Configuring Java CAPS for SSL Support - Adapters
来源:互联网 发布:ksweb mysql 编辑:程序博客网 时间:2024/04/28 18:20
- Previous: OpenSSL Project
- Next: KeyStores and TrustStores
SSL and Adapters
The use of SSL with HTTP, LDAP, and WebSphere MQ enables data exchanges that are secure from unauthorized interception from hackers or other entities. The adapter's SSL feature provides a secure communications channel for the data exchanges.
The following diagram illustrates the use of SSL with the LDAP Adapter.
This SSL feature is supported through the use of Java Secure Socket Extension (JSSE) version 1.0.3.
Currently, the JSSE reference implementation is used. JSSE is a provider-based architecture, which means there is a set of standard interfaces for cryptographic algorithms, hashing algorithms, secured-socket-layered URL stream handlers, and so on.
Because the user is interacting with JSSE through these interfaces, the different components can be mixed and matched as long as the implementation is programmed under the published interfaces. However, some implementations might not support a particular algorithm.
The JSSE 1.0.3 API can support SSL versions 2.0 and 3.0 and TLS version 1.0. These security protocols encapsulate a normal bidirectional stream socket. The JSSE 1.0.3 API adds transparent support for authentication, encryption, and integrity protection. The JSSE reference implementation implements SSL version 3.0 and TLS version 1.0.
The following options available for setting up SSL connectivity with a web server:
Server-side Authentication. The majority of e-commerce web sites are configured for server-side authentication. The adapter requests a certificate from the web server and authenticates the web server by verifying that the certificate can be trusted. Essentially, the adapter performs this operation by looking into its TrustStore for a CA certificate with a public key that can validate the signature on the certificate received from the web server.
Dual Authentication. This option requires authentication from both the adapter and web server. The server side (web server) of the authentication process is the same as that described previously. In addition, the web server requests a certificate from the adapter. The adapter sends its certificate to the web server. The server authenticates the adapter by looking into its TrustStore for a matching trusted CA certificate. The communication channel is established by the process of both parties requesting certificate information.
- Previous: OpenSSL Project
- Next: KeyStores and TrustStores
- Configuring Java CAPS for SSL Support - Adapters
- Configuring Java CAPS for SSL Support - Index
- Configuring Java CAPS for SSL Support - Program
- Configuring Java CAPS for SSL Support - Project
- Configuring Java CAPS for SSL Support - KeyStores and TrustStores
- configuring tomcat to support SSL
- Configuring IPython Notebook Support for PySpark
- Configuring SSH Secure Shell for TCP Wrappers Support
- Configuring SNMP Support
- Configuring SNMP Support
- Configuring SNMP Support
- OGG Configuring DDL Support
- Configuring SSL in Weblogic
- Configuring SSL certificate
- configuring ssl in iis manager
- KETTLE Configuring for Cloudera
- Configuring HiveServer2 for CDH
- CAPS
- POJ 2001 Shortest Prefixes (Trie树应用 好题)
- 【POJ2176】Pebbles
- Configuring Java CAPS for SSL Support - Program
- Configuring Java CAPS for SSL Support - Project
- 关于Ubuntu无法进入图形桌面的问题
- Configuring Java CAPS for SSL Support - Adapters
- Ext2文件系统初步
- Configuring Java CAPS for SSL Support - KeyStores and TrustStores
- javascript事件处理程序
- Generating a KeyStore and TrustStore
- NYOJ 178 找规律(Lagrange插值公式)
- Python爬虫初步
- pat1016 Phone Bills
- 怎样使用Google App Engine
