g! security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, called close() pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, called closeInternal(true) pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, SEND TLSv1.2 ALERT: warning, description = close_notify pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Alert, length = 26 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, called closeSocket(true) Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 %% Client cached [Session-14, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] %% Try resuming [Session-14, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] from port 57106 *** ClientHello, TLSv1.2 RandomCookie: GMT: 1582321088 bytes = { 207, 196, 244, 157, 88, 99, 109, 189, 92, 71, 22, 255, 132, 122, 160, 145, 179, 203, 70, 58, 166, 228, 184, 114, 102, 65, 248, 107 } Session ID: {201, 15, 241, 137, 200, 18, 80, 10, 52, 210, 239, 232, 237, 106, 59, 24, 246, 119, 22, 20, 103, 194, 244, 238, 71, 4, 62, 251, 155, 95, 132, 148} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension extended_master_secret Extension server_name, server_name: [type=host_name (0), value=tls-auth.dontesta.it] *** pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Handshake, length = 260 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 97 *** ServerHello, TLSv1.2 RandomCookie: GMT: -173204175 bytes = { 160, 5, 207, 152, 231, 90, 135, 39, 15, 208, 210, 202, 144, 36, 44, 102, 135, 122, 195, 141, 200, 25, 210, 229, 180, 145, 58, 77 } Session ID: {115, 154, 156, 50, 7, 148, 16, 172, 218, 39, 186, 32, 0, 220, 23, 94, 137, 146, 255, 134, 186, 22, 87, 17, 172, 181, 185, 130, 250, 49, 62, 215} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension renegotiation_info, renegotiated_connection: Extension server_name, server_name: Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] Extension extended_master_secret *** %% Invalidated: [Session-14, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] %% Initialized: [Session-15, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 2823 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=tls-auth.dontesta.it Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 653426228861898623980764947125560387027864041784500386907478553154234245053025970175367961386530274918292576099522730560757480148992028054622421472274552882505627002492985614977054922382887885124078630563382816865685725467256403840778387462116774485359209525427080929390433430348772972988343774890961111949619904006696949337916361209577540721579861408291606217562971691866999183543403915106019465910793552398620117869265858058970445372511684776413864197219667475638072232362249161346683582349798294959196936954088807581340158656602741181039417895855414611181789001442642700157777738512009229089653798213491546577488433742906231954083038145512313405631066049488523032365448993242211880653228299125475283592796936287647709217203430733066953056518925879848048075173100622411149899258019027620152485456246330427084532121231721198347023763244049764858485690721671338610916459464461038411924516314308831527847345043406241615971075446321727112593669466295015071784122131925767371793301440015825653517889507290109301845759096098026297470772804102475043367917657123304920865476807786024285693522852735455037046985266127763812064729711304526939911983989753223570999376304688480598468010774974987174714976998423909845527292134014904531305728159 public exponent: 65537 Validity: [From: Mon Feb 03 20:27:26 GMT 2020, To: Sun May 03 20:27:26 GMT 2020] Issuer: CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US SerialNumber: [ 03b99d88 bc20ed56 7787432d 79306cda 7b6f] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false Extension unknown: DER encoded OCTET string = 0000: 04 81 F5 04 81 F2 00 F0 00 76 00 5E A7 73 F9 DF .........v.^.s.. 0010: 56 C0 E7 B5 36 48 7D D0 49 E0 32 7A 91 9A 0C 84 V...6H..I.2z.... 0020: A1 12 12 84 18 75 96 81 71 45 58 00 00 01 70 0C .....u..qEX...p. 0030: F3 74 EE 00 00 04 03 00 47 30 45 02 21 00 A1 81 .t......G0E.!... 0040: 02 99 4D 81 4B 3D 15 87 57 7F AB 4E 69 ED 44 A8 ..M.K=..W..Ni.D. 0050: E3 26 80 0A BE F2 2D DE 4F 4B 92 1E EF CC 02 20 .&....-.OK..... 0060: 74 F6 7B 1A 3F 52 06 3B A8 1E 93 31 95 4D 1E 0C t...?R.;...1.M.. 0070: E5 F3 43 ED 2E FD AD 5B 9C 98 67 D5 5E 14 EE 7D ..C....[..g.^... 0080: 00 76 00 B2 1E 05 CC 8B A2 CD 8A 20 4E 87 66 F9 .v......... N.f. 0090: 2B B9 8A 25 20 67 6B DA FA 70 E7 B2 49 53 2D EF +..% gk..p..IS-. 00A0: 8B 90 5E 00 00 01 70 0C F3 74 DB 00 00 04 03 00 ..^...p..t...... 00B0: 47 30 45 02 20 51 D9 3E 0C 93 9C C2 56 59 70 C3 G0E. Q.