• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Enabling SSL

 
Devanand Kam
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Could you please provide information on how to perform SSL encryption on application level based on the following information :

Data must be encrypted with block cipher in compliance with DES;

Data encryption must use 128 bit RCA or 2 – Key - 3DES (168 bit) with setting given as SSL_RSA_WITH_3DES_EDE_CBC_SHA or SSL_RSA_WITH_RC4_128_SHA; and

SHA-1 hash algorithms must be used.
 
Lester Burnham
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Some points in no particular order:
  • SSL is for securing network connections; it doesn't sound like that's what you intend to do
  • DES is obsolete and should be considered insecure; use TripleDES or AES instead (it actually looks as if you meant TripleDES, not DES)
  • SHA is a hash (or digest), sometimes called one-way encryption (in which the encrypted text is not recoverable)
  • SHA-1 is obsolete and should not be used at this point; consider using SHA-2 instead (also known as SHA-256/SHA-384/SHA-512)


  • If you told us what, exactly, you intend to you we might be able to give more targeted advice. In particular, how do the 3 parts of your question fit together?
     
    Devanand Kam
    Greenhorn
    Posts: 3
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Our current application is on Websphere 5.0. Third Party users on some other network fires an https request to a Proxy server sitting on other network.
    The proxy server receives encrypted and digitally signed data over https and sends http request ( decrypted + signed data) to our application.

    Our application unsigns the data and processes it. Before sending the response back to Proxy server over http, our application creates a signed data and does a direct HTTP Post to Proxy server.
    THe proxy server encryptes the signed data and sends to Third Party users.


    Now the requirement is the Proxy server would be removed. and all the functionality needs to be maintained within our application :
    - SSL Encryption / decryption
    - URL mapping and DNS mapping

    We need an approach to set this up without modifying the application.

     
    Maneesh Godbole
    Saloon Keeper
    Posts: 11073
    13
    Android Eclipse IDE Google Web Toolkit Java Mac Ubuntu
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    VanAnand Anand wrote:


    Please check your private messages for an important administrative matter.
     
    • Post Reply
    • Bookmark Topic Watch Topic
    • New Topic