-----------------------------
Please read the FAQ!
<http://java.apache.org/faq/>
-----------------------------
Robert Piotti wrote:
>
> 1. Does jserv have a feature to automatically enable ssl between the
> client and
> server? I'm thinking along the lines of setting up a servlet zone that
> uses the https
> protocol with a 3rd party certificate.
>
> 2. Does jserv have a utilty to create it's own certificate (ie for
> development)
>
> The functionality I'm referring to is currently present in the Sun's
> now deprecated,
> Java Web Server. I'm trying to find comparable features in jserv.
> Most of the
> security I found in the FAQ refers to securing the jvm and does not
> focus on how to
> provide security between the transacting parties.
>
> any resources regarding this matter would be much appreciated.
>
It's easy to add 128 bits SSLv3 support to Apache. Have a look at
mod-ssl+OpenSSL.
You can use it freely outside US due to existing RSA patents.
(just check for IDEA in Europa).
Else you have to buy a commercial product RSAref or other.
NB: OpenSSL, based on SSLEay, uses a 128bits key, when Sun' JWS used a
export-restricted 40bits key.
Apache & JServ use TCP connections to cooperate, but no encryption here.
JWS did not clearly separate the HTTP server from the servlet engine,
both where running in the same JVM.
Jean-Luc
Jean-Luc
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
