my dog learned polymorphism
The moose likes Java in General and the fly likes Enabling SSL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "Enabling SSL" Watch "Enabling SSL" New topic

Enabling SSL

Devanand Kam

Joined: Jun 23, 2010
Posts: 3
Could you please provide information on how to perform SSL encryption on application level based on the following information :

Data must be encrypted with block cipher in compliance with DES;

Data encryption must use 128 bit RCA or 2 – Key - 3DES (168 bit) with setting given as SSL_RSA_WITH_3DES_EDE_CBC_SHA or SSL_RSA_WITH_RC4_128_SHA; and

SHA-1 hash algorithms must be used.
Lester Burnham

Joined: Oct 14, 2008
Posts: 1337
Some points in no particular order:
  • SSL is for securing network connections; it doesn't sound like that's what you intend to do
  • DES is obsolete and should be considered insecure; use TripleDES or AES instead (it actually looks as if you meant TripleDES, not DES)
  • SHA is a hash (or digest), sometimes called one-way encryption (in which the encrypted text is not recoverable)
  • SHA-1 is obsolete and should not be used at this point; consider using SHA-2 instead (also known as SHA-256/SHA-384/SHA-512)

  • If you told us what, exactly, you intend to you we might be able to give more targeted advice. In particular, how do the 3 parts of your question fit together?
    Devanand Kam

    Joined: Jun 23, 2010
    Posts: 3
    Our current application is on Websphere 5.0. Third Party users on some other network fires an https request to a Proxy server sitting on other network.
    The proxy server receives encrypted and digitally signed data over https and sends http request ( decrypted + signed data) to our application.

    Our application unsigns the data and processes it. Before sending the response back to Proxy server over http, our application creates a signed data and does a direct HTTP Post to Proxy server.
    THe proxy server encryptes the signed data and sends to Third Party users.

    Now the requirement is the Proxy server would be removed. and all the functionality needs to be maintained within our application :
    - SSL Encryption / decryption
    - URL mapping and DNS mapping

    We need an approach to set this up without modifying the application.

    Maneesh Godbole
    Saloon Keeper

    Joined: Jul 26, 2007
    Posts: 10825

    VanAnand Anand wrote:

    Please check your private messages for an important administrative matter.

    [How to ask questions] [Donate a pint, save a life!] [Onff-turn it on!]
    I agree. Here's the link:
    subject: Enabling SSL
    It's not a secret anymore!