ADDITIONAL SYSTEM INFORMATION :
openjdk 11.0.4 2019-07-16
OpenJDK Runtime Environment AdoptOpenJDK (build 11.0.4+11)
OpenJDK 64-Bit Server VM AdoptOpenJDK (build 11.0.4+11, mixed mode)
MacOS Mojave 10.14.6
A DESCRIPTION OF THE PROBLEM :
Sending a TLSv1.3 handshake to certain servers that do not support 1.3 are failing 100% of the time with a javax.net.ssl.SSLHandshakeException: Received fatal alert: decode_error.
A couple servers that this issue is reproducible on:
cvws.icloud-content.com
p58-caldav.icloud.com
SSLLabs also confirms this issue exists with java 11 and java 12: https://www.ssllabs.com/ssltest/analyze.html?d=cvws.icloud%2dcontent.com&s=17.248.185.81&hideResults=on&latest
I have also tested this using OpenJDK Runtime Environment AdoptOpenJDK (build 13.0.1+9) and confirmed that it has been fixed.
REGRESSION : Last worked in version 8u231
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Write code that attempts to initiate a TLSv1.3 handshake with cvws.icloud-content.com
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The expected result is the TLS handshake negotiates to 1.2 and the connection succeeds. This is what happens with java 8 and java 13. Below are the javax.net.debug=ssl:handshake results when using java 8 that results in a successful handshake:
trigger seeding of SecureRandom
done seeding SecureRandom
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
main, setSoTimeout(0) called
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1557081191 bytes = { 177, 73, 135, 83, 175, 208, 67, 34, 211, 223, 142, 206, 222, 220, 81, 53, 29, 51, 84, 167, 187, 234, 192, 72, 242, 246, 110, 84 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
Extension server_name, server_name: [type=host_name (0), value=cvws.icloud-content.com]
***
main, WRITE: TLSv1.2 Handshake, length = 267
main, READ: TLSv1.2 Handshake, length = 91
*** ServerHello, TLSv1.2
RandomCookie: GMT: -5935724 bytes = { 144, 121, 96, 16, 127, 37, 192, 6, 215, 192, 16, 58, 211, 193, 73, 141, 203, 65, 60, 100, 122, 89, 105, 6, 173, 75, 42, 20 }
Session ID: {132, 172, 225, 136, 199, 66, 203, 240, 119, 57, 223, 246, 229, 35, 250, 132, 70, 171, 125, 221, 172, 70, 152, 41, 247, 139, 238, 138, 93, 1, 105, 254}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Compression Method: 0
Extension server_name, server_name:
Extension renegotiation_info, renegotiated_connection: <empty>
Extension ec_point_formats, formats: [uncompressed]
***
%% Initialized: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
** TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
main, READ: TLSv1.2 Handshake, length = 3582
*** Certificate chain
chain [0] = [
[
Version: V3
Subject: C=US, ST=California, O=Apple Inc., CN=cvws.icloud-content.com
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
modulus: 25136070334540197480951235264429332517082242805568304377402303134428062203207951007230871882126688910822392677931320184479476966338033178370551529136307339902832990859661051719823293181907523956108705027686386943737625068597358060738280645297098963730788836999271933753831897418263794411287215869197484725110736886292486246221826310249220772672822815285182429510896818759524733867398235431766047024750348570069639939858898888486811731532285132985034028088074695220799701795191869898460391416423627718640580194648053439206595265595995825258981466085927820634550843838218267012262565243680849699424419248062304741625027
public exponent: 65537
Validity: [From: Thu Apr 11 12:56:22 MDT 2019,
To: Sun May 10 13:06:00 MDT 2020]
Issuer: C=US, O=Apple Inc., OU=Certification Authority, CN=Apple IST CA 2 - G1
SerialNumber: [ 059c53fc f780d906 52ce1324 8646d5b8]
Certificate Extensions: 13
[1]: ObjectId: 1.2.840.113635.100.6.27.11.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 02 05 00 ....
[2]: ObjectId: 1.2.840.113635.100.6.27.15.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 02 05 00 ....
