[ale] OT: JSSE
Denny Chambers
dchambers at bugfixer.net
Wed Jun 2 21:07:33 EDT 2004
Let me see if I understand this. You have a servlet/jsp app that acts as
a proxy for a device, and you want to communicate from an applet to the
proxy over SSL. Is this correct? If so will the communication be over HTTPS?
Christopher Fowler wrote:
>Hopefully the list is working again.
>
>I have a thread in Tomcat that is a simple proxy between a device and an
>applet. I want to use an SSL connection between the proxy and the
>applet but am not sure where to start. I have created a .pem file that
>looks like this:
>
>[root at sam-devel certs]# cat ac.pem
>-----BEGIN RSA PRIVATE KEY-----
>MIICXAIBAAKBgQC/Lu8dW30j6hmebc2uUm/p5o2hJ4oM274SdZ5IffSn3RxvV6Fu
>xhqP8Gxr+f4JX1F3QSeJX1ORYFi7rW7VQXXSZiiHq4PzaYsKv9UcLRd/eutFE3dL
>sSk5Dl+QLlCWTrzq5M5tUNgc538JLU4r9k8DcX7VyCDWo0VwpKxB4k60QwIDAQAB
>AoGAcLhLYxO+BJ7R3AcBbfZM5at5dbrKOiqVNm0CldstlItZaIxSMe27W4J1anRK
>w1vfvGA931DFBMG5j24CGtotjIqt1yUXgWH8T6KsPD4Fm3oRPnYxPF9fduDDC6kt
>ZVOiwQNlbxsmNUqZ4/to52iDWkmaEvjIKcuJ2T2S0GmP34ECQQDejP7ixHfqDMH7
>xAbgkXOeeT0kY5uQaCuNm8ZPijP1brjP+cRiF1++Ggx3e76rwLMbNgMneQQwkw1N
>Shg9X65/AkEA2+sGfFPzia9aea3e2dCcPaxG2eDJ/SoPukJhllBpVpoQVNCCV9+w
>b5Mbu/2obqHMzlu21ebgoMjUSuauYq3gPQJAI2zOJcqgS+E7/5d0gMqmXNNvqBsy
>6Ams5R2ms4KMQsUdJf3cBMEzvE7pLRvFfhFucSZn2iCpShIeS+8/bIWOgQJBAJAD
>f7LJMzGV8HTAZLBUyQwmFhu19fBgq/34XHmX3POGXm18Qe8ToDHgrwfTm4ofUMRO
>ERRQZgdEnKkUGVyrqq0CQBeO218szPU8hL1INULTsXE3es+CXmHOiLbxse+dQNtt
>y48pGj5KG600Ez3Pd0mCSkhu6TioiZasmmdGqTvIrgo=
>-----END RSA PRIVATE KEY-----
>-----BEGIN CERTIFICATE-----
>MIID3zCCA0igAwIBAgIBADANBgkqhkiG9w0BAQQFADCBrDELMAkGA1UEBhMCVVMx
>CzAJBgNVBAgTAkdBMRMwEQYDVQQHEwpBbHBoYXJldHRhMR4wHAYDVQQKExVPdXRQ
>b3N0IFNlbnRpbmVsLCBMTEMxGzAZBgNVBAsTEk5ldHdvcmsgTWFuYWdlbWVudDEc
>MBoGA1UEAxMTc2FtLWRldmVsLm9wc3VwLmNvbTEgMB4GCSqGSIb3DQEJARYRY2Zv
>d2xlckBvcHN1cC5jb20wHhcNMDQwNjAyMTQxOTI2WhcNMDUwNjAyMTQxOTI2WjCB
>rDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkdBMRMwEQYDVQQHEwpBbHBoYXJldHRh
>MR4wHAYDVQQKExVPdXRQb3N0IFNlbnRpbmVsLCBMTEMxGzAZBgNVBAsTEk5ldHdv
>cmsgTWFuYWdlbWVudDEcMBoGA1UEAxMTc2FtLWRldmVsLm9wc3VwLmNvbTEgMB4G
>CSqGSIb3DQEJARYRY2Zvd2xlckBvcHN1cC5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
>gY0AMIGJAoGBAL8u7x1bfSPqGZ5tza5Sb+nmjaEnigzbvhJ1nkh99KfdHG9XoW7G
>Go/wbGv5/glfUXdBJ4lfU5FgWLutbtVBddJmKIerg/Npiwq/1RwtF39660UTd0ux
>KTkOX5AuUJZOvOrkzm1Q2BznfwktTiv2TwNxftXIINajRXCkrEHiTrRDAgMBAAGj
>ggENMIIBCTAdBgNVHQ4EFgQUBzFJUFK4GGCkuAT7FMDgZPNhICwwgdkGA1UdIwSB
>0TCBzoAUBzFJUFK4GGCkuAT7FMDgZPNhICyhgbKkga8wgawxCzAJBgNVBAYTAlVT
>MQswCQYDVQQIEwJHQTETMBEGA1UEBxMKQWxwaGFyZXR0YTEeMBwGA1UEChMVT3V0
>UG9zdCBTZW50aW5lbCwgTExDMRswGQYDVQQLExJOZXR3b3JrIE1hbmFnZW1lbnQx
>HDAaBgNVBAMTE3NhbS1kZXZlbC5vcHN1cC5jb20xIDAeBgkqhkiG9w0BCQEWEWNm
>b3dsZXJAb3BzdXAuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQAD
>gYEAUjUicxeApln3bY6ATVQf3hgNn+kJ6hyMkGaQJZSjxeLMrI+UgO7QHruxEoJ9
>AWBR6Z0bCvVtaumQRVfsNGoJ0PnJT6Aypouo5QbyMvYF3Qy8UKor93z0V3uqD0WP
>dOZv3A25LpYZ4fhhWZ0caW7Pq/oGVyEnXCBb2a/8129C1KI=
>-----END CERTIFICATE-----
>
>Do I need to add the following define to my java command line?
>JAVA_OPTS="-Xms64m -Xmx128m
>-Djavax.net.ssl.keyStore=/opt/SAM/SSL/certs/ac.pem"
>
>
>Is what I'm doing the correct way to tell Java where my certificate is?
>
>
>
>
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://www.ale.org/mailman/listinfo/ale
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3190 bytes
Desc: S/MIME Cryptographic Signature
More information about the Ale
mailing list