>....VYp. 00C0: 61 A6 21 D1 A8 F0 41 E5 A4 9A AA 16 E3 11 D6 1D a.!...A......... 00D0: BF 5B 25 73 E6 02 21 00 89 73 33 FF A9 31 EC 6E .[%s..!..s3..1.n 00E0: B8 24 03 65 B1 7A FE EC F7 4B 9A 95 87 8B 39 AA .$.e.z...K....9. 00F0: 09 7D 33 86 26 E9 62 23 ..3.&.b# [2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://ocsp.int-x3.letsencrypt.org , accessMethod: caIssuers accessLocation: URIName: http://cert.int-x3.letsencrypt.org/ ] ] [3]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: A8 4A 6A 63 04 7D DD BA E6 D1 39 B7 A6 45 65 EF .Jjc......9..Ee. 0010: F3 A8 EC A1 .... ] ] [4]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.23.140.1.2.1] [] ] [CertificatePolicyId: [1.3.6.1.4.1.44947.1.1.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 1A 68 74 74 70 3A 2F 2F 63 70 73 2E 6C 65 74 ..http://cps.let 0010: 73 65 6E 63 72 79 70 74 2E 6F 72 67 sencrypt.org ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: tls-auth.dontesta.it ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 79 49 C4 76 2E 76 86 A2 53 C7 A4 53 9F F3 0F AD yI.v.v..S..S.... 0010: AD D4 53 17 ..S. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 80 8F C9 F9 58 9F 5D 5C 07 C0 53 D9 F7 B0 94 51 ....X.]\..S....Q 0010: AC 85 7E 08 0F B7 FE CB 4A AB 02 50 00 40 E4 7C ........J..P.@.. 0020: 3B 2B 07 6D 47 1C 3F 2D B0 81 66 70 3B 6A C3 75 ;+.mG.?-..fp;j.u 0030: E0 B4 37 6F DA 7F 39 71 FC 7A D3 42 A6 E9 84 B1 ..7o..9q.z.B.... 0040: 65 52 E6 4C 8C C4 8B AA E9 C5 AC 7D F2 45 69 B3 eR.L.........Ei. 0050: 01 66 72 75 65 E3 5F 58 D2 6C E6 A3 CA 17 51 94 .frue._X.l....Q. 0060: 31 04 CA ED AE 9A 7A B1 C9 D1 D2 0D A4 39 4D B4 1.....z......9M. 0070: 55 E6 BE AC FD 71 E3 7B BD 4A 82 39 59 02 B0 B4 U....q...J.9Y... 0080: 09 14 C9 38 19 4E 74 93 FA D3 23 89 77 58 ED DE ...8.Nt...#.wX.. 0090: 30 9A 51 68 3D 92 CA 7A EE 72 C7 E1 2C B0 0E 6C 0.Qh=..z.r..,..l 00A0: 75 CA 31 7C 96 17 3D EF D3 36 5F 93 78 9E A3 F4 u.1...=..6_.x... 00B0: D9 E7 8F 4C 1A 02 28 BD 13 AD 84 33 07 BC 63 23 ...L..(....3..c# 00C0: BF AB D3 3B 52 AA 30 DC B6 F9 A6 ED D8 BD 55 08 ...;R.0.......U. 00D0: 3F 90 0D A9 B9 60 90 6A A2 E1 2A 3C B8 A5 A4 81 ?....`.j..*<.... 00E0: 25 D3 B0 84 AC 94 AD 54 9E 0B 67 32 89 9D 9B D8 %......T..g2.... 00F0: BA 03 AC 4C 1F 7A 67 ED 1B A5 86 50 CE F1 CB 9C ...L.zg....P.... ] chain [1] = [ [ Version: V3 Subject: CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 19797248476075437682355852246492227182925025209894527646389863306257272162327717438476096960751529894413137923782807258828237626757946953550223743258656059351948211427799114263948499232121738590221774214131983890556391436336270214266656447169277800971416884432628642288505627878176138101439755752196484972290641499489076846352390454201028735981960275647482014359370041238010607728611828345534572152635280172155598035959878659370929022966413402097129857505568509453268467065766156311136296802046438183697980908977865999500405760226706893415483460747503705792669060406182022181441316967415301631965711690685520847684499 public exponent: 65537 Validity: [From: Thu Mar 17 16:40:46 GMT 2016, To: Wed Mar 17 16:40:46 GMT 2021] Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co. SerialNumber: [ 0a014142 00000153 85736a0b 85eca708] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://isrg.trustid.ocsp.identrust.com , accessMethod: caIssuers accessLocation: URIName: http://apps.identrust.com/roots/dstrootcax3.p7c ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: C4 A7 B1 A4 7B 2C 71 FA DB E1 4B 90 75 FF C4 15 .....,q...K.u... 0010: 60 85 89 10 `... ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.identrust.com/DSTROOTCAX3CRL.crl] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.23.140.1.2.1] [] ] [CertificatePolicyId: [1.3.6.1.4.1.44947.1.1.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 22 68 74 74 70 3A 2F 2F 63 70 73 2E 72 6F 6F ."http://cps.roo 0010: 74 2D 78 31 2E 6C 65 74 73 65 6E 63 72 79 70 74 t-x1.letsencrypt 0020: 2E 6F 72 67 .org ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: A8 4A 6A 63 04 7D DD BA E6 D1 39 B7 A6 45 65 EF .Jjc......9..Ee. 0010: F3 A8 EC A1 .... ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: DD 33 D7 11 F3 63 58 38 DD 18 15 FB 09 55 BE 76 .3...cX8.....U.v 0010: 56 B9 70 48 A5 69 47 27 7B C2 24 08 92 F1 5A 1F V.pH.iG'..$...Z. 0020: 4A 12 29 37 24 74 51 1C 62 68 B8 CD 95 70 67 E5 J.)7$tQ.bh...pg. 0030: F7 A4 BC 4E 28 51 CD 9B E8 AE 87 9D EA D8 BA 5A ...N(Q.........Z 0040: A1 01 9A DC F0 DD 6A 1D 6A D8 3E 57 23 9E A6 1E ......j.j.>W#... 0050: 04 62 9A FF D7 05 CA B7 1F 3F C0 0A 48 BC 94 B0 .b.......?..H... 0060: B6 65 62 E0 C1 54 E5 A3 2A AD 20 C4 E9 E6 BB DC .eb..T..