Stack Overflow
Stack Overflow

Questions tagged [jsse]

JSSE is a Java implementation of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Its functionality includes data encryption, server authentication, message integrity, and optional client authentication.

JSSE stands for Java Secure Socket Extension. It is a Java implementation of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Its functionality includes data encryption, server authentication, message integrity, and optional client authentication.

It is so named because originally it was shipped as a separate extension to Java 1.2 and 1.3. Since Java 1.4 it has been part of the standard Java API.

This tag should be used for questions about TLS or SSL programming in Java.

295 questions
9
votes
1 answer

KeyStore error on java server: BKS not found

I get an error on this line: final KeyStore keyStore = KeyStore.getInstance("BKS"); the error i get is: java.security.KeyStoreException: BKS not found at java.security.KeyStore.getInstance(Unknown Source) at…
Mike Alike
  • 129
  • 2
  • 6
8
votes
1 answer

SSL Handshaking Using Self-Signed Certs and SSLEngine (JSSE)

I have been tasked to implement a custom/standalone Java webserver that can process SSL and non-SSL messages on the same port. I have implemented an NIO server and its working quite well for non-SSL requests. I am having a heck of a time with the…
Peter
  • 1,182
  • 2
  • 12
  • 23
8
votes
1 answer

Setting multiple truststore on the same JVM

I have an Java application running on a weblogic server. The application has two distinct modules which use SSL to connect to external web services - let's say module A and module B. Module A - Built on Axis - Uses truststore A Moudle B - Built on…
user825258
  • 141
  • 1
  • 4
  • 7
8
votes
1 answer

Support of SSLParameters by SSLSocket, SSLServerSocket, SSLEngine and SSLContext

SSLParameters support the following properties (as per Spring notation): cipherSuites, protocols, wantClientAuth, needClientAuth, algorithmConstraints, endpointIdentificationAlgorithm, serverNames, SNIMatchers, useCipherSuitesOrder. However, in the…
alamar
  • 18,729
  • 4
  • 64
  • 97
8
votes
1 answer

How to set up Cassandra client-to-node encryption with the DataStax Java driver?

I've set up node-to-node encryption on my Cassandra cluster. Now I want to set up client-to-node. According to this documentation, it should be as easy as taking the SSL certificate of my client and importing it into every node's truststore. I don't…
2rs2ts
  • 10,662
  • 10
  • 51
  • 95
8
votes
2 answers

SSL_NULL_WITH_NULL_NULL cipher suite in in Jetty logs

I'm using Jetty with HTTPS and a valid certificate, and I'm not sure to get it right because cipher suite appears to be SSL_NULL_WITH_NULL_NULL in server logs. Client logs look good, however. The long story: I'm attaching a Java sample expecting…
Laurent Caillette
  • 1,281
  • 2
  • 14
  • 20
7
votes
2 answers

Implementing a Simple HTTPS Proxy Application with Java?

I'm writing a simple HTTPS proxy program with Java for educational purposes. My program listens on a port (say 7443) for incoming HTTPS requests from a browser (say Firefox), parses the request and forwards it to the desired destination (say…
Seyed Mohammad
  • 798
  • 10
  • 29
7
votes
1 answer

No cipher suites in common while establishing a secure connection

I'm trying to establish a secure connection between two Java projects but I'm getting a SSLHandshakeException (no cipher suites in common). This are the methods to create sockets in both sides: Client: private SSLSocket getSocketConnection() throws…
David Moreno García
  • 4,423
  • 8
  • 49
  • 82
6
votes
3 answers

jndi LDAPS custom HostnameVerifier and TrustManager

We are writing an application that shall connect to different LDAP servers. For each server we may only accept a certain certificate. The hostname in that certificate shall not matter. This is easy, when we use LDAP and STARTTLS, because we can use…
Steffen Heil
  • 4,286
  • 3
  • 32
  • 35
6
votes
2 answers

Can someone point me to exact details on javax.net.debug?

I'd like to get exact details on the SSL debug output generated using javax.net.debug. I have looked, but nearly everything just goes through a sample file. Sorry in advance if this is easier to find then I expected.
Jiyeon
  • 153
  • 2
  • 2
  • 7
6
votes
0 answers

Even after setting jsse.enableSNIExtension to true, enableSNIExtension in ClientHandshaker has value false

I am trying to enable the SNI extension in my project. I set jsse.enableSNIExtension property by following ways: 1. Writing System.setProperty("jsse.enableSNIExtension", "true"); 2. Passing -Djsse.enableSNIExtension=true as VM argument I printed…
ABHITRNG
  • 91
  • 5
6
votes
2 answers

OpenJDK keytool password

I am trying to register a corporate certificate for https connection in OpenJDK I ran the following command in OpenJDK verion 8. It asked me to enter in the password. The default password for Oracle JDK is "changeit", but it doesn't work with…
Jae Kim
  • 137
  • 1
  • 2
  • 6
6
votes
1 answer

Does the JSSE in Oracle JDK8 implements TLS Fallback SCSV?

It looks like JSSE in OpenJDK version 8 does not implement RFC7507. There is an open defect in OpenJDK bug tracker: JDK-8061798 But there is not much information about the Oracle JDK. Does the Oracle JDK version 8 implement TLS Fallback Signaling…
Bohdan Cherniakh
  • 63
  • 1
  • 4
6
votes
0 answers

Set up Netty-with TLS handsake with ECC and RSA client certificate auth

I am working on a remote server that uses Netty to perform client authentication with a TLS handshake through the Netty SSLHandler library. This S/O question gives a bit: Set up Netty with 2-way SSL Handsake (client and server certificate) Now, the…
favicon
  • 151
  • 1
  • 5
6
votes
1 answer

HostnameVerifier vs TrustManager?

Under what circumstances would one use a HostnameVerifier over a TrustManager in Java? Is one recommended over the other? Looking at the Java docs (Interface HostnameVerifier and Interface TrustManager), I can't tell when its best to use either…
jww
  • 97,681
  • 90
  • 411
  • 885
1 2
3
19 20