The systems administrators will be the ones setting up stunnel and OpenSSL. Thus, they will have access to the configuration files, certificates, keys and other resources used by OpenSSL. Thus, they will most likely have the ability to decrypt whatever communications are sent over the network.
Sooner or later, at some point, you have to trust somebody. Otherwise, it gets really lonely out there.
John
Ramanan Ramadoss wrote:
We have our webserver and app server on two separate physical machines but on the same LAN sub-net. But the information has to be in encrypted form so that the information is not in a readable form even to the system/network administrators who are maintaining the machines.
-----Original Message----- From: Rick Roberts [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 05, 2003 11:45 AM To: Tomcat Users List Subject: Re: Stable tomcat + apache + mod_j2 + ssl
Are you sure that you need to encrypt traffic between Apache and Tomcat?
That is an unusual requirement, because usually both tomcat and Apache are running on the same computer or at least running in the same LAN sub-net.
Ramanan Ramadoss wrote:
Thanks for your reply.
We need to implement end to end encryption. I do not have an option with respect to the OS. I have Windows 2000 as our OS for both the webserver
and
app server. Due to end to end encryption, we have to secure the
communication between the webserver and app server.
I have heard about mod_ssl but have not used it. Would that be an option
to
secure the communication between apache and tomcat. Your opinion is highly appreciated.
--Ramanan
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
