JDK 1.4 Tutorial, eDoc 7 : Using JSSE for Secure Socket Communications by Gregory Travis

Description

JDK 1.4 comes complete with a full implmentation of the Secure Sockets Layer (SSL), in the form of the Java Secure Socket Extension, or JSSE. This allows any net-enabled Java application to run in a secure fashion, preventing others from reading data sent across the net.

In fact, using secure sockets is easy; it's setting them up that is hard. This e-doc starts with a convenient overview of encryption terminology. It follows this with a detailed description of the SSL handshaking process, which provides a rich understanding of the security model and the role of the encryption keys. Finally, two complete programs are demonstrated — complete with instructions for generating and distributing the keys necessary for secure communications.

This e-doc will show you how to:

• Create secure sockets
• Use secure sockets in place of regular sockets
• Understand the SSL 3.0 (TLS 1.0) handshaking protocol
• Understand the role of encryption keys within SSL
• Create and manage encryption keys using keytool
• Generate public and private keys
• Generate self-signed public key certificates
• Use keystores to hold and distribute encryption keys

Sample programs included in this chapter:

• A simple secure web server
• A simple secure credit-card authorization system