Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
1 reply Latest Post - ‏2011-09-15T11:43:19Z by SystemAdmin
SystemAdmin
SystemAdmin
2262 Posts
ACCEPTED ANSWER

Pinned topic How can I extract the key established by a SSLSocket

‏2011-03-27T14:59:41Z |
Hi all, I wanna know how can I get the secret key agreed upon by the ssl session? I don't wanna just get InpuStream and OutputStream form the secure session. I want to get the secret key used implicitly in these objects?
Can I do that?
best regards
Updated on 2011-09-15T11:43:19Z at 2011-09-15T11:43:19Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    2262 Posts
    ACCEPTED ANSWER

    Re: How can I extract the key established by a SSLSocket

    ‏2011-09-15T11:43:19Z  in response to SystemAdmin
    What do you plan on doing with it?
    The private key for an SSL session is randomly generated and thrown away at the end of the session; the alternative is to prompt the user to supply a key. Relying on the user to do anything is usually a bad idea, besides it would interrupt the user each time s/he tried to access an SSL secured site.

    tl;dr : You can't get hold of the private key.
    ----
    How to ask questions the smart way - http://www.catb.org/~esr/faqs/smart-questions.html