Re: SSL Problem
От | Kris Jurka |
---|---|
Тема | Re: SSL Problem |
Дата | |
Msg-id | Pine.BSO.4.56.0407161224440.22335@leary.csoft.net обсуждение исходный текст |
Ответ на | Re: SSL Problem (José Carlos Stevenson <postgresql@windfinder.com.br>) |
Список | pgsql-jdbc |
On Fri, 16 Jul 2004, [ISO-8859-1] Jos� Carlos Stevenson wrote: > I've been using JWS to deploy an application that uses postgresql. > I've configured pg to use MD5 for a minimum of security (user and > passwd) - how can I deploy an app that uses SSL WITHOUT having to run > keytool on each machine? > Can I "show" the certificate (self signed) and ask the user if he/she > would like to accept it as valied? Is thera a HOWTO anywhere or some > sample code showing how to do that? One answer is to use a server key/cert that has been signed by a certificate authority thats already distributed with the JVM, but that's going to cost you money. A number of people have asked to not require a trusted cert to get around both this problem and something like an applet which has no control. The decrease in security has made me hesitant to do this. A while back Chris Smith proposed a patch to allow the user to supply their own SSLSocketFactory. http://archives.postgresql.org/pgsql-jdbc/2004-02/msg00218.php I didn't like this at the time, but perhaps we should revisit it. Kris Jurka
В списке pgsql-jdbc по дате отправления: