db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bernt M. Johnsen (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DERBY-2108) Implement SSL/TLS communication between client and server
Date Wed, 22 Nov 2006 14:18:03 GMT
     [ http://issues.apache.org/jira/browse/DERBY-2108?page=all ]

Bernt M. Johnsen updated DERBY-2108:
------------------------------------

    Attachment: DERBY-2108-first-cut.diff
                DERBY-2108-first-cut.stat

I have implemented a first cut to SSL/TLS. This patch requires for jdk1.3 an implementation
of javax.net and javax.net.ssl placed on java/tools. I used JSSE1.0.3 downloaded from http://java.sun.com/products/jsse/index-103.html

>From JDK1.4 on, JSSE is part of the JRE.

To activate SSL I just check if  system property javax.net.ssl.keyStore is defined on the
server side javax.net.ssl.trustStore on the client side

How to generate keystore and truststore with keygen is described in the JSSE Reference guide:
http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html

I used the following commands when I generated keys and certificates, and ran with:
keytool -genkey -alias derby -keyalg RSA  -validity 7 -keystore keystore
keytool -export -alias derby -keystore keystore -rfc -file derby.cert
keytool -import -alias derbycert -file derby.cert  -keystore truststore

I ran my testapp the following way:

java -Djavax.net.ssl.trustStore=truststore -Djavax.net.ssl.trustStorePassword=secret -cp derbyclient.jar:.
TestApp

and the client like this:

java -Djavax.net.ssl.keyStore=keystore -Djavax.net.ssl.keyStorePassword=secret -jar derbyrun.jar
server -p 22120 start

The JSSE Reference defines a set of system properties which may be used to parameterize JSSE.
I have so far anly used default settings.

Feel free to experiment and comment.

> Implement SSL/TLS communication between client and server
> ---------------------------------------------------------
>
>                 Key: DERBY-2108
>                 URL: http://issues.apache.org/jira/browse/DERBY-2108
>             Project: Derby
>          Issue Type: New Feature
>          Components: Network Server, Network Client
>            Reporter: Bernt M. Johnsen
>         Assigned To: Bernt M. Johnsen
>         Attachments: DERBY-2108-first-cut.diff, DERBY-2108-first-cut.stat
>
>
> Implement SSL/TLS communication between client and server

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message