keyStore is : /home/desk/Thesis/Bank/BankKeyStore keyStore type is : jks keyStore provider is : init keystore init keymanager of type SunX509 *** found key for : ficticious bank chain [0] = [ [ Version: V1 Subject: CN=Ficticious bank, OU=SoE, O=University, L=London, ST=England, C=UK Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 27517931382870766145152054033441805262471672263237921816834267375454614444798419773837240801984596055378525361313112163043718045476904433177570429515862213626707824467440636927909043529278131937676187230297043631151635670508237972528179095350073386552097058045026457103230120858010987503770132153917828824506410874982991317765879145525786403944674547534201351040303395018287412547338939942752071094371791121507042380099331269462522002866538815355948826798702849697802346511533106039336179994466261825296709334594470932112920897303523622540072580752867267567563171580856759323991252761519506171111525870285798168924333 public exponent: 65537 Validity: [From: Wed May 07 19:21:23 BST 2014, To: Thu May 07 19:21:23 BST 2015] Issuer: CN=Ficticious bank, OU=SoE, O=University, L=London, ST=England, C=UK SerialNumber: [ 9a7143cf f5ecfbf8] ] Algorithm: [SHA1withRSA] Signature: 0000: B0 29 6D 63 09 A4 C2 FA 61 06 DA 38 AA BF 17 1D .)mc....a..8.... 0010: FB AB 4A 19 ED 7D 62 C9 E9 F5 E5 AA BA 89 24 7D ..J...b.......$. 0020: DA 74 EB 4C 58 4A CB E8 9E 3E 22 10 42 BF 0C F6 .t.LXJ...>".B... 0030: 2F CE F4 2D F5 05 47 EC CA 1D BC 30 CD 0E F8 9D /..-..G....0.... 0040: 4E 70 81 2E 98 72 D5 51 09 79 5C 95 FD 74 92 4F Np...r.Q.y\..t.O 0050: 55 F2 E8 DB 43 11 15 38 65 4C 31 13 F7 EC 04 65 U...C..8eL1....e 0060: 89 FE 02 C7 91 1E 20 41 D2 63 53 2D 58 A3 8D 28 ...... A.cS-X..( 0070: 70 54 D1 D7 E1 0D B6 F4 46 3F 0B 17 13 78 06 85 pT......F?...x.. 0080: 96 84 52 16 5F 4D B6 59 DD 50 31 9E F7 55 19 F9 ..R._M.Y.P1..U.. 0090: 6F E0 F2 22 75 02 BF 1D CB C2 06 73 55 F8 FE 01 o.."u......sU... 00A0: 8D 18 5D FF 1F EF F4 87 16 C7 E3 7B 43 90 54 15 ..].........C.T. 00B0: EF 75 39 4A 3A D5 3B F0 58 C4 B4 85 9F 0F 64 E8 .u9J:.;.X.....d. 00C0: E0 D2 80 61 EE DE 23 EA DB A2 A6 28 C5 96 84 CE ...a..#....(.... 00D0: CB 26 C2 43 15 70 53 16 29 9D 38 83 76 77 CF 44 .&.C.pS.).8.vw.D 00E0: D8 07 E8 2F C8 FB E8 A8 73 7E 1A 4D 6D 47 15 85 .../....s..MmG.. 00F0: 1B B4 C7 A4 A9 AB 44 51 D6 B9 FC C6 28 CE 33 D2 ......DQ....(.3. ] *** trustStore is: /home/desk/Thesis/Bank/BankTrustStore trustStore type is : jks trustStore provider is : init truststore adding as trusted cert: Subject: CN=Ficticious bank, OU=SoE, O=University, L=London, ST=England, C=UK Issuer: CN=Ficticious bank, OU=SoE, O=University, L=London, ST=England, C=UK Algorithm: RSA; Serial number: 0x9a7143cff5ecfbf8 Valid from Wed May 07 19:21:23 BST 2014 until Thu May 07 19:21:23 BST 2015 trigger seeding of SecureRandom done seeding SecureRandom Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_ECDH_anon_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_DH_anon_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv2Hello Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv2Hello Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for SSLv3 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for SSLv3 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for SSLv3 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1 Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1 Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1 main, READ: TLSv1 Handshake, length = 149 *** ClientHello, TLSv1 RandomCookie: GMT: 1399497405 bytes = { 23, 20, 104, 89, 105, 147, 189, 91, 156, 180, 102, 205, 121, 162, 100, 32, 242, 216, 143, 86, 154, 187, 