Secure Sockets Layer SSL Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 228 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 224 Version: TLS 1.2 (0x0303) Random GMT Unix Time: Apr 24, 2017 17:59:40.000000000 EDT Random Bytes: 010124d7b6a3fcc51f5495bfaeb11c0be284472c54217e63... Session ID Length: 0 Cipher Suites Length: 58 Cipher Suites (29 suites) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 (0xc025) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 (0xc029) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02d) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 (0xc031) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2) Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008) Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003) Cipher Suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 125 Extension: elliptic_curves Type: elliptic_curves (0x000a) Length: 52 Elliptic Curves Length: 50 Elliptic curves (25 curves) Elliptic curve: secp256r1 (0x0017) Elliptic curve: sect163k1 (0x0001) Elliptic curve: sect163r2 (0x0003) Elliptic curve: secp192r1 (0x0013) Elliptic curve: secp224r1 (0x0015) Elliptic curve: sect233k1 (0x0006) Elliptic curve: sect233r1 (0x0007) Elliptic curve: sect283k1 (0x0009) Elliptic curve: sect283r1 (0x000a) Elliptic curve: secp384r1 (0x0018) Elliptic curve: sect409k1 (0x000b) Elliptic curve: sect409r1 (0x000c) Elliptic curve: secp521r1 (0x0019) Elliptic curve: sect571k1 (0x000d) Elliptic curve: sect571r1 (0x000e) Elliptic curve: secp160k1 (0x000f) Elliptic curve: secp160r1 (0x0010) Elliptic curve: secp160r2 (0x0011) Elliptic curve: sect163r1 (0x0002) Elliptic curve: secp192k1 (0x0012) Elliptic curve: sect193r1 (0x0004) Elliptic curve: sect193r2 (0x0005) Elliptic curve: secp224k1 (0x0014) Elliptic curve: sect239k1 (0x0008) Elliptic curve: secp256k1 (0x0016) Extension: ec_point_formats Type: ec_point_formats (0x000b) Length: 2 EC point formats Length: 1 Elliptic curves point formats (1) EC point format: uncompressed (0) Extension: signature_algorithms Type: signature_algorithms (0x000d) Length: 28 Signature Hash Algorithms Length: 26 Signature Hash Algorithms (13 algorithms) Signature Hash Algorithm: 0x0603 Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0601 Signature Hash Algorithm Hash: SHA512 (6) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0503 Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0501 Signature Hash Algorithm Hash: SHA384 (5) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0403 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0401 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0402 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0303 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0301 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0302 Signature Hash Algorithm Hash: SHA224 (3) Signature Hash Algorithm Signature: DSA (2) Signature Hash Algorithm: 0x0203 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: ECDSA (3) Signature Hash Algorithm: 0x0201 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: RSA (1) Signature Hash Algorithm: 0x0202 Signature Hash Algorithm Hash: SHA1 (2) Signature Hash Algorithm Signature: DSA (2) Extension: server_name Type: server_name (0x0000) Length: 27 Server Name Indication extension Server Name list length: 25 Server Name Type: host_name (0) Server Name length: 22 Server Name: cs.visual-paradigm.com Secure Sockets Layer TLSv1.2 Record Layer: Handshake Protocol: Server Hello Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 89 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 85 Version: TLS 1.2 (0x0303) Random GMT Unix Time: Jan 12, 2043 21:01:43.000000000 EST Random Bytes: 74befd6060b40803a1f2eeee81de721667ea45ac751fb7cd... Session ID Length: 32 Session ID: c07a259d71e9906c44632f6f9e885d40a647d514ef5deb8b... Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Compression Method: null (0) Extensions Length: 13 Extension: renegotiation_info Type: renegotiation_info (0xff01) Length: 1 Renegotiation Info extension Renegotiation info extension length: 0 Extension: ec_point_formats Type: ec_point_formats (0x000b) Length: 4 EC point formats Length: 3 Elliptic curves point formats (3) EC point format: uncompressed (0) EC point format: ansiX962_compressed_prime (1) EC point format: ansiX962_compressed_char2 (2) Secure Sockets Layer TLSv1.2 Record Layer: Handshake Protocol: Certificate Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 2017 Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 2013 Certificates Length: 2010 Certificates (2010 bytes) Certificate Length: 1038 Certificate (id-at-commonName=cs.visual-paradigm.com) signedCertificate version: v3 (2) serialNumber : 0x1c3d07eea2d576e83c60613e5f3c2a18e518b8a0 signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 6 items (id-at-commonName=McAfee Web Gateway,id-at-countryName=US,... RDNSequence item: 1 item (id-at-organizationName=MIT Lincoln Laboratory) RelativeDistinguishedName item (id-at-organizationName=MIT Lincoln Laboratory) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: uTF8String (4) uTF8String: MIT Lincoln Laboratory . . . . . RDNSequence item: 1 item (id-at-commonName=McAfee Web Gateway) RelativeDistinguishedName item (id-at-commonName=McAfee Web Gateway) Id: 2.5.4.3 (id-at-commonName) DirectoryString: uTF8String (4) uTF8String: McAfee Web Gateway validity notBefore: utcTime (0) utcTime: 17-04-24 18:35:25 (UTC) notAfter: utcTime (0) utcTime: 18-04-24 18:35:25 (UTC) subject: rdnSequence (0) rdnSequence: 1 item (id-at-commonName=cs.visual-paradigm.com) RDNSequence item: 1 item (id-at-commonName=cs.visual-paradigm.com) RelativeDistinguishedName item (id-at-commonName=cs.visual-paradigm.com) Id: 2.5.4.3 (id-at-commonName) DirectoryString: uTF8String (4) uTF8String: cs.visual-paradigm.com subjectPublicKeyInfo algorithm (rsaEncryption) Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption) Padding: 0 subjectPublicKey: 3082010a02820101009a686b8a742ec2e4341a6f43e20f71... extensions: 5 items Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) BasicConstraintsSyntax [0 length] Extension (id-ce-subjectKeyIdentifier) Extension Id: 2.5.29.14 (id-ce-subjectKeyIdentifier) SubjectKeyIdentifier: 749037cb5eef9dc9b52ade1c2c465c61f1a63206 Extension (id-ce-authorityKeyIdentifier) Extension Id: 2.5.29.35 (id-ce-authorityKeyIdentifier) AuthorityKeyIdentifier authorityCertIssuer: 1 item GeneralName: directoryName (4) directoryName: rdnSequence (0) rdnSequence: 6 items (id-at-commonName=McAfee Web Gateway,... RDNSequence item: 1 item (id-at-organizationName=MIT Lincoln Laboratory) RelativeDistinguishedName item (id-at-organizationName=MIT Lincoln Laboratory) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: uTF8String (4) uTF8String: MIT Lincoln Laboratory . . . . . RDNSequence item: 1 item (id-at-commonName=McAfee Web Gateway) RelativeDistinguishedName item (id-at-commonName=McAfee Web Gateway) Id: 2.5.4.3 (id-at-commonName) DirectoryString: uTF8String (4) uTF8String: McAfee Web Gateway authorityCertSerialNumber: 1 Extension (id-ce-keyUsage) Extension Id: 2.5.29.15 (id-ce-keyUsage) Padding: 5 KeyUsage: a0 (digitalSignature, keyEncipherment) 1... .... = digitalSignature: True .0.. .... = contentCommitment: False ..1. .... = keyEncipherment: True ...0 .... = dataEncipherment: False .... 