Enabling SSL Encryption

This section helps you to configure jAgent by activating SSL encryption. A valid x509 certificate and a private key (See command line options) are the key elements to activate SSL encryption.

Procedure:

You can create a self-signed certificate with OpenSSL by performing the following process.

1. Create a RSA private key.

   C:\programs\openssl\bin>openssl genrsa -out key.pem 1024
   Loading 'screen' into random state - done
   Generating RSA private key, 1024 bit long modulus
   .++++++
   ....++++++
   e is 65537 (0x10001)
   

2. Create a certificate (signing) request using the previously created private key.

   C:\programs\openssl\bin>openssl req -config c:\programs\openssl\openssl.cnf -new -key key.pem -out req.pem
   Loading 'screen' into random state - done
   You are about to be asked to enter information that will be incorporated
   into your certificate request.
   What you are about to enter is what is called a Distinguished Name or a DN.
   There are quite a few fields but you can leave some blank
   For some fields there will be a default value,
   If you enter '.', the field will be left blank.
   -----
   Country Name (2 letter code) [AU]:
   State or Province Name (full name) [Some-State]:
   Locality Name (eg, city) []:
   Organization Name (eg, company) [Internet Widgits Pty Ltd]:MyCompanyName
   Organizational Unit Name (eg, section) []:
   Common Name (eg, YOUR name) []:MyCompanyName
   Email Address []:
   Please enter the following 'extra' attributes
   to be sent with your certificate request
   A challenge password []:
   An optional company name []:
   

   NOTE: At this stage, the certificate request should be sent to a Certification Authority or proceed to the next step to self-sign the certificate if used like for testing purposes.
3. Create self-signed certificate.

   C:\programs\openssl\bin>openssl req -config c:\programs\openssl\openssl.cnf -x509 -key key.pem -in req.pem -out cert.pem
    -days 365
   Loading 'screen' into random state - done
   

4. Start jAgent in SSL mode.

   C:\programs\openssl\bin>jbase_agent –c cert.pem –k key.pem