Comunication protection

[JCaet]

To run the client program with SSL sockets you must provide

java −Djavax.net.ssl.trustStore=$HOME/.truststore \ javasec samples ch14 SSLSim javasec.samples.ch14.SSLSimpleClient pleClient localhost 9096 localhost 909

which means we can't run this without havin the truststore setup

[JCaet]

Optional command to make client auth mandatory

ss.setNeedClientAuth(true);

[johannhof]

This is correct: Client: -Djavax.net.ssl.trustStore=$HOME/.secshare//truststore.jks Keystores need to be created first... Server: -Djava.security.manager -Djava.security.policy=./policy/SecShareServer.policy -Djavax.net.ssl.trustStore=./truststore.jks

[johannhof]

Create a client truststore like that:

keytool -genkeypair -keystore ~/.secshare//truststore.jks -alias -keysize 1024 -keyalg RSA

and then copy the server certificate there

keytool -import -alias secshareserver -file ./server.cer -keystore ~/.secshare//truststore.jks