Establishing a Secure Connection
Establishing a Secure Connection
Establishing a Secure Connection Using SSL
Secure Socket Layer (SSL) technology is security that is implemented at the transport layer (see
, for more information about transport layer security).
SSL allows web browsers and web servers to communicate over a secure connection. In this
secure connection, the data that is being sent is encrypted before being sent and then is
decrypted upon receipt and before processing. Both the browser and the server encrypt all
traffic before sending any data. SSL addresses the following important security considerations.
Authentication
: During your initial attempt to communicate with a web server over a
secure connection, that server will present your web browser with a set of credentials in the
form of a server certificate. The purpose of the certificate is to verify that the site is who and
what it claims to be. In some cases, the server may request a certificate that the client is who
and what it claims to be (which is known as client authentication).
Confidentiality
: When data is being passed between the client and the server on a network,
third parties can view and intercept this data. SSL responses are encrypted so that the data
cannot be deciphered by the third party and the data remains confidential.
Integrity
: When data is being passed between the client and the server on a network, third
parties can view and intercept this data. SSL helps guarantee that the data will not be
modified in transit by that third party.
Installing and Configuring SSL Support
An SSL HTTPS connector is already enabled in the Application Server. For more information
on configuring SSL for the Application Server, refer to the Sun Java System Application
Server 9.1 Administration Guide.
If you are using a different application server or web server, an SSL HTTPS connector might or
might not be enabled. If you are using a server that needs its SSL connector to be configured,
consult the documentation for that server.
As a general rule, to enable SSL for a server, you must address the following issues:
There must be a Connector element for an SSL connector in the server deployment
descriptor.
There must be valid keystore and certificate files.
The location of the keystore file and its password must be specified in the server deployment
descriptor.
You can verify whether or not SSL is enabled by following the steps in
Establishing a Secure Connection Using SSL
Chapter 28 · Introduction to Security in the Java EE Platform
785
