jsse

How to set up Cassandra client-to-node encryption with the DataStax Java driver?

回眸只為那壹抹淺笑 提交于 2019-12-12 07:57:46
问题 I've set up node-to-node encryption on my Cassandra cluster. Now I want to set up client-to-node. According to this documentation, it should be as easy as taking the SSL certificate of my client and importing it into every node's truststore. I don't have such a certificate yet but this is not my question. Since my client is using the DataStax Java driver, it seems that in order to enable SSL from the client side, when I am building the Cluster I should use the withSSL() method to enable SSL.

Control remote clients status on TCP connections

旧街凉风 提交于 2019-12-12 02:59:59
问题 I need to write a platform with a centralized server and a lot of remote clients to execute tasks. I'm currently using an RMI connection, being the centralized server who acts as client of the remote clients (RMI servers). It's working, but I'm afraid of have a lot of problems in a near future (is a good idea to use RMI?) so I'm thinking in move the code to SSLSockets and send serialized classes to do the same. My problem with this approach y how to control the list of active clients. I need

How to access a HTTPS url from a java application

廉价感情. 提交于 2019-12-11 21:26:16
问题 I know this is a very basic question, but some how I have managed to not find a solution to this problem. I have a java class that has a main method. In that method, I try to access an https url as below: package helloworld; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.net.URL; import javax.net.ssl.HttpsURLConnection; public class ConnectHttps { public static void main(String[] argsd) { System.out.println(

SSLContext. Should I reload it?

坚强是说给别人听的谎言 提交于 2019-12-11 10:28:23
问题 I am interested in updating a truststore dynamically. What would be the best option? Reload SSLContext or is it possible to recreate TrustManagers ? 回答1: You can't 'reload' an SSLContext , but you can certainly create a new one. A custom TrustManager won't help, as it is the underlying TrustManagerFactory that has the connection to the keystore, not the TrustManager . 来源: https://stackoverflow.com/questions/13173610/sslcontext-should-i-reload-it

How to enable TLS version 1.2 in web logic for outgoing https transactions

允我心安 提交于 2019-12-11 04:20:02
问题 I am working on one project which require TLS version 1.2 to be enabled on web logic server for outgoing https transactions. I tried using below properties in web logic startup script : Weblogic.security.SSL.minimumProtocolVersion=TLSv1.2 Or Weblogic.security.SSL.protocolVersion=TLS But when I ran some test I was able to see TLSv1 still getting used in the clientHello message in weblogic SSL logs. We tried every permutation and combination to start the TLS handshake with TLSv1.2 but no

How to use the Windows Keystore (MCS) with JDBC?

时光毁灭记忆、已成空白 提交于 2019-12-10 14:57:16
问题 I am trying to create a java application that uses PKI for authentication. I need to be able to retrieve a certificate from the Microsoft Certificate Store (MCS) and pass it along to an Oracle database (11.2). I am connecting using the jdbc:oracle:thin driver. After spending quite some time on google I have come up empty. I've found different properties to change (depending on the article): set the property javax.net.ssl.keyStoreType = "Windows-MY" set the javax.net.ssl.keyStore = "Windows-MY

Can I avoid putting key store password on command-line with JSSE?

浪尽此生 提交于 2019-12-08 23:30:19
问题 We are using Maven 2 and have a maven repository manager secured with SSL client authentication. In order for Maven to access the repository the following system properties must be passed to Java: javax.net.ssl.trustStore=trust.jks javax.net.ssl.trustStorePassword= <trustPass> javax.net.ssl.keyStore=keystore.p12 javax.net.ssl.keyStoreType=pkcs12 javax.net.ssl.keyStorePassword= <keyStorePass> See this mini-guide for more details. In order to set these system properties in Maven, I have to use

Migrating a certificate keystore to another JVM

情到浓时终转凉″ 提交于 2019-12-08 04:41:40
问题 I am working on a installer which needs a JRE and creates certificates as well. I am working on the next version of installer which bundles a new JRE. I need to move all the certificates that are imported in cacerts keystore of the old JRE to a new JRE. Will the existing certificates in cacerts be valid if I copy the "cacerts" file under old jre/lib/security/ directory to the new JRE, I will be installing. I looked at question: "Is it possible to import all contents of cacerts into a

java secure socket without authentication?

女生的网名这么多〃 提交于 2019-12-08 02:03:48
问题 I have a trivial secure socket server-client program. For the server certificates, I created a keystore using keytool. When I try to connect to the server by my client I get these exceptions: In server: Exception in thread "main" javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown In client: Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath

Java not sending client certificate

人盡茶涼 提交于 2019-12-05 19:38:02
I'm using HttpClient 4.2.3 on Java 1.7 to connect to a remote server hosted by nginx. My organization uses PKI extensively, and both the remote and the client have certificates issued by a common CA. The server has a signing chain like the following: CN=Server 123, OU=Servers, OU=My Division, O=My Org, C=US CN=My Division CA, OU=My Division, O=My Org, C=US CN=My Org CA, O=My Org, C=US And the client has a signing chain like the following: CN=Client 456, OU=Servers, OU=My Division, O=My Org, C=US CN=My Division CA, OU=My Division, O=My Org, C=US CN=My Org CA, O=My Org, C=US For some reason, the
订阅 jsse