Topic
  • 1 reply
  • Latest Post - ‏2011-09-15T11:43:19Z by SystemAdmin
SystemAdmin
SystemAdmin
2262 Posts

Pinned topic How can I extract the key established by a SSLSocket

‏2011-03-27T14:59:41Z |
Hi all, I wanna know how can I get the secret key agreed upon by the ssl session? I don't wanna just get InpuStream and OutputStream form the secure session. I want to get the secret key used implicitly in these objects?
Can I do that?
best regards
Updated on 2011-09-15T11:43:19Z at 2011-09-15T11:43:19Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    2262 Posts

    Re: How can I extract the key established by a SSLSocket

    ‏2011-09-15T11:43:19Z  
    What do you plan on doing with it?
    The private key for an SSL session is randomly generated and thrown away at the end of the session; the alternative is to prompt the user to supply a key. Relying on the user to do anything is usually a bad idea, besides it would interrupt the user each time s/he tried to access an SSL secured site.

    tl;dr : You can't get hold of the private key.
    ----
    How to ask questions the smart way - http://www.catb.org/~esr/faqs/smart-questions.html