Re: Jdbc1 over SSL

1)
I do not know much about configuring SSL on the backend side, but with a
java-client you probably will need at least jdk1.2.x. I think this is the
oldest jdk version which will work with JSSE -- Sun's SSL implementation for
java (I only used JSSE with jdk1.3.x).

2)
As much as I can tell, the PostgreSQL JDBC driver does not support SSL, but
I do not think it is very complicated to build in this support. As a first
shot, I would try replacing the line:

connection = new Socket(host, port);

in the constructor of PG_Stream with something like this:

SSLSocketFactory factory = (SSLSocketFactory)
SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket)factory.createSocket(host, port);
sslSocket.startHandshake(); // You may need to move this line to a
more appropriate place or remove it altogether.
connection = sslSocket;

. (If you want to continue to be able to use plain Sockets, you should of
course use some custom properties to control which socket to construct.)

3)
Once you made sure that your jdbc driver uses SSLSocket, the only thing left
is to configure your PostgreSQL backend as described in the PostgreSQL
documentation AND to configure JSSE as described in the JSSE documentation.
(For JSSE it means setting some system properties and modify the
java.security file. If both PGSQL backend and JSSE support the same SSL
version (for JSSE I think it is SSL 3.0) and the SSL support is correctly
implemented in the PostgreSQL backend, you should be able to get a working
setup. (I already used JSSE successfully with products other than
PostgreSQL.)

I hope this helps.

Peter

> -----Original Message-----
> From: victor3(dot)lopes(at)voila(dot)fr [mailto:victor3(dot)lopes(at)voila(dot)fr]
> Sent: Monday, February 18, 2002 10:16 AM
> To: pgsql-jdbc(at)postgresql(dot)org
> Subject: [JDBC] Jdbc1 over SSL
>
>
> Hello, i have installed Postgresql 7.2 on my Linux server.
>
> I work on a applet conception in JDK1.1.8.
>
> The configuration on my server :
> OpenSSL 0.9.6c
> Postgresql 7.2 build with SSL support.
>
> The configuration on my client :
> Netscape 4.79 (windows Version).
> My applet with jdbc1 and postgresql7.2 driver
>
> I wan't to secure the communication between the client and
> server over SSL.
>
> Can you explain me how i can do it with jdbc1 ?
>
> Thanks for your response !
>
> ____________________________________________________________
> Faites un voeu et puis Voila ! www.voila.fr
> Avec Voila Mail, consultez vos e-mails sur votre mobile Wap.
>
> ---------------------------(end of
> broadcast)---------------------------
> TIP 6: Have you searched our list archives?
>
> http://archives.postgresql.org
>