Netty SSL Connection
Trustin Lee
tlee at redhat.com
Mon Mar 9 17:49:30 EDT 2009
Hi Pete,
On Wed, Mar 4, 2009 at 7:20 AM, miarkus <miarkus at tlen.pl> wrote:
> 1) I assume that X.509 Public Key has been converted into byte array and
> included in SecureChatKeyStore? Does netty make use of both private and
> public key cause I didn't notice it anywhere in the ssl chat example.
> Shouldn't server use private key to decrypt session key after successful
> handshake and then use it for decrypting data?
Not really. During the handshake phase of SSL / TLS, a random
encryption key for symmetric bulk encryption (like blowfish) is
generated and exchanged by the client and the server. The encryption
key exchange is considered safe thanks to Diffie-Hellman algorithm
AFAIK.
> 2) Is it possible for you to send me the SecureChatKeyStore key before byte
> array conversion. I need to be sure that my conversion is correct.
I did the conversion manually and doing it reversely will take quite a
lot of time, and I'm not sure it's worth the time because the
generated certificate file will be different from each other.
HTH,
Trustin
More information about the netty-users
mailing list