74, 33, 110, 121, 248, 154 } Session ID: {} Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1} Extension ec_point_formats, formats: [uncompressed] *** %% Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL] matching alias: ficticious bank %% Negotiating: [Session-1, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] *** ServerHello, TLSv1 RandomCookie: GMT: 1399497405 bytes = { 47, 214, 213, 204, 151, 42, 107, 122, 202, 53, 154, 172, 12, 145, 228, 2, 247, 77, 71, 123, 111, 118, 58, 126, 234, 179, 211, 6 } Session ID: {83, 107, 163, 189, 53, 137, 252, 13, 14, 178, 36, 38, 141, 5, 133, 171, 67, 14, 81, 236, 48, 206, 123, 82, 213, 118, 150, 226, 131, 94, 205, 30} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: *** Cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA *** Certificate chain chain [0] = [ [ Version: V1 Subject: CN=Ficticious bank, OU=SoE, O=University, L=London, ST=England, C=UK Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 27517931382870766145152054033441805262471672263237921816834267375454614444798419773837240801984596055378525361313112163043718045476904433177570429515862213626707824467440636927909043529278131937676187230297043631151635670508237972528179095350073386552097058045026457103230120858010987503770132153917828824506410874982991317765879145525786403944674547534201351040303395018287412547338939942752071094371791121507042380099331269462522002866538815355948826798702849697802346511533106039336179994466261825296709334594470932112920897303523622540072580752867267567563171580856759323991252761519506171111525870285798168924333 public exponent: 65537 Validity: [From: Wed May 07 19:21:23 BST 2014, To: Thu May 07 19:21:23 BST 2015] Issuer: CN=Ficticious bank, OU=SoE, O=University, L=London, ST=England, C=UK SerialNumber: [ 9a7143cf f5ecfbf8] ] Algorithm: [SHA1withRSA] Signature: 0000: B0 29 6D 63 09 A4 C2 FA 61 06 DA 38 AA BF 17 1D .)mc....a..8.... 0010: FB AB 4A 19 ED 7D 62 C9 E9 F5 E5 AA BA 89 24 7D ..J...b.......$. 0020: DA 74 EB 4C 58 4A CB E8 9E 3E 22 10 42 BF 0C F6 .t.LXJ...>".B... 0030: 2F CE F4 2D F5 05 47 EC CA 1D BC 30 CD 0E F8 9D /..-..G....0.... 0040: 4E 70 81 2E 98 72 D5 51 09 79 5C 95 FD 74 92 4F Np...r.Q.y\..t.O 0050: 55 F2 E8 DB 43 11 15 38 65 4C 31 13 F7 EC 04 65 U...C..8eL1....e 0060: 89 FE 02 C7 91 1E 20 41 D2 63 53 2D 58 A3 8D 28 ...... A.cS-X..( 0070: 70 54 D1 D7 E1 0D B6 F4 46 3F 0B 17 13 78 06 85 pT......F?...x.. 0080: 96 84 52 16 5F 4D B6 59 DD 50 31 9E F7 55 19 F9 ..R._M.Y.P1..U.. 0090: 6F E0 F2 22 75 02 BF 1D CB C2 06 73 55 F8 FE 01 o.."u......sU... 00A0: 8D 18 5D FF 1F EF F4 87 16 C7 E3 7B 43 90 54 15 ..].........C.T. 00B0: EF 75 39 4A 3A D5 3B F0 58 C4 B4 85 9F 0F 64 E8 .u9J:.;.X.....d. 00C0: E0 D2 80 61 EE DE 23 EA DB A2 A6 28 C5 96 84 CE ...a..#....(.... 00D0: CB 26 C2 43 15 70 53 16 29 9D 38 83 76 77 CF 44 .&.C.pS.).8.vw.D 00E0: D8 07 E8 2F C8 FB E8 A8 73 7E 1A 4D 6D 47 15 85 .../....s..MmG.. 00F0: 1B B4 C7 A4 A9 AB 44 51 D6 B9 FC C6 28 CE 33 D2 ......DQ....(.3. ] *** *** ECDH ServerKeyExchange Server key: Sun EC public key, 256 bits public x coord: 14396974019658432872226325239256272465789929148283212324545746527200250841206 public y coord: 40142092065123555634651270128222305637198494219279297995823460693988817440779 parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7) *** CertificateRequest Cert Types: RSA, DSS, ECDSA Cert Authorities: *** ServerHelloDone main, WRITE: TLSv1 Handshake, length = 1440 main, READ: TLSv1 Handshake, length = 934 *** Certificate chain chain [0] = [ [ Version: V1 Subject: CN=ATM01, O=Ficticious Bank Ltd, L=London, ST=England, C=UK Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 2048 bits modulus: 22258864231605411358811137142656401907806590434324304400276312731806972681765003673171633850352044298108988510589441988061630680136995990602298167092803462464070431069732294435545841987241326893350744454444298859129300515662495123626631563478061394712860879415880818513437492201731059855966082218031303080473408240829893094132406243418315075653731958000936069725880443191363139844933598381292926607011688079886479232381588062018722469158064851770410852520260090977585429386626654525735080862447300450747345598485676143163047898943356570944183335113427208640715292741480996478798333289486823214497477640667393135408851 public exponent: 65537 Validity: [From: Wed May 07 20:25:52 BST 2014, To: Thu May 07 20:25:52 BST 2015] Issuer: CN=Ficticious bank, OU=SoE, O=University, L=London, ST=England, C=UK SerialNumber: [ fbdef9e9 048d4a1d] ] Algorithm: [SHA1withRSA] Signature: 0000: 13 F1 00 1D CA 67 CA FB 62 0A 01 3C 33 82 79 71 .....g..b..<3.yq 0010: CF 60 00 33 CF 5E 41 EC A4 09 E5 0B B5 EF 1A 83 .`.3.^A......... 0020: 55 32 77 8F 8E 09 27 A1 90 C7 55 74 E1 44 67 BB U2w...'...Ut.Dg. 0030: 4B 99 7D C3 84 FF 41 7E 2C 56 41 22 3A 6A 00 C4 K.....A.,VA":j.. 0040: DA 30 62 71 85 06 64 0C E9 C3 3B D3 C8 79 00 F6 .0bq..d...;..y.. 0050: 91 95 3A 99 23 47 DF 0C F0 B6 C1 13 D5 29 3F 7F ..:.#G.......)?. 0060: 1F 3B 0D 39 5C 8F 48 E2 3C 3B 24 43 7D 55 14 AC .;.9\.H.<;$C.U.. 0070: FC A0 91 DF 1C 19 FE 8C 5F B1 E7 86 42 26 80 2F ........_...B&./ 0080: AB E7 09 B7 48 22 EC E5 CB 45 08 DC 4C B9 B1 2D ....H"...E..L..- 0090: D0 56 1D 15 E8 59 FE EF 4E 1B 40 02 3E EC B5 66 .V...Y..N.@.>..f 00A0: 5B E1 88 8B 46 75 2B 80 A0 C4 17 E3 BA CE 64 75 [...Fu+.......du 00B0: 4E 4C 75 2E F8 84 68 16 7C D6 08 2C 08 B0 2B 4F NLu...h....,..+O 00C0: 10 EB A5 D2 37 1D 29 72 06 72 33 27 EC D1 91 E1 ....7.)r.r3'.... 00D0: 43 EC 64 16 70 4E 02 BE 71 F8 F9 FA 33 DE 34 F8 C.d.pN..q...3.4. 00E0: CA FE AE 51 71 E3 41 61 E0 D5 66 65 E4 A9 48 F4 ...Qq.Aa..fe..H. 00F0: CA 23 06 C5 34 71 14 A1 DF 74 91 CE 5D BF 3A 29 .#..4q...t..].:) may 08, 2014 4:33:17 PM echoserver.EchoServerSSL main Grave: null javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) ] *** %% Invalidated: [Session-1, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA] main, SEND TLSv1 ALERT: fatal, description = certificate_unknown main, WRITE: TLSv1 Alert, length = 2 at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) at sun.security.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1675) at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:176) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) main, called closeSocket() main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312) at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882) at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) at sun.security.ssl.AppInputStream.read(AppInputStream.java:69) at java.io.DataInputStream.readUnsignedShort(DataInputStream.java:337) at java.io.DataInputStream.readUTF(DataInputStream.java:589) at java.io.DataInputStream.readUTF(DataInputStream.java:564) at echoserver.EchoServerSSL.main(EchoServerSSL.java:38) Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:350) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:260) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkClientTrusted(X509TrustManagerImpl.java:120) at sun.security.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1657) ... 12 more Caused by: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:208) at java.security.cert.CertPathValidator.validate(CertPathValidator.java:279) at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:345) ... 18 more