hi all, i have another problem. i am currently writing a php script to act as a client and log in to a https site (not under my control). i originally started writing the script with php curl, however i came accross a bug in php curl which prevents me from getting to a certiain page when attempting to send a large post string (see here for the bug description: http://curl.haxx.se/mail/lib-2003-12/0294.html) so anyway i have decided to switch to using php sockets - i know it really is re-inventing the wheel but i need to keep my scripts in php and there arent many other options available.
so far with my socket script i connect fine to the remote server and it returns an encrypted response. my question is - how can i decript the response text? the certificate information for the site (as obtained with openssl s_client -connect host:443) is: CONNECTED(00000003) depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain 0 s:/1.3.6.1.4.1.311.60.2.1.3=AU/1.3.6.1.4.1.311.60.2.1.2=./1.3.6.1.4.1.311.60.2.1.1=./2.5.4.15=V1.0, Clause 5.(b)/serialNumber=000 032 128/C=AU/postalCode=2000/ST=New South Wales/L=Sydney/streetAddress=L24, 2 Market Street/O=Caltex Australia Petroleum Pty Ltd/OU=Marketing/CN=partner.caltex.com.au i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation SSL SGC CA 1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation SSL SGC CA i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority --- Server certificate -----BEGIN CERTIFICATE----- MIIGhDCCBWygAwIBAgIQX5s93gJYvsugIfWWMZYIODANBgkqhkiG9w0BAQUFADCB vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug ....[i deleted a chunk to save space here]......... s8sKB67BrjHEPlxxnUwxWquHD7fouRIDR07l+iiX6dYKFRPa1m4rAaift9E9LxRE 3tIcvP1+bXOfb3baY/Ig//ZR+S91wnVr3KEWQKLxIfQ/TVvK+qFd5x2+NWcfi3Ag CojbYNh1M8IbKTMGvLJZ8PnpVmhlQQoe8piCHsV7aNKKyZEZ4cMGSg== -----END CERTIFICATE----- subject=/1.3.6.1.4.1.311.60.2.1.3=AU/1.3.6.1.4.1.311.60.2.1.2=./1.3.6.1.4.1.311.60.2.1.1=./2.5.4.15=V1.0, Clause 5.(b)/serialNumber=000 032 128/C=AU/postalCode=2000/ST=New South Wales/L=Sydney/streetAddress=L24, 2 Market Street/O=Caltex Australia Petroleum Pty Ltd/OU=Marketing/CN=partner.caltex.com.au issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation SSL SGC CA --- No client certificate CA names sent --- SSL handshake has read 4687 bytes and written 428 bytes --- New, TLSv1/SSLv3, Cipher is RC4-MD5 Server public key is 2048 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : RC4-MD5 Session-ID: A8020000165D870DAD6C9BB67C3B3BE5F38606B2CEF3ABCF4F9F8A6ECA0D3E8C Session-ID-ctx: Master-Key: 8B32C9515EDD084815E8250910177DBC8FE41BE5825E42AD9D3C4C14ED22F74BB7DCB99FEDDFCA3164D3E3A762975F83 Key-Arg : None Start Time: 1271143626 Timeout : 300 (sec) Verify return code: 20 (unable to get local issuer certificate) --- if someone else has already asked this please feel free to direct me to their question with solution. thanks for your help! -- View this message in context: http://old.nabble.com/decript-returned-https-string-tp28219431p28219431.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
