Hacker, Https eWay | Sun Microsystems 5.1.1 specs

Chapter 4	Section 4.1
Operating SSL	Overview

Figure 8 General SSL Operation: HTTPS

Man-in-Middle Attack:	Hacker
Cannot break secured channel

	POST / GET
HTTP(S) eWay		Web Server

Response

SSL Communication Channel

TrustStore KeyStore

Trusted CA

Certificates

Private	Certificate &
Key	CA Certificate
Key	Chain

This SSL feature is supported through the use of JSSE version 1.0.3.

Currently, the JSSE reference implementation is used. JSSE is a provider-based architecture, meaning that there is a set of standard interfaces for cryptographic algorithms, hashing algorithms, secured-socket-layered URL stream handlers, and so on.

Because the user is interacting with JSSE through these interfaces, the different components can be mixed and matched as long as the implementation is programmed under the published interfaces. However, some implementations may not support a particular algorithm.

The JSSE 1.0.3 application programming interface (API) is capable of supporting SSL versions 2.0 and 3.0 and Transport Layer Security (TLS) version 1.0. These security protocols encapsulate a normal bidirectional stream socket and the JSSE 1.0.3 API adds transparent support for authentication, encryption, and integrity protection. The JSSE reference implementation implements SSL version 3.0 and TLS 1.0.

For more information, visit the Sun Java Web site at the following URL:

http://java.sun.com

Note: See the JSSE documentation provided by Sun Microsystems for further details.

HTTPS eWay Adapter User’s Guide

28

Sun Microsystems, Inc.

