tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Kreuser <l...@kreuser.name>
Subject Re: Secure Communication Between Tomcat Servers
Date Mon, 09 Sep 2019 21:37:02 GMT
Isn‘t that what client certs are for?
Https to identify Server A, Client cert to authenticate Server B?

Message integrity should then be unnecessary?!

Or am I missing a piece?

Peter

> Am 09.09.2019 um 21:10 schrieb M. Manna <manmedia@gmail.com>:
> 
> Why not use JWT cookies/tokens? You sign your claims and only you can
> validate the claims and ensure that it’s coming from the right place/user.
> 
> Thanks,
> 
>> On Mon, 9 Sep 2019 at 19:26, Michael Duffy <mduffy215@gmail.com> wrote:
>> 
>> I need to communicate securely between two Tomcat servers running in two
>> different environments.  I have control of both servers.
>> 
>> I would like to do this through a simple REST call from Server-B to
>> Server-A.
>> 
>> On the server I am communicating to, Server-A, I can easily set up HTTPS
>> with a self-signed certificate.  If I import this certificate into the Java
>> Keystore on Server-B, I can make a trusted HTTPS Rest call from my Java
>> code on Server-B.
>> 
>> Good instructions for doing this can be found here:
>> 
>> https://blog.10pines.com/2017/09/25/how-to-communicate-via-https-between-two-tomcat-servers-using-a-self-signed-certificate/
>> 
>> 
>> I would also like to add a confirmation that the Rest call to Server-A is
>> certainly coming from Server-B and the message has integrity.
>> 
>> My plan is to generate a self-signed certificate on Server-B and  import
>> this certificate into the Java Keystore on Server-A.  Then for any REST
>> call from Server-B I will first generate an SHA-512 hash of the message and
>> sign the hash with the private key associated with the Server-B
>> certificate.   When Server-A receives the message, the SHA-512 hash will be
>> recalculated and checked for accuracy of the hash (no message tampering).
>> I will then check the signature of the Hash against the public key of the
>> certificate from Server-B.
>> 
>> For a little bit of extra paranoia I may encrypt the REST message with the
>> public key of the certificate from Server-A; for short messages this should
>> be fine (no need for Symmetric encryption).
>> 
>> Does this seem like a good plan?
>> 
>> Thx in advance for any suggestions.
>> 
>> Mike
>> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message