Using SSL (JSSE, version 1.0.8)

SSL provides a means of authenticating a server and a client to provide privacy and data integrity. All SSL communications begin with a "handshake" between the server and the client. During the handshake, SSL negotiates the cipher suite that the client and server use to communicate with each other. This cipher suite is a combination of the various security features available through SSL. You can only use SSL with J2SDK, version 1.3. You can use the Java™ Secure Socket Extension (JSSE, version 1.0.8), which is the Java implementation of secure sockets layer (SSL), to make your Java application more secure.

SSL does the following to improve the security of your application:

Protects communication data through encryption.
Authenticates remote user IDs.
Authenticates remote system names.

Note: SSL uses a digital certificate to encrypt the socket communication of your Java application. Digital certificates are an Internet standard for identifying secure systems, users, and applications. You can control digital certificates using the IBM^® Digital Certificate Manager. For more information, see IBM Digital Certificate Manager.

To make your Java application more secure by using SSL:

Prepare the iSeries™ server to support SSL.
Design your Java application to use SSL by:
- Changing your Java socket code to use socket factories if you do not use socket factories already.
- Changing your Java code to use SSL.
Use a digital certificate to make your Java application more secure by:
1. Selecting a type of digital certificate to use.
2. Using the digital certificate when you run your application.

You can also register your Java application as a secure application by using the QsyRegisterAppForCertUse API. For more information, see QsyRegisterAppForCertUse.

For more information on the Java version of SSL, see Java Secure Socket Extension

Prepare iSeries server for secure sockets layer support
To prepare your system to use secure sockets layer (SSL), you need to install Licensed Programs. the Digital Certificate Manager LP:
Change your Java code to use socket factories
To use secure sockets layer (SSL) with your existing code, you must first change your code to use socket factories.
Change your Java code to use secure sockets layer
Select a digital certificate to use
You should consider several factors when deciding which digital certificate to use. You can use your system's default certificate or you can specify another certificate to use.
Use the digital certificate when you run your Java application
To use secure sockets layer (SSL), you must run your Java application using a digital certificate.

Parent topic: Java Secure Socket Extension