Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Introduction Name – Tanuj Agrawal Class – IT-I  VI Sem Topic – Implementation Of  SSL In Java  (Tomcat) And In PHP
Web Server And Web Container <ul><li>Web Server is the application that understand the HTTP request  only (it does not pro...
What is Tomcat <ul><li>Tomcat is  not  a  web server it is a package which contains web server and  web container. </li></...
What is SSL (Secure Socket Layer) <ul><li>SSL, or Secure Socket Layer, is a technology which allows web browsers and web s...
<ul><li>Another important aspect of the SSL protocol is Authentication. This means that during your initial attempt to com...
What is certificate ? <ul><li>In order to implement SSL, a web server must have an associated Certificate for each externa...
Configuring  tomcat for running SSL <ul><li>It has been Done In Three Easy Steps. </li></ul><ul><li>1-Generating A self si...
Step-1 <ul><li>Java provides a relatively simple command-line tool, called keytool , which can easily create a &quot;self-...
<ul><li>Certificate signing request (.csr) </li></ul><ul><li>keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr ...
Step-2 <ul><li>Configuring  the server.xml for enabling the  SSL support in Tomcat that server.xml will be found in the  <...
Step-3 <ul><li>Configuring your application’s web.xml </li></ul><ul><li>open the  web.xml  of that application and just ad...
<ul><li>/*  indicates that now, any resource in your application can be accessed only with  https  be it Servlets or JSP’s...
SSL on PHP <ul><li>We use the  XAMPP  server for running  PHP .it is a complete package with all the required tools. </li>...
<ul><li>Thank You </li></ul><ul><li>TANUJ AGRAWAL </li></ul><ul><li>(tanuj.agrawal@hotmail.com) </li></ul>
Upcoming SlideShare
Loading in …5
×

Implementation of ssl injava

859 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Implementation of ssl injava

  1. 1. Introduction Name – Tanuj Agrawal Class – IT-I VI Sem Topic – Implementation Of SSL In Java (Tomcat) And In PHP
  2. 2. Web Server And Web Container <ul><li>Web Server is the application that understand the HTTP request only (it does not process the request) and give the request to the appropriate container for processing. </li></ul><ul><li>Web Container-Web Container is the actual one that processes the request and generate the response. </li></ul><ul><li>Types of containers </li></ul><ul><li>A-Context (Application) </li></ul><ul><li>B-Engine (Service) </li></ul><ul><li>C-Host (Virtual Host) </li></ul><ul><li>D-Cluster (Set of Application) </li></ul><ul><li>There can be multiple containers within the single server. </li></ul>
  3. 3. What is Tomcat <ul><li>Tomcat is not a web server it is a package which contains web server and web container. </li></ul><ul><li>Actually when we install the Tomcat application named as HtttpConnector is installed with it which works as the Web Server. </li></ul><ul><li>Tomcat uses the Apache Portable Runtime (APR) it provides some functionality. </li></ul><ul><li> A-Advanced i/O functionality </li></ul><ul><li>B-Support for OpenSSL </li></ul><ul><li>C-OS level functionality </li></ul><ul><li>It includes three connectors </li></ul><ul><li>A-HTTP </li></ul><ul><li>B-HTTPS </li></ul><ul><li>C-AJP (Apache Java Protocol) </li></ul><ul><li>Tomcat uses the JSSE configuration and uses the open SSL style configuration. </li></ul>
  4. 4. What is SSL (Secure Socket Layer) <ul><li>SSL, or Secure Socket Layer, is a technology which allows web browsers and web servers to communicate over a secured connection. This means that the data being sent is encrypted by one side, transmitted, then decrypted by the other side before processing. This is a two-way process, meaning that both the server AND the browser encrypt all traffic before sending out data. </li></ul>
  5. 5. <ul><li>Another important aspect of the SSL protocol is Authentication. This means that during your initial attempt to communicate with a web server over a secure connection, that server will present your web browser with a set of credentials, in the form of a &quot;Certificate&quot;, as proof the site is who and what it claims to be. In certain cases, the server may also request a Certificate from your web browser, asking for proof that you are who you claim to be. This is known as &quot;Client Authentication,&quot; although in practice this is used more for business-to-business (B2B) transactions than with individual users. Most SSL-enabled web servers do not request Client Authentication. </li></ul>
  6. 6. What is certificate ? <ul><li>In order to implement SSL, a web server must have an associated Certificate for each external interface (IP address) that accepts secure connections. The theory behind this design is that a server should provide some kind of reasonable assurance that its owner is who you think it is, particularly before receiving any sensitive information </li></ul><ul><li>For sites involved in e-commerce, or any other business transaction in which authentication of identity is important, a Certificate is typically purchased from a well-known Certificate Authority (CA) such as VeriSign or Thawte. Such certificates can be electronically verified -- in effect, the Certificate Authority will vouch for the authenticity of the certificates that it grants, so you can believe that that Certificate is valid if you trust the Certificate Authority that granted it. </li></ul>
  7. 7. Configuring tomcat for running SSL <ul><li>It has been Done In Three Easy Steps. </li></ul><ul><li>1-Generating A self signed certificate. </li></ul><ul><li>2-Configuring The Tomcat For enabling SSL </li></ul><ul><li>3-Configuring your application to run on SSL </li></ul>
  8. 8. Step-1 <ul><li>Java provides a relatively simple command-line tool, called keytool , which can easily create a &quot;self-signed&quot; Certificate. Self-signed Certificates are simply user generated Certificates which have not been officially registered with any well-known CA, and are therefore not really guaranteed to be authentic at all.It generates the keystore file which would store the details of the certificates necessary to make the protocol secured. </li></ul><ul><li>First we create a keystore file (.jks) </li></ul><ul><li>keytool -genkey -alias tomcat -keyalg RSA -keystore C:keystore.jks </li></ul><ul><li>When we give this command it will ask for some information about your name,organization,locality etc. </li></ul>
  9. 9. <ul><li>Certificate signing request (.csr) </li></ul><ul><li>keytool -certreq -keyalg RSA -alias tomcat -file certreq.csr -keystore c:keystore.jks </li></ul><ul><li>This (.csr) can be sent to certifying authority for certification. </li></ul><ul><li>After getting back the authenticated certificate from the vendor it can be imported into the keystore of your server. </li></ul>
  10. 10. Step-2 <ul><li>Configuring the server.xml for enabling the SSL support in Tomcat that server.xml will be found in the </li></ul><ul><li>C:Program FilesApache Software FoundationTomcat 6.0conf </li></ul><ul><li>Find this tag in this file </li></ul><ul><li><!-- </li></ul><ul><li><Connector port=&quot;8443&quot; ……………. /> </li></ul><ul><li>--> </li></ul><ul><li>By default it is commented remove the comments and place an additional attribute keystore in this tag </li></ul><ul><li>keystoreFile=&quot;C:keystore.jks&quot; </li></ul>
  11. 11. Step-3 <ul><li>Configuring your application’s web.xml </li></ul><ul><li>open the web.xml of that application and just add this XML fragment before web-app ends i.e </web-app> </li></ul><ul><li><security-constraint> <web-resource-collection> <web-resource-name>securedapp</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee> CONFIDENTIAL </transport-guarantee> </user-data-constraint> </security-constraint> </li></ul>
  12. 12. <ul><li>/* indicates that now, any resource in your application can be accessed only with https be it Servlets or JSP’s </li></ul><ul><li>The term CONFIDENTIAL is the term which tells the server to make the application work on SSL. If you want to turn the SSL mode for this application off then just turn don’t delete the fragment. Just put the value as NONE instead of CONFIDENTIAL </li></ul><ul><li>Now your server and application both has been configured to run on SSL . Type https://localhost :8443 </li></ul><ul><li>URL in browser. A page opens with a warning .This warning comes due to the self signed certificates because browser can not auhenticate these certificates so we have to add an exception. </li></ul>
  13. 13. SSL on PHP <ul><li>We use the XAMPP server for running PHP .it is a complete package with all the required tools. </li></ul><ul><li>Apache server </li></ul><ul><li>PHP </li></ul><ul><li>MySQL </li></ul><ul><li>It have many extensions already installed with it and openSSL is also one of them. So we need not to do anything with XAMPP for running SSL on PHP . We should type the URL https://localhost in your browser and need to add an exception and it will run. </li></ul>
  14. 14. <ul><li>Thank You </li></ul><ul><li>TANUJ AGRAWAL </li></ul><ul><li>(tanuj.agrawal@hotmail.com) </li></ul>

×