0... = keyAgreement: False .... .0.. = keyCertSign: False .... ..0. = cRLSign: False .... ...0 = encipherOnly: False 0... .... = decipherOnly: False Extension (id-ce-extKeyUsage) Extension Id: 2.5.29.37 (id-ce-extKeyUsage) KeyPurposeIDs: 1 item KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth) algorithmIdentifier (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) Padding: 0 encrypted: 76a83746f5faf96fe7911ad7fd57c7240262fcec5439075e... Certificate Length: 966 Certificate (id-at-commonName=McAfee Web Gateway,. . . signedCertificate version: v3 (2) serialNumber: 1 signature (shaWithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.5 (shaWithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 6 items (id-at-commonName=McAfee Web Gateway,... RDNSequence item: 1 item (id-at-organizationName=MIT Lincoln Laboratory) RelativeDistinguishedName item (id-at-organizationName=MIT Lincoln Laboratory) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: uTF8String (4) uTF8String: MIT Lincoln Laboratory . . . . . RDNSequence item: 1 item (id-at-commonName=McAfee Web Gateway) RelativeDistinguishedName item (id-at-commonName=McAfee Web Gateway) Id: 2.5.4.3 (id-at-commonName) DirectoryString: uTF8String (4) uTF8String: McAfee Web Gateway validity notBefore: utcTime (0) utcTime: 12-08-07 21:51:05 (UTC) notAfter: utcTime (0) utcTime: 22-08-07 21:51:05 (UTC) subject: rdnSequence (0) rdnSequence: 6 items (id-at-commonName=McAfee Web Gateway,. . . RDNSequence item: 1 item (id-at-organizationName=MIT Lincoln Laboratory) RelativeDistinguishedName item (id-at-organizationName=MIT Lincoln Laboratory) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: uTF8String (4) uTF8String: MIT Lincoln Laboratory . . . . . RDNSequence item: 1 item (id-at-commonName=McAfee Web Gateway) RelativeDistinguishedName item (id-at-commonName=McAfee Web Gateway) Id: 2.5.4.3 (id-at-commonName) DirectoryString: uTF8String (4) uTF8String: McAfee Web Gateway subjectPublicKeyInfo algorithm (rsaEncryption) Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption) Padding: 0 subjectPublicKey: 3082010a028201010085b3b7c94a1150fdde952428b6a343... extensions: 4 items Extension (ns_cert_exts.comment) Extension Id: 2.16.840.1.113730.1.13 (ns_cert_exts.comment) BER Error: String with tag=22 expected but class:UNIVERSAL(0) primitive tag:12 was unexpected [Expert Info (Warn/Malformed): BER Error: String expected] [BER Error: String expected] [Severity level: Warn] [Group: Malformed] Extension (id-ce-subjectAltName) Extension Id: 2.5.29.17 (id-ce-subjectAltName) GeneralNames: 1 item GeneralName: rfc822Name (1) rfc822Name: help@ll.mit.edu Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) BasicConstraintsSyntax cA: True Extension (id-ce-keyUsage) Extension Id: 2.5.29.15 (id-ce-keyUsage) Padding: 1 KeyUsage: 06 (keyCertSign, cRLSign) 0... .... = digitalSignature: False .0.. .... = contentCommitment: False ..0. .... = keyEncipherment: False ...0 .... = dataEncipherment: False .... 0... = keyAgreement: False .... .1.. = keyCertSign: True .... ..1. = cRLSign: True .... ...0 = encipherOnly: False 0... .... = decipherOnly: False algorithmIdentifier (shaWithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.5 (shaWithRSAEncryption) Padding: 0 encrypted: 408fc9a991e6cebbec05fa6b2463d89bcb8b2dc888c1a1b6... Hypertext Transfer Protocol [Proxy-Connect-Hostname: cs.visual-paradigm.com] [Proxy-Connect-Port: 443] Secure Sockets Layer TLSv1.2 Record Layer: Handshake Protocol: Server Key Exchange Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 333 Handshake Protocol: Server Key Exchange Handshake Type: Server Key Exchange (12) Length: 329 EC Diffie-Hellman Server Params Curve Type: named_curve (0x03) Named Curve: secp256r1 (0x0017) Pubkey Length: 65 Pubkey: 04ddd74a3192f97d6c0285a4af7940263ec557207e9e2382... Signature Hash Algorithm: 0x0401 Signature Hash Algorithm Hash: SHA256 (4) Signature Hash Algorithm Signature: RSA (1) Signature Length: 256 Signature: 2e4a11ef3f32891a5cd389b99f556f83e1329e9d9d44da40... TLSv1.2 Record Layer: Handshake Protocol: Server Hello Done Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 4 Handshake Protocol: Server Hello Done Handshake Type: Server Hello Done (14) Length: 0 Secure Sockets Layer TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Certificate Unknown) Content Type: Alert (21) Version: TLS 1.2 (0x0303) Length: 2 Alert Message Level: Fatal (2) Description: Certificate Unknown (46) Secure Sockets Layer Secure Sockets Layer