..::You can change the world with the knowledge::..

A discussion of web programming is not complete unless they have been learning about safety in the application. Abundant facilities, a function that will not mean very much if we fail in terms of application data security.
In this chapter, we will learn how to secure communication between server and client via SSL.

SSL has become the de facto standard in the community to secure communication between client and server. SSL stands for Secure Socket Layer is; SSL is a protocol layer that resides between the TCP / IP standard protocol on top of the application-level protocol like HTTP. SSL allows a server to perform authentication with the client and then encrypt the communication.
A discussion of the SSL operations in this chapter aims so that we know the use of this technology to secure communications between the server and client.

Enabling SSL on the application.
To know the advantages SSL on the application, we need to configure the server to accept SSL connections. On a different servlet container will be different ways to do it anyway. Here we will learn about configuring Sun Application Server 8.1

Certificates
One part of the configuration we need to establish SSL communications on the server is a security certificate. Can we imagine a certificate in this case like a passport: where have important information that the owner can be known by others. The certificate is usually spread by Certification Authorities (CA). A CA is similar such as passports office: where the CA on duty to perform certificate validation certificate to the owner and the mark can not be forged.
Until now many well-known Certification Authorities enough, one of which is Verisign. Determining election of CA is the responsibility or authority of an admin to give a valid security certificate on the server.
If a case is found in the absence of the CA certificate, a temporary certificate (temporary) can be created using tools from the Java 1.4 SDK. You need to note that the client typically does not continue the transaction that requires a high level of security and found that the certificate used is certificate that we created.
11.2.3 Creating a private key certificate
To simplify this problem, it would be easier if the operation in which the certificate is stored. It can be found to do the% APP_SERVER_HOME% / domains/domain1/config.
Open the directory using the command line. then call the following command:

keytool-genkey-alias keyAlias
-RSA-keypass keyalg keypassword
-Storepass storepassword
-Keystore keystore.jks

• keyAlias ​​- which is an alias or ID of this certificate will designate to whom.
• keypassword - is the password for the private key used in the encryption process.
• storepassword - is used for the keystore password.
In this case might be a little confusing where the two passwords are needed to create a certificate. To overcome this, we can remember that the key is inserted is also called keystore. Keystore can hold one or several keys. Keypassword is the password of the private key to be used on the certificate, while storepassword is the password of an existing key in the keystore. In the directory in which we operate already have a keystore file with a password, so we need to set the value storepass be: changeit.
This password can be changed using keytool like this:

keytool-keystore-storepass keystore.jks Newpassword