decript returned https string

2010-04-13 Thread peter23452345 

hi all,
i have another problem. i am currently writing a php script to act as a
client and log in to a https site (not under my control). i originally
started writing the script with php curl, however i came accross a bug in
php curl which prevents me from getting to a certiain page when attempting
to send a large post string (see here for the bug description:
http://curl.haxx.se/mail/lib-2003-12/0294.html) so anyway i have decided to
switch to using php sockets - i know it really is re-inventing the wheel but
i need to keep my scripts in php and there arent many other options
available.

so far with my socket script i connect fine to the remote server and it
returns an encrypted response. my question is - how can i decript the
response text? the certificate information for the site (as obtained with
openssl s_client -connect host:443) is:

CONNECTED(0003)
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006
VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary
Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
 0
s:/1.3.6.1.4.1.311.60.2.1.3=AU/1.3.6.1.4.1.311.60.2.1.2=./1.3.6.1.4.1.311.60.2.1.1=./2.5.4.15=V1.0,
Clause 5.(b)/serialNumber=000 032 128/C=AU/postalCode=2000/ST=New South
Wales/L=Sydney/streetAddress=L24, 2 Market Street/O=Caltex Australia
Petroleum Pty Ltd/OU=Marketing/CN=partner.caltex.com.au
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at
https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation
SSL SGC CA
 1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at
https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation
SSL SGC CA
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign,
Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary
Certification Authority - G5
 2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign,
Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary
Certification Authority - G5
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification
Authority
---
Server certificate
-BEGIN CERTIFICATE-
MIIGhDCCBWygAwIBAgIQX5s93gJYvsugIfWWMZYIODANBgkqhkiG9w0BAQUFADCB
vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
[i deleted a chunk to save space here].
s8sKB67BrjHEPlxxnUwxWquHD7fouRIDR07l+iiX6dYKFRPa1m4rAaift9E9LxRE
3tIcvP1+bXOfb3baY/Ig//ZR+S91wnVr3KEWQKLxIfQ/TVvK+qFd5x2+NWcfi3Ag
CojbYNh1M8IbKTMGvLJZ8PnpVmhlQQoe8piCHsV7aNKKyZEZ4cMGSg==
-END CERTIFICATE-
subject=/1.3.6.1.4.1.311.60.2.1.3=AU/1.3.6.1.4.1.311.60.2.1.2=./1.3.6.1.4.1.311.60.2.1.1=./2.5.4.15=V1.0,
Clause 5.(b)/serialNumber=000 032 128/C=AU/postalCode=2000/ST=New South
Wales/L=Sydney/streetAddress=L24, 2 Market Street/O=Caltex Australia
Petroleum Pty Ltd/OU=Marketing/CN=partner.caltex.com.au
issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at
https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation
SSL SGC CA
---
No client certificate CA names sent
---
SSL handshake has read 4687 bytes and written 428 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 2048 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol  : TLSv1
Cipher: RC4-MD5
Session-ID:
A802165D870DAD6C9BB67C3B3BE5F38606B2CEF3ABCF4F9F8A6ECA0D3E8C
Session-ID-ctx:
Master-Key:
8B32C9515EDD084815E8250910177DBC8FE41BE5825E42AD9D3C4C14ED22F74BB7DCB99FEDDFCA3164D3E3A762975F83
Key-Arg   : None
Start Time: 1271143626
Timeout   : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---

if someone else has already asked this please feel free to direct me to
their question with solution. thanks for your help!
-- 
View this message in context: 
http://old.nabble.com/decript-returned-https-string-tp28219431p28219431.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

locate key for p12 certificate

2010-04-08 Thread peter23452345 

hi, i have been trying to create a certificate for use on my webscarab proxy.
essentially what i want to do is this: run a php curl script which redirects
certain https traffic though the webscarab proxy so that i can see the
output from the curl script (php curl doesnt provide visibility into the
http post string and i need to see this). i have already got this working
with regular http - but i need https.

the certificate is on a server which is not under my control:
https://partner.caltex.com.au/caltexau/default.asp . its in .crt format but
webscarab needs .p12 format. i realise that i will need some kind of key to
create the p12 file using this statement:

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in
certificate.crt -certfile CACert.crt

however i dont know where to find this key. i know the key must be somewhere
on my computer otherwise the web browser wouldnt be able to view the web
page. can someone please tell me where to get the key from?

thanks! (and go easy on me - im a relative noob ;P)

peter miller
-- 
View this message in context: 
http://old.nabble.com/locate-key-for-p12-certificate-tp28175240p28175240.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org