Security Guide

Table of Contents

1. SSL/TLS Security
Introduction to SSL/TLS
Secure Transport Protocols
Java Keystores
How to Use X.509 Certificates
Configuring JSSE System Properties
Setting Security Context for the Openwire/SSL Protocol
SSL/TLS Tutorial
2. Managing Certificates
What is an X.509 Certificate?
Certification Authorities
Choice of CAs
Commercial Certification Authorities
Private Certification Authorities
Certificate Chaining
Special Requirements on HTTPS Certificates
Creating Your Own Certificates
Prerequisites
Set Up Your Own CA
Use the CA to Create Signed Certificates in a Java Keystore
Adding Trusted CAs to a Java Trust Store
3. Authentication and Authorization
Programming Client Credentials
Configuring Credentials for Broker Components
Simple Authentication Plug-In
JAAS Authentication
Introduction to JAAS
JAAS Simple Authentication Plug-In
JAAS Certificate Authentication Plug-In
JAAS LDAP Authentication Plug-In
Broker-to-Broker Authentication
Authorization Plug-In
Programming Message-Level Authorization
4. LDAP Authentication Tutorial
Tutorial Overview
Tutorial: Install a Directory Server and Browser
Tutorial: Add User Entries to the Directory Server
Tutorial: Enable LDAP Authentication in the Broker and its Clients
A. ASN.1 and Distinguished Names
ASN.1
Distinguished Names
B. Licenses
OpenSSL License
Index
List of Figures
List of Tables
List of Examples