding as trusted cert:
Subject: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL
Issuer: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL
Algorithm: RSA; Serial number: 0x10020
Valid from Tue Jun 11 06:46:39 EDT 2002 until Fri Jun 11 06:46:39 EDT 2027
adding as trusted cert:
Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 06:44:50 EDT 2000 until Sat May 30 06:44:50 EDT 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x70bae41d10d92934b638ca7b03ccbabf
Valid from Sun Jan 28 19:00:00 EST 1996 until Tue Aug 01 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO
Issuer: CN=Buypass Class 2 Root CA, O=Buypass AS-983163327, C=NO
Algorithm: RSA; Serial number: 0x2
Valid from Tue Oct 26 04:38:03 EDT 2010 until Fri Oct 26 04:38:03 EDT 2040
adding as trusted cert:
Subject: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH
Issuer: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH
Algorithm: RSA; Serial number: 0xbb401c43f55e4fb0
Valid from Wed Oct 25 04:30:35 EDT 2006 until Sat Oct 25 04:30:35 EDT 2036
adding as trusted cert:
Subject: CN=Certum Trusted Network CA 2, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL
Issuer: CN=Certum Trusted Network CA 2, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL
Algorithm: RSA; Serial number: 0xb85914713f57df8f31c0333dd2d6197a2317b4eb
Valid from Thu Oct 06 04:39:56 EDT 2011 until Sat Oct 06 04:39:56 EDT 2046
adding as trusted cert:
Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Issuer: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US
Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69
Valid from Thu Jun 24 14:57:21 EDT 1999 until Mon Jun 24 15:06:30 EDT 2019
adding as trusted cert:
Subject: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x509
Valid from Fri Nov 24 13:27:00 EST 2006 until Mon Nov 24 13:23:33 EST 2031
adding as trusted cert:
Subject: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE
Issuer: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE
Algorithm: RSA; Serial number: 0x26
Valid from Fri Jul 09 08:11:00 EDT 1999 until Tue Jul 09 19:59:00 EDT 2019
adding as trusted cert:
Subject: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 1 G3, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x78585f2ead2c194be3370735341328b596d46593
Valid from Thu Jan 12 12:27:44 EST 2012 until Sun Jan 12 12:27:44 EST 2042
adding as trusted cert:
Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x3f691e819cf09a4af373ffb948a2e4dd
Valid from Sun Jan 28 19:00:00 EST 1996 until Wed Aug 02 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=VeriSign Class 3 Secure Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x6ecc7aa5a7032009b8cebcf4e952d491
Valid from Sun Feb 07 19:00:00 EST 2010 until Fri Feb 07 18:59:59 EST 2020
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf
Valid from Sun May 17 20:00:00 EDT 1998 until Tue Aug 01 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x18dad19e267de8bb4a2158cdcc6b3b4a
Valid from Tue Nov 07 19:00:00 EST 2006 until Wed Jul 16 19:59:59 EDT 2036
adding as trusted cert:
Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Issuer: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2
Algorithm: RSA; Serial number: 0x400000000010f8626e60d
Valid from Fri Dec 15 03:00:00 EST 2006 until Wed Dec 15 03:00:00 EST 2021
adding as trusted cert:
Subject: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x5c6
Valid from Fri Nov 24 14:11:23 EST 2006 until Mon Nov 24 14:06:44 EST 2031
adding as trusted cert:
Subject: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root CA 3 G3, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x2ef59b0228a7db7affd5a3a9eebd03a0cf126a1d
Valid from Thu Jan 12 15:26:32 EST 2012 until Sun Jan 12 15:26:32 EST 2042
adding as trusted cert:
Subject: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Issuer: OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US
Algorithm: RSA; Serial number: 0x3770cfb5
Valid from Wed Jun 23 08:14:45 EDT 1999 until Sun Jun 23 08:14:45 EDT 2019
adding as trusted cert:
Subject: EMAILADDRESS=server-certs@thawte.com , CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: EMAILADDRESS=server-certs@thawte.com , CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x34a4fff630af4ca53c331742a1946675
Valid from Wed Jul 31 20:00:00 EDT 1996 until Fri Jan 01 18:59:59 EST 2021
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be
Valid from Sun Jan 28 19:00:00 EST 1996 until Wed Aug 02 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM
Issuer: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM
Algorithm: RSA; Serial number: 0x3ab6508b
Valid from Mon Mar 19 13:33:33 EST 2001 until Wed Mar 17 14:33:33 EDT 2021
adding as trusted cert:
Subject: CN=Class 3P Primary CA, O=Certplus, C=FR
Issuer: CN=Class 3P Primary CA, O=Certplus, C=FR
Algorithm: RSA; Serial number: 0xbf5cdbb6f21c6ec04deb7a023b36e879
Valid from Wed Jul 07 13:10:00 EDT 1999 until Sat Jul 06 19:59:59 EDT 2019
adding as trusted cert:
Subject: EMAILADDRESS=personal-freemail@xxxxxxxxxx , CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: EMAILADDRESS=personal-freemail@xxxxxxxxxx , CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 19:00:00 EST 1995 until Thu Dec 31 18:59:59 EST 2020
adding as trusted cert:
Subject: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO
Issuer: CN=Buypass Class 3 Root CA, O=Buypass AS-983163327, C=NO
Algorithm: RSA; Serial number: 0x2
Valid from Tue Oct 26 04:28:58 EDT 2010 until Fri Oct 26 04:28:58 EDT 2040
adding as trusted cert:
Subject: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP
Issuer: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP
Algorithm: RSA; Serial number: 0x0
Valid from Tue Jun 05 22:12:32 EDT 2007 until Fri Jun 05 22:12:32 EDT 2037
adding as trusted cert:
Subject: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US
Algorithm: EC; Serial number: 0x35fc265cd9844fc93d263d579baed756
Valid from Sun Nov 04 19:00:00 EST 2007 until Mon Jan 18 18:59:59 EST 2038
adding as trusted cert:
Subject: EMAILADDRESS=personal-premium@thawte.com , CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Issuer: EMAILADDRESS=personal-premium@thawte.com , CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Sun Dec 31 19:00:00 EST 1995 until Thu Dec 31 18:59:59 EST 2020
adding as trusted cert:
Subject: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x401ac46421b31321030ebbe4121ac51d
Valid from Tue Apr 01 20:00:00 EDT 2008 until Tue Dec 01 18:59:59 EST 2037
adding as trusted cert:
Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Issuer: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE
Algorithm: RSA; Serial number: 0x1
Valid from Tue May 30 06:38:31 EDT 2000 until Sat May 30 06:38:31 EDT 2020
adding as trusted cert:
Subject: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA
Issuer: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x0
Valid from Tue Dec 31 19:00:00 EST 1996 until Thu Dec 31 18:59:59 EST 2020
adding as trusted cert:
Subject: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU
Issuer: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU
Algorithm: RSA; Serial number: 0xc9cdd3e9d57d23ce
Valid from Fri Aug 01 08:31:40 EDT 2008 until Sat Jul 31 08:31:40 EDT 2038
adding as trusted cert:
Subject: EMAILADDRESS=info@xxxxxxxxxxxx, CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Issuer: EMAILADDRESS=info@xxxxxxxxxxxx, CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network
Algorithm: RSA; Serial number: 0x1
Valid from Fri Jun 25 18:23:48 EDT 1999 until Tue Jun 25 18:23:48 EDT 2019
adding as trusted cert:
Subject: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Issuer: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US
Algorithm: RSA; Serial number: 0x600197b746a7eab4b49ad64b2ff790fb
Valid from Tue Apr 01 20:00:00 EDT 2008 until Tue Dec 01 18:59:59 EST 2037
adding as trusted cert:
Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Issuer: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
Algorithm: RSA; Serial number: 0x1a5
Valid from Wed Aug 12 20:29:00 EDT 1998 until Mon Aug 13 19:59:00 EDT 2018
adding as trusted cert:
Subject: EMAILADDRESS=premium-server@thawte.com , CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Issuer: EMAILADDRESS=premium-server@thawte.com , CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA
Algorithm: RSA; Serial number: 0x36122296c5e338a520a1d25f4cd70954
Valid from Wed Jul 31 20:00:00 EDT 1996 until Fri Jan 01 18:59:59 EST 2021
adding as trusted cert:
Subject: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US
Issuer: CN=AffirmTrust Premium ECC, O=AffirmTrust, C=US
Algorithm: EC; Serial number: 0x7497258ac73f7a54
Valid from Fri Jan 29 09:20:24 EST 2010 until Mon Dec 31 09:20:24 EST 2040
adding as trusted cert:
Subject: CN=Sonera Class1 CA, O=Sonera, C=FI
Issuer: CN=Sonera Class1 CA, O=Sonera, C=FI
Algorithm: RSA; Serial number: 0x24
Valid from Fri Apr 06 06:49:13 EDT 2001 until Tue Apr 06 06:49:13 EDT 2021
adding as trusted cert:
Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Issuer: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192
Valid from Sun May 17 20:00:00 EDT 1998 until Tue Aug 01 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
Issuer: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR
Algorithm: RSA; Serial number: 0x1121bc276c5547af584eefd4ced629b2a285
Valid from Mon May 25 20:00:00 EDT 2009 until Mon May 25 20:00:00 EDT 2020
adding as trusted cert:
Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Issuer: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US
Algorithm: RSA; Serial number: 0x374ad243
Valid from Tue May 25 12:09:40 EDT 1999 until Sat May 25 12:39:40 EDT 2019
adding as trusted cert:
Subject: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
Issuer: CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
Algorithm: RSA; Serial number: 0x33af1e6a711a9a0bb2864b11d09fae5
Valid from Thu Aug 01 08:00:00 EDT 2013 until Fri Jan 15 07:00:00 EST 2038
SSLContextImpl: Using X509ExtendedKeyManager com.ibm.jsse2.ax
SSLContextImpl: Using X509TrustManager com.ibm.jsse2.aB
JsseJCE: Using SecureRandom IBMSecureRandom from provider IBMJCE version 1.8
trigger seeding of SecureRandom
done seeding SecureRandom
Using SSLEngineImpl.
SSLv3 protocol was requested but was not enabled
| | +- Protocol Selections
| | | +- Enabled (size=3)
| | | | +- TLSv1
| | | | +- TLSv1.1
| | | | +- TLSv1.2
| | | +- Disabled (size=0)
| | +- Cipher Suite Selections
| | +- Enabled (size=15)
| | | +- SSL_DHE_DSS_WITH_AES_128_CBC_SHA256
| | | +- SSL_DHE_DSS_WITH_AES_128_GCM_SHA256
| | | +- SSL_DHE_RSA_WITH_AES_128_CBC_SHA256
| | | +- SSL_DHE_RSA_WITH_AES_128_GCM_SHA256
| | | +- SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
| | | +- SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
| | | +- SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256
| | | +- SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256
| | | +- SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
| | | +- SSL_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
| | | +- SSL_ECDH_RSA_WITH_AES_128_CBC_SHA256
| | | +- SSL_ECDH_RSA_WITH_AES_128_GCM_SHA256
| | | +- SSL_RSA_WITH_AES_128_CBC_SHA256
| | | +- SSL_RSA_WITH_AES_128_GCM_SHA256
| | | +- TLS_EMPTY_RENEGOTIATION_INFO_SCSV
| | +- Disabled (size=31)
| | +- SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_DHE_DSS_WITH_AES_128_CBC_SHA - ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_DHE_DSS_WITH_DES_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_DHE_RSA_WITH_AES_128_CBC_SHA - ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_DHE_RSA_WITH_DES_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_DH_anon_WITH_AES_128_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_DH_anon_WITH_AES_128_CBC_SHA256 - JreDisabled:java.security
| | +- SSL_DH_anon_WITH_DES_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_ECDHE_ECDSA_WITH_NULL_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA - ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_ECDHE_RSA_WITH_NULL_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_ECDH_ECDSA_WITH_AES_128_CBC_SHA - ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_ECDH_ECDSA_WITH_NULL_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_ECDH_RSA_WITH_AES_128_CBC_SHA - ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_ECDH_RSA_WITH_NULL_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_ECDH_anon_WITH_AES_128_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_ECDH_anon_WITH_NULL_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_KRB5_EXPORT_WITH_DES_CBC_40_MD5 - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_KRB5_EXPORT_WITH_DES_CBC_40_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_KRB5_WITH_DES_CBC_MD5 - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_KRB5_WITH_DES_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_RSA_EXPORT_WITH_DES40_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA| SHA1)$'
| | +- SSL_RSA_FIPS_WITH_DES_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_RSA_WITH_AES_128_CBC_SHA - ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_RSA_WITH_DES_CBC_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_RSA_WITH_NULL_MD5 - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_RSA_WITH_NULL_SHA - JreDisabled:java.security, ConfigExcluded:'^.*_(MD5|SHA|SHA1)$'
| | +- SSL_RSA_WITH_NULL_SHA256 - JreDisabled:java.security
| += HttpConnectionFactory@a8cd160a[HTTP/1.1] - STARTED
| | +- HttpConfiguration@12228f86{32768/8192,8192/8192,https://: