Because of business needs, data communication is required between different servers on multiple platforms (Java & amp; PHP) and encrypted communication is required. There is no experience in this field. Is there any solution to achieve this? This is probably because Site A (Java) adds, deletes, modifies, and queries the data of site B (PHP). If Site B exposes the interface to site A, use it... due to business needs, data communication is required between different servers on multiple platforms (Java & PHP) and encrypted communication is required. There is no experience in this field. Is there any solution to achieve this?
This is probably because Site A (Java) adds, deletes, modifies, and queries the data of site B (PHP). If Site B exposes an interface for Site A to use, for example, in Restful mode, data encryption and decryption are required, is there a cross-language public encryption/Decryption solution?
Reply content:
Due to business needs, data communication is required between different servers on multiple platforms (Java & PHP) and encrypted communication is required. There is no experience in this field. Is there any solution to achieve this?
This is probably because Site A (Java) adds, deletes, modifies, and queries the data of site B (PHP). If Site B exposes an interface for Site A to use, for example, in Restful mode, data encryption and decryption are required, is there a cross-language public encryption/Decryption solution?
Apache Thrift
YesFacebook
The contribution of cross-language calling tools will also facilitate incremental development.
If it is only used for data communication,MessagePack
It is also a good choice.
A simple method is to consider https + parameter digital signature (such as md5 and sha1)
If you have a fixed IP address or domain name, you can verify the source IP address or domain name.
Head header Verification
RSA: The caller encrypts the data with the public key and adds a timestamp. The decryption party decrypts the data with the private key and verifies whether the timestamp times out (the time-out period is set by itself)
Refer to various third-party payment interface designs
Note: The machines on Site A and site B should not be deployed on the same Intranet, and RPC may not work.
You can try an RPC framework. Now many RPC frameworks support cross-language programming.
Restful seever
RPC communication is supported.
For example, the Thrift framework is divided into two parts: the server and the client. The server generates the corresponding Java code, the client introduces the code, and then directly calls the corresponding method in the code after configuration.
Here is something for you.
You don't need to use it.
If you like it, remember to adopt it !!
HTTPS + RSA asymmetric encryption.
Hession is acceptable.