| From: | Oliver Jowett <oliver(at)opencloud(dot)com> |
|---|---|
| To: | Oliver Nolden <oliver_nol(at)yahoo(dot)de> |
| Cc: | pgsql-jdbc(at)postgresql(dot)org |
| Subject: | Re: SSL without verifying server certificate |
| Date: | 2004-02-16 22:48:42 |
| Message-ID: | 403148CA.5040204@opencloud.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
Oliver Nolden wrote:
> Hi everyone,
>
> I want to realize a secure database connection with jdbc and SSL
> between an applet and a postgres database 7.4. The driver pg74jdbc3.jar
> supports SSL, I created the server certificates with OpenSSL. The
> postgres server works fine with ssl. To establish a ssl connection with
> the client, you have to import the self-signed certificate to the
> client`s machine.
>
> Now my question: Is it possible to establish a ssl connection without
> importing the server certificate to the client machine? i.e. that
> the jdbc driver does not verify the self-signed server certificate?
> Thereby I could use the applet on every computer.
If you do this, you become vulnerable to man-in-the-middle attacks.
Might as well just use an unencrypted connection in the first place.
-O
| From | Date | Subject | |
|---|---|---|---|
| Next Message | d.wall | 2004-02-17 02:38:46 | Re: SSL without verifying server certificate |
| Previous Message | Oliver Nolden | 2004-02-16 22:30:53 | SSL without verifying server certificate |