Re: A solution to the SSL customizing problem - Mailing list pgsql-jdbc

From Ulrich Meis
Subject Re: A solution to the SSL customizing problem
Date
Msg-id 200410200049.39716.kenobi@halifax.rwth-aachen.de
Whole thread Raw
In response to Re: A solution to the SSL customizing problem  (Kris Jurka <books@ejurka.com>)
List pgsql-jdbc
On Sunday 17 October 2004 14:07, Kris Jurka wrote:
> On Sat, 16 Oct 2004, Ulrich Meis wrote:
> > [here's a patch to customize ssl.]
>
> I've applied a modified version of this patch.  I moved the Driver.makeSSL
> implementation into it's own class to not use @SSL@ everywhere.  I renamed
> the sslfactoryargs to sslfactorarg because it really is one argument.  If
> the user chooses to encode multiple arguments into it, that's really his
> own business.  I put a NonValidatingFactory class in to demonstrate
> how this can work and provide the most requested functionality.

Thanks a lot!

> Questions:
>
> In the non-validating factory I have a SSLContext.getInstance("TLS"), but
> I've also seen it use "SSL".  Is either preferred or does it matter for
> pg?

The JSSE docs say :

---
Like other JCA provider-based "engine" classes, SSLContext objects are created
using the getInstance factory methods of the SSLContext class. These static
methods each return an instance that implements at least the requested secure
socket protocol.
---

My guess is that the minimum requirement for pg is ssl (tls being its
successor). Hence, I would use getInstance("SSL") but I suppose most java
versions will support both anyway.

Uli


pgsql-jdbc by date:

Previous
From: Oliver Jowett
Date:
Subject: Re: Avoiding explicit addDataType calls for PostGIS
Next
From: "Serguei Mokhov"
Date:
Subject: Translation updates: ru.po