| From: | Ulrich Meis <kenobi(at)halifax(dot)rwth-aachen(dot)de> |
|---|---|
| To: | Kris Jurka <books(at)ejurka(dot)com> |
| Cc: | Oliver Jowett <oliver(at)opencloud(dot)com>, pgsql-jdbc(at)postgresql(dot)org |
| Subject: | Re: A solution to the SSL customizing problem |
| Date: | 2004-10-19 22:49:39 |
| Message-ID: | 200410200049.39716.kenobi@halifax.rwth-aachen.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
On Sunday 17 October 2004 14:07, Kris Jurka wrote:
> On Sat, 16 Oct 2004, Ulrich Meis wrote:
> > [here's a patch to customize ssl.]
>
> I've applied a modified version of this patch. I moved the Driver.makeSSL
> implementation into it's own class to not use @SSL@ everywhere. I renamed
> the sslfactoryargs to sslfactorarg because it really is one argument. If
> the user chooses to encode multiple arguments into it, that's really his
> own business. I put a NonValidatingFactory class in to demonstrate
> how this can work and provide the most requested functionality.
Thanks a lot!
> Questions:
>
> In the non-validating factory I have a SSLContext.getInstance("TLS"), but
> I've also seen it use "SSL". Is either preferred or does it matter for
> pg?
The JSSE docs say :
---
Like other JCA provider-based "engine" classes, SSLContext objects are created
using the getInstance factory methods of the SSLContext class. These static
methods each return an instance that implements at least the requested secure
socket protocol.
---
My guess is that the minimum requirement for pg is ssl (tls being its
successor). Hence, I would use getInstance("SSL") but I suppose most java
versions will support both anyway.
Uli
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Serguei Mokhov | 2004-10-21 07:47:34 | Translation updates: ru.po |
| Previous Message | Oliver Jowett | 2004-10-19 21:36:39 | Re: Avoiding explicit addDataType calls for PostGIS |