You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by Apache Wiki <wi...@apache.org> on 2008/01/20 17:10:52 UTC
[Httpcomponents Wiki] Update of "AlternativeJSSE" by RolandWeber
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Httpcomponents Wiki" for change notification.
The following page has been changed by RolandWeber:
http://wiki.apache.org/HttpComponents/AlternativeJSSE
The comment on the change is:
updated some links
New page:
= JSSE Implementations =
HttpClient does not come with support for SSL/TLS because it doesn't have to.
Both security protocols are for the transport layer, while the HTTP protocol
operates on top of the transport layer. You can mix and match HttpClient with
any independent SSL/TLS implementation. Our
[http://hc.apache.org/httpclient-3.x/sslguide.html SSL/TLS guide]
explains how to do this.
The standard [http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#KeyClasses Java API for SSL/TLS]
is called [http://java.sun.com/products/jsse/index.jsp JSSE (Java Secure Socket Extension)].
This page lists some JSSE providers, that is implementations of the API, which you can use.
It starts with JSSE providers that are bundled with JDKs, then follow independent packages.
Some of the [http://hc.apache.org/httpclient-3.x/sslguide.html SSL code]
in the HttpClient contrib package is hard-coded against the SUN JSSE provider,
since classes under com.sun.* are referenced. If you are using a different provider,
you have to adapt the code to use the respective API of that provider.
Problems you may encounter with some JSSE implementations are sometimes caused by the fact
that the secure sockets provided not always correctly implement all socket operations
used by HttpClient.
== SUN JSSE ==
SUN JDKs since 1.4 are shipped with the SUN JSSE provider.
There is a separate package that can be downloaded and installed for older JDKs.
The SUN JSSE provider is reported to be stable for use with HttpClient since JDK 1.4.2.
Older versions, and the separate download packages for older JDKs, are reported to cause problems.
== IBM JSSE ==
IBM JDKs ship with an IBM JSSE provider replacing the one from SUN. Here is the
[http://www-128.ibm.com/developerworks/java/jdk/security/142/secguides/jssedocs/JSSERefGuide.html documentation]
for the JSSE. Platform specific security information for the IBM JDK 1.4.2 is available
[http://www-128.ibm.com/developerworks/java/jdk/security/142/ here].
Information about older JDKs seems to be unavailable or is well hidden.
== JESSIE ==
[http://www.nongnu.org/jessie/ JESSIE] stands for ''JESSIE Executes Secure Sockets In Excess''.
It is a free implementation of JSSE with a relaxed GNU license.
== SSLava ==
[http://www.oracle.com/technology/products/id_mgmt/phaos/prod_doc.html#ssl Oracle Phaos SSLava]
== iSaSiLk ==
Developed at the Technical University of Graz,
[http://jce.iaik.tugraz.at/products/02_isasilk/index.php iSaSiLk]
is not a cheap, but a good SSL/TLS implementation.
[http://mail-archives.apache.org/mod_mbox/jakarta-httpcomponents-dev/200505.mbox/%3c20050525081051.GA11987@uml24.umlhosting.ch%3e Recommended by Oleg.]
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org