Hi all, I wanna know how can I get the secret key agreed upon by the ssl session? I don't wanna just get InpuStream and OutputStream form the secure session. I want to get the secret key used implicitly in these objects?
Can I do that?
Pinned topic How can I extract the key established by a SSLSocket
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2011-09-15T11:43:19Z at 2011-09-15T11:43:19Z by SystemAdmin
SystemAdmin 110000D4XK2262 Posts
Re: How can I extract the key established by a SSLSocket2011-09-15T11:43:19ZThis is the accepted answer. This is the accepted answer.What do you plan on doing with it?
The private key for an SSL session is randomly generated and thrown away at the end of the session; the alternative is to prompt the user to supply a key. Relying on the user to do anything is usually a bad idea, besides it would interrupt the user each time s/he tried to access an SSL secured site.
tl;dr : You can't get hold of the private key.
How to ask questions the smart way - http://www.catb.org/~esr/faqs/smart-questions.html