advertisement
javaboutique
Search Tips
Articles  |   Tutorials  |   Reviews  |   Tools  |   by Category  |   by Date  |   by Name  |   Submit  |   Source  |   Forums  |  
javaboutique
Browse DevX


Partners & Affiliates


advertisement

Tutorials : Customize Your JSSE Key and Trust Material Managers :

A Simple Client/Server J2SE Application

Let's start with a basic client/server J2SE application. In this app, the client sends a message to the server and the server returns it to the client. To stop the application, the client sends a message to the server saying "Bye!" (obviously the scope of this application is trivial—what's important is that you follow the customization process).

Before taking a look at the client and the server, you'll need to define a certificate using the keytool tool (you have to be familiar with this tool to understand the next paragraph): 


C:\>keytool -genkey -keystore SSLcert -storepass e1002qa2

   What is your first and last name?
     [Unknown]:  localhost
   What is the name of your organizational unit?
     [Unknown]:  none
   What is the name of your organization?
     [Unknown]:  none
   What is the name of your City or Locality?
     [Unknown]:  Bucuresti
   What is the name of your State or Province?
    [Unknown]:  Bucuresti
   What is the two-letter country code for this unit?
    [Unknown]:  RO
   Is CN=localhost, OU=none, O=none, L=Bucuresti, ST=Bucuresti, C=RO correct?
     [no]:  yes
  
   Enter key password for <mykey>
           (RETURN if same as keystore password): CR
While the CN field is normally represented by the name of server host, in this example, the server will run on the local host, so the CN field has the localhost value. Place this certificate into the C:\j2sse\server\ and C:\j2sse\client\ directories.

Listing 1 shows the server. Listing 2 shows the client.

Notice that if SSL has not been configured properly for your virtual machine, the factories shown in the above listing will report instantiation exceptions.

The SSLContext Class

When you talk about customization of an J2SE application, the first thing to consider is the javax.net.ssl.SSLContext class. This class provides methods for setting and configuring the desired protocol and is the manager of all the SSL socket factories and SSL engines—every SSL socket or SSL engine is controlled by the current SSLContext.

You may not immediately discern an immediate use for SSLContext in the sample J2SSE application, but that's because this class is working for you from behind the scenes. When you call the SSLSocketFactory.getDefault method or the SSLServerSocketFactory.getDefault method, Java creates and initializes a default SSLContext object. For simple applications, like our sample app, this context is all that you need. But if your application is more complex, you'll have create your own contexts (SSLContexts).

To create a SSLContext object, you have to use one of the following static methods: 

public static SSLContext getInstance(String protocol) throws
NoSuchAlgorithmException
public static SSLContext getInstance(String protocol, String provider) throws
NoSuchAlgorithmException, NoSuchProviderException
public static SSLContext getInstance(String protocol, Provider provider) throws
NoSuchAlgorithmException
As you can see, the protocol argument is common to all getInstance methods. This argument represents a standard name of a protocol (for example, SSL, SSLv2, SSLv3, TLS, TLSv1). If the specified protocol name is not recognized or is not implemented, a NoSuchAlgorithmException will be thrown. The last two getInstance methods permit you to specify, by name, the provider of the cryptographic services. If the specified provider is not correctly configured, a NoSuchProviderException will be thrown. If the specified protocol is not implemented by the current provider, a NoSuchAlgorithmException will be thrown. Remember that the default provider's name is SunJSSE. Here are two examples of calling the getInstance methods: 
SSLContext context=SSLContext.getInstance("SSLv3");
SSLContext context=SSLContext.getInstance("TLS","SunJSSE");
After you get a context you must initialize it. The initialization parameters are:
  • A key manager: Represented by the KeyManager interface.

  • A trust certificate manager: Represented by the TrustManager interface.
  • A cryptographically random number generator (RNG): Represented by the SecureRandom class.
To initialize these parameters, call the SSLContext.init method:
  • public final void init(KeyManager[] KM, TrustManager[] TM, SecureRandom RNG) This throws KeyManagementException. The arguments of this method represent:
    • KM : Represents an array of KeyManagers. If this argument is null, an empty KeyManager will be used.
    • TM: Represents an array of TrustManagers. If this argument is null, J2SSE searches for the right TrustManager in the TrustManagerFactory implementation with the highest priority.
    • RNG: Random Number Generator represents a cryptographically random number generator. If this argument is null, the default generator will be used.

Home / Articles / Customize Your JSSE Key and Trust Material Managers / 1 / 2 / Next Page

How to Add Java Applets to Your Site

New on the Java Boutique:

New Review:

Time Management Made Easy with the Quartz Enterprise Job Scheduler
Why not just use the Java timer API? This open source scheduling API boasts simplicity, ease-of-integration, a well-rounded feature set, and it's free!

New Applet:

Reverse Complement
Reverse Complement is a simple applet that converts DNA or RNA sequences into three useful formats.

Elsewhere on internet.com:

WebDeveloper Java
Lots of Java information on webdeveloper.com

WDVL Java
Thorough Java resource at the Web Developer's Virtual Library.

ScriptSearch Java
Hundreds of free Java code files to download.

jGuru: Your View of the Java Universe
Customizable portal with online training, FAQs, regular news updates, and tutorials.

 DevX Skillbuilding from IBM developerWorks
 Avaya DevConnect Center
 Intel Go Parallel Portal
 Internet.com eBook Library
 Microsoft RIA Development Center
 Destination .NET
XML error: not well-formed (invalid token) at line 48
advertisement
Receive Articles via our XML/RSS feed
Receive Articles via our XML/RSS feed

JavaBytes
Internet Cyclone
This powerful, easy-to-use, internet optimizer is for Windows 95, 98, ME, NT, 2000 and XP. It's designed to automatically optimize your Windows settings, boosting your Internet connection up to 200%.

Apple Details iPhone-Mac Developer Event
RIM Ups Ante With Mobile Software Push
Novell Readies Silverlight Clone for Linux
Yahoo Pitches The 'Next Generation of Search'
Alfresco's Latest ECM: Prying Open a Sector?
SaaS Tool Offers Custom Database Development
Microsoft’s Automated Agent: Can We Talk?
Borland Finally Sells CodeGear
Red Hat Heads for the JON 2.0
Out with the Old, in with the New at JavaOne

Virtual Earth?What's New in the Latest Release
Everything You Need to Know About Your iPhone
PerformancePoint 2007: Installing Planning Server
Create Secure Java Applications Productively, Part 1: Use Rational Application Developer and Data Studio
.NET Building Blocks: Custom User Control Fundamentals
Secure Internet File-Sharing with PHP, MySQL, and JavaScript
Getting Started with TBB on Windows
Moving to VoIP: Should You Go It Alone?
Introduction to the WPF Command Framework
7.0, Microsoft's Lucky Version?

Advertising Info  |   Member Services  |   Contact Us  |   Help  |   Feedback  |   Site Map  |   Network Map  |   About



JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
Solutions
Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008
Avaya Article: How to Feed Data into the Avaya Event Processor
Microsoft Article: Install What You Need with Windows Server 2008
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: How Cool Is Your Data Center?
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
 Red Gate Download: SQL Compare Pro 6
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Collaborating in the High-Performance Workplace
HP Demo: StorageWorks EVA4400
 Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES