Skip to main content
Published: February 25 2020, 8:01:00 PMUpdated: November 28 2020, 12:50:59 PM

Here is a sample Https Java client to test and verify SSL connection.

Sample Java client code


HttpsClient
/**
 
 * Sample Java Https Client
 
 * To connect and read from Https Url
 
 */
 
public class JavaHttpsClient {
 
    public static void main(String[] args) throws Exception {
        // template httpsUrl path
        String httpsURL = "https://api.ebay.com/<path>";
        URL url = new URL(httpsURL);
 
        // make connection using Java APIs
        // reference Java doc
 
        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
 
        // read the response
        InputStream inputStream = conn.getInputStream();
        InputStreamReader inputStreamReader = new InputStreamReader(inputStream);
        BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
        String inputLine;

        while ((inputLine = bufferedReader.readLine()) != null) {
            //read the response
            System.out.println(inputLine);
        }
        bufferedReader.close();
    }
}

Using Open API specification

Here is a reference on how to create Https Clients using Open API spec with eBay public APIs.

Step 1: Download or use the link to Open API spec from eBay developers portal 

            Example : Open API spec for browse API https://developer.ebay.com/api-docs/master/buy/browse/openapi/2/buy_browse_v1_beta_oas2.json

Step 2: Use Swagger-codegen to generate client of your choice (https://swagger.io/tools/swagger-codegen/)

Reference command to generate code gen for Java Https Client for eBay Public APIs. 

Command line code generator 
curl -X POST -H "content-type:application/json" -d '{"swaggerUrl":"https://developer.ebay.com/api-docs/master/buy/browse/openapi/2/buy_browse_v1_beta_oas2.json"}' https://generator.swagger.io/api/gen/clients/java

you will get a downloadable link for the client code generated.

{"code":"c5e3bb5f-4262-4bd1-b050-c060d5f28671","link":"https://generator.swagger.io/api/gen/download/c5e3bb5f-4262-4bd1-b050-c060d5f28671"}


After generating client code, open file ApiClient.java to refer SSL connection setting. 


SSLsetting
/**
     * Apply SSL related settings to httpClient according to the current values of
     * verifyingSsl and sslCaCert.
     */
    private void applySslSettings() {
        try {
            TrustManager[] trustManagers = null;
            HostnameVerifier hostnameVerifier = null;
            if (!verifyingSsl) {
                TrustManager trustAll = new X509TrustManager() {
                    @Override
                    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
                    @Override
                    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
                    @Override
                    public X509Certificate[] getAcceptedIssuers() { return null; }
                };
                SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
                trustManagers = new TrustManager[]{ trustAll };
                hostnameVerifier = new HostnameVerifier() {
                    @Override
                    public boolean verify(String hostname, SSLSession session) { return true; }
                };
            else if (sslCaCert != null) {
                char[] password = null// Any password will work.
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(sslCaCert);
                if (certificates.isEmpty()) {
                    throw new IllegalArgumentException("expected non-empty set of trusted certificates");
                }
                KeyStore caKeyStore = newEmptyKeyStore(password);
                int index = 0;
                for (Certificate certificate : certificates) {
                    String certificateAlias = "ca" + Integer.toString(index++);
                    caKeyStore.setCertificateEntry(certificateAlias, certificate);
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(caKeyStore);
                trustManagers = trustManagerFactory.getTrustManagers();
            }
 
            if (keyManagers != null || trustManagers != null) {
                SSLContext sslContext = SSLContext.getInstance("TLS");
                sslContext.init(keyManagers, trustManagers, new SecureRandom());
                httpClient.setSslSocketFactory(sslContext.getSocketFactory());
            else {
                httpClient.setSslSocketFactory(null);
            }
            httpClient.setHostnameVerifier(hostnameVerifier);
        catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

SSL information

Cipher Suite : TLS_RSA_WITH_AES_128_CBC_SHA

Cert Type : X.509

Cert Hash Code : 20803571

Cert Public Key Algorithm : RSA

Cert Public Key Format : X.509

Cert Type : X.509

Cert Hash Code : 13470995

Cert Public Key Algorithm : RSA

Cert Public Key Format : X.509

SSL handshake debug
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URL;
import java.security.cert.Certificate;
import java.util.Calendar;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.apache.commons.lang3.time.StopWatch;

/**
 * Sample Java Https Client
 *
 * To connect and read from Https Url
 *
 * debug ssl using vm arg -Djavax.net.debug=ssl
 *
 */
 
public class JavaHttpsClient {
 
    static HttpsURLConnection conn = null;
 
    public static void main(String[] args) throws Exception {
 
        StopWatch watch = new StopWatch();
        for (int i = 0; i < 100; i++) {
            if (i == 50) {
                conn = null;
                TimeUnit.MINUTES.sleep(1);
            }

            // template httpsUrl path
            String httpsURL = "https://svcs.ebay.com/services/search/FindingService/v1";
            URL url = new URL(httpsURL);
            watch.reset();
            watch.start();

            // make connection using Java APIs
            // reference Java doc
 
            conn = (HttpsURLConnection) url.openConnection();
 
            // read the response
            System.err.println("*** start*****");
            System.err.println("Time taken for Cert loading: " + String.format("%s, %d, %s", Calendar.getInstance().getTime(), i, watch.toString()));
            print_https_cert(conn);
            print_content(conn);
            watch.stop();
 
            System.err.println("Time taken with Handshake: " + String.format("%s, %d , %s", Calendar.getInstance().getTime(), i, watch.toString()));
 
        }
    }
 
 
    private static void print_content(HttpsURLConnection con) {
 
        if (con != null) {
 
            try {

                System.out.println("****** Content of the URL ********");
                BufferedReader br = new BufferedReader(new InputStreamReader(con.getErrorStream()));
                String input;

                while ((input = br.readLine()) != null) {
                    System.out.println(input);
                }
                br.close();
 
            catch (IOException e) {
                e.printStackTrace();
            }
        }
    }
 
 
    private static void print_https_cert(HttpsURLConnection con) {

        if (con != null) {
            try {

                System.out.println("Response Code : " + con.getResponseCode());
                System.out.println("Cipher Suite : " + con.getCipherSuite());
                System.out.println("\n");
 
                Certificate[] certs = con.getServerCertificates();

                for (Certificate cert : certs) {

                    System.out.println("Cert Type : " + cert.getType());
                    System.out.println("Cert Hash Code : " + cert.hashCode());
                    System.out.println("Cert Public Key Algorithm : " + cert.getPublicKey().getAlgorithm());
                    System.out.println("Cert Public Key Format : " + cert.getPublicKey().getFormat());
                    System.out.println("\n");
 
                }

            catch (SSLPeerUnverifiedException e) {
                e.printStackTrace();
            catch (IOException e) {
                e.printStackTrace();
            }

        }
    }
 
}


Sample response with ssl debug :

SSL debug response

keyStore is : 

keyStore type is : jks

keyStore provider is : 

init keystore

init keymanager of type SunX509

trustStore is: /Users/dvijayan/Downloads/ride-5.2.1-mac64/OracleJDK-1.7.0_79_2/Contents/Home/jre/lib/security/cacerts

trustStore type is : jks

trustStore provider is : 

init truststore

adding as trusted cert:

 Subject: CN=eBay Inc. INTERMEDIATE, O=eBay Inc, C=US

 Issuer:  CN=eBay Inc. ROOT, O=eBay Inc, C=US

 Algorithm: RSA; Serial number: 0x61055f9c000000000003

Valid from Tue Jun 14 14:34:50 PDT 2011 until Wed Jun 14 14:44:50 PDT 2017

   adding as trusted cert:

