hi all,
i have another problem. i am currently writing a php script to act as a
client and log in to a https site (not under my control). i originally
started writing the script with php curl, however i came accross a bug in
php curl which prevents me from getting to a certiain page when attempting
to send a large post string (see here for the bug description:
http://curl.haxx.se/mail/lib-2003-12/0294.html) so anyway i have decided to
switch to using php sockets - i know it really is re-inventing the wheel but
i need to keep my scripts in php and there arent many other options
available.
so far with my socket script i connect fine to the remote server and it
returns an encrypted response. my question is - how can i decript the
response text? the certificate information for the site (as obtained with
openssl s_client -connect host:443) is:
CONNECTED(0003)
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006
VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary
Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0
s:/1.3.6.1.4.1.311.60.2.1.3=AU/1.3.6.1.4.1.311.60.2.1.2=./1.3.6.1.4.1.311.60.2.1.1=./2.5.4.15=V1.0,
Clause 5.(b)/serialNumber=000 032 128/C=AU/postalCode=2000/ST=New South
Wales/L=Sydney/streetAddress=L24, 2 Market Street/O=Caltex Australia
Petroleum Pty Ltd/OU=Marketing/CN=partner.caltex.com.au
i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at
https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation
SSL SGC CA
1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at
https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation
SSL SGC CA
i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign,
Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary
Certification Authority - G5
2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign,
Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary
Certification Authority - G5
i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification
Authority
---
Server certificate
-BEGIN CERTIFICATE-
MIIGhDCCBWygAwIBAgIQX5s93gJYvsugIfWWMZYIODANBgkqhkiG9w0BAQUFADCB
vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
[i deleted a chunk to save space here].
s8sKB67BrjHEPlxxnUwxWquHD7fouRIDR07l+iiX6dYKFRPa1m4rAaift9E9LxRE
3tIcvP1+bXOfb3baY/Ig//ZR+S91wnVr3KEWQKLxIfQ/TVvK+qFd5x2+NWcfi3Ag
CojbYNh1M8IbKTMGvLJZ8PnpVmhlQQoe8piCHsV7aNKKyZEZ4cMGSg==
-END CERTIFICATE-
subject=/1.3.6.1.4.1.311.60.2.1.3=AU/1.3.6.1.4.1.311.60.2.1.2=./1.3.6.1.4.1.311.60.2.1.1=./2.5.4.15=V1.0,
Clause 5.(b)/serialNumber=000 032 128/C=AU/postalCode=2000/ST=New South
Wales/L=Sydney/streetAddress=L24, 2 Market Street/O=Caltex Australia
Petroleum Pty Ltd/OU=Marketing/CN=partner.caltex.com.au
issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at
https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation
SSL SGC CA
---
No client certificate CA names sent
---
SSL handshake has read 4687 bytes and written 428 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 2048 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher: RC4-MD5
Session-ID:
A802165D870DAD6C9BB67C3B3BE5F38606B2CEF3ABCF4F9F8A6ECA0D3E8C
Session-ID-ctx:
Master-Key:
8B32C9515EDD084815E8250910177DBC8FE41BE5825E42AD9D3C4C14ED22F74BB7DCB99FEDDFCA3164D3E3A762975F83
Key-Arg : None
Start Time: 1271143626
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
if someone else has already asked this please feel free to direct me to
their question with solution. thanks for your help!
--
View this message in context:
http://old.nabble.com/decript-returned-https-string-tp28219431p28219431.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org