*. ..... 0070: C8 F6 B5 C3 32 A3 98 CC 77 A8 E6 79 65 07 2B CB ....2...w..ye.+. 0080: 28 FE 3A 16 52 81 CE 52 0C 2E 5F 83 E8 D5 06 33 (.:.R..R.._....3 0090: FB 77 6C CE 40 EA 32 9E 1F 92 5C 41 C1 74 6C 5B .wl.@.2...\A.tl[ 00A0: 5D 0A 5F 33 CC 4D 9F AC 38 F0 2F 7B 2C 62 9D D9 ]._3.M..8./.,b.. 00B0: A3 91 6F 25 1B 2F 90 B1 19 46 3D F6 7E 1B A6 7A ..o%./...F=....z 00C0: 87 B9 A3 7A 6D 18 FA 25 A5 91 87 15 E0 F2 16 2F ...zm..%......./ 00D0: 58 B0 06 2F 2C 68 26 C6 4B 98 CD DA 9F 0C F9 7F X../,h&.K....... 00E0: 90 ED 43 4A 12 44 4E 6F 73 7A 28 EA A4 AA 6E 7B ..CJ.DNosz(...n. 00F0: 4C 7D 87 DD E0 C9 02 44 A7 87 AF C3 34 5B B4 42 L......D....4[.B ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=DST Root CA X3, O=Digital Signature Trust Co. Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 28237887677026032203151777657129561581522073060401233851894187952595640780665579499663841407267510759260214748789212535957135845654219821366017427323985352100172211628961551647178765278465245040619994286316630852210928184346090961906367138096715766033171261107313432772299467819936678634109708967378829013418649505942485529500580167736159568208924601034682852941882633722952597854385181938557682865139545636282689862459897027632511916072421459210380987954549724536623494064393973052186448977570989493998685404014473715688796607543139914669307234440905936555495044671225489918726010863829142065064843131427399159251549 public exponent: 65537 Validity: [From: Sat Sep 30 21:12:19 GMT 2000, To: Thu Sep 30 14:01:15 GMT 2021] Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co. SerialNumber: [ 44afb080 d6a327ba 89303986 2ef8406b] Certificate Extensions: 3 [1]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:2147483647 ] [2]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [3]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: C4 A7 B1 A4 7B 2C 71 FA DB E1 4B 90 75 FF C4 15 .....,q...K.u... 0010: 60 85 89 10 `... ] ] ] Algorithm: [SHA1withRSA] Signature: 0000: A3 1A 2C 9B 17 00 5C A9 1E EE 28 66 37 3A BF 83 ..,...\...(f7:.. 0010: C7 3F 4B C3 09 A0 95 20 5D E3 D9 59 44 D2 3E 0D .?K.... ]..YD.>. 0020: 3E BD 8A 4B A0 74 1F CE 10 82 9C 74 1A 1D 7E 98 >..K.t.....t.... 0030: 1A DD CB 13 4B B3 20 44 E4 91 E9 CC FC 7D A5 DB ....K. D........ 0040: 6A E5 FE E6 FD E0 4E DD B7 00 3A B5 70 49 AF F2 j.....N...:.pI.. 0050: E5 EB 02 F1 D1 02 8B 19 CB 94 3A 5E 48 C4 18 1E ..........:^H... 0060: 58 19 5F 1E 02 5A F0 0C F1 B1 AD A9 DC 59 86 8B X._..Z.......Y.. 0070: 6E E9 91 F5 86 CA FA B9 66 33 AA 59 5B CE E2 A7 n.......f3.Y[... 0080: 16 73 47 CB 2B CC 99 B0 37 48 CF E3 56 4B F5 CF .sG.+...7H..VK.. 0090: 0F 0C 72 32 87 C6 F0 44 BB 53 72 6D 43 F5 26 48 ..r2...D.SrmC.&H 00A0: 9A 52 67 B7 58 AB FE 67 76 71 78 DB 0D A2 56 14 .Rg.X..gvqx...V. 00B0: 13 39 24 31 85 A2 A8 02 5A 30 47 E1 DD 50 07 BC .9$1....Z0G..P.. 00C0: 02 09 90 00 EB 64 63 60 9B 16 BC 88 C9 12 E6 D2 .....dc`........ 00D0: 7D 91 8B F9 3D 32 8D 65 B4 E9 7C B1 57 76 EA C5 ....=2.e....Wv.. 00E0: B6 28 39 BF 15 65 1C C8 F6 77 96 6A 0A 8D 77 0B .(9..e...w.j..w. 00F0: D8 91 0B 04 8E 07 DB 29 B6 0A EE 9D 82 35 35 10 .......).....55. ] pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 589 *** ECDH ServerKeyExchange Signature Algorithm SHA256withRSA Server key: Sun EC public key, 256 bits public x coord: 42422370424197791611998850963942786361204759808370361265634998443689135090656 public y coord: 105123361082797791364488102162191912201230582859492545723348298151639525218609 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 4 *** ServerHelloDone *** ECDHClientKeyExchange ECDH Public value: { 4, 86, 161, 84, 58, 71, 24, 59, 85, 208, 88, 208, 176, 36, 208, 110, 221, 59, 137, 159, 10, 114, 110, 135, 111, 134, 12, 131, 223, 126, 77, 73, 15, 186, 240, 21, 17, 154, 38, 45, 126, 135, 115, 73, 65, 60, 108, 113, 179, 73, 234, 196, 29, 58, 231, 4, 44, 118, 156, 116, 30, 204, 245, 120, 17 } pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Handshake, length = 70 SESSION KEYGEN: PreMaster Secret: 0000: B9 3C D3 21 19 2E 3C AF FF EF 19 2A BE 33 07 AE .<.!..<....*.3.. 0010: 4A FC C1 EE BF 6E F3 82 C3 CD 64 DF F9 A6 43 05 J....n....d...C. CONNECTION KEYGEN: Client Nonce: 0000: 5E 50 4E C0 CF C4 F4 9D 58 63 6D BD 5C 47 16 FF ^PN.....Xcm.\G.. 0010: 84 7A A0 91 B3 CB 46 3A A6 E4 B8 72 66 41 F8 6B .z....F:...rfA.k Server Nonce: 0000: F6 AD 1D 31 A0 05 CF 98 E7 5A 87 27 0F D0 D2 CA ...1.....Z.'.... 0010: 90 24 2C 66 87 7A C3 8D C8 19 D2 E5 B4 91 3A 4D .$,f.z........:M Master Secret: 0000: 39 C6 75 07 A7 54 49 7D D2 3A AA 7A 06 89 7C 07 9.u..TI..:.z.... 0010: 7D 9F FB F1 02 06 5B 19 20 7B EF 02 0C 75 73 14 ......[. ....us. 0020: FC 71 0D 3D 10 19 16 9E 5F D4 C8 34 50 BE E6 95 .q.=...._..4P... ... no MAC keys used for this cipher Client write key: 0000: 17 02 59 3A 62 6F 8A F1 C6 34 DC 5D 8A 92 B5 57 ..Y:bo...4.]...W 0010: D7 93 74 20 C9 9F 90 C0 C9 40 C1 D4 79 34 3F 27 ..t .....@..y4?' Server write key: 0000: 63 6C A1 B1 E7 5A DB 4B 99 C6 7C E9 EE 13 CB 45 cl...Z.K.......E 0010: 09 FF 8C 22 FA EB 3C 88 B4 E6 F0 BE 25 FF E1 DD ..."..<.....%... Client write IV: 0000: A1 51 B6 24 .Q.$ Server write IV: 0000: F4 3B FA 9E .;.. pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished verify_data: { 60, 128, 243, 24, 201, 242, 250, 139, 101, 111, 160, 149 } *** pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Handshake, length = 40 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Change Cipher Spec, length = 1 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 145, 253, 140, 169, 100, 137, 31, 251, 138, 195, 54, 145 } *** %% Cached client session: [Session-15, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Application Data, length = 218 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 28 Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: false Is secure renegotiation: true Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1 *** HelloRequest (empty) %% Client cached [Session-15, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] %% Try resuming [Session-15, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] from port 57106 *** ClientHello, TLSv1.2 RandomCookie: GMT: 1582321088 bytes = { 30, 121, 96, 93, 94, 121, 58, 79, 243, 218, 108, 106, 192, 71, 164, 231, 128, 47, 13, 136, 152, 140, 13, 205, 79, 234, 76, 28 } Session ID: {115, 154, 156, 50, 7, 148, 16, 172, 218, 39, 186, 32, 0, 220, 23, 94, 137, 146, 255, 134, 186, 22, 87, 17, 172, 181, 185, 130, 250, 49, 62, 215} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} Extension ec_point_formats, formats: [uncompressed] Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA Extension extended_master_secret Extension server_name, server_name: [type=host_name (0), value=tls-auth.dontesta.it] Extension renegotiation_info, renegotiated_connection: 3c:80:f3:18:c9:f2:fa:8b:65:6f:a0:95 *** pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Handshake, length = 299 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 145 *** ServerHello, TLSv1.2 RandomCookie: GMT: 1217534451 bytes = { 202, 133, 38, 250, 30, 9, 158, 59, 6, 11, 35, 112, 63, 160, 128, 135, 137, 194, 172, 89, 39, 95, 245, 251, 93, 40, 52, 234 } Session ID: {33, 73, 4, 82, 225, 224, 51, 203, 74, 96, 219, 123, 125, 229, 1, 65, 122, 235, 222, 218, 114, 200, 87, 0, 40, 65, 244, 164, 186, 146, 68, 140} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Compression Method: 0 Extension renegotiation_info, renegotiated_connection: 3c:80:f3:18:c9:f2:fa:8b:65:6f:a0:95:91:fd:8c:a9:64:89:1f:fb:8a:c3:36:91 Extension server_name, server_name: Extension ec_point_formats, formats: [uncompressed, ansiX962_compressed_prime, ansiX962_compressed_char2] Extension extended_master_secret *** %% Initialized: [Session-16, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] ** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 2847 *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=tls-auth.dontesta.it Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 4096 bits modulus: 653426228861898623980764947125560387027864041784500386907478553154234245053025970175367961386530274918292576099522730560757480148992028054622421472274552882505627002492985614977054922382887885124078630563382816865685725467256403840778387462116774485359209525427080929390433430348772972988343774890961111949619904006696949337916361209577540721579861408291606217562971691866999183543403915106019465910793552398620117869265858058970445372511684776413864197219667475638072232362249161346683582349798294959196936954088807581340158656602741181039417895855414611181789001442642700157777738512009229089653798213491546577488433742906231954083038145512313405631066049488523032365448993242211880653228299125475283592796936287647709217203430733066953056518925879848048075173100622411149899258019027620152485456246330427084532121231721198347023763244049764858485690721671338610916459464461038411924516314308831527847345043406241615971075446321727112593669466295015071784122131925767371793301440015825653517889507290109301845759096098026297470772804102475043367917657123304920865476807786024285693522852735455037046985266127763812064729711304526939911983989753223570999376304688480598468010774974987174714976998423909845527292134014904531305728159 public exponent: 65537 Validity: [From: Mon Feb 03 20:27:26 GMT 2020, To: Sun May 03 20:27:26 GMT 2020] Issuer: CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US SerialNumber: [ 03b99d88 bc20ed56 7787432d 79306cda 7b6f] Certificate Extensions: 9 [1]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false Extension unknown: DER encoded OCTET string = 0000: 04 81 F5 04 81 F2 00 F0 00 76 00 5E A7 73 F9 DF .........v.