   Subject: CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH

   Issuer:  CN=SwissSign Platinum CA - G2, O=SwissSign AG, C=CH

  Algorithm: RSA; Serial number: 0x4eb200670c035d4f

  Valid from Wed Oct 25 01:36:00 PDT 2006 until Sat Oct 25 01:36:00 PDT 2036

  adding as trusted cert:

  Subject: EMAILADDRESS=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network

  Issuer:  EMAILADDRESS=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 1 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network

  Algorithm: RSA; Serial number: 0x1

  Valid from Fri Jun 25 15:23:48 PDT 1999 until Tue Jun 25 15:23:48 PDT 2019


adding as trusted cert:

  Subject: CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US

  Issuer:  CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US

  Algorithm: RSA; Serial number: 0x344ed55720d5edec49f42fce37db2b6d

  Valid from Thu Nov 16 16:00:00 PST 2006 until Wed Jul 16 16:59:59 PDT 2036


adding as trusted cert:

  Subject: CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US

  Issuer:  CN=Entrust Root Certification Authority, OU="(c) 2006 Entrust, Inc.", OU=www.entrust.net/CPS is incorporated by reference, O="Entrust, Inc.", C=US

  Algorithm: RSA; Serial number: 0x456b5054

  Valid from Mon Nov 27 12:23:42 PST 2006 until Fri Nov 27 12:53:42 PST 2026


adding as trusted cert:

  Subject: CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR

  Issuer:  CN=KEYNECTIS ROOT CA, OU=ROOT, O=KEYNECTIS, C=FR

  Algorithm: RSA; Serial number: 0x1121bc276c5547af584eefd4ced629b2a285

  Valid from Mon May 25 17:00:00 PDT 2009 until Mon May 25 17:00:00 PDT 2020


adding as trusted cert:

  Subject: CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU

  Issuer:  CN=Global Chambersign Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU

  Algorithm: RSA; Serial number: 0xc9cdd3e9d57d23ce

  Valid from Fri Aug 01 05:31:40 PDT 2008 until Sat Jul 31 05:31:40 PDT 2038


adding as trusted cert:

  Subject: CN=America Online Root Certification Authority 2, O=America Online Inc., C=US

  Issuer:  CN=America Online Root Certification Authority 2, O=America Online Inc., C=US

  Algorithm: RSA; Serial number: 0x1

  Valid from Mon May 27 23:00:00 PDT 2002 until Tue Sep 29 07:08:00 PDT 2037


adding as trusted cert:

  Subject: CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE

  Issuer:  CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE

  Algorithm: RSA; Serial number: 0x1

  Valid from Tue May 30 03:44:50 PDT 2000 until Sat May 30 03:44:50 PDT 2020


adding as trusted cert:

  Subject: CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM

  Issuer:  CN=QuoVadis Root Certification Authority, OU=Root Certification Authority, O=QuoVadis Limited, C=BM

  Algorithm: RSA; Serial number: 0x3ab6508b

  Valid from Mon Mar 19 10:33:33 PST 2001 until Wed Mar 17 11:33:33 PDT 2021


adding as trusted cert:

  Subject: CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH

  Issuer:  CN=SwissSign Silver CA - G2, O=SwissSign AG, C=CH

  Algorithm: RSA; Serial number: 0x4f1bd42f54bb2f4b

  Valid from Wed Oct 25 01:32:46 PDT 2006 until Sat Oct 25 01:32:46 PDT 2036


adding as trusted cert:

  Subject: OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP

  Issuer:  OU=Security Communication EV RootCA1, O="SECOM Trust Systems CO.,LTD.", C=JP

  Algorithm: RSA; Serial number: 0x0

  Valid from Tue Jun 05 19:12:32 PDT 2007 until Fri Jun 05 19:12:32 PDT 2037


adding as trusted cert:

  Subject: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US

  Issuer:  CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US

  Algorithm: RSA; Serial number: 0x1

  Valid from Sun Jun 20 21:00:00 PDT 1999 until Sat Jun 20 21:00:00 PDT 2020


adding as trusted cert:

  Subject: CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH

  Issuer:  CN=SwissSign Gold CA - G2, O=SwissSign AG, C=CH

  Algorithm: RSA; Serial number: 0xbb401c43f55e4fb0

  Valid from Wed Oct 25 01:30:35 PDT 2006 until Sat Oct 25 01:30:35 PDT 2036


adding as trusted cert:

  Subject: CN=emea-802ca-01, DC=corp, DC=ebay, DC=com

  Issuer:  CN=eBay Inc. INTERMEDIATE, O=eBay Inc, C=US

  Algorithm: RSA; Serial number: 0x610331bf000000000008

  Valid from Thu Oct 11 13:19:46 PDT 2007 until Sat Jan 12 15:44:42 PST 2013


adding as trusted cert:

  Subject: EMAILADDRESS=personal-freemail@thawte.com, CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA

  Issuer:  EMAILADDRESS=personal-freemail@thawte.com, CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte Consulting, L=Cape Town, ST=Western Cape, C=ZA

  Algorithm: RSA; Serial number: 0x123df0e7da2a2247a43889e08aeec967

  Valid from Sun Dec 31 16:00:00 PST 1995 until Fri Jan 01 15:59:59 PST 2021


adding as trusted cert:

  Subject: CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US

  Issuer:  CN=thawte Primary Root CA - G3, OU="(c) 2008 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US

  Algorithm: RSA; Serial number: 0x600197b746a7eab4b49ad64b2ff790fb

  Valid from Tue Apr 01 17:00:00 PDT 2008 until Tue Dec 01 15:59:59 PST 2037


adding as trusted cert:

  Subject: CN=emea-sslca-01, DC=corp, DC=ebay, DC=com

  Issuer:  CN=eBay Inc. INTERMEDIATE, O=eBay Inc, C=US

  Algorithm: RSA; Serial number: 0x610364d5000000000009

  Valid from Thu Oct 11 13:19:59 PDT 2007 until Sat Jan 12 15:44:42 PST 2013


adding as trusted cert:

  Subject: CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US

  Issuer:  CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US

  Algorithm: RSA; Serial number: 0x1a5

  Valid from Wed Aug 12 17:29:00 PDT 1998 until Mon Aug 13 16:59:00 PDT 2018


adding as trusted cert:

  Subject: CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE

  Issuer:  CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE

  Algorithm: RSA; Serial number: 0x20000b9

  Valid from Fri May 12 11:46:00 PDT 2000 until Mon May 12 16:59:00 PDT 2025


adding as trusted cert:

  Subject: OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US

  Issuer:  OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x3f691e819cf09a4af373ffb948a2e4dd

  Valid from Sun Jan 28 16:00:00 PST 1996 until Wed Aug 02 16:59:59 PDT 2028


adding as trusted cert:

  Subject: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  Issuer:  CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  Algorithm: RSA; Serial number: 0x2ac5c266a0b409b8f0b79f2ae462577

  Valid from Thu Nov 09 16:00:00 PST 2006 until Sun Nov 09 16:00:00 PST 2031


adding as trusted cert:

  Subject: CN=eBay Inc. INTERMEDIATE, O=eBay Inc, C=US

  Issuer:  CN=eBay Inc. ROOT, O=eBay Inc, C=US

  Algorithm: RSA; Serial number: 0x613b545a000000000002

  Valid from Fri Jan 12 15:34:42 PST 2007 until Sat Jan 12 15:44:42 PST 2013


adding as trusted cert:

