JESSIE - SSL BAD_CERTIFICATE Exception

Jary Grove jarygrove@yahoo.com
Sat Oct 18 21:17:00 GMT 2008


I am getting the BAD CERTIFICATE exception with jessie, any idea? I am using the latest build. 

Following is the exception log:


SSL HANDSHAKE output to {0}; state:{1}; outBuffer:{2} java.nio.ByteBufferImpl[pos=5 lim=18432 cap=18
432] WRITE_CLIENT_HELLO null
SSL HANDSHAKE loop state={0} WRITE_CLIENT_HELLO
SSL HANDSHAKE {0} struct {
  version: TLSv1.1;
  random:
  struct {
    gmt_unix_time: 1224363825;
    random_bytes:  9a:15:99:6d:25:e3:04:7c:ff:3a:12:e1:ff:19:b1:f6:61:07:a3:2e:57:cc:aa:db:dd:47:82:
f5;
  } Random;  sessionId: ;
  cipher_suites:
  [30] {
    TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
    TLS_DH_DSS_WITH_AES_256_CBC_SHA,
    TLS_DH_RSA_WITH_AES_256_CBC_SHA,
    TLS_RSA_WITH_AES_256_CBC_SHA,
    TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
    TLS_DH_DSS_WITH_AES_128_CBC_SHA,
    TLS_DH_RSA_WITH_AES_128_CBC_SHA,
    TLS_RSA_WITH_AES_128_CBC_SHA,
    TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
    TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
    TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA,
    TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA,
    TLS_RSA_WITH_3DES_EDE_CBC_SHA,
    TLS_RSA_WITH_RC4_128_MD5,
    TLS_RSA_WITH_RC4_128_SHA,
    TLS_DHE_DSS_WITH_DES_CBC_SHA,
    TLS_DHE_RSA_WITH_DES_CBC_SHA,
    TLS_DH_DSS_WITH_DES_CBC_SHA,
    TLS_DH_RSA_WITH_DES_CBC_SHA,
    TLS_RSA_WITH_DES_CBC_SHA,
    TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
    TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
    TLS_RSA_EXPORT_WITH_DES40_CBC_SHA,
    TLS_RSA_EXPORT_WITH_RC4_40_MD5,
    TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
    TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
    TLS_RSA_WITH_NULL_MD5,
    TLS_RSA_WITH_NULL_SHA
  };
  compression_methods:
  [1] {
    NULL
  };
  extensions:     ExtensionList {
      length = 2;
    };
} ClientHello;
SSL HANDSHAKE processing in state {0}:
{1} READ_SERVER_HELLO struct {
  type: SERVER_HELLO;
  struct {
    version: TLSv1;
    random:
    struct {
      gmt_unix_time: 1224363827;
      random_bytes:  9a:a2:ee:0f:d6:e5:22:22:8d:66:f0:f6:57:c1:a6:60:7e:a1:01:25:df:7e:05:2e:08:1c:c
6:de;
    } Random;
    sessionId:         e1:07:00:00:36:0f:05:21:64:d7:f4:e2:7c:7d:6d:b4:6c:50:7a:9d:26:99:03:e0:bc:23
:f9:db:df:09:61:8a;
    cipherSuite:       TLS_RSA_WITH_RC4_128_MD5;
    compressionMethod: NULL;
    extensions:
      (nil)
  } ServerHello;
} Handshake;
SSL HANDSHAKE processing in state {0}:
{1} READ_CERTIFICATE struct {
  type: CERTIFICATE;
  struct {
    java.security.cert.CertificateException: malformed GeneralName: Tag class is 0;
} Certificate;
} Handshake;
gnu.javax.net.ssl.provider.AlertException: BAD_CERTIFICATE: locally generated; FATAL
SSL HANDSHAKE output to {0}; state:{1}; outBuffer:{2} java.nio.ByteBufferImpl[pos=5 lim=18432 cap=18
432] WRITE_CLIENT_HELLO null
SSL HANDSHAKE loop state={0} WRITE_CLIENT_HELLO
SSL HANDSHAKE {0} struct {
  version: TLSv1.1;
  random:
  struct {
    gmt_unix_time: 1224363826;
    random_bytes:  84:d5:62:3a:00:a9:d5:c9:3c:fe:13:05:6d:04:10:9e:0e:5b:ae:b7:72:37:b4:ef:f8:56:7d:
79;
  } Random;  sessionId: ;
  cipher_suites:
  [30] {
    TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
    TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
    TLS_DH_DSS_WITH_AES_256_CBC_SHA,
    TLS_DH_RSA_WITH_AES_256_CBC_SHA,
    TLS_RSA_WITH_AES_256_CBC_SHA,
    TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
    TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
    TLS_DH_DSS_WITH_AES_128_CBC_SHA,
    TLS_DH_RSA_WITH_AES_128_CBC_SHA,
    TLS_RSA_WITH_AES_128_CBC_SHA,
    TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
    TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
    TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA,
    TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA,
    TLS_RSA_WITH_3DES_EDE_CBC_SHA,
    TLS_RSA_WITH_RC4_128_MD5,
    TLS_RSA_WITH_RC4_128_SHA,
    TLS_DHE_DSS_WITH_DES_CBC_SHA,
    TLS_DHE_RSA_WITH_DES_CBC_SHA,
    TLS_DH_DSS_WITH_DES_CBC_SHA,
    TLS_DH_RSA_WITH_DES_CBC_SHA,
    TLS_RSA_WITH_DES_CBC_SHA,
    TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
    TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
    TLS_RSA_EXPORT_WITH_DES40_CBC_SHA,
    TLS_RSA_EXPORT_WITH_RC4_40_MD5,
    TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
    TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
    TLS_RSA_WITH_NULL_MD5,
    TLS_RSA_WITH_NULL_SHA
  };
  compression_methods:
  [1] {
    NULL
  };
  extensions:     ExtensionList {
      length = 2;
    };
} ClientHello;
SSL HANDSHAKE processing in state {0}:
{1} READ_SERVER_HELLO struct {
  type: SERVER_HELLO;
  struct {
    version: TLSv1;
    random:
    struct {
      gmt_unix_time: 1224363827;
      random_bytes:  36:f4:51:d4:92:23:79:ac:41:86:d2:ec:29:c8:3b:e8:58:78:72:4e:42:48:0b:27:97:df:5
9:b0;
    } Random;
    sessionId:         d8:03:00:00:cf:90:b3:93:8c:9d:e6:ca:b1:7a:f1:cf:6f:4f:1f:20:ab:86:c8:d9:ff:61
:c4:a4:2d:68:b4:0d;
    cipherSuite:       TLS_RSA_WITH_RC4_128_MD5;
    compressionMethod: NULL;
    extensions:
      (nil)
  } ServerHello;
} Handshake;
SSL HANDSHAKE processing in state {0}:
{1} READ_CERTIFICATE struct {
  type: CERTIFICATE;
  struct {
    java.security.cert.CertificateException: malformed GeneralName: Tag class is 0;
} Certificate;
} Handshake;



Thanks
Jary


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com



More information about the Java mailing list