[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-ssl] Does anybody know how to ExtractKeys from mod_ssl?



Hi,

I installed a mod_ssl 2.6.6 for Apache 1.3.12 with
a custom certificate (make certificate TYPE=custom).
It works well both with Netscape and IE. Now I am
trying to install iSaSiLkLight for the client part.
However, I couldn't get it done:

C:\IAIK\iSaSiLkLight\tools>java ExtractKeys
..\demo\classes\PublicKeyStre.java -host:<my-https-sever-ip> -rsa
Adding provider IAIK...
Downloading RSA certificate...
Opening SSL connection to <my-https-sever-ip>:443...
InputRecord locked.
OutputRecord locked.
starting handshake.
send client_hello...
v3ClientHello, version: 3.0
received server_hello...
Server doesn't want to resume a previous session.
CipherSuite selected by server: SSL_RSA_WITH_RC4_MD5
CompressionMethod selected by server: NULL
received Certificate...
Exception during handshaking: java.lang.StringIndexOutOfBoundsException:
String
index out of range: -61
A problem occured: Fatal SSL handshake error!
Could not download RSA certificate from <my-https-sever-ip>!
Hit the <RETURN> key.

where <my-https-sever-ip> is my intranet ip such as 192.168.1.xx.


When I tried to fetch key from other sites, it failed too:

C:\IAIK\iSaSiLkLight\tools>java ExtractKeys
..\demo\classes\PublicKeyStore.java -host:www.verisign.com  -rsa
Adding provider IAIK...
Downloading RSA certificate...
Opening SSL connection to www.verisign.com:443...
A problem occured: Operation timed out: no further information
Could not download RSA certificate from www.verisign.com:443!
Hit the <RETURN> key.

or

C:\IAIK\iSaSiLkLight\tools>runextractkeys PublicKeyStore.java
-host:swww.etrade.com.au -rsa
Adding provider IAIK...
Downloading RSA certificate...
Opening SSL connection to swww.etrade.com.au:443...
A problem occured: swww.etrade.com.au
Could not download RSA certificate from swww.etrade.com.au:443!
Hit the <RETURN> key.

 %%%

My CLASSPATH follows:

CLASSPATH=C:\IAIK\iSaSiLkLight\lib\iaik_ssl_light.jar;
c:\IAIK\iaik-jce2.51\lib\iaik_jce.jar;
c:\IAIK\isasilk2.51\lib\iaik_ssl.jar;
c:\IAIK\rsa_rc4.jar;.

Thanks,

-fred
--
--------------------------------------------------------------
  Fred J. Tan
  Email: jctan@acm.org
  Web: http://taurus.csie.isu.edu.tw/~jctan
--------------------------------------------------------------
--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-ssl


***************************************************************************
*                                                                         *
* IAIK S/MIME Mapper Security Info                                        *
* ===================================                                     *
*                                                                         *
* for message:                                                            *
*   From: Jichang Tan <jctan@computer.org>                                *
*   Date: Mon, 11 Sep 2000 23:48:55 +0800                                 *
*   Subject: [iaik-ssl] Does anybody know how to ExtractKeys from mod_ssl?*
*                                                                         *
* Message S/MIME properties:                                              *
*                                                                         *
*   Encrypted using:    not encrypted                                     *
*                                                                         *
*   Digitally signed:   no                                                *
*   Signature valid:    n/a                                               *
*   Signature trusted   n/a                                               *
*                                                                         *
*                                                                         *
* Compliance with policy for email addresses *:                           *
*                                                                         *
*   Encryption:         OK (None or better required)                      *
*                                                                         *
*   Digital Signature:  OK (digital signature not required)               *
*                                                                         *
***************************************************************************