[3]: ObjectId: 1.2.840.113635.100.6.27.7.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 02 05 00 ....
[4]: ObjectId: 1.3.6.1.4.1.11129.2.4.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 82 02 5B 04 82 02 57 02 55 00 76 00 B2 1E 05 ...[...W.U.v....
0010: CC 8B A2 CD 8A 20 4E 87 66 F9 2B B9 8A 25 20 67 ..... N.f.+..% g
0020: 6B DA FA 70 E7 B2 49 53 2D EF 8B 90 5E 00 00 01 k..p..IS-...^...
0030: 6A 0D CB 36 58 00 00 04 03 00 47 30 45 02 20 17 j..6X.....G0E. .
0040: ED 4E BB BA ED 81 40 64 43 10 72 5D 9B 0E EB B6 .N....@dC.r]....
0050: C7 6F DA 36 5A 74 2B A3 8B 25 B5 4E C6 1A 97 02 .o.6Zt+..%.N....
0060: 21 00 B8 3D B7 63 07 CB 14 10 3D 18 0A A2 9E 43 !..=.c....=....C
0070: B1 DE 0A 9F 54 E3 C8 1C 91 54 A9 79 F7 F2 FC 69 ....T....T.y...i
0080: 64 E0 00 77 00 A4 B9 09 90 B4 18 58 14 87 BB 13 d..w.......X....
0090: A2 CC 67 70 0A 3C 35 98 04 F9 1B DF B8 E3 77 CD ..gp.<5.......w.
00A0: 0E C8 0D DC 10 00 00 01 6A 0D CB 36 57 00 00 04 ........j..6W...
00B0: 03 00 48 30 46 02 21 00 8A A6 96 1B 85 CD CE 00 ..H0F.!.........
00C0: 3A D1 84 95 7E 42 A5 09 81 80 FE 37 4D 42 CE 9E :....B.....7MB..
00D0: A3 F5 E9 31 8F DE B7 4C 02 21 00 AF 34 90 66 FA ...1...L.!..4.f.
00E0: 37 75 9B 89 31 9F 11 19 08 3D B4 99 AF 9E C9 1C 7u..1....=......
00F0: F2 4A D1 10 A5 34 1D 75 10 75 E1 00 75 00 56 14 .J...4.u.u..u.V.
0100: 06 9A 2F D7 C2 EC D3 F5 E1 BD 44 B2 3E C7 46 76 ../.......D.>.Fv
0110: B9 BC 99 11 5C C0 EF 94 98 55 D6 89 D0 DD 00 00 ....\....U......
0120: 01 6A 0D CB 37 3B 00 00 04 03 00 46 30 44 02 20 .j..7;.....F0D.
0130: 2A 2D AA F8 BB 85 20 9B A9 4F 4F 34 BC 73 47 09 *-.... ..OO4.sG.
0140: 12 37 55 55 97 D8 65 A4 5C 62 B3 DD 32 44 A1 AF .7UU..e.\b..2D..
0150: 02 20 0F 9E D6 6A 24 BE 60 53 7F E7 64 3A BA 7C . ...j$.`S..d:..
0160: D6 F8 48 9A 13 C9 D3 BB 7E AA 47 92 D4 6C E6 0E ..H.......G..l..
0170: 8D 2D 00 75 00 87 75 BF E7 59 7C F8 8C 43 99 5F .-.u..u..Y...C._
0180: BD F3 6E FF 56 8D 47 56 36 FF 4A B5 60 C1 B4 EA ..n.V.GV6.J.`...
0190: FF 5E A0 83 0F 00 00 01 6A 0D CB 37 16 00 00 04 .^......j..7....
01A0: 03 00 46 30 44 02 20 66 4A 7A 71 22 95 69 64 47 ..F0D. fJzq".idG
01B0: EA 7D 9C 22 26 16 E1 26 DF EA F3 9A C3 4B 51 4B ..."&..&.....KQK
01C0: FF 06 F3 C8 E3 B2 CD 02 20 46 32 09 11 59 33 9E ........ F2..Y3.
01D0: E0 B8 71 89 C3 0E 60 40 F4 B3 38 4E 56 6B F1 E2 ..q...`@..8NVk..
