How do I use secure transport (SSL) with the isCOBOL thin client?

Question ID : 51
Created on 2009-08-31 at 5:45 PM
Author : Veryant Support [support@veryant.com]

Online URL : http://support.veryant.com/support/phpkb/question.php?ID=51



About the SSL, the feature has been implemented in a quite simple way:
If the property javax.net.ssl.keyStore is set then the isCOBOL Application Server will use the SSLServerSocket instead of the plain ServerSocket.
If the property javax.net.ssl.trustStore is set then the client will use the SSLSocket instead of the plain Socket.

The command line to run the isCOBOL Application Server is:

java -Djavax.net.ssl.keyStore=path_to_your_cacerts_file -Djavax.net.ssl.keyStorePassword=passwd com.iscobol.as.AppServerImpl

The command line for the client is:

java -Djavax.net.ssl.trustStore=path_to_your_cacerts_file -Djavax.net.ssl.trustStorePassword=passwd com.iscobol.gui.client.Client  

Some explanation of properties:

javax.net.ssl.keyStore - Location of the Java keystore file containing an application process's own certificate and private key. On Windows, the specified pathname must use forward slashes, /, in place of backslashes.

javax.net.ssl.keyStorePassword - Password to access the private key from the keystore file specified by javax.net.ssl.keyStore. This password is used twice: To unlock the keystore file (store password), and To decrypt the private key stored in the keystore (key password).

javax.net.ssl.trustStore - Location of the Java keystore file containing the collection of CA certificates trusted by this application process (trust store). On Windows, the specified pathname must use forward slashes, /, in place of backslashes, .

If a trust store location is not specified using this property, the SunJSSE implementation searches for and uses a keystore file in the following locations (in order):
$JAVA_HOME/lib/security/jssecacerts
$JAVA_HOME/lib/security/cacerts
javax.net.ssl.trustStorePassword - Password to unlock the keystore file (store password) specified by javax.net.ssl.trustStore.


Back to Original Question