  Subject: CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM

  Issuer:  CN=QuoVadis Root CA 2, O=QuoVadis Limited, C=BM

  Algorithm: RSA; Serial number: 0x509

  Valid from Fri Nov 24 10:27:00 PST 2006 until Mon Nov 24 10:23:33 PST 2031


adding as trusted cert:

  Subject: CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE

  Issuer:  CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE

  Algorithm: RSA; Serial number: 0x20000bf

  Valid from Wed May 17 07:01:00 PDT 2000 until Sat May 17 16:59:00 PDT 2025


adding as trusted cert:

  Subject: CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE

  Issuer:  CN=T-TeleSec GlobalRoot Class 3, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE

  Algorithm: RSA; Serial number: 0x1

  Valid from Wed Oct 01 03:29:56 PDT 2008 until Sat Oct 01 16:59:59 PDT 2033


adding as trusted cert:

  Subject: CN=amer-sslca-01, DC=corp, DC=ebay, DC=com

  Issuer:  CN=eBay Inc. INTERMEDIATE, O=eBay Inc, C=US

  Algorithm: RSA; Serial number: 0x61030938000000000005

  Valid from Tue Jan 16 16:50:06 PST 2007 until Sat Jan 12 15:44:42 PST 2013


adding as trusted cert:

  Subject: CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net

  Issuer:  CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), O=Entrust.net

  Algorithm: RSA; Serial number: 0x3863def8

  Valid from Fri Dec 24 09:50:51 PST 1999 until Tue Jul 24 07:15:12 PDT 2029


adding as trusted cert:

  Subject: CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE

  Issuer:  CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE

  Algorithm: RSA; Serial number: 0x5c00001000241d0060a4dce7510

  Valid from Thu Mar 23 06:10:23 PST 2006 until Wed Dec 31 14:59:59 PST 2025


adding as trusted cert:

  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

  Issuer:  OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0xb92f60cc889fa17a4609b85b706c8aaf

  Valid from Sun May 17 17:00:00 PDT 1998 until Tue Aug 01 16:59:59 PDT 2028


adding as trusted cert:

  Subject: CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US

  Issuer:  CN=thawte Primary Root CA - G2, OU="(c) 2007 thawte, Inc. - For authorized use only", O="thawte, Inc.", C=US

  Algorithm: EC; Serial number: 0x35fc265cd9844fc93d263d579baed756

  Valid from Sun Nov 04 16:00:00 PST 2007 until Mon Jan 18 15:59:59 PST 2038


adding as trusted cert:

  Subject: EMAILADDRESS=server-certs@thawte.com, CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA

  Issuer:  EMAILADDRESS=server-certs@thawte.com, CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA

  Algorithm: RSA; Serial number: 0x34a4fff630af4ca53c331742a1946675

  Valid from Wed Jul 31 17:00:00 PDT 1996 until Fri Jan 01 15:59:59 PST 2021


adding as trusted cert:

  Subject: CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE

  Issuer:  CN=Deutsche Telekom Root CA 2, OU=T-TeleSec Trust Center, O=Deutsche Telekom AG, C=DE

  Algorithm: RSA; Serial number: 0x26

  Valid from Fri Jul 09 05:11:00 PDT 1999 until Tue Jul 09 16:59:00 PDT 2019


adding as trusted cert:

  Subject: CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US

  Issuer:  CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), O=Entrust.net, C=US

  Algorithm: RSA; Serial number: 0x374ad243

  Valid from Tue May 25 09:09:40 PDT 1999 until Sat May 25 09:39:40 PDT 2019


adding as trusted cert:

  Subject: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US

  Issuer:  CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US

  Algorithm: RSA; Serial number: 0x1

  Valid from Wed Mar 03 21:00:00 PST 2004 until Sat Mar 03 21:00:00 PST 2029


adding as trusted cert:

  Subject: CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE

  Issuer:  CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE

  Algorithm: RSA; Serial number: 0x1da200010002ecb76080788db606

  Valid from Wed Mar 22 07:54:28 PST 2006 until Wed Dec 31 14:59:59 PST 2025


adding as trusted cert:

  Subject: CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE

  Issuer:  CN=T-TeleSec GlobalRoot Class 2, OU=T-Systems Trust Center, O=T-Systems Enterprise Services GmbH, C=DE

  Algorithm: RSA; Serial number: 0x1

  Valid from Wed Oct 01 03:40:14 PDT 2008 until Sat Oct 01 16:59:59 PDT 2033


adding as trusted cert:

  Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Issuer:  CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x9b7e0649a33e62b9d5ee90487129ef57

  Valid from Thu Sep 30 17:00:00 PDT 1999 until Wed Jul 16 16:59:59 PDT 2036


adding as trusted cert:

  Subject: EMAILADDRESS=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network

  Issuer:  EMAILADDRESS=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network

  Algorithm: RSA; Serial number: 0x1

  Valid from Fri Jun 25 17:19:54 PDT 1999 until Tue Jun 25 17:19:54 PDT 2019


adding as trusted cert:

  Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  Issuer:  CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  Algorithm: RSA; Serial number: 0x83be056904246b1a1756ac95991c74a

  Valid from Thu Nov 09 16:00:00 PST 2006 until Sun Nov 09 16:00:00 PST 2031


adding as trusted cert:

  Subject: CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE

  Issuer:  CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE

  Algorithm: RSA; Serial number: 0x1

  Valid from Tue May 30 03:38:31 PDT 2000 until Sat May 30 03:38:31 PDT 2020


adding as trusted cert:

  Subject: CN=AMER-SSLCA-02, DC=corp, DC=ebay, DC=com

  Issuer:  CN=eBay Inc. INTERMEDIATE, O=eBay Inc, C=US

  Algorithm: RSA; Serial number: 0x6107f71f000100000016

  Valid from Mon Sep 26 10:50:53 PDT 2011 until Wed Jun 14 14:44:50 PDT 2017


adding as trusted cert:

  Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE

  Issuer:  CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE

  Algorithm: RSA; Serial number: 0x1

  Valid from Tue May 30 03:48:38 PDT 2000 until Sat May 30 03:48:38 PDT 2020


adding as trusted cert:

  Subject: CN=Class 2 Primary CA, O=Certplus, C=FR

  Issuer:  CN=Class 2 Primary CA, O=Certplus, C=FR

  Algorithm: RSA; Serial number: 0x85bd4bf3d8dae369f694d75fc3a54423

  Valid from Wed Jul 07 10:05:00 PDT 1999 until Sat Jul 06 16:59:59 PDT 2019


adding as trusted cert:

  Subject: CN=eBay Root CA, O=eBay Inc, C=us

  Issuer:  CN=eBay Root CA, O=eBay Inc, C=us

  Algorithm: RSA; Serial number: 0x4500888247008e884cd02d71a035810e

  Valid from Thu Sep 24 12:00:53 PDT 2015 until Mon Sep 24 12:08:04 PDT 2035


adding as trusted cert:

  Subject: OU=Equifax Secure Certificate Authority, O=Equifax, C=US

  Issuer:  OU=Equifax Secure Certificate Authority, O=Equifax, C=US

  Algorithm: RSA; Serial number: 0x35def4cf

  Valid from Sat Aug 22 09:41:51 PDT 1998 until Wed Aug 22 09:41:51 PDT 2018


adding as trusted cert:

