[jira] Updated: (DERBY-2108) Implement SSL/TLS communication between client and server

Wed, 22 Nov 2006 06:18:25 -0800 

     [ http://issues.apache.org/jira/browse/DERBY-2108?page=all ]

Bernt M. Johnsen updated DERBY-2108:
------------------------------------

    Attachment: DERBY-2108-first-cut.diff
                DERBY-2108-first-cut.stat

I have implemented a first cut to SSL/TLS. This patch requires for jdk1.3 an 
implementation of javax.net and javax.net.ssl placed on java/tools. I used 
JSSE1.0.3 downloaded from http://java.sun.com/products/jsse/index-103.html

>From JDK1.4 on, JSSE is part of the JRE.

To activate SSL I just check if  system property javax.net.ssl.keyStore is 
defined on the server side javax.net.ssl.trustStore on the client side

How to generate keystore and truststore with keygen is described in the JSSE 
Reference guide: 
http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html

I used the following commands when I generated keys and certificates, and ran 
with:
keytool -genkey -alias derby -keyalg RSA  -validity 7 -keystore keystore
keytool -export -alias derby -keystore keystore -rfc -file derby.cert
keytool -import -alias derbycert -file derby.cert  -keystore truststore

I ran my testapp the following way:

java -Djavax.net.ssl.trustStore=truststore 
-Djavax.net.ssl.trustStorePassword=secret -cp derbyclient.jar:. TestApp

and the client like this:

java -Djavax.net.ssl.keyStore=keystore -Djavax.net.ssl.keyStorePassword=secret 
-jar derbyrun.jar server -p 22120 start

The JSSE Reference defines a set of system properties which may be used to 
parameterize JSSE. I have so far anly used default settings.

Feel free to experiment and comment.

> Implement SSL/TLS communication between client and server
> ---------------------------------------------------------
>
>                 Key: DERBY-2108
>                 URL: http://issues.apache.org/jira/browse/DERBY-2108
>             Project: Derby
>          Issue Type: New Feature
>          Components: Network Server, Network Client
>            Reporter: Bernt M. Johnsen
>         Assigned To: Bernt M. Johnsen
>         Attachments: DERBY-2108-first-cut.diff, DERBY-2108-first-cut.stat
>
>
> Implement SSL/TLS communication between client and server

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to