pattabi23in
asked on
Websphere SSL - Sharing Public Key
Hi,
I am in urgent need of a solution. Request your help.
I am using JSCH API to FTP documents to a third party site. I am able to connect to their site by supplying credentials but they have told us that they would not accept credentials but only Public key.
From the websphere console, I went to SSL Configuration tab, and under 'Manage End Points, from the outbound node, I configured to use the default self-signed certificate for the cell.
I am assuming that I should be sharing the 'serverCertificate.arm' file under etc folder to this third-party.
My question is: Will this setting enable my application to connect to the third-party server without me writing Custom SSLFactory?
Thanks
I am in urgent need of a solution. Request your help.
I am using JSCH API to FTP documents to a third party site. I am able to connect to their site by supplying credentials but they have told us that they would not accept credentials but only Public key.
From the websphere console, I went to SSL Configuration tab, and under 'Manage End Points, from the outbound node, I configured to use the default self-signed certificate for the cell.
I am assuming that I should be sharing the 'serverCertificate.arm' file under etc folder to this third-party.
My question is: Will this setting enable my application to connect to the third-party server without me writing Custom SSLFactory?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Q: ... once I share the public portion of the key, Websphere
will take care of handshake without any SSL specific changes in my code.
Is this correct?
A: Yes
Q: Do we need to use an SSL API to do this?
A: I don't believe so, but I guess it depends upon how your code
opens the connect to the destination. That is an interesting question.
I know that should an SSL connection from a remote application (e.g.,
a browser) be established to the web server, the connection from the
web server (i.e., the WebSphere plugin portion of the web server)
doesn't have to use an SSL connection to connect to the application
server (but it can). Once the connection is established between the
plugin and the application server, the WebContainer will route the
request to the specific application in question, and that application
does not know, nor should it care whether or not the data was
sent over an SSL, or standard HTTP session.
will take care of handshake without any SSL specific changes in my code.
Is this correct?
A: Yes
Q: Do we need to use an SSL API to do this?
A: I don't believe so, but I guess it depends upon how your code
opens the connect to the destination. That is an interesting question.
I know that should an SSL connection from a remote application (e.g.,
a browser) be established to the web server, the connection from the
web server (i.e., the WebSphere plugin portion of the web server)
doesn't have to use an SSL connection to connect to the application
server (but it can). Once the connection is established between the
plugin and the application server, the WebContainer will route the
request to the specific application in question, and that application
does not know, nor should it care whether or not the data was
sent over an SSL, or standard HTTP session.
Thanks for the grade & points!
Good luck & have a great day
Good luck & have a great day
ASKER
So my understanding from your response is that once I share the public portion of the key, Websphere (network layer?) will take care of handshake without any SSL specific changes in my code. Another application within our company is using SSL api to create SSLSocket factory and SSLContext - attached code snippet). I guess this is not required if I have this configuration setup through Admin console. Right?
Thanks
code-snippet.txt