  Subject: CN=amer-802ca-01, DC=corp, DC=ebay, DC=com

  Issuer:  CN=eBay Inc. INTERMEDIATE, O=eBay Inc, C=US

  Algorithm: RSA; Serial number: 0x6102f301000000000003

  Valid from Tue Jan 16 16:50:00 PST 2007 until Sat Jan 12 15:44:42 PST 2013


adding as trusted cert:

  Subject: CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU

  Issuer:  CN=Chambers of Commerce Root - 2008, O=AC Camerfirma S.A., SERIALNUMBER=A82743287, L=Madrid (see current address at www.camerfirma.com/address), C=EU

  Algorithm: RSA; Serial number: 0xa3da427ea4b1aeda

  Valid from Fri Aug 01 05:29:50 PDT 2008 until Sat Jul 31 05:29:50 PDT 2038


adding as trusted cert:

  Subject: CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Issuer:  CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x6170cb498c5f984529e7b0a6d9505b7a

  Valid from Thu Sep 30 17:00:00 PDT 1999 until Wed Jul 16 16:59:59 PDT 2036


adding as trusted cert:

  Subject: CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB

  Issuer:  CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB

  Algorithm: RSA; Serial number: 0x1

  Valid from Wed Dec 31 16:00:00 PST 2003 until Sun Dec 31 15:59:59 PST 2028


adding as trusted cert:

  Subject: CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US

  Issuer:  CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US

  Algorithm: RSA; Serial number: 0x4

  Valid from Sun Jun 20 21:00:00 PDT 1999 until Sat Jun 20 21:00:00 PDT 2020


adding as trusted cert:

  Subject: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US

  Issuer:  OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US

  Algorithm: RSA; Serial number: 0x0

  Valid from Tue Jun 29 10:39:16 PDT 2004 until Thu Jun 29 10:39:16 PDT 2034


adding as trusted cert:

  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

  Issuer:  OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x4cc7eaaa983e71d39310f83d3a899192

  Valid from Sun May 17 17:00:00 PDT 1998 until Tue Aug 01 16:59:59 PDT 2028


adding as trusted cert:

  Subject: CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  Issuer:  CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  Algorithm: RSA; Serial number: 0xce7e0e517d846fe8fe560fc1bf03039

  Valid from Thu Nov 09 16:00:00 PST 2006 until Sun Nov 09 16:00:00 PST 2031


adding as trusted cert:

  Subject: CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE

  Issuer:  CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE

  Algorithm: RSA; Serial number: 0x40000000001154b5ac394

  Valid from Tue Sep 01 05:00:00 PDT 1998 until Fri Jan 28 04:00:00 PST 2028


adding as trusted cert:

  Subject: OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

  Issuer:  OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certification Authority - G2, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x7dd9fe07cfa81eb7107967fba78934c6

  Valid from Sun May 17 17:00:00 PDT 1998 until Tue Aug 01 16:59:59 PDT 2028


adding as trusted cert:

  Subject: CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM

  Issuer:  CN=QuoVadis Root CA 3, O=QuoVadis Limited, C=BM

  Algorithm: RSA; Serial number: 0x5c6

  Valid from Fri Nov 24 11:11:23 PST 2006 until Mon Nov 24 11:06:44 PST 2031


adding as trusted cert:

  Subject: CN=Certum CA, O=Unizeto Sp. z o.o., C=PL

  Issuer:  CN=Certum CA, O=Unizeto Sp. z o.o., C=PL

  Algorithm: RSA; Serial number: 0x10020

  Valid from Tue Jun 11 03:46:39 PDT 2002 until Fri Jun 11 03:46:39 PDT 2027


adding as trusted cert:

  Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2

  Issuer:  CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2

  Algorithm: RSA; Serial number: 0x400000000010f8626e60d

  Valid from Fri Dec 15 00:00:00 PST 2006 until Wed Dec 15 00:00:00 PST 2021


adding as trusted cert:

  Subject: EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA

  Issuer:  EMAILADDRESS=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA

  Algorithm: RSA; Serial number: 0x36122296c5e338a520a1d25f4cd70954

  Valid from Wed Jul 31 17:00:00 PDT 1996 until Fri Jan 01 15:59:59 PST 2021


adding as trusted cert:

  Subject: CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU

  Issuer:  CN=Chambers of Commerce Root, OU=http://www.chambersign.org, O=AC Camerfirma SA CIF A82743287, C=EU

  Algorithm: RSA; Serial number: 0x0

  Valid from Tue Sep 30 09:13:43 PDT 2003 until Wed Sep 30 09:13:44 PDT 2037


adding as trusted cert:

  Subject: CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US

  Issuer:  CN=Entrust Root Certification Authority - G2, OU="(c) 2009 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US

  Algorithm: RSA; Serial number: 0x4a538c28

  Valid from Tue Jul 07 10:25:54 PDT 2009 until Sat Dec 07 09:55:54 PST 2030


adding as trusted cert:

  Subject: CN=eBay Inc. ROOT, O=eBay Inc, C=US

  Issuer:  CN=eBay Inc. ROOT, O=eBay Inc, C=US

  Algorithm: RSA; Serial number: 0x668976c845fd1ea54e0b7d5c9f5911eb

  Valid from Fri Jan 12 14:16:55 PST 2007 until Sat Jan 12 14:23:12 PST 2019


adding as trusted cert:

  Subject: CN=Class 3P Primary CA, O=Certplus, C=FR

  Issuer:  CN=Class 3P Primary CA, O=Certplus, C=FR

  Algorithm: RSA; Serial number: 0xbf5cdbb6f21c6ec04deb7a023b36e879

  Valid from Wed Jul 07 10:10:00 PDT 1999 until Sat Jul 06 16:59:59 PDT 2019


adding as trusted cert:

  Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Issuer:  CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x18dad19e267de8bb4a2158cdcc6b3b4a

  Valid from Tue Nov 07 16:00:00 PST 2006 until Wed Jul 16 16:59:59 PDT 2036


adding as trusted cert:

  Subject: CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Issuer:  CN=VeriSign Universal Root Certification Authority, OU="(c) 2008 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x401ac46421b31321030ebbe4121ac51d

  Valid from Tue Apr 01 17:00:00 PDT 2008 until Tue Dec 01 15:59:59 PST 2037


adding as trusted cert:

  Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US

  Issuer:  CN=GeoTrust Global CA, O=GeoTrust Inc., C=US

  Algorithm: RSA; Serial number: 0x23456

  Valid from Mon May 20 21:00:00 PDT 2002 until Fri May 20 21:00:00 PDT 2022


adding as trusted cert:

  Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US

  Issuer:  OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be

  Valid from Sun Jan 28 16:00:00 PST 1996 until Wed Aug 02 16:59:59 PDT 2028


adding as trusted cert:

  Subject: CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

  Issuer:  CN=Certum Trusted Network CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

  Algorithm: RSA; Serial number: 0x444c0

  Valid from Wed Oct 22 05:07:37 PDT 2008 until Mon Dec 31 04:07:37 PST 2029


adding as trusted cert:

  Subject: OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP

  Issuer:  OU=Security Communication RootCA1, O=SECOM Trust.net, C=JP

  Algorithm: RSA; Serial number: 0x0

  Valid from Mon Sep 29 21:20:49 PDT 2003 until Fri Sep 29 21:20:49 PDT 2023


adding as trusted cert:

