Hi all, I wanna know how can I get the secret key agreed upon by the ssl session? I don't wanna just get InpuStream and OutputStream form the secure session. I want to get the secret key used implicitly in these objects?
Can I do that?
NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
This topic has been locked.
1 reply Latest Post - 2011-09-15T11:43:19Z by SystemAdmin
Pinned topic How can I extract the key established by a SSLSocket
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2011-09-15T11:43:19Z at 2011-09-15T11:43:19Z by SystemAdmin
SystemAdmin 110000D4XK2262 PostsACCEPTED ANSWER
Re: How can I extract the key established by a SSLSocket2011-09-15T11:43:19Z in response to SystemAdminWhat do you plan on doing with it?
The private key for an SSL session is randomly generated and thrown away at the end of the session; the alternative is to prompt the user to supply a key. Relying on the user to do anything is usually a bad idea, besides it would interrupt the user each time s/he tried to access an SSL secured site.
tl;dr : You can't get hold of the private key.
How to ask questions the smart way - http://www.catb.org/~esr/faqs/smart-questions.html