Configuring Java CAPS for SSL support

Source: Internet
Author: User
Tags ldap

Configuring Java CAPS for SSL support
    • Previous: OpenSSL Project
    • Next: Keystores and Truststores
SSL and Adapters

The use of SSL with HTTP, LDAP, and WebSphere MQ enables data exchanges is secure from unauthorized interception fro M hackers or other entities. The adapter ' s SSL feature provides a secure communications channel for the data exchanges.

The following diagram illustrates the use of SSL with the LDAP Adapter.

This SSL feature are supported through the use of Java Secure Socket Extension (JSSE) version 1.0.3.

Currently, the JSSE reference implementation is used. JSSE is a provider-based architecture, which means there are a set of standard interfaces for cryptographic algorithms, have Hing algorithms, secured-socket-layered URL stream handlers, and so on.

Because the user is interacting with JSSE through these interfaces, the different components can mixed and matched as L Ong as the implementation is programmed under the published interfaces. However, some implementations might not support a particular algorithm.

The JSSE 1.0.3 API can support SSL versions 2.0 and 3.0 and TLS version 1.0. These security protocols encapsulate a normal bidirectional stream socket. The JSSE 1.0.3 API adds transparent support for authentication, encryption, and integrity protection. The JSSE reference implementation implements SSL version 3.0 and TLS version 1.0.

The following options available for setting up SSL connectivity with a Web server:

  • Server-side authentication. The majority of E-commerce Web sites is configured for Server-side authentication. The adapter requests a certificate from the Web server and authenticates the Web server by verifying that the certificate can be trusted. Essentially, the adapter performs this operation by looking to its truststore for a CA certificate with a public key tha T can validate the signature on the certificate received from the Web server.

  • Dual authentication. This option requires authentication from both the adapter and Web server. The server side (Web server) of the authentication process is the same as, that described previously. In addition, the Web server requests a certificate from the adapter. The adapter sends its certificate to the Web server. The server authenticates the adapter by looking to its truststore for a matching trusted CA certificate. The communication channel is established by the process of both parties requesting certificate information.

    • Previous: OpenSSL Project
    • Next: Keystores and Truststores

    Configuring Java CAPS for SSL support

    Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.