Categories:
Audio (13)
Biotech (29)
Bytecode (35)
Database (77)
Framework (7)
Game (7)
General (512)
Graphics (53)
I/O (32)
IDE (2)
JAR Tools (86)
JavaBeans (16)
JDBC (89)
JDK (337)
JSP (20)
Logging (103)
Mail (54)
Messaging (8)
Network (71)
PDF (94)
Report (7)
Scripting (83)
Security (32)
Server (119)
Servlet (17)
SOAP (24)
Testing (50)
Web (19)
XML (301)
Other Resources:
SSL Handshake Messages with Client Authentication
How to get SSL Handshake Messages that use client Authentication?
✍: FYIcenter
You can get SSL Handshake Messages that use client Authentication as shown below:
1. Open command window and run SslServerCmd.java with client certificate authentication turned on:
\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.ssl.trustStore=client_crt.jks SslServerCmd 8080 Yes USAGE: java SslServerCmd [port [clientAuth]] Listening: port=8080, clientAuth=Yes
2. Open another command window and run SslServerCmd.java with system property javax.net.debug turned on:
\fyicenter>\local\jdk-1.8.0\bin\java -Djavax.net.ssl.trustStore=server_crt.jks -Djavax.net.debug=ssl:handshake:data SslClientCertificateCmd localhost 8080 /index.html HTTP/1.0 200 OK Content-Type: text/html Content-Length: 40
3. Open the SSL debug log file:
\fyicenter>edit ssl.log *** ClientHello, TLSv1.2 [write] MD5 and SHA1 hashes: len = 207 0000: 01 00 00 CB 03 03 59 50 57 CA 27 7E 86 01 82 F3 ......YPW.'..... ... (Client Hello message) main, WRITE: TLSv1.2 Handshake, length = 207 main, READ: TLSv1.2 Handshake, length = 1494 *** ServerHello, TLSv1.2 [read] MD5 and SHA1 hashes: len = 81 ... (Server Hello message) *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=fyicenter.com, OU=FYIcenter, O=FYIcenter, L=FYI, ST=FYI, C=FR ... [read] MD5 and SHA1 hashes: len = 444 ... (Server certificate) *** CertificateRequest Cert Types: RSA, DSS, ECDSA Supported Signature Algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA Cert Authorities: <CN=Frank Y. Ivy, OU=IT, O=FYIcenter, L=NA, ST=NA, C=FR> [read] MD5 and SHA1 hashes: len = 135 ... (Certificate Request for client authentication) *** ServerHelloDone [read] MD5 and SHA1 hashes: len = 4 0000: 0E 00 00 00 ... (Server Hello Done message, 4 bytes only) *** Certificate chain chain [0] = [ [ Version: V3 Subject: CN=Frank Y. Ivy, OU=IT, O=FYIcenter, L=NA, ST=NA, C=FR ... *** ClientKeyExchange, DH DH Public key: { 108, 150, 133, 85, 151, 77, 108, 62, 255, 70, 227, 231, 247, 165, 165, 14, 33, 126, 37, 167, 248, 27, 92, 167, 84, 94, 73, 240, 57, 105, 4, 78, 100, 152, 219, 201, 86, 190, 145, 2, 204, 195, 90, 108, 255, 1, 176, 105, 38, 119, 17, 116, 30, 99, 197, 135, 179, 187, 1, 50, 34, 92, 220, 98, 119, 174, 118, 59, 79, 71, 196, 37, 39, 72, 145, 13, 99, 220, 172, 200, 125, 149, 212, 103, 33, 174, 193, 43, 124, 118, 157, 157, 85, 250, 6, 248, 73, 120, 23, 161, 248, 203, 230, 177, 141, 208, 31, 23, 55, 48, 139, 248, 128, 224, 189, 2, 102, 197, 154, 150, 52, 23, 246, 180, 139, 61, 179, 111 } [write] MD5 and SHA1 hashes: len = 942 ... (Client Key Exchange) main, WRITE: TLSv1.2 Handshake, length = 942 *** CertificateVerify Signature Algorithm SHA1withDSA [write] MD5 and SHA1 hashes: len = 54 ... (Certificate Verify message) main, WRITE: TLSv1.2 Handshake, length = 54 main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 *** Finished [write] MD5 and SHA1 hashes: len = 16 *** Finished [read] MD5 and SHA1 hashes: len = 16 main, WRITE: TLSv1.2 Application Data, length = 80 main, READ: TLSv1.2 Application Data, length = 160
Â
2018-06-12, 1974👍, 0💬
Popular Posts:
Apache BCEL Source Code Files are inside the Apache Ant source package file like bcel-6.5.0-src.zip....
A stream buffer is a stream-based representation of an XML infoset in Java. Stream buffers are desig...
JDK 11 java.naming.jmod is the JMOD file for JDK 11 Naming module. JDK 11 Naming module compiled cla...
What Is HttpComponents commons-httpclient-3.1.j ar?HttpComponents commons-httpclient-3.1.j aris the ...
ZooKeeper is a centralized service for maintaining configuration information, naming, providing dist...