01E0: 5C 39 0E 31 61 EA 2F EA 4F 00 74 00 5E A7 73 F9 \9.1a./.O.t.^.s.
01F0: DF 56 C0 E7 B5 36 48 7D D0 49 E0 32 7A 91 9A 0C .V...6H..I.2z...
0200: 84 A1 12 12 84 18 75 96 81 71 45 58 00 00 01 6A ......u..qEX...j
0210: 0D CB 36 A5 00 00 04 03 00 45 30 43 02 1F 17 52 ..6......E0C...R
0220: 00 D1 79 3A 12 25 23 B6 66 5C C4 86 69 67 55 B4 ..y:.%#.f\..igU.
0230: E3 09 B7 FC 6D 0D FC 0C 96 DD AF 8C BE 02 20 5F ....m......... _
0240: C3 C1 CD 70 79 15 2D 3D 1A 84 8D 68 1A EA FF C8 ...py.-=...h....
0250: F7 7D AC E0 00 C6 09 E9 9E FF 97 8D 78 9F 9E ............x..
[5]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: caIssuers
accessLocation: URIName: http://certs.apple.com/appleistca2g1.der
,
accessMethod: ocsp
accessLocation: URIName: http://ocsp.apple.com/ocsp03-appleistca2g123
]
]
[6]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D8 7A 94 44 7C 90 70 90 16 9E DD 17 9C 01 44 03 .z.D..p.......D.
0010: 86 D6 2A 29 ..*)
]
]
[7]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
]
[8]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://crl.apple.com/appleistca2g1.crl]
]]
[9]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [1.2.840.113635.100.5.11.4]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.2
qualifier: 0000: 30 81 97 0C 81 94 52 65 6C 69 61 6E 63 65 20 6F 0.....Reliance o
0010: 6E 20 74 68 69 73 20 63 65 72 74 69 66 69 63 61 n this certifica
0020: 74 65 20 62 79 20 61 6E 79 20 70 61 72 74 79 20 te by any party
0030: 61 73 73 75 6D 65 73 20 61 63 63 65 70 74 61 6E assumes acceptan
0040: 63 65 20 6F 66 20 61 6E 79 20 61 70 70 6C 69 63 ce of any applic
0050: 61 62 6C 65 20 74 65 72 6D 73 20 61 6E 64 20 63 able terms and c
0060: 6F 6E 64 69 74 69 6F 6E 73 20 6F 66 20 75 73 65 onditions of use
0070: 20 61 6E 64 2F 6F 72 20 63 65 72 74 69 66 69 63 and/or certific
0080: 61 74 69 6F 6E 20 70 72 61 63 74 69 63 65 20 73 ation practice s
0090: 74 61 74 65 6D 65 6E 74 73 2E tatements.
], PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 2D 68 74 74 70 3A 2F 2F 77 77 77 2E 61 70 70 .-http://www.app
0010: 6C 65 2E 63 6F 6D 2F 63 65 72 74 69 66 69 63 61 le.com/certifica
0020: 74 65 61 75 74 68 6F 72 69 74 79 2F 72 70 61 teauthority/rpa
]] ]
]
[10]: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
serverAuth
]
[11]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Key_Encipherment
]
[12]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
DNSName: cvws-007.icloud-content.com
DNSName: cvws-003.icloud-content.com
DNSName: cvws-006.icloud-content.com
DNSName: cvws-008.icloud-content.com
DNSName: cvws-004.icloud-content.com
DNSName: cvws-009.icloud-content.com
DNSName: cvws-005.icloud-content.com
DNSName: cvws-dc-internal.icloud-content.com
DNSName: cvws.icloud-content.com
DNSName: cdn.icloud-content.com
DNSName: cvws-001.icloud-content.com
DNSName: cvws-dc.icloud-content.com
DNSName: cvws-002.icloud-content.com
]
[13]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: A3 17 94 E7 58 5B 11 CF 7A 8C 89 35 20 4C 2B C6 ....X[..z..5 L+.
0010: 02 41 00 9C .A..
