Professional Documents
Culture Documents
SSL bảo mật
SSL bảo mật
Ni dung
1. SSL l g?
2. Certificate l g?
3. Trnh duyt v Certificates
4. JSSE
5. H tr SSL trong Tomcat
6. Cc bc ci t/cu hnh SSL HTTPS
Connector trn Tomcat
DatTT-DSE-SOICT-HUST
1. SSL l g?
DatTT-DSE-SOICT-HUST
DatTT-DSE-SOICT-HUST
DatTT-DSE-SOICT-HUST
source:java.sun.com
9/10/2011
Bo mt-Confidentiality (Privacy)
Ton vn d liu-Data integrity (Tamper-proofing)
Xc thc server-Server authentication (Chng minh
minh 1 server ng nh n tuyn b)
DatTT-DSE-SOICT-HUST
DatTT-DSE-SOICT-HUST
Client connects
Server
DatTT-DSE-SOICT-HUST
10
DatTT-DSE-SOICT-HUST
DatTT-DSE-SOICT-HUST
11
DatTT-DSE-SOICT-HUST
12
9/10/2011
SSL v Authentication
DatTT-DSE-SOICT-HUST
13
DatTT-DSE-SOICT-HUST
15
Xc thc Client
DatTT-DSE-SOICT-HUST
14
t dng
DatTT-DSE-SOICT-HUST
16
Certificate l g?
2. Certificates v tin ch
Keytool
DatTT-DSE-SOICT-HUST
17
18
9/10/2011
Server Certificate l g?
DatTT-DSE-SOICT-HUST
19
DatTT-DSE-SOICT-HUST
20
Netscape: Certificates ca cc CA
DatTT-DSE-SOICT-HUST
21
22
DatTT-DSE-SOICT-HUST
DatTT-DSE-SOICT-HUST
23
DatTT-DSE-SOICT-HUST
24
9/10/2011
4. JSSE
DatTT-DSE-SOICT-HUST
25
DatTT-DSE-SOICT-HUST
JSSE l g?
H tr
Ti sao cn JSSE?
M mt-Encryption
Xc thc server-Server authentication
Ty chn xc thc client-client authentication
Ton vn d liu-Data integrity
DatTT-DSE-SOICT-HUST
27
DatTT-DSE-SOICT-HUST
JSSE Framework
DatTT-DSE-SOICT-HUST
28
SunJSSE Provider
26
29
getSupportedCipherSuites
getEnabledCipherSuites
setEnabledCipherSuites
DatTT-DSE-SOICT-HUST
30
9/10/2011
import java.io.*;
import javax.net.ssl.*;
}
DatTT-DSE-SOICT-HUST
31
DatTT-DSE-SOICT-HUST
32
Cn cc module sau
DatTT-DSE-SOICT-HUST
33
DatTT-DSE-SOICT-HUST
34
JSSE
6. Cc bc ci t v cu
hnh SSL trn Tomcat
<JWSDP-Install>/common/jsse.jar
http://homepage.mac.com/iamnot/edenpub/how2BuildServer/install_jwsdp.html
35
DatTT-DSE-SOICT-HUST
36
9/10/2011
DatTT-DSE-SOICT-HUST
37
B2.1-Admintool
Qua Admintool
Sa (thc cht l b comment cho phn t SSL
connector) <JWSDP_HOME>/conf/server.xml nh m t
trong
38
<JWSDP_HOME>/docs/tutorial/doc/WebAppSecurity6.html#68482
Khi ng li Tomcat
DatTT-DSE-SOICT-HUST
39
DatTT-DSE-SOICT-HUST
40
https://localhost:8443/
DatTT-DSE-SOICT-HUST
42
9/10/2011
DatTT-DSE-SOICT-HUST
43
DatTT-DSE-SOICT-HUST
DatTT-DSE-SOICT-HUST
44
45
DatTT-DSE-SOICT-HUST
46
DatTT-DSE-SOICT-HUST
47