Fwd: Re: Re: Re: Setup DH parameters for cipher suite 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'.

Sun, 04 Oct 2015 04:15:07 -0700 

For clarity, is there a simple way like setting keystore?
Or Should I implement the whole process of key agreement for DHE_RSA in 
CustomSSLSocketFactory?

If I use the latest version, could you share more detail source?
Because I generate key using KeyPaireGenerator class, I get private key and 
public key. 
I don't know how to use loadTrustMaterial function with private key and public 
key. 

In advance, thanks.


------- Original Message -------
Sender : 이계영<gyeyoung....@samsung.com>  S5(책임)/책임/IoT Vertical Solution 
Lab(DMC연)/삼성전자
Date   : 2015-10-01 18:08 (GMT+09:00)
Title  : Re: Re: Re: Setup DH parameters for cipher suite 
'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'.


I did make CustomSSLSocketFactory and keyStore and TrustkeyStore in it. 
But I can't implement DH key agreement. 
I am trying hard to find the below method as you said, but failed to look for 
method like it.
Please tell me the way to develop with HC 4.2   

* SSContexts is not supported in HC 4.2 
sslcontext = SSLContexts.custom()
                    .loadKeyMaterial(url, "secret".toCharArray(), 
"secret".toCharArray())
                    .build();

Thanks,
Gary

------- Original Message -------
Sender : Oleg Kalnichevski<ol...@apache.org> 
Date   : 2015-09-17 18:54 (GMT+09:00)
Title  : Re: Re: Setup DH parameters for cipher suite
 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'.

On Thu, 2015-09-17 at 08:24 +0000, 이계영 wrote:
> 
> Thanks for your reply.
> 
> But it is a big job to upgrade httpclient and httpcore.
> 
> Maybe is it a way with 4.2.5 ? 
> 

It can be done with any version of HttpClient. With HC 4.2 you will have
to build a custom SSLSocketFactory to do the same.

Oleg

> Thanks,
> Gary
> 
> On Wed, 2015-09-16 at 14:50 +0000, 이계영 wrote:
> > 
> > Hello Good Listener.
> > 
> > I am tring to setup DH parameters with a key length of 2048 bits for using 
> > cipher suite 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA'. 
> > 
> > I saw the way to use openssl like below. But I cannot find the way with 
> > httpclient and httpcore. 
> > 
> > My version of httpclient and httpcore is 4.2.5.
> > 
> > openssl site : 
> > http://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_tmp_dh_callback.html
> > 
> > Thanks,
> > Gary
> > 
> 
> Can you upgrade to HttpClient 4.5.1?
> 
> It is just easier with newer versions of HttpClient
> 
> http://hc.apache.org/httpcomponents-client-4.5.x/httpclient/examples/org/apache/http/examples/client/ClientCustomSSL.java
> 
> Oleg

<p>&nbsp;</p>===================================================
Lee, Gyeyoung

Smart Home Solution Lab 
SAMSUNG ELECTRONICS Co., Ltd.
                    
Mobile : +82-10-5588-2137 
E-mail : gyeyoung....@samsung.com
===================================================<p>&nbsp;</p>

Reply via email to