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 23 78 B3 A4 E7 0B 83 5E 6E DF 21 59 66 36 82 C2 #x.....^n.!Yf6..
0010: 2B BD A9 94 98 2B 20 40 CD 5D 78 FF DC 00 B7 01 +....+ @.]x.....
0020: B5 2A 22 62 48 C5 D5 3C 77 C2 34 BE 52 4B 12 3A .*"bH..<w.4.RK.:
0030: 2C 6A 2A D6 81 A2 C9 CD CF A1 04 DC 07 27 5F 86 ,j*..........'_.
0040: 86 33 B9 03 8C A8 26 8D CD 92 E6 01 FE 51 69 EF .3....&......Qi.
0050: DC 8B C3 09 9E 4A 03 05 D2 37 73 1F E6 73 0D C3 .....J...7s..s..
0060: 73 8A C6 9A 85 F0 51 A2 26 B3 AE D5 7C EF CC 6E s.....Q.&......n
0070: 65 5E 40 47 99 77 E6 BB 93 27 B6 6C FD 52 D2 DF e^@G.w...'.l.R..
0080: 58 46 63 27 7C 9A EB 2F B8 19 0E EB 3C 1C CA FA XFc'.../....<...
0090: 98 AE FF E4 96 7E 8D 45 16 6A FC BF 59 6C EA 45 .......E.j..Yl.E
00A0: 05 A0 12 3F 20 C4 E8 E5 89 05 7E 6B FC A9 51 52 ...? ......k..QR
00B0: C1 F7 C3 E7 E0 0A 4B 70 85 12 18 C5 A5 72 5B D5 ......Kp.....r[.
00C0: FA F6 E4 83 6B 45 DB 86 C1 72 12 37 F6 1B DC B9 ....kE...r.7....
00D0: AD A5 6F C1 78 0C A7 B4 5B E2 12 C6 64 5D 98 09 ..o.x...[...d]..
00E0: 47 2C D1 5D 74 3E 2A 6E CC AF C3 36 2F B4 AB 3D G,.]t>*n...6/..=
00F0: DF 7D 4B EB AA 44 A7 14 AC 8F 9C 19 01 98 F8 5D ..K..D.........]
]
chain [1] = [
[
Version: V3
Subject: C=US, O=Apple Inc., OU=Certification Authority, CN=Apple IST CA 2 - G1
Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
Key: Sun RSA public key, 2048 bits
modulus: 26330366180152162663243748524461199192109853866060511299305371442192547271190172543013997772257744947940715083991734107692943402404203123939311757660058382600586273484750279500282618036597119027582086815739987980331622715773257682320381732071033801181183707978956451061736722995790878734036146013911760381049242345016130735393935732892787679915689938048551510876632506426429315941355677879486183706273188028673311167093230512587848959522924446757200558185443093057847590075019525517726908645157180896742086780647451706360551233683099547081674234458862181835970948065160248890092660564147031174101668846413887268359411
public exponent: 65537
Validity: [From: Mon Jun 16 09:42:02 MDT 2014,
To: Fri May 20 09:42:02 MDT 2022]
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
SerialNumber: [ 023a74]
Certificate Extensions: 7
[1]: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: ocsp
accessLocation: URIName: http://g.symcd.com
]
]
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]
[3]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:0
]
[4]: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName: http://g.symcb.com/crls/gtglobal.crl]
]]
[5]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
[CertificatePolicyId: [2.16.840.1.113733.1.7.54]
[PolicyQualifierInfo: [
qualifierID: 1.3.6.1.5.5.7.2.1
qualifier: 0000: 16 25 68 74 74 70 3A 2F 2F 77 77 77 2E 67 65 6F .%http://www.geo
0010: 74 72 75 73 74 2E 63 6F 6D 2F 72 65 73 6F 75 72 trust.com/resour
0020: 63 65 73 2F 63 70 73 ces/cps
]] ]
]
[6]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
[7]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D8 7A 94 44 7C 90 70 90 16 9E DD 17 9C 01 44 03 .z.D..p.......D.
