Depends how they are sent. Parameters sent in a POST will be encrypted using SSL. No user interaction required.
Parameters sent using GET will not be encrypted unless you do it yourself. Gary Evesson Decentrix Inc -----Original Message----- From: John MccLain [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 22, 2005 2:39 PM To: Tomcat user list Subject: SSL Handshake before parameters sent??? We have a servlet that is served by Tomcat. IIS is employed to redirect ot Tomcat via AJP. IIS is also SSL enabled as our data is sensistive. I wish to call a servlet and pass SSL encrypted data. BUT, to start the SSL handshake off, I am making a servlet request with the data I wish to be SSL encrypted. My question is If I call a servlet from a browser and pass the servlet some parameters that need to be sent encrypted, do the parameters get SSL encrypted BEFORE they are sent, or are they sent clear text, then the SSL Handshake, then all other data sent is encrypted? John McClain Senior Software Engineer TCS Healthcare [EMAIL PROTECTED] (530)886-1700x235 "Skepticism is the first step toward truth" --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
smime.p7s
Description: S/MIME cryptographic signature
