-Djavax.net.debug - jsse.jar Debugging Options

Q

How to use the -Djavax.net.debug jsse.jar debug option?

✍: FYIcenter

A

If you are having trouble using jsse.jar, you can use the -Djavax.net.debug JVM property as described in this tutorial:

Compile and run the example HttpsUrlReader.java provided in the previous tutorial with the -Djavax.net.debug=help property:

\fyicenter>\local\jdk-1.8.0\bin\javac HttpsUrlReader.java

\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.debug=help HttpsUrlReader

all            turn on all debugging
ssl            turn on ssl debugging

The following can be used with ssl:
        record       enable per-record tracing
        handshake    print each handshake message
        keygen       print key generation data
        session      print session activity
        defaultctx   print default SSL initialization
        sslctx       print SSLContext tracing
        sessioncache print session cache tracing
        keymanager   print key manager tracing
        trustmanager print trust manager tracing
        pluggability print pluggability tracing

        handshake debugging can be widened with:
        data         hex dump of each handshake message
        verbose      verbose handshake message printing

        record debugging can be widened with:
        plaintext    hex dump of record plaintext
        packet       print raw SSL/TLS packets

Now you know you can use -Djavax.net.debug=all to print all debugging information.

Or you can try to use -Djavax.net.debug=ssl:handshake:

\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.debug=ssl:handshake
   HttpsUrlReader | more
   
keyStore is : 
keyStore type is : jks
keyStore provider is : 
init keystore
init keymanager of type SunX509
trustStore is: \local\jdk-1.8.0\jre\lib\security\cacerts
trustStore type is : jks
trustStore provider is : 
init truststore
adding as trusted cert:
...
*** ClientHello, TLSv1.2
...***
main, WRITE: TLSv1.2 Handshake, length = 230
main, READ: TLSv1.2 Handshake, length = 89
*** ServerHello, TLSv1.2
...***
%% Initialized:  [Session-1, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
** TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
main, READ: TLSv1.2 Handshake, length = 3611
*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=www.oracle.com, OU=Content Management Services IT, O=Oracle Corporation, 
  L=Redwood Shores, ST=California, C=US
  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
...

 

SSL Handshake Message Sequence

HttpsUrlReader.java - Reading Data from HTTPS URL

Examples for jsse.jar - Java Secure Socket Extension

⇑⇑ FAQ for jsse.jar - Java Secure Socket Extension

2018-03-24, 2754🔥, 0💬