0010: 86 D6 2A 29 ..*)
]
]
]
Algorithm: [SHA256withRSA]
Signature:
0000: 16 47 73 6F 85 A2 62 E1 E7 2A 76 BB 89 95 42 26 .Gso..b..*v...B&
0010: 97 BC 4A AC AC 70 53 3A 3F 31 83 3D 3C 1C AB 9A ..J..pS:?1.=<...
0020: E2 B1 5D 1C 76 1A A0 3C 0C 72 57 BE D3 9E 50 E0 ..].v..<.rW...P.
0030: C8 99 D6 58 D7 02 EA CE 0D 29 54 7C CD F5 C2 C6 ...X.....)T.....
0040: 90 29 55 A3 6F 14 A8 0B 42 0D 3A 98 6D 06 78 9E .)U.o...B.:.m.x.
0050: F0 6A A3 1D 02 0A A2 28 A4 8D C2 81 46 3E 6D 67 .j.....(....F>mg
0060: DA DE 3F FE 85 0E 42 2A 12 DE B5 B7 FB B8 1B A7 ..?...B*........
0070: 96 EC 77 9F EC D4 53 95 7A FF 07 F4 F2 0A 14 C0 ..w...S.z.......
0080: 51 52 B1 D6 8E 50 0B 1A 99 5C BC 0B C9 BD ED ED QR...P...\......
0090: F8 5E C1 56 DB 4D 7E 23 A4 11 A1 2C D4 1B 05 9A .^.V.M.#...,....
00A0: E4 1B 52 F6 7C 38 99 05 4B BA 72 8D 42 89 60 04 ..R..8..K.r.B.`.
00B0: 66 2A F4 FD 68 D7 6B F7 99 41 28 D6 6C 24 AB E6 f*..h.k..A(.l$..
00C0: 25 53 2E C8 82 99 E2 A2 8F 23 BE 30 83 B1 27 8B %S.......#.0..'.
00D0: FA 68 7F 01 49 E8 C6 98 6B 10 2E 98 5E 8A D7 CA .h..I...k...^...
00E0: 4B B1 C7 C9 58 9A D0 36 DB 96 95 EC B6 81 E4 F2 K...X..6........
00F0: CD 6F 1B 79 87 4C 10 3C 89 E4 4D FA 54 DC AA A6 .o.y.L.<..M.T...
]
***
Found trusted certificate:
[
[
Version: V3
Subject: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 2048 bits
modulus: 27620593608073140957439440929253438012688864718977347268272053725994928948867769687165112265058896553974818505070806430256424431940072485024407486246475597522063246121214348496326377341879755851197260401080498544606788760407243324127929930612201002157618691487713632251700065187865963692723720912135393438861302779432180613616167225206519123176430362410262429702404863434904116727055203524505580952824336979641923534005571504410997292144760317953739063178352809680844232935574095508445145910310675421726257114605895831426222686272114090063230017292595425393719031924942422176213538487957041730136782988405751614792953
public exponent: 65537
Validity: [From: Mon May 20 22:00:00 MDT 2002,
To: Fri May 20 22:00:00 MDT 2022]
Issuer: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US
SerialNumber: [ 023456]
Certificate Extensions: 3
[1]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]
[2]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
[3]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C0 7A 98 68 8D 89 FB AB 05 64 0C 11 7D AA 7D 65 .z.h.....d.....e
0010: B8 CA CC 4E ...N
]
]
]
Algorithm: [SHA1withRSA]
Signature:
0000: 35 E3 29 6A E5 2F 5D 54 8E 29 50 94 9F 99 1A 14 5.)j./]T.)P.....
0010: E4 8F 78 2A 62 94 A2 27 67 9E D0 CF 1A 5E 47 E9 ..x*b..'g....^G.
0020: C1 B2 A4 CF DD 41 1A 05 4E 9B 4B EE 4A 6F 55 52 .....A..N.K.JoUR
0030: B3 24 A1 37 0A EB 64 76 2A 2E 2C F3 FD 3B 75 90 .$.7..dv*.,..;u.
0040: BF FA 71 D8 C7 3D 37 D2 B5 05 95 62 B9 A6 DE 89 ..q..=7....b....
