I have a client <-> server application that uses CORBA for communication. The client application is launched in a client machine using Java Web Start. I need to enable IIOP over SSL for the applications. On the server side, this easily done by setting keystore and keystore password in the jacorb.properties. I am not sure how to enable SSL on the client side with Javaws launch as I know very little about Java Web Start.
- What are my options for enabling SSL for the javaws client application?
- If the client keystore file is placed in the server machine, how should the client application access or retrieve it?
- Or can the client application generate a keystore dynamically everytime it is launched?
A little history of the application if it might help.
Prior to the upgrade the client application used custom SSL socket factory classes which retrieved the keystore from remote server machine. However, for various other reasons, we had to remove these socket factory class during the JacORB upgrade.
I decided to package the keystore in a jar and access it with JNLP. I wrote a sample program to test it. The code is available on GitHub
https://github.com/KiranMohan/corba-javaws-ssl