  Subject: CN=Sonera Class1 CA, O=Sonera, C=FI

  Issuer:  CN=Sonera Class1 CA, O=Sonera, C=FI

  Algorithm: RSA; Serial number: 0x24

  Valid from Fri Apr 06 03:49:13 PDT 2001 until Tue Apr 06 03:49:13 PDT 2021


adding as trusted cert:

  Subject: OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US

  Issuer:  OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US

  Algorithm: RSA; Serial number: 0x0

  Valid from Tue Jun 29 10:06:20 PDT 2004 until Thu Jun 29 10:06:20 PDT 2034


adding as trusted cert:

  Subject: CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  Issuer:  CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d336252567c989

  Valid from Fri Jul 09 10:28:50 PDT 1999 until Tue Jul 09 10:36:58 PDT 2019


adding as trusted cert:

  Subject: CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  Issuer:  CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362afe650afd

  Valid from Fri Jul 09 11:10:42 PDT 1999 until Tue Jul 09 11:19:22 PDT 2019


adding as trusted cert:

  Subject: CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US

  Issuer:  CN=GeoTrust Primary Certification Authority, O=GeoTrust Inc., C=US

  Algorithm: RSA; Serial number: 0x18acb56afd69b6153a636cafdafac4a1

  Valid from Sun Nov 26 16:00:00 PST 2006 until Wed Jul 16 16:59:59 PDT 2036


adding as trusted cert:

  Subject: CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

  Issuer:  CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3

  Algorithm: RSA; Serial number: 0x4000000000121585308a2

  Valid from Wed Mar 18 03:00:00 PDT 2009 until Sun Mar 18 03:00:00 PDT 2029


adding as trusted cert:

  Subject: CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US

  Issuer:  CN=GeoTrust Primary Certification Authority - G2, OU=(c) 2007 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US

  Algorithm: EC; Serial number: 0x3cb2f4480a00e2feeb243b5e603ec36b

  Valid from Sun Nov 04 16:00:00 PST 2007 until Mon Jan 18 15:59:59 PST 2038


adding as trusted cert:

  Subject: CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Issuer:  CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Algorithm: RSA; Serial number: 0x8b5b75568454850b00cfaf3848ceb1a4

  Valid from Thu Sep 30 17:00:00 PDT 1999 until Wed Jul 16 16:59:59 PDT 2036


adding as trusted cert:

  Subject: CN=America Online Root Certification Authority 1, O=America Online Inc., C=US

  Issuer:  CN=America Online Root Certification Authority 1, O=America Online Inc., C=US

  Algorithm: RSA; Serial number: 0x1

  Valid from Mon May 27 23:00:00 PDT 2002 until Thu Nov 19 12:43:00 PST 2037


adding as trusted cert:

  Subject: OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP

  Issuer:  OU=Security Communication RootCA2, O="SECOM Trust Systems CO.,LTD.", C=JP

  Algorithm: RSA; Serial number: 0x0

  Valid from Thu May 28 22:00:39 PDT 2009 until Mon May 28 22:00:39 PDT 2029


adding as trusted cert:

  Subject: CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA

  Issuer:  CN=Thawte Timestamping CA, OU=Thawte Certification, O=Thawte, L=Durbanville, ST=Western Cape, C=ZA

  Algorithm: RSA; Serial number: 0x0

  Valid from Tue Dec 31 16:00:00 PST 1996 until Thu Dec 31 15:59:59 PST 2020


adding as trusted cert:

  Subject: CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US

  Issuer:  CN=GeoTrust Primary Certification Authority - G3, OU=(c) 2008 GeoTrust Inc. - For authorized use only, O=GeoTrust Inc., C=US

  Algorithm: RSA; Serial number: 0x15ac6e9419b2794b41f627a9c3180f1f

  Valid from Tue Apr 01 17:00:00 PDT 2008 until Tue Dec 01 15:59:59 PST 2037


adding as trusted cert:

  Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Issuer:  CN=VeriSign Class 3 Public Primary Certification Authority - G4, OU="(c) 2007 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

  Algorithm: EC; Serial number: 0x2f80fe238c0e220f486712289187acb3

  Valid from Sun Nov 04 16:00:00 PST 2007 until Mon Jan 18 15:59:59 PST 2038


adding as trusted cert:

  Subject: CN=eBay SSL CA v2 - A, O=eBay Inc, C=US

  Issuer:  CN=eBay Root CA, O=eBay Inc, C=us

  Algorithm: RSA; Serial number: 0x6800000004b4491dd58df45b9b000000000004

  Valid from Wed Oct 14 11:35:33 PDT 2015 until Wed Oct 14 11:45:33 PDT 2020


adding as trusted cert:

  Subject: CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  Issuer:  CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  Algorithm: RSA; Serial number: 0x44be0c8b500024b411d3362de0b35f1b

  Valid from Fri Jul 09 11:31:20 PDT 1999 until Tue Jul 09 11:40:36 PDT 2019


adding as trusted cert:

  Subject: CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  Issuer:  CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US

  Algorithm: RSA; Serial number: 0x44be0c8b500021b411d32a6806a9ad69

  Valid from Thu Jun 24 11:57:21 PDT 1999 until Mon Jun 24 12:06:30 PDT 2019


adding as trusted cert:

  Subject: CN=Sonera Class2 CA, O=Sonera, C=FI

  Issuer:  CN=Sonera Class2 CA, O=Sonera, C=FI

  Algorithm: RSA; Serial number: 0x1d

  Valid from Fri Apr 06 00:29:40 PDT 2001 until Tue Apr 06 00:29:40 PDT 2021


adding as trusted cert:

  Subject: CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE

  Issuer:  CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE

  Algorithm: RSA; Serial number: 0x2e6a000100021fd752212c115c3b

  Valid from Thu Jan 12 06:38:43 PST 2006 until Wed Dec 31 14:59:59 PST 2025


trigger seeding of SecureRandom

done seeding SecureRandom

*** start*****

Time taken for Cert loading: Thu Nov 14 15:00:02 PST 2019, 0, 0:00:00.234

Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256

Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256

Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256

Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256

Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256

Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384

Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256

Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384

Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256

Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256

Allow unsafe renegotiation: false

Allow legacy hello messages: true

Is initial handshake: true

Is secure renegotiation: false

main, setSoTimeout(0) called

%% No cached client session

*** ClientHello, TLSv1

RandomCookie:  GMT: 1556929650 bytes = { 202, 1, 61, 51, 100, 130, 137, 98, 94, 25, 40, 7, 111, 17, 30, 68, 117, 193, 151, 120, 97, 25, 89, 248, 61, 98, 62, 246 }

Session ID:  {}

Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]

Compression Methods:  { 0 }

Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}

Extension ec_point_formats, formats: [uncompressed]

Extension server_name, server_name: [host_name: svcs.ebay.com]

***

main, WRITE: TLSv1 Handshake, length = 185

main, READ: TLSv1 Handshake, length = 2859

*** ServerHello, TLSv1

RandomCookie:  GMT: 1556929650 bytes = { 176, 89, 5, 55, 161, 169, 82, 151, 156, 53, 230, 146, 92, 40, 204, 199, 24, 199, 124, 26, 64, 12, 216, 10, 222, 217, 131, 208 }

Session ID:  {49, 50, 234, 86, 157, 52, 190, 216, 98, 42, 119, 111, 162, 31, 83, 194, 127, 172, 165, 131, 231, 85, 61, 192, 46, 247, 226, 31, 107, 112, 31, 94}

Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA

Compression Method: 0

Extension renegotiation_info, renegotiated_connection: <empty>

***

%% Initialized:  [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]

** TLS_RSA_WITH_AES_128_CBC_SHA

*** Certificate chain

chain [0] = [

[

  Version: V3

  Subject: CN=svcs.ebay.com, OU=Site Operations, O="eBay, Inc.", L=San Jose, ST=California, C=US

  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11


  Key:  Sun RSA public key, 2048 bits

  modulus: 24875480757271358822157074345155834907896960333859714554092391454193065745440765464395653930349957186246235096598927827352805176060265678917228207802850147689842376236961947168244359820720660214127309322995714857664944721303432602922056910137218521678132097473212450910721542662632167805831906812707621234409723908685269952140340068596838774620866220427558828613497943173475096788894545659865706776957265830573383650522287379377733151553831086872215851121770705045866827903231168438934641519364925509740896387146208226283645296800928951516520472846182617923111037820042469516959243949956210850583915995858600815529911

  public exponent: 65537

  Validity: [From: Sun Jun 30 17:00:00 PDT 2019,

               To: Fri Jul 24 05:00:00 PDT 2020]

  Issuer: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US

  SerialNumber: [    0cc5ce29 6be514ae 44315bbf 9525fae7]


Certificate Extensions: 10

[1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false

Extension unknown: DER encoded OCTET string =

0000: 04 81 F4 04 81 F1 00 EF   00 75 00 EE 4B BD B7 75  .........u..K..u

0010: CE 60 BA E1 42 69 1F AB   E1 9E 66 A3 0F 7E 5F B0  .`..Bi....f..._.

0020: 72 D8 83 00 C4 7B 89 7A   A8 FD CB 00 00 01 6B AB  r......z......k.

0030: C7 37 65 00 00 04 03 00   46 30 44 02 20 68 D5 CD  .7e.....F0D. h..

0040: DE 10 FB 4F E3 70 50 87   9A D4 A9 32 C5 D4 A2 FD  ...O.pP....2....

0050: DA 00 BB 56 8D 73 D5 B5   8D 48 98 B7 CE 02 20 76  ...V.s...H.... v

0060: 3D 57 6C FA 9B B2 27 61   2D E9 DB EE D2 0E B2 DE  =Wl...'a-.......

0070: 46 5A 65 C7 0B EE 9D 7E   97 58 CC 2C B1 6B EC 00  FZe......X.,.k..

0080: 76 00 87 75 BF E7 59 7C   F8 8C 43 99 5F BD F3 6E  v..u..Y...C._..n

0090: FF 56 8D 47 56 36 FF 4A   B5 60 C1 B4 EA FF 5E A0  .V.GV6.J.`....^.

00A0: 83 0F 00 00 01 6B AB C7   37 9E 00 00 04 03 00 47  .....k..7......G

00B0: 30 45 02 20 71 0D 14 C0   64 D5 E3 DA F6 1E 55 92  0E. q...d.....U.

00C0: B6 E9 22 8B 16 7B A3 D7   A1 84 C4 73 0A F3 42 55  .."........s..BU

00D0: F0 8E 6D EF 02 21 00 C7   90 6B CC AE 98 F2 F8 59  ..m..!...k.....Y

00E0: E2 43 99 05 5D 63 49 EF   D9 00 D1 AE 0A 28 19 48  .C..]cI......(.H

00F0: 23 82 EC C0 90 9C 56                               #.....V



[2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false

AuthorityInfoAccess [

  [

   accessMethod: ocsp

   accessLocation: URIName: http://ocsp.digicert.com

   accessMethod: caIssuers

   accessLocation: URIName: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt

]

]


[3]: ObjectId: 2.5.29.35 Criticality=false

AuthorityKeyIdentifier [

KeyIdentifier [

0000: 0F 80 61 1C 82 31 61 D5   2F 28 E7 8D 46 38 B4 2C  ..a..1a./(..F8.,

0010: E1 C6 D9 E2                                        ....

]

]


[4]: ObjectId: 2.5.29.19 Criticality=false

BasicConstraints:[

  CA:false

  PathLen: undefined

]


[5]: ObjectId: 2.5.29.31 Criticality=false

CRLDistributionPoints [

  [DistributionPoint:

     [URIName: http://crl3.digicert.com/ssca-sha2-g6.crl]

, DistributionPoint:

     [URIName: http://crl4.digicert.com/ssca-sha2-g6.crl]

]]


[6]: ObjectId: 2.5.29.32 Criticality=false

CertificatePolicies [

  [CertificatePolicyId: [2.16.840.1.114412.1.1]

[PolicyQualifierInfo: [

  qualifierID: 1.3.6.1.5.5.7.2.1

  qualifier: 0000: 16 1C 68 74 74 70 73 3A   2F 2F 77 77 77 2E 64 69  ..https://www.di

0010: 67 69 63 65 72 74 2E 63   6F 6D 2F 43 50 53        gicert.com/CPS

]]  ]

  [CertificatePolicyId: [2.23.140.1.2.2]

[]  ]

]

[7]: ObjectId: 2.5.29.37 Criticality=false

ExtendedKeyUsages [

  serverAuth

  clientAuth

]


[8]: ObjectId: 2.5.29.15 Criticality=true

KeyUsage [

  DigitalSignature

  Key_Encipherment

]


[9]: ObjectId: 2.5.29.17 Criticality=false

SubjectAlternativeName [

  DNSName: svcs.ebay.com

]


[10]: ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier [

KeyIdentifier [

0000: AD AA 16 E1 EB 25 10 07   B7 AC C8 5F 57 FE 13 CC  .....%....._W...

0010: B3 71 6A 6C                                        .qjl

]

]


]

  Algorithm: [SHA256withRSA]

  Signature:

0000: 13 9B 46 90 D9 41 53 C9   1E 5C E8 6D 4B 8D 48 80  ..F..AS..\.mK.H.

0010: 25 B4 22 6A 39 4F 7D 08   F7 F3 C2 31 A3 DB 4E 47  %."j9O.....1..NG

0020: 49 A1 32 01 C3 33 21 27   8A B7 DF 44 66 A5 E8 6D  I.2..3!'...Df..m

0030: AB 09 72 A2 06 DC A4 FC   B8 1D 49 54 BD C4 A1 45  ..r.......IT...E

0040: F8 30 D9 02 B8 1B D8 0B   3B 32 31 6D 32 D6 EE 75  .0......;21m2..u

0050: 7A F2 A4 67 53 DC 2E 7E   6D 37 93 43 58 36 C0 C5  z..gS...m7.CX6..

0060: 50 BB 72 D8 3C BC C2 3A   76 9D 49 F2 56 52 A9 DB  P.r.<..:v.I.VR..

0070: 19 AD F6 8B B3 43 62 A6   FE 06 CC 6A 1B 29 C1 85  .....Cb....j.)..

0080: F3 AF BD 26 94 01 6A A3   34 96 0F 86 7C 8F 18 ED  ...&..j.4.......

0090: 5A D8 DC F1 F2 9C D4 51   28 63 43 3B 5A C4 BA 55  Z......Q(cC;Z..U

00A0: 47 9D 32 BE 19 3B FF E3   0C 5D A3 08 9C 31 CD 0E  G.2..;...]...1..

00B0: D4 F7 A6 F9 CC 32 86 97   AB CD 98 8F E4 8D 8D B9  .....2..........

00C0: 06 12 99 D7 AA DA 9A BA   B6 12 02 B7 21 71 5D 88  ............!q].

00D0: 7A 3F 74 1A E2 BD 84 73   9E 3C D4 8F C9 E0 64 5F  z?t....s.<....d_

00E0: 67 81 D6 B5 10 6A 1F FA   E4 C7 18 D7 4E 35 8A 53  g....j......N5.S

00F0: 4C 09 26 27 67 4F 2E AF   54 70 85 95 74 53 A1 BF  L.&'gO..Tp..tS..


]

chain [1] = [

[

  Version: V3

  Subject: CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US

  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11


  Key:  Sun RSA public key, 2048 bits

  modulus: 27858400285679723188777933283712642951289579686400775596360785472462618845441045591174031407467141927949303967273640603370583027943461489694611514307846044788608302737755893035638149922272068624160730850926560034092625156444445564936562297688651849223419070532331233030323585681010618165796464257277453762819678070632408347042070801988771058882131228632546107451893714991242153395658429259537934263208634002792828772169217510656239241005311075681025394047894661420520700962300445533960645787118986590875906485125942483622981513806162241672544997253865343228332025582679476240480384023017494305830194847248717881628827

  public exponent: 65537

  Validity: [From: Fri Mar 08 04:00:00 PST 2013,

               To: Wed Mar 08 04:00:00 PST 2023]

  Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  SerialNumber: [    01fda3eb 6eca75c8 88438b72 4bcfbc91]


Certificate Extensions: 7

[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false

AuthorityInfoAccess [

  [

   accessMethod: ocsp

   accessLocation: URIName: http://ocsp.digicert.com

]

]


[2]: ObjectId: 2.5.29.35 Criticality=false

AuthorityKeyIdentifier [

KeyIdentifier [

0000: 03 DE 50 35 56 D1 4C BB   66 F0 A3 E2 1B 1B C3 97  ..P5V.L.f.......

0010: B2 3D D1 55                                        .=.U

]

]


[3]: ObjectId: 2.5.29.19 Criticality=true

BasicConstraints:[

  CA:true

  PathLen:0

]


[4]: ObjectId: 2.5.29.31 Criticality=false

CRLDistributionPoints [

  [DistributionPoint:

     [URIName: http://crl3.digicert.com/DigiCertGlobalRootCA.crl]

, DistributionPoint:

     [URIName: http://crl4.digicert.com/DigiCertGlobalRootCA.crl]

]]


[5]: ObjectId: 2.5.29.32 Criticality=false

CertificatePolicies [

  [CertificatePolicyId: [2.5.29.32.0]

[PolicyQualifierInfo: [

  qualifierID: 1.3.6.1.5.5.7.2.1

  qualifier: 0000: 16 1C 68 74 74 70 73 3A   2F 2F 77 77 77 2E 64 69  ..https://www.di

0010: 67 69 63 65 72 74 2E 63   6F 6D 2F 43 50 53        gicert.com/CPS


]]  ]

]


[6]: ObjectId: 2.5.29.15 Criticality=true

KeyUsage [

  DigitalSignature

  Key_CertSign

  Crl_Sign

]


[7]: ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier [

KeyIdentifier [

0000: 0F 80 61 1C 82 31 61 D5   2F 28 E7 8D 46 38 B4 2C  ..a..1a./(..F8.,

0010: E1 C6 D9 E2                                        ....

]

]


]

  Algorithm: [SHA256withRSA]

  Signature:

0000: 23 3E DF 4B D2 31 42 A5   B6 7E 42 5C 1A 44 CC 69  #>.K.1B...B\.D.i

0010: D1 68 B4 5D 4B E0 04 21   6C 4B E2 6D CC B1 E0 97  .h.]K..!lK.m....

0020: 8F A6 53 09 CD AA 2A 65   E5 39 4F 1E 83 A5 6E 5C  ..S...*e.9O...n\

0030: 98 A2 24 26 E6 FB A1 ED   93 C7 2E 02 C6 4D 4A BF  ..$&.........MJ.

0040: B0 42 DF 78 DA B3 A8 F9   6D FF 21 85 53 36 60 4C  .B.x....m.!.S6`L

0050: 76 CE EC 38 DC D6 51 80   F0 C5 D6 E5 D4 4D 27 64  v..8..Q......M'd

0060: AB 9B C7 3E 71 FB 48 97   B8 33 6D C9 13 07 EE 96  ...>q.H..3m.....

0070: A2 1B 18 15 F6 5C 4C 40   ED B3 C2 EC FF 71 C1 E3  .....\L@.....q..

0080: 47 FF D4 B9 00 B4 37 42   DA 20 C9 EA 6E 8A EE 14  G.....7B. ..n...

0090: 06 AE 7D A2 59 98 88 A8   1B 6F 2D F4 F2 C9 14 5F  ....Y....o-...._

00A0: 26 CF 2C 8D 7E ED 37 C0   A9 D5 39 B9 82 BF 19 0C  &.,...7...9.....

00B0: EA 34 AF 00 21 68 F8 AD   73 E2 C9 32 DA 38 25 0B  .4..!h..s..2.8%.

00C0: 55 D3 9A 1D F0 68 86 ED   2E 41 34 EF 7C A5 50 1D  U....h...A4...P.

00D0: BF 3A F9 D3 C1 08 0C E6   ED 1E 8A 58 25 E4 B8 77  .:.........X%..w

00E0: AD 2D 6E F5 52 DD B4 74   8F AB 49 2E 9D 3B 93 34  .-n.R..t..I..;.4

00F0: 28 1F 78 CE 94 EA C7 BD   D3 C9 6D 1C DE 5C 32 F3  (.x.......m..\2.


]

***

Found trusted certificate:

[

[

  Version: V3

  Subject: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5


  Key:  Sun RSA public key, 2048 bits

  modulus: 28559384442792876273280274398620578979733786817784174960112400169719065906301471912340204391164075730987771255281479191858503912379974443363319206013285922932969143082114108995903507302607372164107846395526169928849546930352778612946811335349917424469188917500996253619438384218721744278787164274625243781917237444202229339672234113350935948264576180342492691117960376023738627349150441152487120197333042448834154779966801277094070528166918968412433078879939664053044797116916260095055641583506170045241549105022323819314163625798834513544420165235412105694681616578431019525684868803389424296613694298865514217451303

  public exponent: 65537

  Validity: [From: Thu Nov 09 16:00:00 PST 2006,

               To: Sun Nov 09 16:00:00 PST 2031]

  Issuer: CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

  SerialNumber: [    083be056 904246b1 a1756ac9 5991c74a]


Certificate Extensions: 4

[1]: ObjectId: 2.5.29.35 Criticality=false

AuthorityKeyIdentifier [

KeyIdentifier [

0000: 03 DE 50 35 56 D1 4C BB   66 F0 A3 E2 1B 1B C3 97  ..P5V.L.f.......

0010: B2 3D D1 55                                        .=.U

]

]


[2]: ObjectId: 2.5.29.19 Criticality=true

BasicConstraints:[

  CA:true

  PathLen:2147483647

]


[3]: ObjectId: 2.5.29.15 Criticality=true

KeyUsage [

  DigitalSignature

  Key_CertSign

  Crl_Sign

]


[4]: ObjectId: 2.5.29.14 Criticality=false

SubjectKeyIdentifier [

KeyIdentifier [

0000: 03 DE 50 35 56 D1 4C BB   66 F0 A3 E2 1B 1B C3 97  ..P5V.L.f.......

