I'm new to SSL connections, so here's my question.
I have a desktop Java program. This jar in a jar file sends sensitive information to the remote tomcat server on the internet. Of course I need to encrypt the data.
If I buy an SSL certificate, then VCS is asking, will the data sent to SSL be automatically encrypted?
I mean I still need to do additional work to use the Java encryption extension API to encrypt my data manually on my JAR in SSL connections?
Thank you.
By the way, the certificate goes on the server side (unless you also want to do client-authentication, well, you also have a client certificate).
And of course, you can use self-signed certificates, but one advantage of using a certificate signed by the famous Certificate Authority (CA) such as a Welcome, Thotté etc. is that you have it M will not need to add trust to the store (unless you disable the verification mechanism).
Comments
Post a Comment