Image 28

Sun Microsystems 5.1.1 manual Hacker, Https eWay

Contents

EWAY Https Adapter USER’S Guide Version Contents Http OTD Method Descriptions Http Settings Proxy Configuration Security AuthenticationAdditional SSL Section Notes Verify hostname Connection Pool Settings Server Mode Operation Running the Sample Running the Sample in SSL Mode Implementing the Https eWay JCD Sample Projects About Http and Https What’s in This Chapter Http Messages About the Https eWayWeb Browser Cookies GET and Post Methods Sample Http Exchange in Client ModeCookie Expiration Date Checking Sample Http Exchange in Server Mode Body Html What’s New in This Release Sample Input Form About This Document Scope Intended AudienceText Conventions Https eWay Javadoc Sun Microsystems, Inc. Web Site Related DocumentsDocumentation Feedback Installing the Https eWay Https eWay System Requirements Installing the Https eWay on an eGate supported system After you have installed eGate or eInsight, do the following After Installation Extracting the Sample Projects and JavadocsSteps to extract the Javadoc include Steps to extract the Sample Projects include Ican 5.0 Project Migration Procedures Install Java CapsExport the Project Import the Project Installing Enterprise Manager eWay Plug-Ins Viewing Alert Codes To add plug-ins from the Enterprise ManagerTo View the eWay Alert Codes Https eWay Alert Codes HTTPCLIENTEWAY-CONNECT Overview of eWay OTDs Https Client OTD Https Server OTD Http OTD Method Descriptions Input Server Request Node Input Server Response Node Working with the Server OTD Collaboration Example SendResponse Example Operating SSL Overview Hacker Https eWay KeyStores and TrustStores Generating a KeyStore and TrustStoreKeyStores Creating a KeyStore in JKS Format To generate a KeyStore Creating a KeyStore in PKCS12 Format Using an Existing TrustStore TrustStoresCreating a TrustStore To create a new TrustStore SSL Handshaking Server ClientEWay Client EWay Server Web Using the OpenSSL Utility Creating a Sample CA Certificate Signing Certificates With Your Own CA Windows OpenSSL.cnf File Example # SSLeay example properties file Chapter Section Operating SSL Using the OpenSSL Utility Copyright 1998-2001 The OpenSSL Project. All rights reserved Creating and Configuring the Https eWay Configuring the eWay Connectivity Map Properties To configure the Https eWay properties To configure the Https Server eWay properties Configuring the eWay Environment Properties Connectivity Map with Components Server To Configure the Environment Properties EWay Connectivity Map Properties Configuring the Connectivity Map Https eWay Properties Https eWay Configuration Sections IncludeHttps Server eWay Configuration Sections Include Http eWay-HTTP Settings Http Server eWay-HTTP Server External Configuration EWay Environment Properties Http Settings Environment Configuration-HTTP Settings Proxy Configuration Environment Configuration-Proxy Configuration Proxy password SecurityName Description Required Value Proxy Port Proxy Username Environment Configuration-Security, Authentication AuthenticationEnvironment Configuration-Security, SSL Name Description Required Value Jsse Provider Class Com.sun.net.ssl.internal.ssl.PRovider Com.ibm.jsse.IBMJSSEProvid Additional SSL Section Notes Verify hostnameDescription Required Values Environment Configuration-Connection Pool Settings Connection Pool SettingsAdditional information Setting Acceptor Threads Property for Https Server Mode Implementing the Https eWay Bpel Sample Projects EInsight Engine and Components Server Mode Operation Https eWay With eInsightReceive Business Rule Designer Output Nodes Node Name Description Receive Business Rule Designer Output Nodes About the Https eWay eInsight Sample Projects Importing a Sample Project Building and Deploying the prjHTTPClientBPEL Sample Project Project Overview Project Operations GET Command GetSample.xmlInput and Output Data Post Command PostSample.xml Creating a ProjectCreating the OTD Sample DTD MultipleDataIn.dtd OTD Wizard Selection Include DTDs to Selected List Creating a Business Process OTD Options Logic of the Business Process To create a Business Process Business Process CasesCase Activity Result Business Process Icons Client Business Process With Link Business Rules Client Business Rule Designer First Link Business Rule Business Rule Designer Second Link Business Rule Business Rule Designer Third Link Business Rule Business Rule Designer Case 1 Business Rule Business Rule Designer Case 2 Business Rule Decision Gate Properties Dialog Box Case Creating a Connectivity Map To create a Connectivity Map Selecting External Applications Populating the Connectivity MapDefining the Business Process To select external applications Binding the eWay Components Steps required to bind eWay components together Creating an Environment Environment Editor envHTTPClientBPEL Configuring the eWays Configuring the Https eWay PropertiesCmHTTPClient Inbound File eWay Settings CmHTTPClient Outbound File eWay Settings Configuring the Integration Server Creating and Activating the Deployment Profile Creating and Starting the Domain Create and Start the Domain Running the Sample Building and Deploying the ProjectBuild the Project ƒ postBPELHTTPS Content of postBPELHTTPS.html is Building and Deploying the prjHTTPServerBPEL Sample Project Project Forms Server Sample Project Original Form Server Sample Project Input Form Next step is to create the Project’s Business Process Business Process Icons for Receive and Reply Business Process Icons With Server Business Rules Business Rule Designer Server Receive Business Rule Creating a Connectivity Map Connectivity Map With Components prjHTTPServerBPEL Creating an Environment Running the Sample in SSL Mode ƒ postBPELHTTPS.html input file Permission java.util.PropertyPermission * read, write Implementing the Https eWay JCD Sample Projects About the Https eWay JCD Sample Projects Building and Deploying the prjHTTPClientJCD Sample Project Https eWay Sample Project Java Collaboration Based SampleIn DTD SampleIn.dtd Creating the Collaboration Definition Java JcdHTTPClient Collaboration Definition Part 101 Connectivity Map With Components prjHTTPClientJCD 103 Building and Deploying the prjHTTPServerJCD Sample Project ƒ Project Overview on ƒ postJCEHTTPS 106 107 JcdHTTPServer Collaboration Definition Connectivity Map With Components prjHTTPServerJCD 110 ƒ postJCEHTTPS.html input file 112 Index 114