0010: B2 3D D1 55                                        .=.U

]

]


]

  Algorithm: [SHA1withRSA]

  Signature:

0000: CB 9C 37 AA 48 13 12 0A   FA DD 44 9C 4F 52 B0 F4  ..7.H.....D.OR..

0010: DF AE 04 F5 79 79 08 A3   24 18 FC 4B 2B 84 C0 2D  ....yy..$..K+..-

0020: B9 D5 C7 FE F4 C1 1F 58   CB B8 6D 9C 7A 74 E7 98  .......X..m.zt..

0030: 29 AB 11 B5 E3 70 A0 A1   CD 4C 88 99 93 8C 91 70  )....p...L.....p

0040: E2 AB 0F 1C BE 93 A9 FF   63 D5 E4 07 60 D3 A3 BF  ........c...`...

0050: 9D 5B 09 F1 D5 8E E3 53   F4 8E 63 FA 3F A7 DB B4  .[.....S..c.?...

0060: 66 DF 62 66 D6 D1 6E 41   8D F2 2D B5 EA 77 4A 9F  f.bf..nA..-..wJ.

0070: 9D 58 E2 2B 59 C0 40 23   ED 2D 28 82 45 3E 79 54  .X.+Y.@#.-(.E>yT

0080: 92 26 98 E0 80 48 A8 37   EF F0 D6 79 60 16 DE AC  .&...H.7...y`...

0090: E8 0E CD 6E AC 44 17 38   2F 49 DA E1 45 3E 2A B9  ...n.D.8/I..E>*.

00A0: 36 53 CF 3A 50 06 F7 2E   E8 C4 57 49 6C 61 21 18  6S.:P.....WIla!.

00B0: D5 04 AD 78 3C 2C 3A 80   6B A7 EB AF 15 14 E9 D8  ...x<,:.k.......

00C0: 89 C1 B9 38 6C E2 91 6C   8A FF 64 B9 77 25 57 30  ...8l..l..d.w%W0

00D0: C0 1B 24 A3 E1 DC E9 DF   47 7C B5 B4 24 08 05 30  ..$.....G...$..0

00E0: EC 2D BD 0B BF 45 BF 50   B9 A9 F3 EB 98 01 12 AD  .-...E.P........

00F0: C8 88 C6 98 34 5F 8D 0A   3C C6 E9 D5 95 95 6D DE  ....4_..<.....m.


]

*** ServerHelloDone

*** ClientKeyExchange, RSA PreMasterSecret, TLSv1

main, WRITE: TLSv1 Handshake, length = 262

SESSION KEYGEN:

PreMaster Secret:

0000: 03 01 28 92 9A 43 34 F9   8B 8E E3 43 0C A5 7F 01  ..(..C4....C....

0010: 31 DF 69 25 94 2F 90 E0   0C B1 00 DF 7D 4E 3C 7A  1.i%./.......N<z

0020: B1 FF A9 2F D4 D3 60 74   39 A3 B1 C9 B6 35 27 91  .../..`t9....5'.

CONNECTION KEYGEN:

Client Nonce:

0000: 5D CD DC 72 CA 01 3D 33   64 82 89 62 5E 19 28 07  ]..r..=3d..b^.(.

0010: 6F 11 1E 44 75 C1 97 78   61 19 59 F8 3D 62 3E F6  o..Du..xa.Y.=b>.

Server Nonce:

0000: 5D CD DC 72 B0 59 05 37   A1 A9 52 97 9C 35 E6 92  ]..r.Y.7..R..5..

0010: 5C 28 CC C7 18 C7 7C 1A   40 0C D8 0A DE D9 83 D0  \(......@.......

Master Secret:

0000: CD 68 DF 3A C6 01 0F 23   50 5E F3 86 44 24 BC 07  .h.:...#P^..D$..

0010: A6 75 89 40 DB E5 B5 55   D1 CE A5 49 E2 9C 3F 34  .u.@...U...I..?4

0020: 6B 93 F4 A1 9C 4C 59 0F   B4 E5 22 70 5B 5A 03 1E  k....LY..."p[Z..

Client MAC write Secret:

0000: 65 49 C5 18 09 9E 01 2F   7A 4A 94 83 CF 4B 57 D2  eI...../zJ...KW.

0010: F4 D3 54 91                                        ..T.

Server MAC write Secret:

0000: 10 EF 0F 29 78 D3 CC 1E   AD 79 E2 03 2A FA 86 8F  ...)x....y..*...

0010: B2 9F FC 57                                        ...W

Client write key:

0000: 30 7A 92 BF 6B B5 37 CD   93 DE 2E FD 6B 8A C0 51  0z..k.7.....k..Q

Server write key:

0000: 92 2C CD 0A 82 1E 36 AD   B5 EE 90 DB 95 D4 20 72  .,....6....... r

Client write IV:

0000: B1 94 0A C1 67 F0 BF D4   31 D5 75 48 5C 44 2A A8  ....g...1.uH\D*.

Server write IV:

0000: 3C 50 13 61 13 A4 DC 82   C1 0A 53 7E 09 A5 EE 14  <P.a......S.....

main, WRITE: TLSv1 Change Cipher Spec, length = 1

*** Finished

verify_data:  { 3, 29, 212, 86, 249, 224, 58, 109, 184, 148, 64, 167 }

***

main, WRITE: TLSv1 Handshake, length = 48

main, READ: TLSv1 Change Cipher Spec, length = 1

main, READ: TLSv1 Handshake, length = 48

*** Finished

verify_data:  { 49, 237, 38, 123, 246, 25, 62, 144, 15, 200, 134, 217 }

***

%% Cached client session: [Session-1, TLS_RSA_WITH_AES_128_CBC_SHA]

main, WRITE: TLSv1 Application Data, length = 208

main, READ: TLSv1 Application Data, length = 1056

Response Code : 500

Cipher Suite : TLS_RSA_WITH_AES_128_CBC_SHA



Cert Type : X.509

Cert Hash Code : 20803571

Cert Public Key Algorithm : RSA

Cert Public Key Format : X.509



Cert Type : X.509

Cert Hash Code : 13470995

Cert Public Key Algorithm : RSA

Cert Public Key Format : X.509



****** Content of the URL ********

main, READ: TLSv1 Application Data, length = 32

<?xml version='1.0' encoding='UTF-8'?><errorMessage xmlns="http://www.ebay.com/marketplace/search/v1/services"><error><errorId>2038</errorId><domain>CoreRuntime</domain><severity>Error</severity><category>System</category><message>Missing SOA operation name header</message><subdomain>System</subdomain><exceptionId>com.ebay.soaframework.common.exceptions.ServiceException</exceptionId></error></errorMessage>

Time taken with Handshake: Thu Nov 14 15:00:02 PST 2019, 0 , 0:00:00.655


Key Notes: 

  1. Java APIs uses uses HostnameVerifier and SSLSocketFactory for Https Connection and follows as per RFC 2818.
  2. More reference for Java Security : https://docs.oracle.com/javase/10/security/toc.htm
  3. How to set SSL Context for TLS 1.2 ( SSLContext sslContext = SSLContext.getInstance("TLSv1.2")); 
  4. Default SSLcontext from Open API code gen is SSLContext sslContext = SSLContext.getInstance("TLS") and chosed based on system preference.
  5. SSL debug for handshake vm arg  

    -Djavax.net.debug=ssl

How well did this answer your question?
Answers others found helpful