0050: 3D 36 7B 38 77 48 97 AC A6 20 8F 2E A6 C9 0C C2 =6.8wH... ......
0060: B2 99 45 00 C7 CE 11 51 22 22 E0 A5 EA B6 15 48 ..E....Q"".....H
0070: 09 64 EA 5E 4F 74 F7 05 3E C7 8A 52 0C DB 15 B4 .d.^Ot..>..R....
0080: BD 6D 9B E5 C6 B1 54 68 A9 E3 69 90 B6 9A A5 0F .m....Th..i.....
0090: B8 B9 3F 20 7D AE 4A B5 B8 9C E4 1D B6 AB E6 94 ..? ..J.........
00A0: A5 C1 C7 83 AD DB F5 27 87 0E 04 6C D5 FF DD A0 .......'...l....
00B0: 5D ED 87 52 B7 2B 15 02 AE 39 A6 6A 74 E9 DA C4 ]..R.+...9.jt...
00C0: E7 BC 4D 34 1E A9 5C 4D 33 5F 92 09 2F 88 66 5D ..M4..\M3_../.f]
00D0: 77 97 C7 1D 76 13 A9 D5 E5 F1 16 09 11 35 D5 AC w...v........5..
00E0: DB 24 71 70 2C 98 56 0B D9 17 B4 D1 E3 51 2B 5E .$qp,.V......Q+^
00F0: 75 E8 D5 D0 DC 4F 34 ED C2 05 66 80 A1 CB E6 33 u....O4...f....3
]
main, READ: TLSv1.2 Handshake, length = 333
*** ECDH ServerKeyExchange
Signature Algorithm SHA512withRSA
Server key: Sun EC public key, 256 bits
public x coord: 92834745786580266321945464844046947079188679388565224135134587487855806935538
public y coord: 95225875105857778834605560043339969985828922220038169565392626892101364324247
parameters: secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)
main, READ: TLSv1.2 Handshake, length = 4
*** ServerHelloDone
*** ECDHClientKeyExchange
ECDH Public value: { 4, 243, 170, 178, 20, 73, 6, 31, 16, 89, 245, 125, 124, 114, 172, 1, 21, 241, 90, 84, 12, 105, 126, 69, 68, 167, 13, 120, 214, 37, 84, 63, 68, 61, 199, 91, 207, 245, 165, 185, 78, 234, 153, 43, 128, 212, 133, 111, 36, 243, 194, 141, 216, 233, 18, 78, 21, 144, 90, 155, 204, 99, 113, 168, 82 }
main, WRITE: TLSv1.2 Handshake, length = 70
SESSION KEYGEN:
PreMaster Secret:
0000: E9 5B 27 43 48 DE E1 DB D7 48 E5 83 09 18 8D 26 .['CH....H.....&
0010: 9B 33 9F BB 4C 84 AC 41 87 6C 5B 0D E8 11 25 EC .3..L..A.l[...%.
CONNECTION KEYGEN:
Client Nonce:
0000: 5D CF 2C 67 B1 49 87 53 AF D0 43 22 D3 DF 8E CE ].,g.I.S..C"....
0010: DE DC 51 35 1D 33 54 A7 BB EA C0 48 F2 F6 6E 54 ..Q5.3T....H..nT
Server Nonce:
0000: 00 A5 6E 94 90 79 60 10 7F 25 C0 06 D7 C0 10 3A ..n..y`..%.....:
0010: D3 C1 49 8D CB 41 3C 64 7A 59 69 06 AD 4B 2A 14 ..I..A<dzYi..K*.
Master Secret:
0000: 4C FC 4C 92 27 01 4C EF 2A 2A 0F E3 B1 FA CA 67 L.L.'.L.**.....g
0010: 9E 66 A8 6D 1A F2 78 EA 2C 10 64 0D CE EE 5D 20 .f.m..x.,.d...]
0020: CB 97 F1 9E 61 7A C1 45 85 44 25 99 96 F4 3F 24 ....az.E.D%...?$
... no MAC keys used for this cipher
Client write key:
0000: F3 0C 1A 0E EC 55 F4 14 02 FF 37 96 14 18 D5 59 .....U....7....Y
0010: 60 40 DB 25 00 A6 29 0B CF 68 19 DE 1F E5 DF EB `@.%..)..h......
Server write key:
0000: DD 7F 01 4C EB 75 F9 90 55 DB 74 BE 4E 09 6A 51 ...L.u..U.t.N.jQ
0010: 0A 3A D4 8E F3 74 0E A1 A0 F4 E2 57 66 64 A5 7F .:...t.....Wfd..
Client write IV:
0000: 43 E1 83 7D C...
Server write IV:
0000: 7C 07 27 DA ..'.
main, WRITE: TLSv1.2 Change Cipher Spec, length = 1
*** Finished
verify_data: { 172, 38, 95, 140, 197, 253, 0, 32, 90, 168, 233, 232 }
***
main, WRITE: TLSv1.2 Handshake, length = 40
main, READ: TLSv1.2 Change Cipher Spec, length = 1
main, READ: TLSv1.2 Handshake, length = 40
*** Finished
verify_data: { 164, 35, 232, 112, 189, 150, 171, 145, 214, 138, 83, 111 }
***
%% Cached client session: [Session-1, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]
main, WRITE: TLSv1.2 Application Data, length = 186
main, READ: TLSv1.2 Application Data, length = 668
ACTUAL -
When using java 11, the below handshake is what actually occurs and result in an unsuccessful connection.
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.485 MST|SSLCipher.java:438|jdk.tls.keyLimits: entry = AES/GCM/NoPadding KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.755 MST|Utilities.java:73|the previous server name in SNI (type=host_name (0), value=cvws.icloud-content.com) was replaced with (type=host_name (0), value=cvws.icloud-content.com)
javax.net.ssl|WARNING|01|main|2019-11-15 15:55:33.803 MST|SignatureScheme.java:283|Signature algorithm, ed25519, is not supported by the underlying providers
javax.net.ssl|WARNING|01|main|2019-11-15 15:55:33.803 MST|SignatureScheme.java:283|Signature algorithm, ed448, is not supported by the underlying providers
javax.net.ssl|INFO|01|main|2019-11-15 15:55:33.808 MST|AlpnExtension.java:161|No available application protocols
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.809 MST|SSLExtensions.java:257|Ignore, context unavailable extension: application_layer_protocol_negotiation
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.809 MST|SSLExtensions.java:257|Ignore, context unavailable extension: cookie
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.843 MST|SSLExtensions.java:257|Ignore, context unavailable extension: renegotiation_info
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.844 MST|PreSharedKeyExtension.java:633|No session to resume.
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.844 MST|SSLExtensions.java:257|Ignore, context unavailable extension: pre_shared_key
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.854 MST|ClientHello.java:653|Produced ClientHello handshake message (
"ClientHello": {
"client version" : "TLSv1.2",
"random" : "51 69 15 70 EA 4E 2E 04 77 49 B7 33 02 17 D6 CA 71 07 B5 86 5A 9A C3 D7 F3 E0 F0 20 DA 23 2B 3F",
"session id" : "45 DD DF 8E F5 32 26 1C DF 88 05 0E CF 9F DA D0 EC F4 62 D9 78 5E C4 8B AC 61 DD 85 F3 3A 1F 29",
"cipher suites" : "[TLS_AES_128_GCM_SHA256(0x1301), TLS_AES_256_GCM_SHA384(0x1302), TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(0xC02C), TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(0xC02B), TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xC030), TLS_RSA_WITH_AES_256_GCM_SHA384(0x009D), TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(0xC02E), TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(0xC032), TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(0x009F), TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(0x00A3), TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(0xC02F), TLS_RSA_WITH_AES_128_GCM_SHA256(0x009C), TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(0xC02D), TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(0xC031), TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(0x009E), TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(0x00A2), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(0xC024), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(0xC028), TLS_RSA_WITH_AES_256_CBC_SHA256(0x003D), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(0xC026), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(0xC02A), TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(0x006B), TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(0x006A), TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(0xC00A), TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(0xC014), TLS_RSA_WITH_AES_256_CBC_SHA(0x0035), TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(0xC005), TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(0xC00F), TