I was reading a tutorial about SSLServerSocketFactory and it said I need to create a certificate, but elsewhere I read that this factory handles it transparently. If the latter is true, does that mean that all the key handling, key authentication, encryption, decryption etc is taken care of automatically? All I need to do is set one of the available cipher suites?
I was looking over the available cipher suites. I am certainly not an expert on this, but have a general idea of many of the protocols. Would this be a good choice? TLS_RSA_WITH_AES_128_CBC_SHA
I am not sure what CBC means, but is RSA used to encrypt the private key, the message hashes with SHA and then all the data being send encrypted with AES?
I am writing a secure chat room, where not only the sign up and log in functions, but all the messages from the users in the chat room. I would like it to be reasonably fast, and I know AES is. Some of the other available ciphers are quite insecure and am surprised they are even in the list, like DES and RC4. [ March 16, 2007: Message edited by: David McCombs ]
"Should array indices start at 0 or 1? My compromise of 0.5 was rejected without, I thought, proper consideration."- Stan Kelly-Bootle
You will need to install a certificate on the server, but after that everything else is handled transparently. The process to do that is described here in the section titled "Prepare the Certificate Keystore".
Not sure about your questions concerning ciphers, but it sounds like they be moot, since SSL handles all that. Or do you want to encrypt stuff outside of the transport as well?
Joined: Oct 17, 2006
Well, I was trying to figure out what is happening under the hood for educational reason, and to add to my project write up. The project is a standalone and doesn't rely on a servlet container.
I guess now I need to ask what is the best was to secure the certificate? [ March 17, 2007: Message edited by: David McCombs ]
Joined: Mar 22, 2005
I guess now I need to ask what is the best was to secure the certificate?
What do you mean by "secure the certificate"? A certificate can be used for securing a connection, i.e. by using SSL.
Joined: Oct 17, 2006
Where and how should it be stored on the hard drive?