| This example shows how to setup a JSR 160 RMIConnectorServer over SSL.
An RMI server that has been setup to use SSL uses a private key to encrypt the
communication with the client. The client must know the server's public key in order
to be able to decrypt the communication; public keys are stored in X509 certificates.
This X509 certificate is generated by the server and should be made available to
clients (for example by distributing it).
The private and public key are normally stored in a server-side key store that can
be created by using the JDK's keytool utility; here is a sample command that can
be invoked to generate a keystore:
keytool -genkey -v -keystore key.store -storepass storepwd -dname "CN=Anonymous Geek, OU=MX4J Development Team, O=The MX4J Project, L=New York City, S=NY, C=US"
It creates a 'key.store' file that must be present in the classpath when running this example.
The next step is to export the X509 certificate for the clients, with the following command:
keytool -export -v -storepass storepwd -keystore key.store -file myserver.cer
It is also possible to generate a trust store containing the X509 certificate that
can be used directly by the client with the following command:
keytool -export -v -storepass storepwd -keystore key.store | keytool -import -v -storepass storepwd -keystore trust.store -noprompt
Once you have exported the X509 certificate, follow the instructions on how to setup
the client
Client here .
version: $Revision: 1.1 $ |