Stack Overflow
Stack Overflow

Questions tagged [jsse]

JSSE is a Java implementation of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Its functionality includes data encryption, server authentication, message integrity, and optional client authentication.

JSSE stands for Java Secure Socket Extension. It is a Java implementation of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Its functionality includes data encryption, server authentication, message integrity, and optional client authentication.

It is so named because originally it was shipped as a separate extension to Java 1.2 and 1.3. Since Java 1.4 it has been part of the standard Java API.

This tag should be used for questions about TLS or SSL programming in Java.

295 questions
4
votes
1 answer

using custom keystore and jsseimplementation when upgrading to tomcat 8.5

We were using our own custom keystore and also provided the custom class implementation using JSSEImplementation and ServerSocketFactory and configured both in server.xml for "store" and "sslImplementation" attributes. But now upgrading to 8.5, I…
divya
  • 41
  • 2
4
votes
1 answer

What are valid values for the security parameter jdk.tls.disabledAlgorithms

On the web I often see examples of configuration for the parameter jdk.tls.disabledAlgorithms (set in the java.security file), for example : jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 Is there an exhaustive list / guide to setting the…
BX21
  • 391
  • 6
  • 19
4
votes
1 answer

How to disable SSL Session Cache server side java?

Is there a way to disable the server side session cache when using the JVM's SSLEngine? Because the size and timeout setter treat 0 as no-limite, the best I can do is to reduce the cache size to 1 and it's timeout to 1s, but I can't see how to…
gregw
  • 2,354
  • 20
  • 21
4
votes
1 answer

How does jetty SSL works with java key store and multiple aliases

In the SSL Configuration of jetty, I see that we define the password of the keystore and the keystore physical location. But what happens when I have multiple aliases on the keystore ? What keystore does jetty SSL chooses to use ? In my java…
ilansch
  • 4,784
  • 7
  • 47
  • 96
4
votes
3 answers

MQ SSL error, protocol is disabled or cipher suites are inappropriate

I have a MQ spring jms application that has been working fine using SSL channel. However after a recent java security patch that was applied the application stopped working with below error. Caused by: com.ibm.mq.MQException: JMSCMQ0001: WebSphere…
Mark1234
  • 589
  • 2
  • 8
  • 24
4
votes
1 answer

Does accept() return before TLS handshake is done in Java?

I'm using Java's SSL library to secure the connections between my applications. And I noted that SSLServerSocket.accept() returns a socket even if the handshake fails. Does that mean that SSLServerSocket.accept() won't wait until the initial…
MinecraftShamrock
  • 3,504
  • 2
  • 25
  • 44
4
votes
2 answers

How to receive email using Apache Camel + SSL?

I am trying to read email using Apache Camel over IMAPS. EDIT: The server is using a self-signed certificate. I have configured a keystore and have verified it working over JavaMail. I have followed the information contained here and here to…
Tim
  • 726
  • 5
  • 18
4
votes
4 answers

Tomcat: TLSv1.2 with strong ciphers not working

I installed Tomcat-7, configured support for TLSv1.2 on port 8443. My Connector configuration: protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" scheme="https" secure="true" sslProtocol="TLSv1.2"…
DJViking
  • 832
  • 1
  • 12
  • 29
4
votes
1 answer

what is the JSSE equivalent for .NET (C#)?

I'm working on an application using c#-4.0 and EntireX Broker 9.5.1 I'm attempting to convert to tpcip connections to use ssl. I was successful in upgrading my java code to do the same thing thanks to Java/ Software AGs use of jsse for handling the…
Raystorm
  • 6,180
  • 4
  • 35
  • 62
4
votes
0 answers

Java not sending client certificate

I'm using HttpClient 4.2.3 on Java 1.7 to connect to a remote server hosted by nginx. My organization uses PKI extensively, and both the remote and the client have certificates issued by a common CA. The server has a signing chain like the…
kbolino
  • 1,441
  • 2
  • 18
  • 24
4
votes
2 answers

SSL handshake error javax.net.ssl.SSLHandshakeException Received fatal alert bad_certificate

I am executing the below cURL command and I am getting proper response from the server: curl -k --cert ./xevias.com.crt --key ./xevias.com.key --pass USSEQUX90 --cacert ./xeviasqamts.ca -H "Content-Type: text/xml; charset=utf-8" -H…
Rahul Mohan
  • 101
  • 1
  • 2
  • 6
4
votes
2 answers

Upgrading socket to SSLSocket with STARTTLS: recv failed

I am trying to upgrade a socket to an SSLSocket using STARTTLS. On InspIRCd's wiki this is how its supposed to work >> STARTTLS << :test2.chatspike.net 670 nickname :STARTTLS successful, go ahead with TLS handshake (SSL Handshake) So in my code…
TheLQ
  • 14,830
  • 14
  • 69
  • 107
4
votes
2 answers

Java JSSE SSLEngine cannot resume SSL session

I am writing an application that uses SSLEngine with NIO, I writing both the client and the server. The client is able to connect to the server and after he is connected i want him to be able to perform session resumption / renegotiation, but…
bennyl
  • 2,886
  • 2
  • 29
  • 43
3
votes
2 answers

How to get list of ciphers supported by remote HTTPS server, from a Java application?

How can I obtain a list of ciphers supported by a remote server via a Java JSSE environment. I want to get a list of weak ciphers supported by the remote server, so that they can be fixed. I am using SSLSocket, which has a method called…
superzoom
  • 461
  • 1
  • 6
  • 8
3
votes
1 answer

TLS-SRP support in Bouncy Castle

I want to develop Java client which can communicate with TLS-SRP server implemented in C and GnuTLS. I fond that JSSE does not support TLS-SRP and Bouncy Castle has too little documentation which can be useful. Is there any information how I can…
Peter Penzov
  • 1,126
  • 134
  • 430
  • 808
1 2 3
19 20