^.s.. 0010: 56 C0 E7 B5 36 48 7D D0 49 E0 32 7A 91 9A 0C 84 V...6H..I.2z.... 0020: A1 12 12 84 18 75 96 81 71 45 58 00 00 01 70 0C .....u..qEX...p. 0030: F3 74 EE 00 00 04 03 00 47 30 45 02 21 00 A1 81 .t......G0E.!... 0040: 02 99 4D 81 4B 3D 15 87 57 7F AB 4E 69 ED 44 A8 ..M.K=..W..Ni.D. 0050: E3 26 80 0A BE F2 2D DE 4F 4B 92 1E EF CC 02 20 .&....-.OK..... 0060: 74 F6 7B 1A 3F 52 06 3B A8 1E 93 31 95 4D 1E 0C t...?R.;...1.M.. 0070: E5 F3 43 ED 2E FD AD 5B 9C 98 67 D5 5E 14 EE 7D ..C....[..g.^... 0080: 00 76 00 B2 1E 05 CC 8B A2 CD 8A 20 4E 87 66 F9 .v......... N.f. 0090: 2B B9 8A 25 20 67 6B DA FA 70 E7 B2 49 53 2D EF +..% gk..p..IS-. 00A0: 8B 90 5E 00 00 01 70 0C F3 74 DB 00 00 04 03 00 ..^...p..t...... 00B0: 47 30 45 02 20 51 D9 3E 0C 93 9C C2 56 59 70 C3 G0E. Q.>....VYp. 00C0: 61 A6 21 D1 A8 F0 41 E5 A4 9A AA 16 E3 11 D6 1D a.!...A......... 00D0: BF 5B 25 73 E6 02 21 00 89 73 33 FF A9 31 EC 6E .[%s..!..s3..1.n 00E0: B8 24 03 65 B1 7A FE EC F7 4B 9A 95 87 8B 39 AA .$.e.z...K....9. 00F0: 09 7D 33 86 26 E9 62 23 ..3.&.b# [2]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://ocsp.int-x3.letsencrypt.org , accessMethod: caIssuers accessLocation: URIName: http://cert.int-x3.letsencrypt.org/ ] ] [3]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: A8 4A 6A 63 04 7D DD BA E6 D1 39 B7 A6 45 65 EF .Jjc......9..Ee. 0010: F3 A8 EC A1 .... ] ] [4]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:false PathLen: undefined ] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.23.140.1.2.1] [] ] [CertificatePolicyId: [1.3.6.1.4.1.44947.1.1.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 1A 68 74 74 70 3A 2F 2F 63 70 73 2E 6C 65 74 ..http://cps.let 0010: 73 65 6E 63 72 79 70 74 2E 6F 72 67 sencrypt.org ]] ] ] [6]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ serverAuth clientAuth ] [7]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment ] [8]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ DNSName: tls-auth.dontesta.it ] [9]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: 79 49 C4 76 2E 76 86 A2 53 C7 A4 53 9F F3 0F AD yI.v.v..S..S.... 0010: AD D4 53 17 ..S. ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: 80 8F C9 F9 58 9F 5D 5C 07 C0 53 D9 F7 B0 94 51 ....X.]\..S....Q 0010: AC 85 7E 08 0F B7 FE CB 4A AB 02 50 00 40 E4 7C ........J..P.@.. 0020: 3B 2B 07 6D 47 1C 3F 2D B0 81 66 70 3B 6A C3 75 ;+.mG.?-..fp;j.u 0030: E0 B4 37 6F DA 7F 39 71 FC 7A D3 42 A6 E9 84 B1 ..7o..9q.z.B.... 0040: 65 52 E6 4C 8C C4 8B AA E9 C5 AC 7D F2 45 69 B3 eR.L.........Ei. 0050: 01 66 72 75 65 E3 5F 58 D2 6C E6 A3 CA 17 51 94 .frue._X.l....Q. 0060: 31 04 CA ED AE 9A 7A B1 C9 D1 D2 0D A4 39 4D B4 1.....z......9M. 0070: 55 E6 BE AC FD 71 E3 7B BD 4A 82 39 59 02 B0 B4 U....q...J.9Y... 0080: 09 14 C9 38 19 4E 74 93 FA D3 23 89 77 58 ED DE ...8.Nt...#.wX.. 0090: 30 9A 51 68 3D 92 CA 7A EE 72 C7 E1 2C B0 0E 6C 0.Qh=..z.r..,..l 00A0: 75 CA 31 7C 96 17 3D EF D3 36 5F 93 78 9E A3 F4 u.1...=..6_.x... 00B0: D9 E7 8F 4C 1A 02 28 BD 13 AD 84 33 07 BC 63 23 ...L..(....3..c# 00C0: BF AB D3 3B 52 AA 30 DC B6 F9 A6 ED D8 BD 55 08 ...;R.0.......U. 00D0: 3F 90 0D A9 B9 60 90 6A A2 E1 2A 3C B8 A5 A4 81 ?....`.j..*<.... 00E0: 25 D3 B0 84 AC 94 AD 54 9E 0B 67 32 89 9D 9B D8 %......T..g2.... 00F0: BA 03 AC 4C 1F 7A 67 ED 1B A5 86 50 CE F1 CB 9C ...L.zg....P.... ] chain [1] = [ [ Version: V3 Subject: CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits modulus: 19797248476075437682355852246492227182925025209894527646389863306257272162327717438476096960751529894413137923782807258828237626757946953550223743258656059351948211427799114263948499232121738590221774214131983890556391436336270214266656447169277800971416884432628642288505627878176138101439755752196484972290641499489076846352390454201028735981960275647482014359370041238010607728611828345534572152635280172155598035959878659370929022966413402097129857505568509453268467065766156311136296802046438183697980908977865999500405760226706893415483460747503705792669060406182022181441316967415301631965711690685520847684499 public exponent: 65537 Validity: [From: Thu Mar 17 16:40:46 GMT 2016, To: Wed Mar 17 16:40:46 GMT 2021] Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co. SerialNumber: [ 0a014142 00000153 85736a0b 85eca708] Certificate Extensions: 7 [1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false AuthorityInfoAccess [ [ accessMethod: ocsp accessLocation: URIName: http://isrg.trustid.ocsp.identrust.com , accessMethod: caIssuers accessLocation: URIName: http://apps.identrust.com/roots/dstrootcax3.p7c ] ] [2]: ObjectId: 2.5.29.35 Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: C4 A7 B1 A4 7B 2C 71 FA DB E1 4B 90 75 FF C4 15 .....,q...K.u... 0010: 60 85 89 10 `... ] ] [3]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:0 ] [4]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://crl.identrust.com/DSTROOTCAX3CRL.crl] ]] [5]: ObjectId: 2.5.29.32 Criticality=false CertificatePolicies [ [CertificatePolicyId: [2.23.140.1.2.1] [] ] [CertificatePolicyId: [1.3.6.1.4.1.44947.1.1.1] [PolicyQualifierInfo: [ qualifierID: 1.3.6.1.5.5.7.2.1 qualifier: 0000: 16 22 68 74 74 70 3A 2F 2F 63 70 73 2E 72 6F 6F ."http://cps.roo 0010: 74 2D 78 31 2E 6C 65 74 73 65 6E 63 72 79 70 74 t-x1.letsencrypt 0020: 2E 6F 72 67 .org ]] ] ] [6]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_CertSign Crl_Sign ] [7]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: A8 4A 6A 63 04 7D DD BA E6 D1 39 B7 A6 45 65 EF .Jjc......9..Ee. 0010: F3 A8 EC A1 .... ] ] ] Algorithm: [SHA256withRSA] Signature: 0000: DD 33 D7 11 F3 63 58 38 DD 18 15 FB 09 55 BE 76 .3...cX8.....U.v 0010: 56 B9 70 48 A5 69 47 27 7B C2 24 08 92 F1 5A 1F V.pH.iG'..$...Z. 0020: 4A 12 29 37 24 74 51 1C 62 68 B8 CD 95 70 67 E5 J.)7$tQ.bh...pg. 0030: F7 A4 BC 4E 28 51 CD 9B E8 AE 87 9D EA D8 BA 5A ...N(Q.........Z 0040: A1 01 9A DC F0 DD 6A 1D 6A D8 3E 57 23 9E A6 1E ......j.j.>W#... 0050: 04 62 9A FF D7 05 CA B7 1F 3F C0 0A 48 BC 94 B0 .b.......?..H... 0060: B6 65 62 E0 C1 54 E5 A3 2A AD 20 C4 E9 E6 BB DC .eb..T..*. ..... 0070: C8 F6 B5 C3 32 A3 98 CC 77 A8 E6 79 65 07 2B CB ....2...w..ye.+. 0080: 28 FE 3A 16 52 81 CE 52 0C 2E 5F 83 E8 D5 06 33 (.:.R..R.._....3 0090: FB 77 6C CE 40 EA 32 9E 1F 92 5C 41 C1 74 6C 5B .wl.@.2...\A.tl[ 00A0: 5D 0A 5F 33 CC 4D 9F AC 38 F0 2F 7B 2C 62 9D D9 ]._3.M..8./.,b.. 00B0: A3 91 6F 25 1B 2F 90 B1 19 46 3D F6 7E 1B A6 7A ..o%./...F=....z 00C0: 87 B9 A3 7A 6D 18 FA 25 A5 91 87 15 E0 F2 16 2F ...zm..%......./ 00D0: 58 B0 06 2F 2C 68 26 C6 4B 98 CD DA 9F 0C F9 7F X../,h&.K....... 00E0: 90 ED 43 4A 12 44 4E 6F 73 7A 28 EA A4 AA 6E 7B ..CJ.DNosz(...n. 00F0: 4C 7D 87 DD E0 C9 02 44 A7 87 AF C3 34 5B B4 42 L......D....4[.B ] *** Found trusted certificate: [ [ Version: V3 Subject: CN=DST Root CA X3, O=Digital Signature Trust Co. Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 28237887677026032203151777657129561581522073060401233851894187952595640780665579499663841407267510759260214748789212535957135845654219821366017427323985352100172211628961551647178765278465245040619994286316630852210928184346090961906367138096715766033171261107313432772299467819936678634109708967378829013418649505942485529500580167736159568208924601034682852941882633722952597854385181938557682865139545636282689862459897027632511916072421459210380987954549724536623494064393973052186448977570989493998685404014473715688796607543139914669307234440905936555495044671225489918726010863829142065064843131427399159251549 public exponent: 65537 Validity: [From: Sat Sep 30 21:12:19 GMT 2000, To: Thu Sep 30 14:01:15 GMT 2021] Issuer: CN=DST Root CA X3, O=Digital Signature Trust Co. SerialNumber: [ 44afb080 d6a327ba 89303986 2ef8406b] Certificate Extensions: 3 [1]: ObjectId: 2.5.29.19 Criticality=true BasicConstraints:[ CA:true PathLen:2147483647 ] [2]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ Key_CertSign Crl_Sign ] [3]: ObjectId: 2.5.29.14 Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: C4 A7 B1 A4 7B 2C 71 FA DB E1 4B 90 75 FF C4 15 .....,q...K.u... 0010: 60 85 89 10 `... ] ] ] Algorithm: [SHA1withRSA] Signature: 0000: A3 1A 2C 9B 17 00 5C A9 1E EE 28 66 37 3A BF 83 ..,...\...(f7:.. 0010: C7 3F 4B C3 09 A0 95 20 5D E3 D9 59 44 D2 3E 0D .?K.... ]..YD.>. 0020: 3E BD 8A 4B A0 74 1F CE 10 82 9C 74 1A 1D 7E 98 >..K.t.....t.... 0030: 1A DD CB 13 4B B3 20 44 E4 91 E9 CC FC 7D A5 DB ....K. D........ 0040: 6A E5 FE E6 FD E0 4E DD B7 00 3A B5 70 49 AF F2 j.....N...:.pI.. 0050: E5 EB 02 F1 D1 02 8B 19 CB 94 3A 5E 48 C4 18 1E ..........:^H... 0060: 58 19 5F 1E 02 5A F0 0C F1 B1 AD A9 DC 59 86 8B X._..Z.......Y.. 0070: 6E E9 91 F5 86 CA FA B9 66 33 AA 59 5B CE E2 A7 n.......f3.Y[... 0080: 16 73 47 CB 2B CC 99 B0 37 48 CF E3 56 4B F5 CF .sG.+...7H..VK.. 0090: 0F 0C 72 32 87 C6 F0 44 BB 53 72 6D 43 F5 26 48 ..r2...D.SrmC.