Date: Wed, 24 Feb 1999 16:57:26 -0600
From: Mengpei Hu <mengpei.hu@octel.com>
To: java-security@java.sun.com
Subject: SSL
Hi,
I am developing client-server Java software. There are only few data,
send between client Applet and server Sevlet through internet, needed
to be protected. How do I choose my data security mechanism ?
Q1. If I choose not to use SSL, does that mean Java Security API
KeyPairGenerator and Cipher are good enough to perform that task that I
need ? Also, how do I get RSA public key algorithm ? Does it come with
JDK ?
Q2. If I choose to use SSL, all I need to do is obtaining an appropriate
server certificate, install it, and configure my server appropriately.
Information transferred between servlets and clients is automatically
encrypted. But, what does "get server certificate" mean ? I have to ask
client user use HTTPS instead of HTTP, but I don't want to encrypt all
the network data. Is there any to configure that ?
Thanks,
Mengpei Hu
Lucent Technologies
972 735-2257