A simple JSSL secure clint/server program that allows multithreading sockets. Multiple clients can log on simultaniously and fill out user information. Both client and server display various properties of each socket's session upon creation and subsequent connections. Once the user's information is collected,\ - for each user - the collected information is stored in a text file, i.e. 'username'.txt. Each client has the ability to keep creating usernames until they choose not to. For security, this program uses SSL, keystores, truststores, and trusted certificates, along with corrosponding passwords. This process naturally encrypts messages going to and from both client and server. Both programs can be run in either regular or debug mode. Debug mode is especially interesting if you really want to understand how this process works.
JSSLInfoCollectionServer | Author | Purpose | Usage | Server Screenshot | Client Screenshot | Contents of User File Shell Script | Licence
Joshua Michael Waggoner (@rabbitfighter81)
This was written for my final project in CS3750-Computer/Network Secutiry class at MSU Denver
To run the client you must first use keytool to create a simple JKS keystore suitable for use with JSSE. Make a keyEntry (with public/private keys) in your keystore, then make corrosponding trustedCertEnttry (public keys only) in your truststore. Once created, the keystore goes in server directory and the truststore goes in the client directory.
- To run the server w/o debugging, you must add the following parameters:
- java -Djavax.net.ssl.keyStore='path to keystore' -Djavax.net.ssl.keyStorePassword='password' Server 'port'
- To run the client w/o debugging, you must add the following parameters:
- java -Djavax.net.ssl.keyStore='path to keystore' -Djavax.net.ssl.keyStorePassword='password' Client 'host name' 'port'
- To run the server w/ debugging, you must add the following parameters:
- java -Djavax.net.ssl.keyStore='path to keystore' -Djavax.net.ssl.keyStorePassword='password' -Djavax.net.debug=all Server 'port'
- To run the client w/ debugging, you must add the following parameters:
- java -Djavax.net.ssl.keyStore='path to keystore' -Djavax.net.ssl.keyStorePassword='password' -Djavax.net.debug=all Client 'host name' 'port'
I wrote a shell script to help create the truststore, keystore, and certificates, as well as help users import the certs into keystores. The script can be found here:
CCO