Stack Overflow
Stack Overflow

Questions tagged [jsse]

JSSE is a Java implementation of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Its functionality includes data encryption, server authentication, message integrity, and optional client authentication.

JSSE stands for Java Secure Socket Extension. It is a Java implementation of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Its functionality includes data encryption, server authentication, message integrity, and optional client authentication.

It is so named because originally it was shipped as a separate extension to Java 1.2 and 1.3. Since Java 1.4 it has been part of the standard Java API.

This tag should be used for questions about TLS or SSL programming in Java.

295 questions
6
votes
2 answers

How do I provide a specific TrustStore while using the default KeyStore in Java (JSSE)

Overview JSSE allows users to provide default trust stores and key stores by specifying javax.net.ssl.* parameters. I would like to provide a non-default TrustManager for my application, while allowing the user to specify the KeyManager as usual,…
Stephen Nelson
  • 939
  • 1
  • 7
  • 22
6
votes
3 answers

SSL Renegotiation with Client Certificate causes Server Buffer Overflow

I've coded a Java client application which connects to an Apache web server over HTTPS using a client certificate and performs an HTTP PUT of a file to the server. It works fine with small files, but crashes with large ones. The Apache server log…
Ryan
  • 7,499
  • 9
  • 52
  • 61
6
votes
2 answers

How do I programmatically import a public key .cer file into a java keystore using JSSE?

I want to take a public key .cer file generated from java keytool command like this: "keytool -export -alias privatekey -file publickey.cer -keystore privateKeys.store" and import it into a new, empty java keystore like this: "keytool -import…
J P
  • 61
  • 1
  • 2
5
votes
1 answer

How to use the Windows Keystore (MCS) with JDBC?

I am trying to create a java application that uses PKI for authentication. I need to be able to retrieve a certificate from the Microsoft Certificate Store (MCS) and pass it along to an Oracle database (11.2). I am connecting using the…
Ben
  • 51
  • 1
  • 3
5
votes
1 answer

Selected cipher negotiated by firefox browser/server does not match Tomcat configured cipher list

I am a bit confused. We have configured our v7 Tomcat server to communicate with connecting browsers using only TSLv1.2 and we have specified a restricted set of ciphers. Using a firefox browser (v60.3.0esr 64 bit). We are able to establish a…
Peter Hiross
  • 121
  • 1
  • 8
5
votes
3 answers

How to specify server-preferred order of SSL cipher suites for Java?

I'm using Java 1.6 and netty 3.8 for HTTP/HTTPS server. I've done SSL test by ssllab.com(https://www.ssllabs.com/ssltest/analyze.html), and I got a result for cipher suites like below. Cipher Suites (sorted by strength; the server has no…
oshu
  • 85
  • 1
  • 7
5
votes
2 answers

Java JSSE TLS - Is this connection safely encrypted in both directions?

In Java using JSSE with TLS. I have created a secure socket between the server and client. After finally getting the sockets to connect securely, I still have a fundamental question about my existing code's security. I followed instructions in a…
SigSeg
  • 248
  • 4
  • 8
5
votes
1 answer

How to disable constraint check (Netscape cert type) in Java6?

I am trying to build a custom HTTPS Server in Java (6) using the built in class com.sun.net.httpserver.HttpsServer. It works fine until I require client authentication. At that point it fails with the following exception in the SSL debug on the…
Arun
  • 53
  • 1
  • 3
5
votes
3 answers

How does java picks the strongest cipher to use in jsse?

I don't understand how does Java picks the most prefered cipher to use on Server Hello. I have a Tomcat 5 configuration and I set in the SSL connector the ciphers=TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,…
Jim
  • 18,826
  • 34
  • 135
  • 254
4
votes
1 answer

BouncyCastle JSSE and BCTLS No Credentials for Cipher

Using BouncyCastle FIPS JSSE and TLS providers for my server application. org.bouncycastle bcpkix-fips 1.0.3
ramtech
  • 757
  • 6
  • 15
4
votes
3 answers

Configure Oracle JDK to use IBM JCE/JSSE providers for FIPS compliance

I would like to configure the Oracle JDK to use IBM's FIPS-compliant JCE/JSSE security providers. What JAR files do I need and where should they be installed? What should the provider list in the java.security file look like?
Rob H
  • 14,502
  • 8
  • 42
  • 45
4
votes
0 answers

SSLProtocolException: Data received in non-data state: 6

My Heroku application uses PostgreSQL on AWS via Spring Data JPA. Occasionally, under high load, I see errors like this: Caused by: javax.net.ssl.SSLProtocolException: Data received in non-data state: 6 at…
Jan Nielsen
  • 10,892
  • 14
  • 65
  • 119
4
votes
0 answers

Is there workaround for Java11 TLS1.3 supported group handshake issue before 11.0.3

Trying to move my app from java 8 to java 11 faced with exception "javax.net.ssl.SSLHandshakeException: extension (10) should not be presented in server_hello" I found that this issue will be fixed in 11.0.3 (eta Q2+ 2019) JDK 11 SSL Error on valid…
nahab
  • 1,308
  • 17
  • 38
4
votes
0 answers

Fine grain X509 certificate checks and TrustManagerFactory initialization

I am trying to configure a https client in my android application that would perform fine grain checking on the certificate chain received from server. More precisely I would like to check : if the chain contains a given CA certificate (custom CA)…
Antelop
  • 157
  • 11
4
votes
5 answers

Is there a DTLS implementation in JSSE

I want to implement a DTLS 1.0 client in Java and after googling a bit I found that the JSSERefGuide says the following: The JSSE API is capable of supporting SSL versions 2.0 and 3.0 and TLS version 1.0. These security protocols encapsulate a…
osundblad
  • 2,675
  • 1
  • 29
  • 34
1 2 3
19 20