wood burning stoves 2.0*
The moose likes Sockets and Internet Protocols and the fly likes SSL connection: clientAuth(true) vs useClientMode(false) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark "SSL connection: clientAuth(true) vs useClientMode(false) " Watch "SSL connection: clientAuth(true) vs useClientMode(false) " New topic
Author

SSL connection: clientAuth(true) vs useClientMode(false)

Abhi Trivedi
Greenhorn

Joined: Oct 25, 2011
Posts: 4
I have a client-server app that is required to communicate via SSL Mutual Authentication. Client and server both run on seperate Jboss instances on different hosts.
Based on what I gather, there are two ways of doing this authentication.

1. Leverage Jboss SSL authentication and set clientAuth=true in the HTTPS connector (server.xml)
2. Create my own SSLScoket and set useClientMode=false

Im using HTTPClient for creating connection between client and server. Does anyone know which method is better (or more secure) ?
Bharat Kasodariya
Ranch Hand

Joined: Aug 19, 2011
Posts: 36
try SSLSocketClientWithClientAuth
 
GeeCON Prague 2014
 
subject: SSL connection: clientAuth(true) vs useClientMode(false)