advertisement
javaboutique
Search Tips
Articles  |   Tutorials  |   Reviews  |   Tools  |   by Category  |   by Date  |   by Name  |   Submit  |   Source  |   Forums  |  
javaboutique
Browse DevX


Partners & Affiliates


advertisement

Tutorials : Customize Your JSSE Key and Trust Material Managers :

A Simple Client/Server J2SE Application

Let's start with a basic client/server J2SE application. In this app, the client sends a message to the server and the server returns it to the client. To stop the application, the client sends a message to the server saying "Bye!" (obviously the scope of this application is trivial—what's important is that you follow the customization process).

Before taking a look at the client and the server, you'll need to define a certificate using the keytool tool (you have to be familiar with this tool to understand the next paragraph): 


C:\>keytool -genkey -keystore SSLcert -storepass e1002qa2

   What is your first and last name?
     [Unknown]:  localhost
   What is the name of your organizational unit?
     [Unknown]:  none
   What is the name of your organization?
     [Unknown]:  none
   What is the name of your City or Locality?
     [Unknown]:  Bucuresti
   What is the name of your State or Province?
    [Unknown]:  Bucuresti
   What is the two-letter country code for this unit?
    [Unknown]:  RO
   Is CN=localhost, OU=none, O=none, L=Bucuresti, ST=Bucuresti, C=RO correct?
     [no]:  yes
  
   Enter key password for <mykey>
           (RETURN if same as keystore password): CR
While the CN field is normally represented by the name of server host, in this example, the server will run on the local host, so the CN field has the localhost value. Place this certificate into the C:\j2sse\server\ and C:\j2sse\client\ directories.

Listing 1 shows the server. Listing 2 shows the client.

Notice that if SSL has not been configured properly for your virtual machine, the factories shown in the above listing will report instantiation exceptions.

The SSLContext Class

When you talk about customization of an J2SE application, the first thing to consider is the javax.net.ssl.SSLContext class. This class provides methods for setting and configuring the desired protocol and is the manager of all the SSL socket factories and SSL engines—every SSL socket or SSL engine is controlled by the current SSLContext.

You may not immediately discern an immediate use for SSLContext in the sample J2SSE application, but that's because this class is working for you from behind the scenes. When you call the SSLSocketFactory.getDefault method or the SSLServerSocketFactory.getDefault method, Java creates and initializes a default SSLContext object. For simple applications, like our sample app, this context is all that you need. But if your application is more complex, you'll have create your own contexts (SSLContexts).

To create a SSLContext object, you have to use one of the following static methods: 

public static SSLContext getInstance(String protocol) throws
NoSuchAlgorithmException
public static SSLContext getInstance(String protocol, String provider) throws
NoSuchAlgorithmException, NoSuchProviderException
public static SSLContext getInstance(String protocol, Provider provider) throws
NoSuchAlgorithmException
As you can see, the protocol argument is common to all getInstance methods. This argument represents a standard name of a protocol (for example, SSL, SSLv2, SSLv3, TLS, TLSv1). If the specified protocol name is not recognized or is not implemented, a NoSuchAlgorithmException will be thrown. The last two getInstance methods permit you to specify, by name, the provider of the cryptographic services. If the specified provider is not correctly configured, a NoSuchProviderException will be thrown. If the specified protocol is not implemented by the current provider, a NoSuchAlgorithmException will be thrown. Remember that the default provider's name is SunJSSE. Here are two examples of calling the getInstance methods: 
SSLContext context=SSLContext.getInstance("SSLv3");
SSLContext context=SSLContext.getInstance("TLS","SunJSSE");
After you get a context you must initialize it. The initialization parameters are:
  • A key manager: Represented by the KeyManager interface.

  • A trust certificate manager: Represented by the TrustManager interface.
  • A cryptographically random number generator (RNG): Represented by the SecureRandom class.
To initialize these parameters, call the SSLContext.init method:
  • public final void init(KeyManager[] KM, TrustManager[] TM, SecureRandom RNG) This throws KeyManagementException. The arguments of this method represent:
    • KM : Represents an array of KeyManagers. If this argument is null, an empty KeyManager will be used.
    • TM: Represents an array of TrustManagers. If this argument is null, J2SSE searches for the right TrustManager in the TrustManagerFactory implementation with the highest priority.
    • RNG: Random Number Generator represents a cryptographically random number generator. If this argument is null, the default generator will be used.

