Hi - I am writing a small Java client to talk SSL to OpenSSL server (as a
temporary test). This is a pilot to plug in SSL into a much bigger project.
I receive the servers certificate during the SSL handshake in the server
certificate message. This certificate seems to be in ASN (whatever that
means) format according to the SSL spec.
Question is how do I parse, decode or whatever this certificate data stream.
>From what I understand, as a minimum, I need to pull out the server public
key from the certificate for the rest of the SSL process - eg to create the
master secret.
Can anyone point me to some introductory doc on what ASN is and how to
decode, parse it and how to pull out specific fields from the certificate.
Is there a specification of what a certificate looks like. X509 seems to be
some sort of standard for the certificate. Where is that explained or
documented? How do I know if the certificate is X509? I have a bunch of
"open source" Java source code that appears to be written to decode/parse
ASN strcuctues but I have no idea how to present the certificate data to
these classes..
Anyone else tried to code a Java SSL client? I assume I will hit other
conceptual/learning type issues before I get thu this. I would love to hear
from any one who has done this with Java and would be prepared to offer a
little help thru this mail list.
We have also looked at various Java SSL packages but concluded that they are
all too heavy for use in applets - so we have to write code..
Thanks
David Murphy
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