&H 00A0: 9A 52 67 B7 58 AB FE 67 76 71 78 DB 0D A2 56 14 .Rg.X..gvqx...V. 00B0: 13 39 24 31 85 A2 A8 02 5A 30 47 E1 DD 50 07 BC .9$1....Z0G..P.. 00C0: 02 09 90 00 EB 64 63 60 9B 16 BC 88 C9 12 E6 D2 .....dc`........ 00D0: 7D 91 8B F9 3D 32 8D 65 B4 E9 7C B1 57 76 EA C5 ....=2.e....Wv.. 00E0: B6 28 39 BF 15 65 1C C8 F6 77 96 6A 0A 8D 77 0B .(9..e...w.j..w. 00F0: D8 91 0B 04 8E 07 DB 29 B6 0A EE 9D 82 35 35 10 .......).....55. ] pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 613 *** ECDH ServerKeyExchange Signature Algorithm SHA256withRSA Server key: Sun EC public key, 256 bits public x coord: 90487823965786129159889571020884195588367526538991632229315016422032984157227 public y coord: 38562142245496892601176940874015393338149073669754402759750203309306279903991 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 15142 *** CertificateRequest Cert Types: RSA, DSS, ECDSA Supported Signature Algorithms: SHA256withECDSA, SHA384withECDSA, SHA512withECDSA, Unknown (hash:0x8, signature:0x7), Unknown (hash:0x8, signature:0x8), Unknown (hash:0x8, signature:0x9), Unknown (hash:0x8, signature:0xa), Unknown (hash:0x8, signature:0xb), Unknown (hash:0x8, signature:0x4), Unknown (hash:0x8, signature:0x5), Unknown (hash:0x8, signature:0x6), SHA256withRSA, SHA384withRSA, SHA512withRSA, SHA224withECDSA, SHA1withECDSA, SHA224withRSA, SHA1withRSA, SHA224withDSA, SHA1withDSA, SHA256withDSA, Unknown (hash:0x5, signature:0x2), Unknown (hash:0x6, signature:0x2) Cert Authorities: pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 28 *** ServerHelloDone matching alias: 1 *** Certificate chain chain [0] = [ [ Version: V3 Subject: EMAILADDRESS=antonio.musarra@gmail.com, CN=antonio.musarra@gmail.com, OU=IT Labs, O=Antonio Musarra Digital Personal Certificate, ST=Italy, L=Bronte, C=IT Signature Algorithm: SHA512withRSA, OID = 1.2.840.113549.1.1.13 Key: Sun RSA public key, 4096 bits modulus: 773604922795071588648451292015359878367570666107640418130525496200627441640663421915203052064296238240989047756398575427450626405393782031905651673462409640137910359949482760968146786037483214422184731722867393056393818498474562543868025687237704873564395937566755034796395650350047875394271406558627969849991692532219855503663210168273047966347039658283524936601571263069658675948026986419705890663397240074903116345202394292576127022306420646233942337882893551465005311141331304457803907500685349064235459618135632077243413421287029888114752758991682150790369616841692722498120164901521055089721487676386648275659639336294948140469848990327823125045619544549473469451155725151678314412550173357590680548470608607952695750639301042953219101610389704935265666184757694198509381809884185342817069731306543974915387775237209305748514142198666776640607341202418137154317045643596042162745850509606586923953043015913794056842844404197053989695557387348412305708236795070829840966282754372211568233420427079338759723507522782842618615150558793352586883995463243506471047802571398792504058217694685686352138553732975156352919611088903530719655561470836323975568554875290099768294488725141696692978102299804250196391422144340273857157208917 public exponent: 65537 Validity: [From: Tue Apr 16 13:09:38 GMT 2019, To: Wed Apr 15 13:09:38 GMT 2020] Issuer: EMAILADDRESS=soc@dontesta.it, CN=Antonio Musarra's Blog Certification Authority, OU=IT Security Department, O=Antonio Musarra's Blog, ST=Italy, L=Rome, C=IT SerialNumber: [ c8] Certificate Extensions: 5 [1]: ObjectId: 2.5.29.19 Criticality=false BasicConstraints:[ CA:false PathLen: undefined ] [2]: ObjectId: 2.5.29.31 Criticality=false CRLDistributionPoints [ [DistributionPoint: [URIName: http://ca.dontesta.it/ca.crl] ]] [3]: ObjectId: 2.5.29.37 Criticality=false ExtendedKeyUsages [ clientAuth ] [4]: ObjectId: 2.5.29.15 Criticality=false KeyUsage [ DigitalSignature Key_Encipherment Data_Encipherment ] [5]: ObjectId: 2.16.840.1.113730.1.1 Criticality=false NetscapeCertType [ SSL client ] ] Algorithm: [SHA512withRSA] Signature: 0000: 46 0C 9B 51 FA 88 C6 42 20 6B 24 55 16 D6 F3 33 F..Q...B k$U...3 0010: D2 8D 3B 72 42 60 FE A2 ED DA 34 45 2C D1 31 61 ..;rB`....4E,.1a 0020: 5B 9F 93 34 ED 4A BC 07 F3 56 39 5E FA A5 40 65 [..4.J...V9^..@e 0030: 23 30 8D 38 2E 68 3A 74 E0 AE 6D B8 EF 85 DF 6C #0.8.h:t..m....l 0040: B4 D3 83 54 EE 9F 81 08 22 65 11 82 6E EC FB FF ...T...."e..n... 0050: 9E FC 76 3D E9 7D C0 4A C4 11 95 38 03 3F 61 F1 ..v=...J...8.?a. 0060: 63 6F 4E 28 5F 16 12 53 98 09 F2 DB BB 2C CE B1 coN(_..S.....,.. 0070: 53 94 9C 50 6B 10 EA 91 80 14 DF BA 39 7D BD D7 S..Pk.......9... 0080: 20 89 F6 31 6B 9E 19 5E D5 6B 78 12 B0 FB EB 81 ..1k..^.kx..... 0090: 12 E0 73 4D B9 4B 5D B6 6F 8A AC 32 79 0C F1 AC ..sM.K].o..2y... 00A0: BA EA 49 39 29 06 5B 6C F0 FD CD 4B 65 1D 8D 89 ..I9).[l...Ke... 00B0: 2E 61 06 48 12 2C 3D 84 5E B5 61 25 4C F3 B5 F7 .a.H.,=.^.a%L... 00C0: 29 BC C2 87 3D 30 22 58 90 71 BE 56 DB B6 6B 07 )...=0"X.q.V..k. 00D0: 53 B9 39 80 18 98 71 C3 47 53 F9 CC 58 43 38 40 S.9...q.GS..XC8@ 00E0: E4 66 EF D7 56 9E 8B 4D B8 D9 94 9E BD 8E 26 BC .f..V..M......&. 00F0: C1 D1 0C 6F 43 ED D6 A8 7D 1E 27 65 1E D8 6D E7 ...oC.....'e..m. 0100: 90 CD 15 B9 92 A3 50 2D C9 EA A3 80 72 7A B3 63 ......P-....rz.c 0110: DD 88 4F 2B 9D 1A 95 4B B7 A5 75 34 6A 7C 2F 21 ..O+...K..u4j./! 0120: 6E 13 F9 80 6E 94 A2 7F 7E B2 6F E3 F1 F2 FB A8 n...n.....o..... 0130: A3 BB 20 05 10 AC 06 CE 33 BE 8C 10 18 50 DC D4 .. .....3....P.. 0140: 41 14 AF 38 27 71 00 E7 F1 79 04 1C B8 B1 84 2E A..8'q...y...... 0150: 47 1F E7 64 EB E8 1A A5 2D C3 F0 AD A6 B2 C4 46 G..d....-......F 0160: 2A FF 9B 87 ED C2 3B 10 EE 43 27 5F C6 53 6B 73 *.....;..C'_.Sks 0170: 33 18 F7 E8 47 1A 98 4C F3 5A 09 F3 EC 5D FC A4 3...G..L.Z...].. 0180: 57 F6 2C 50 7E 32 D6 6F 70 39 A7 96 51 86 D0 E9 W.,P.2.op9..Q... 0190: A0 F9 15 03 83 E6 F1 6A CD 6A D8 00 29 AA 2C D6 .......j.j..).,. 01A0: A8 4C AD D4 98 AC 9F 96 CC 45 7F A9 53 7A E8 DC .L.......E..Sz.. 01B0: BC 77 AE 48 E1 35 10 D3 A9 99 F5 7D FD A9 BB 37 .w.H.5.........7 01C0: 0C 8F 29 02 D2 99 E5 CD 2A 30 AD D8 35 16 95 BC ..).....*0..5... 01D0: 92 93 10 12 AE FF 7E 98 D9 AB 1E 91 AA ED F5 4C ...............L 01E0: F7 39 FB 68 C5 C4 C3 65 BF 1B 1C 03 4E 37 38 61 .9.h...e....N78a 01F0: 43 0E 8D CD 83 3A 52 86 B4 D3 C9 69 22 49 2B B6 C....:R....i"I+. ] *** *** ECDHClientKeyExchange ECDH Public value: { 4, 82, 149, 88, 29, 63, 18, 8, 122, 211, 99, 128, 38, 237, 108, 14, 204, 143, 237, 85, 221, 179, 197, 190, 143, 244, 58, 22, 227, 11, 83, 172, 8, 250, 17, 1, 220, 129, 124, 145, 242, 58, 33, 179, 177, 66, 14, 207, 216, 213, 151, 87, 199, 146, 112, 221, 254, 72, 20, 120, 154, 6, 10, 187, 129 } pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Handshake, length = 1767 SESSION KEYGEN: PreMaster Secret: 0000: 53 26 D4 C3 71 65 B3 37 83 A3 66 33 8A 3E AD 7B S&..qe.7..f3.>.. 0010: 32 8F 68 DA E6 4A 98 68 C3 4F 44 6A DA 6E F5 E6 2.h..J.h.ODj.n.. CONNECTION KEYGEN: Client Nonce: 0000: 5E 50 4E C0 1E 79 60 5D 5E 79 3A 4F F3 DA 6C 6A ^PN..y`]^y:O..lj 0010: C0 47 A4 E7 80 2F 0D 88 98 8C 0D CD 4F EA 4C 1C .G.../......O.L. Server Nonce: 0000: 49 92 1A F3 CA 85 26 FA 1E 09 9E 3B 06 0B 23 70 I.....&....;..#p 0010: 3F A0 80 87 89 C2 AC 59 27 5F F5 FB 5D 28 34 EA ?......Y'_..](4. Master Secret: 0000: 3A C6 5E 41 C8 11 A0 28 13 CA 14 73 0E 42 6C DA :.^A...(...s.Bl. 0010: FA DE 1B B2 D2 51 AC A2 B9 D9 16 82 99 B4 9E 1E .....Q.......... 0020: B0 E1 A7 CA 8A 1E 9A 6B E9 F6 D1 85 C4 4E 24 FD .......k.....N$. ... no MAC keys used for this cipher Client write key: 0000: C5 56 23 E5 FC FC 05 75 FD 27 28 A3 17 23 48 38 .V#....u.'(..#H8 0010: 0F 82 99 65 21 AE 74 6A 5C EE C5 69 0E A7 80 EB ...e!.tj\..i.... Server write key: 0000: B7 7E 95 26 D2 2D AE 73 B9 A9 1D 85 6C A4 2F FA ...&.-.s....l./. 0010: 57 9C F9 36 04 9B 02 CE D1 A5 73 0D E8 A3 0F 0C W..6......s..... Client write IV: 0000: 6F 2D 2C 87 o-,. Server write IV: 0000: 51 87 2A 8D Q.*. *** CertificateVerify Signature Algorithm SHA256withRSA pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Handshake, length = 544 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Change Cipher Spec, length = 25 *** Finished verify_data: { 7, 33, 58, 23, 48, 25, 255, 187, 100, 142, 189, 167 } *** pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, WRITE: TLSv1.2 Handshake, length = 40 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Change Cipher Spec, length = 25 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Handshake, length = 40 *** Finished verify_data: { 40, 173, 102, 218, 241, 49, 9, 195, 57, 167, 202, 144 } *** %% Cached client session: [Session-16, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, READ: TLSv1.2 Application Data, length = 864 pipe-security:getProtectedResource https://tls-auth.dontesta.it/secure/api/headers, setSoTimeout(0) called { "headers": { "Accept-Encoding": "gzip,deflate", "Connection": "Keep-Alive", "Host": "tls-auth.dontesta.it", "User-Agent": "Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv 11.0) like Gecko", "X-Client-Dn": "emailAddress=antonio.musarra@gmail.com,CN=antonio.musarra@gmail.com,OU=IT Labs,O=Antonio Musarra Digital Personal Certificate,ST=Italy,L=Bronte,C=IT", "X-Client-Verify": "SUCCESS", "X-Forwarded-Host": "tls-auth.dontesta.it", "X-Forwarded-Server": "tls-auth.dontesta.it" } }