Java Secure Socket Extension

Edit online

Java™ Secure Socket Extension (JSSE) is like a framework that abstracts the underlying mechanisms of Transport Layer Security (TLS). By abstracting the complexity and peculiarities of the underlying protocols, JSSE enables programmers to use secure encrypted communications while at the same time minimizing possible security vulnerabilities. Java Secure Socket Extension (JSSE) uses the TLS protocol to provide secure encrypted communications between your clients and servers.

TLS provides a means of authenticating a server and a client to provide privacy and data integrity. All TLS communications begin with a "handshake" between the server and the client. During the handshake, TLS negotiates the cipher suite that the client and server use to communicate with each other. This cipher suite is a combination of the various security features available through TLS.

JSSE does the following to improve the security of your application:

Protects communication data through encryption.
Authenticates remote user IDs.
Authenticates remote system names.

Note: JSSE uses a digital certificate to encrypt the socket communication of your Java application. Digital certificates are an Internet standard for identifying secure systems, users, and applications. You can control digital certificates using the IBM® Digital Certificate Manager. For more information, see IBM Digital Certificate Manager.

To make your Java application more secure by using JSSE:

Prepare the IBM i to support JSSE.
Design your Java application to use JSSE by:
- Changing your Java socket code to use socket factories if you do not use socket factories already.
- Changing your Java code to use JSSE.
Use a digital certificate to make your Java application more secure by:
1. Selecting a type of digital certificate to use.
2. Using the digital certificate when you run your application.

You can also register your Java application as a secure application by using the QsyRegisterAppForCertUse API.