Home > mailing lists

Re: SSL without verifying server certificate - Mailing list pgsql-jdbc

From	Oliver Jowett
Subject	Re: SSL without verifying server certificate
Date	February 16, 2004 21:48:50
Msg-id	403148CA.5040204@opencloud.com Whole thread Raw
In response to	SSL without verifying server certificate (Oliver Nolden <oliver_nol@yahoo.de>)
Responses	Re: SSL without verifying server certificate (d.wall@computer.org) Re: SSL without verifying server certificate (Oliver Nolden <oliver_nol@yahoo.de>)
List	pgsql-jdbc

Tree view

Oliver Nolden wrote:
> Hi everyone,
>
> I want to realize a secure database connection with jdbc and SSL
> between an applet and a postgres database 7.4. The driver pg74jdbc3.jar
> supports SSL, I created the server certificates with OpenSSL. The
> postgres server works fine with ssl. To establish a ssl connection with
> the client, you have to import the self-signed certificate to the
> client`s machine.
>
> Now my question: Is it possible to establish a ssl connection without
> importing the server certificate to the client machine? i.e. that
> the jdbc driver does not verify the self-signed server certificate?
> Thereby I could use the applet on every computer.

If you do this, you become vulnerable to man-in-the-middle attacks.
Might as well just use an unencrypted connection in the first place.

-O

pgsql-jdbc by date:

From: Oliver Nolden
Date: 16 February 2004, 21:30:59
Subject: SSL without verifying server certificate

From: d.wall@computer.org
Date: 17 February 2004, 01:40:59
Subject: Re: SSL without verifying server certificate

Re: SSL without verifying server certificate - Mailing list pgsql-jdbc

Previous

Next