The Java Secure Socket Extension (JSSE) is a Java package that enables secure Internet communications. It implements a Java version of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols and includes function for data encryption, server authentication, message integrity, and optional client authentication.
By abstracting the complex underlying security algorithms and "handshaking" mechanisms, JSSE minimizes the risk of creating subtle but dangerous security vulnerabilities. Furthermore, it simplifies application development by serving as a building block which developers can integrate directly into their applications. Using JSSE, developers can provide for the secure passage of data between a client and a server running any application protocol (such as HTTP, Telnet, NNTP, and FTP) over TCP/IP.
New to SDK 1.4.2 is a second JSSE provider called JSSE2. Some of the major additions to the JSSE2 provider include the following:
The JSSE2 provider replaces most of the functionality of the original JSSE provider. We anticipate that at a later date the original JSSE provider will be removed from the SDK. For more details on the differences between JSSE and JSSE2 please see the JSSE2 security documentation on developerworks which in linked to in the below section titled "Online Documentation and Samples".
- improved serviceability
- Uses IBM cryptographic providers such as IBMJCE4758 and IBMJCE instead of internal crypto operations
To download a copy of the documentation for the IBMJSSE provider, see the Security documentation on developerWorks. In addition to this cross platform information, z/OS specific information for JSSE can be found in the z/OS JSSE Reference Guide.
The z/OS version of JSSE does NOT provide support for PKCS11.
IBMJSSE uses keytool rather than iKeyman to create, import, etc. keys and certificates. keytool can create certificate requests for, and import certificates from the gskkyman utility provided by the System SSL product.
keytool is shipped as part of the JVM and is located in the directory: $JAVA_HOME/bin