Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Java Secure Socket Extension (JSSE)

Which keys are used in Client/Server Authentication?

Hi.

I am trying to understand how SunX509 algorithm works in a TLS context. When Server or Client authentication is done, which keys of the keystore are used?

I mean, when you set up your KeyStore instance, it is loaded a whole KeyStore from the filesystem, which has a lot of keys to be used. Are they all tried in order to find the key that authenticates the Client/Server, and when a key that works is found means that Client/Server is authenticated? Or a concrete key with a specific alias is used?

Do you know a doc or something similar where i can see this explanation? I haven't found this matter in JSSE API User's Guide nor in JSSE Javadocs.

Thanks!

[698 byte] By [nemov] at [2007-9-26 7:00:23]
«« Get Private key from pfx or p12 file
»» setting text in JTextField
# 1

In addition to what i posted, i would like to say that i'm trying to find a way of authenticating a client and a server that use the same keystore. That means that i would like that the server uses its own certificate, and the client uses its own too.

Is there a nice way of doing this?

Thanks.

nemov at 2007-7-1 16:35:36 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 2

The alias that is chosen is arbitrary and depends upon the order in which the aliases are returned via a hashtable enumeration. If you want to make sure you're using a particular aliasn you must write your own key manager, take a look at the X509KeyManager interface with methods such chooseClientAlias(), chooseServerAlias(), ...

MLU at 2007-7-1 16:35:36 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
# 3
Thanks! I really appreciate your reply. I guessed something like that was happening (because of the debugging messages), but i would have never reached that explanation.David.
nemov at 2007-7-1 16:35:36 > top of Java-index,Security,Java Secure Socket Extension (JSSE)...
Security
Java Secure Socket Extension (JSSE)

Security New Topic

Security Hot Topic

Security

All Classified