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039), TLS_DHE_DSS_WITH_AES_256_CBC_SHA(0x0038), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(0xC023), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(0xC027), TLS_RSA_WITH_AES_128_CBC_SHA256(0x003C), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(0xC025), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(0xC029), TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(0x0067), TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(0x0040), TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(0xC009), TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(0xC013), TLS_RSA_WITH_AES_128_CBC_SHA(0x002F), TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(0xC004), TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(0xC00E), TLS_DHE_RSA_WITH_AES_128_CBC_SHA(0x0033), TLS_DHE_DSS_WITH_AES_128_CBC_SHA(0x0032), TLS_EMPTY_RENEGOTIATION_INFO_SCSV(0x00FF)]",
"compression methods" : "00",
"extensions" : [
"server_name (0)": {
type=host_name (0), value=cvws.icloud-content.com
},
"status_request (5)": {
"certificate status type": ocsp
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
},
"supported_groups (10)": {
"versions": [secp256r1, secp384r1, secp521r1, ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144, ffdhe8192]
},
"ec_point_formats (11)": {
"formats": [uncompressed]
},
"signature_algorithms (13)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"signature_algorithms_cert (50)": {
"signature schemes": [ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp512r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, dsa_sha256, ecdsa_sha224, rsa_sha224, dsa_sha224, ecdsa_sha1, rsa_pkcs1_sha1, dsa_sha1]
},
"status_request_v2 (17)": {
"cert status request": {
"certificate status type": ocsp_multi
"OCSP status request": {
"responder_id": <empty>
"request extensions": {
<empty>
}
}
}
},
"extended_master_secret (23)": {
<empty>
},
"supported_versions (43)": {
"versions": [TLSv1.3, TLSv1.2, TLSv1.1, TLSv1]
},
"psk_key_exchange_modes (45)": {
"ke_modes": [psk_dhe_ke]
},
"key_share (51)": {
"client_shares": [
{
"named group": secp256r1
"key_exchange": {
0000: 04 5C 2C 43 09 AC 18 D4 6A E5 F8 2A D4 6C C1 D2 .\,C....j..*.l..
0010: 27 B5 D2 24 81 C4 FF 4F 85 04 DD A4 DF 60 76 AB '..$...O.....`v.
0020: 72 69 83 FD 78 74 C7 12 58 13 FD 74 72 35 C1 79 ri..xt..X..tr5.y
0030: 92 EE 3B 33 83 88 42 B4 99 E1 73 BA 14 E2 EC 9E ..;3..B...s.....
0040: 3A
}
},
]
}
]
}
)
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.896 MST|Alert.java:238|Received alert message (
"Alert": {
"level" : "fatal",
"description": "decode_error"
}
)
javax.net.ssl|ERROR|01|main|2019-11-15 15:55:33.897 MST|TransportContext.java:312|Fatal (DECODE_ERROR): Received fatal alert: decode_error (
"throwable" : {
javax.net.ssl.SSLHandshakeException: Received fatal alert: decode_error
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:285)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:180)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1587)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1515)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:250)
at Main.main(Main.java:12)}
)
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.898 MST|SSLSocketImpl.java:1361|close the underlying socket
javax.net.ssl|DEBUG|01|main|2019-11-15 15:55:33.898 MST|SSLSocketImpl.java:1380|close the SSL connection (initiative)
javax.net.ssl.SSLHandshakeException: Received fatal alert: decode_error
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:285)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:180)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1587)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1515)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:250)
at Main.main(Main.java:12)
---------- BEGIN SOURCE ----------
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
public class Main {
public static void main(String[] args) {
try {
URL url = new URL("https://cvws.icloud-content.com");
URLConnection conn = url.openConnection();
InputStream in = conn.getInputStream();
} catch (FileNotFoundException e) {
System.out.println("Expected");
} catch (Exception e) {
e.printStackTrace();
}
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
Setting the system property jdk.tls.client.protocols to "TLSv1,TLSv1.1,TLSv1.2" prevents sending a TLSv1.3 handshake and the error does not occur.
FREQUENCY : always