• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Signing a public key/certificate?

 
Greenhorn
Posts: 4
VI Editor Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have some problems about what the actual signing process does. Asymetric cryptography is completly clear to me atleast from a mathematical point of view.

When I know create a private and a public key and keep the private one and give the public one away to people I would like to communicate with they can encrypt the information with this key and I can decrypt the messages with my key.

So where is the use of signing a key, especially self-signing a key and what is exaclty done when a key got signed?

PS.: I just randomly picked one of the subforum because I have no plan which fitts with my needs. I want to setup a glassfish v4 server that lets only access users to a servlet with already own the public key or whatever the signing process does with the public key. I am like reading a million tutorials which use different keytools make different suggestions and tell me about this or that shouldn't be used in practice but we doing it here anyway stuff. I have no idea how to reach my goal atm. :/
 
author
Posts: 23951
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Bax Fos wrote:
So where is the use of signing a key, especially self-signing a key and what is exaclty done when a key got signed?



Long story short. Signing a certificate basically means encrypting it with your private key. Since it can be decrypted (with a public key), it is not secure obviously. However, it does prove that you encrypted (signed) it, as you are the only one holding the private key (and is capable of doing it).

Henry
 
Bax Fos
Greenhorn
Posts: 4
VI Editor Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Where do I get the certificate to sign it?
I want to provide a webservice via glassfish v4 with a servlet which just a chosen number of user can connect to. These users already have the public key on their devices (manually installed).
Since I am completly new to JavaWebservices and all this server stuff I would be happy if you could explain in detail if you know something about it.
 
Henry Wong
author
Posts: 23951
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

There is a world of difference between "what is signing?" to "how to setup web services for glassfish?". Furthermore, security is a layer on top of that. Additionally, Web Services and Servlets are not the same thing, so there is confusion in your question as well...

Perhaps starting with the glassfish tutorials would be a good idea?

Henry
 
God is a comedian playing for an audience that is afraid to laugh - Voltair. tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic