Link to home
Start Free TrialLog in
Avatar of pattabi23in
pattabi23in

asked on

Websphere SSL - Sharing Public Key

Hi,

I am in  urgent need of a solution. Request your help.

I am using JSCH API to FTP documents to a third party site.  I am able to connect to their site by supplying credentials but they have told us that they would not accept credentials but only Public key.

From the websphere console, I went to SSL Configuration tab, and under 'Manage End Points, from the outbound node, I configured to use the default self-signed certificate for the cell.

I am assuming that I should be sharing the 'serverCertificate.arm' file under etc folder to this third-party.


My question is: Will this setting enable my application to connect to the third-party server without me writing Custom SSLFactory?

Thanks




ASKER CERTIFIED SOLUTION
Avatar of HonorGod
HonorGod
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of pattabi23in
pattabi23in

ASKER

Thank you for the response. Yes, my application code executing on my App server is initiating the connection.
So my understanding from your response is that once I share the public portion of the key, Websphere (network layer?) will take care of handshake without any SSL specific changes in my code. Another application within our company is using SSL api to create SSLSocket factory and SSLContext - attached code snippet). I guess this is not required if I have this configuration setup through Admin console. Right?


Thanks  

   


code-snippet.txt
Q: ... once I share the public portion of the key, Websphere
     will take care of handshake without any SSL specific changes in my code.
     Is this correct?

A: Yes

Q: Do we need to use an SSL API to do this?
A: I don't believe so, but I guess it depends upon how your code
    opens the connect to the destination.  That is an interesting question.
    I know that should an SSL connection from a remote application (e.g.,
    a browser) be established to the web server, the connection from the
    web server (i.e., the WebSphere plugin portion of the web server)
    doesn't have to use an SSL connection to connect to the application
    server (but it can).  Once the connection is established between the
    plugin and the application server, the WebContainer will route the
    request to the specific application in question, and that application
    does not know, nor should it care whether or not the data was
    sent over an SSL, or standard HTTP session.
Thanks for the grade & points!

Good luck & have a great day