Categories:
Audio (13)
Biotech (29)
Bytecode (36)
Database (77)
Framework (7)
Game (7)
General (507)
Graphics (53)
I/O (35)
IDE (2)
JAR Tools (101)
JavaBeans (21)
JDBC (121)
JDK (426)
JSP (20)
Logging (108)
Mail (58)
Messaging (8)
Network (84)
PDF (97)
Report (7)
Scripting (84)
Security (32)
Server (121)
Servlet (26)
SOAP (24)
Testing (54)
Web (15)
XML (309)
Collections:
Other Resources:
SSL Handshake Messages with Client Authentication
How to get SSL Handshake Messages that use client Authentication?
✍: FYIcenter
You can get SSL Handshake Messages that use client Authentication as shown below:
1. Open command window and run SslServerCmd.java with client certificate authentication turned on:
\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.ssl.trustStore=client_crt.jks SslServerCmd 8080 Yes USAGE: java SslServerCmd [port [clientAuth]] Listening: port=8080, clientAuth=Yes
2. Open another command window and run SslServerCmd.java with system property javax.net.debug turned on:
\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.ssl.trustStore=server_crt.jks -Djavax.net.debug=ssl:handshake:data SslClientCertificateCmd localhost 8080 /index.html HTTP/1.0 200 OK Content-Type: text/html Content-Length: 40
3. Open the SSL debug log file:
\fyicenter>edit ssl.log *** ClientHello, TLSv1.2 [write] MD5 and SHA1 hashes: len = 207 0000: 01 00 00 CB 03 03 59 50 57 CA 27 7E 86 01 82 F3 ......YPW.'..... ... (Client Hello message) main, WRITE: TLSv1.2 Handshake, length = 207 main, READ: TLSv1.2 Handshake, length = 1494 *** ServerHello, TLSv1.2 [read] MD5 and SHA1 hashes: len = 81 ... (Server Hello message) *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=fyicenter.com, OU=FYIcenter, O=FYIcenter, L=FYI, ST=FYI, C=FR ... [read] MD5 and SHA1 hashes: len = 444 ... (Server certificate) *** CertificateRequest Cert Types: RSA, DSS, ECDSA Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA Cert Authorities: <CN=Frank Y. Ivy, OU=IT, O=FYIcenter, L=NA, ST=NA, C=FR> [read] MD5 and SHA1 hashes: len = 135 ... (Certificate Request for client authentication) *** ServerHelloDone [read] MD5 and SHA1 hashes: len = 4 0000: 0E 00 00 00 ... (Server Hello Done message, 4 bytes only) *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=Frank Y. Ivy, OU=IT, O=FYIcenter, L=NA, ST=NA, C=FR ... *** ClientKeyExchange, DH DH Public key: { 108, 150, 133, 85, 151, 77, 108, 62, 255, 70, 227, 231, 247, 165, 165, 14, 33, 126, 37, 167, 248, 27, 92, 167, 84, 94, 73, 240, 57, 105, 4, 78, 100, 152, 219, 201, 86, 190, 145, 2, 204, 195, 90, 108, 255, 1, 176, 105, 38, 119, 17, 116, 30, 99, 197, 135, 179, 187, 1, 50, 34, 92, 220, 98, 119, 174, 118, 59, 79, 71, 196, 37, 39, 72, 145, 13, 99, 220, 172, 200, 125, 149, 212, 103, 33, 174, 193, 43, 124, 118, 157, 157, 85, 250, 6, 248, 73, 120, 23, 161, 248, 203, 230, 177, 141, 208, 31, 23, 55, 48, 139, 248, 128, 224, 189, 2, 102, 197, 154, 150, 52, 23, 246, 180, 139, 61, 179, 111 } [write] MD5 and SHA1 hashes: len = 942 ... (Client Key Exchange) main, WRITE: TLSv1.2 Handshake, length = 942 *** CertificateVerify Signature Algorithm SHA1withDSA [write] MD5 and SHA1 hashes: len = 54 ... (Certificate Verify message) main, WRITE: TLSv1.2 Handshake, length = 54 main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished [write] MD5 and SHA1 hashes: len = 16 *** Finished [read] MD5 and SHA1 hashes: len = 16 main, WRITE: TLSv1.2 Application Data, length = 80 main, READ: TLSv1.2 Application Data, length = 160
⇒ FAQ for jsse.jar - Java Secure Socket Extension
⇐ Make Client Certificate Trusted by SSL Server
2018-06-12, 2289🔥, 0💬
Popular Posts:
The Digester package lets you configure an XML -> Java object mapping module, which triggers certain...
ASM is an all purpose Java bytecode manipulation and analysis framework. It can be used to modify ex...
Apache Log4j 1.2 Bridge allows applications coded to use Log4j 1.2 API to use Log4j 2 instead. Bytec...
How to perform XML Schema validation with sax\Writer.java provided in the Apache Xerces package? You...
What Is commons-net-ftp-2.0.jar? commons-net-ftp-2.0.jar is the JAR file for Apache Commons Net FTP ...