| From: | Oliver Jowett <oliver(at)opencloud(dot)com> |
|---|---|
| To: | Kris Jurka <books(at)ejurka(dot)com> |
| Cc: | Ulrich Meis <kenobi(at)halifax(dot)rwth-aachen(dot)de>, pgsql-jdbc(at)postgresql(dot)org |
| Subject: | Re: A solution to the SSL customizing problem |
| Date: | 2004-10-17 19:32:16 |
| Message-ID: | 4172C8C0.6030501@opencloud.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
Kris Jurka wrote:
> In the non-validating factory I have a SSLContext.getInstance("TLS"), but
> I've also seen it use "SSL". Is either preferred or does it matter for
> pg?
http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#AppA
has a list of 'standard' protocol names. "TLS" supports the largest set
of protocols, I believe.
> I've been building the jdbc2ee jar files against the actual j2sdkee1.2.1,
> not just the jdbc optional package. This includes support for
> javax.net.ssl.SSLSocketFactory, but not javax.net.ssl.SSLContext and
> associated classes which are in com.sun.net.ssl instead. So at the moment
> I've modified the ssl requirements to not build ssl into this
> particular jar. What do we want to do about this:
>
> - nothing, the ee really meant datasource and was never meant to
> include ssl
> - make the existing ssl support work by not building the
> NonValidingFactory class
Either of these look OK to me.
> - make everything work by building the NonValidatingFactory by importing
> from com.sun.net.ssl instead.
I think this is a bad idea, it'd break the build on non-Sun JDKs.
-O
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Oliver Jowett | 2004-10-17 19:50:20 | Re: setBinaryStream can abandon connection |
| Previous Message | Németh György | 2004-10-17 18:27:33 | Problem with PostgreSQL JDBC driver |