Categories:
Audio (13)
Biotech (29)
Bytecode (36)
Database (77)
Framework (7)
Game (7)
General (507)
Graphics (53)
I/O (35)
IDE (2)
JAR Tools (101)
JavaBeans (21)
JDBC (121)
JDK (426)
JSP (20)
Logging (108)
Mail (58)
Messaging (8)
Network (84)
PDF (97)
Report (7)
Scripting (84)
Security (32)
Server (121)
Servlet (26)
SOAP (24)
Testing (54)
Web (15)
XML (309)
Collections:
Other Resources:
SSL Handshake Messages with Client Authentication
How to get SSL Handshake Messages that use client Authentication?
✍: FYIcenter
You can get SSL Handshake Messages that use client Authentication as shown below:
1. Open command window and run SslServerCmd.java with client certificate authentication turned on:
\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.ssl.trustStore=client_crt.jks SslServerCmd 8080 Yes USAGE: java SslServerCmd [port [clientAuth]] Listening: port=8080, clientAuth=Yes
2. Open another command window and run SslServerCmd.java with system property javax.net.debug turned on:
\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.ssl.trustStore=server_crt.jks -Djavax.net.debug=ssl:handshake:data SslClientCertificateCmd localhost 8080 /index.html HTTP/1.0 200 OK Content-Type: text/html Content-Length: 40
3. Open the SSL debug log file:
\fyicenter>edit ssl.log *** ClientHello, TLSv1.2 [write] MD5 and SHA1 hashes: len = 207 0000: 01 00 00 CB 03 03 59 50 57 CA 27 7E 86 01 82 F3 ......YPW.'..... ... (Client Hello message) main, WRITE: TLSv1.2 Handshake, length = 207 main, READ: TLSv1.2 Handshake, length = 1494 *** ServerHello, TLSv1.2 [read] MD5 and SHA1 hashes: len = 81 ... (Server Hello message) *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=fyicenter.com, OU=FYIcenter, O=FYIcenter, L=FYI, ST=FYI, C=FR ... [read] MD5 and SHA1 hashes: len = 444 ... (Server certificate) *** CertificateRequest Cert Types: RSA, DSS, ECDSA Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA Cert Authorities: <CN=Frank Y. Ivy, OU=IT, O=FYIcenter, L=NA, ST=NA, C=FR> [read] MD5 and SHA1 hashes: len = 135 ... (Certificate Request for client authentication) *** ServerHelloDone [read] MD5 and SHA1 hashes: len = 4 0000: 0E 00 00 00 ... (Server Hello Done message, 4 bytes only) *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=Frank Y. Ivy, OU=IT, O=FYIcenter, L=NA, ST=NA, C=FR ... *** ClientKeyExchange, DH DH Public key: { 108, 150, 133, 85, 151, 77, 108, 62, 255, 70, 227, 231, 247, 165, 165, 14, 33, 126, 37, 167, 248, 27, 92, 167, 84, 94, 73, 240, 57, 105, 4, 78, 100, 152, 219, 201, 86, 190, 145, 2, 204, 195, 90, 108, 255, 1, 176, 105, 38, 119, 17, 116, 30, 99, 197, 135, 179, 187, 1, 50, 34, 92, 220, 98, 119, 174, 118, 59, 79, 71, 196, 37, 39, 72, 145, 13, 99, 220, 172, 200, 125, 149, 212, 103, 33, 174, 193, 43, 124, 118, 157, 157, 85, 250, 6, 248, 73, 120, 23, 161, 248, 203, 230, 177, 141, 208, 31, 23, 55, 48, 139, 248, 128, 224, 189, 2, 102, 197, 154, 150, 52, 23, 246, 180, 139, 61, 179, 111 } [write] MD5 and SHA1 hashes: len = 942 ... (Client Key Exchange) main, WRITE: TLSv1.2 Handshake, length = 942 *** CertificateVerify Signature Algorithm SHA1withDSA [write] MD5 and SHA1 hashes: len = 54 ... (Certificate Verify message) main, WRITE: TLSv1.2 Handshake, length = 54 main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished [write] MD5 and SHA1 hashes: len = 16 *** Finished [read] MD5 and SHA1 hashes: len = 16 main, WRITE: TLSv1.2 Application Data, length = 80 main, READ: TLSv1.2 Application Data, length = 160
⇒ FAQ for jsse.jar - Java Secure Socket Extension
⇐ Make Client Certificate Trusted by SSL Server
2018-06-12, 2068👍, 0💬
Popular Posts:
What Is jaxb-api-2.1.6.jar? Java Architecture for XML Binding (JAXB) is a Java API that allows Java ...
commons-lang-1.0.1.jar is the JAR file for Apache Commons Lang 1.0.1, which provides a host of helpe...
The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms, it was develo...
Apache Ant Source Code Files are inside the Apache Ant source package file like apache-ant-1.10.10-s...
JasperReports, the world's most popular open source business intelligence and reporting engine and J...