Java Secure Socket Extension 1.0.3 IBMJSSE Overview

Table of Contents

• Overview
• On line documentation and samples
• Restrictions

Overview

The Java Secure Socket Extension (JSSE) is a Java package that enables secure Internet communications. It implements a Java version of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols and includes function for data encryption, server authentication, message integrity, and optional client authentication.

By abstracting the complex underlying security algorithms and "handshaking" mechanisms, JSSE minimizes the risk of creating subtle but dangerous security vulnerabilities. Furthermore, it simplifies application development by serving as a building block which developers can integrate directly into their applications. Using JSSE, developers can provide for the secure passage of data between a client and a server running any application protocol (such as HTTP, Telnet, NNTP, and FTP) over TCP/IP.

New to SDK 1.4.2 is a second JSSE provider called JSSE2. Some of the major additions to the JSSE2 provider include the following:

• improved serviceability
• Uses IBM cryptographic providers such as IBMJCE4758 and IBMJCE instead of internal crypto operations

Back to top

Online documentation and samples

To download a copy of the documentation for the IBMJSSE provider, see the Security documentation on developerWorks. In addition to this cross platform information, z/OS specific information for JSSE can be found in the z/OS JSSE Reference Guide.

Back to top

Restrictions

The z/OS version of JSSE does NOT provide support for PKCS11.

IBMJSSE uses keytool rather than iKeyman to create, import, etc. keys and certificates. keytool can create certificate requests for, and import certificates from the gskkyman utility provided by the System SSL product.

keytool is shipped as part of the JVM and is located in the directory: $JAVA_HOME/bin

Back to top