Home / Articles / Customize Your JSSE Key and Trust Material Managers / 1 / 2 / Next Page

How to Add Java Applets to Your Site

New on the Java Boutique:

New Review:

Time Management Made Easy with the Quartz Enterprise Job Scheduler
Why not just use the Java timer API? This open source scheduling API boasts simplicity, ease-of-integration, a well-rounded feature set, and it's free!

New Applet:

Reverse Complement
Reverse Complement is a simple applet that converts DNA or RNA sequences into three useful formats.

Elsewhere on internet.com:

WebDeveloper Java
Lots of Java information on webdeveloper.com

WDVL Java
Thorough Java resource at the Web Developer's Virtual Library.

ScriptSearch Java
Hundreds of free Java code files to download.

jGuru: Your View of the Java Universe
Customizable portal with online training, FAQs, regular news updates, and tutorials.

 Intel Go Parallel Portal
 Internet.com eBook Library
 IBM Software Construction Toolbox
 Microsoft RIA Development Center
 Destination .NET
XML error: not well-formed (invalid token) at line 43
advertisement
Receive Articles via our XML/RSS feed
Receive Articles via our XML/RSS feed

JavaBytes
Internet Cyclone
This powerful, easy-to-use, internet optimizer is for Windows 95, 98, ME, NT, 2000 and XP. It's designed to automatically optimize your Windows settings, boosting your Internet connection up to 200%.

Google Hopes Chrome Will Help, Not Hurt Firefox
Remember Figlets? They're Back With Zend
Microsoft Readies an App Store Competitor?
Google: Chrome Browser Will Make Money
Sam Ramji: Microsoft's Man in Open Source
Google to Shake Up Browsers With Own Launch
Mozilla's Ubquity Mashup: For The Masses?
iPhone Users Just Want to Have Fun
Oops! I Fixed the Linux Kernel
Jim Zemlin: The New Center of Linux Gravity

Code Around C#'s Using Statement to Release Unmanaged Resources
Writing Functional Code with RDFa
BitLocker Brings Encryption to Windows Server 2008
Network Know-How: Exploring Network Algorithms
Create a Durable and Reliable WCF Service with MSMQ 4.0
The Baker's Dozen: 13 Tips for SQL Server 2008 and SSRS 2008
Book Excerpt: Microsoft Expression Blend Unleashed
Develop a Mobile RSS Feed the Easy Way
State of the Semantic Web: Know Where to Look
A 3D Exploration of the HTML Canvas Element

Advertising Info  |   Member Services  |   Contact Us  |   Help  |   Feedback  |   Site Map  |   Network Map  |   About



JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
Solutions
Whitepapers and eBooks
Intel PDF: Virtualization Delivers Data Center Efficiency
Intel eBook: Managing the Evolving Data Center
Microsoft Article: BitLocker Brings Encryption to Windows Server 2008
Symantec eBook: The Guide to E-Mail Archiving and Management
Microsoft Article: RODCs Transform Branch Office Security
Go Parallel Article: James Reinders on the Intel Parallel Studio Beta Program
 Avaya Article: Advancing the State of the Art in Customer Service
Adobe Acrobat Connect Pro: Web Conferencing and eLearning Whitepapers
Avaya Article: Avaya AE Services Provide Rapid Telephony Integration with Facebook
Go Parallel Article: Getting Started with TBB on Windows
HP eBook: Storage Networking , Part 1
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Intel Seminar: Efficiencies in Hardware/Software Virtualization
HP Webcast: Disaster Recovery Planning
Go Parallel Video: Performance and Threading Tools for Game Developers
 HP Video: StorageWorks EVA4400 and Oracle
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
IBM TCO eKIT: Your IT Budget is Under Attack, Get in Control
IBM Energy Efficiency eKIT: Learn How to Reduce Costs
30-Day Trial: SPAMfighter Exchange Module
 Red Gate Download: SQL Toolbelt and free High-Performance SQL Code eBook
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
Microsoft Article: Silverlight Streaming--Free Video Hosting for All
Featured Algorithm: Intel Threading Building Blocks - parallel_reduce
 HP Demo: StorageWorks EVA4400
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES