Certificates
Certificates basically two categories.
Self Signed Certificates - will create by self
CA Certificates - will be provided by Third party vendor with robust algorithms
Depends on the location of installing the certificate these are two types
1. Public Key Certificates (Client Side)
2. Private Key Certificates (Server Side)
Self Signed Certificates
If any one is using self signed certificates in their applications
they have to make sure both server side and client side certificates are in sync.
Other wise we should be ready to face SSLHandShake Exceptions. These will be preferable mostly for lower environments not for production.
CA certificates
If you install CA certificates on server side, client side certificates are installed automatically whenever they access the server. So in production for CA certificates there is no need to install the client side certificates.
We can generate a Self Signed Certificate using Java Key tool
JAVA_HOME/bin/keytool.exe
Certificates basically two categories.
Self Signed Certificates - will create by self
CA Certificates - will be provided by Third party vendor with robust algorithms
Depends on the location of installing the certificate these are two types
1. Public Key Certificates (Client Side)
2. Private Key Certificates (Server Side)
Self Signed Certificates
If any one is using self signed certificates in their applications
they have to make sure both server side and client side certificates are in sync.
Other wise we should be ready to face SSLHandShake Exceptions. These will be preferable mostly for lower environments not for production.
CA certificates
If you install CA certificates on server side, client side certificates are installed automatically whenever they access the server. So in production for CA certificates there is no need to install the client side certificates.
We can generate a Self Signed Certificate using Java Key tool
JAVA_HOME/bin/keytool.exe
I think openssl also will be useful for generating the certificates. SSL certificates is one of the painful things to configure in dev environment. Need more details..
ReplyDelete