Calypso Learning Services

SSL (Secure Sockets Layer) and its successor, TLS (Transport Layer Security), are protocols for establishing authenticated and encrypted links between networked computers. Although the SSL protocol was deprecated with the release of TLS 1.0 in 1999, it is still common to refer to these related technologies as “SSL” or “SSL/TLS.”

SSL/TLS works by binding the identities of entities such as websites and companies to cryptographic key pairs via digital documents known as X.509 certificates. Each key pair consists of a private key and a public key. The private key is kept secure, and the public key can be widely distributed via a certificate.

The special mathematical relationship between the private and public keys in a pair mean that it is possible to use the public key to encrypt a message that can only be decrypted with the private key. Furthermore, the holder of the private key can use it to sign other digital documents (such as web pages), and anyone with the public key can verify this signature.

If the SSL/TLS certificate itself is signed by a publicly trusted certificate authority (CA), the certificate will be implicitly trusted by client software such as web browsers and operating systems. Publicly trusted CAs have been approved by major software suppliers to validate identities that will be trusted on their platforms. A public CA’s validation and certificate issuance procedures are subject to regular, rigorous audits to maintain this trusted status.

Via the SSL/TLS handshake, the private and public keys can be used with a publicly trusted certificate to negotiate an encrypted and authenticated communication session over the internet, even between two parties who have never met. This simple fact is the foundation of secure web browsing and electronic commerce as it is known today.

The most common and well-known use of SSL/TLS is secure web browsing via the HTTPS protocol. A properly configured public HTTPS website includes an SSL/TLS certificate that is signed by a publicly trusted CA. Users visiting an HTTPS website can be assured of:

Authenticity.-The server presenting the certificate is in possession of the private key that matches the public key in the certificate.
Integrity -Documents signed by the certificate (e.g. web pages) have not been altered in transit by a man in the middle.
Encryption-Communications between the client and server are encrypted.

Because of these properties, SSL/TLS and HTTPS allow users to securely transmit confidential information and login credentials over the internet and be sure that the website they are sending them to is authentic. With an insecure HTTP website, these data are sent as plain text, readily available to any eavesdropper with access to the data stream. Furthermore, users of these unprotected websites have no trusted third-party assurance that the website they are visiting is what it claims to be.

A closed padlock icon to the left of the URL. Depending on your browser and the type of certificate the website has installed, the padlock may be green and/or accompanied by identifying information about the company running it.

SSL/TLS certificates vary depending on the validation methods used and the level of trust they confer, with extended validation (EV) offering the highest level of trust.

Calypso comes with JBOSS bundled along with application, when we deploy application using web start, we provide application access via. jnlp. In such cases we tend to implement SSL. In case we have a requirement to provide access to application via web browser to either internal or external users calypso allows to configure SSL

In this course you will learn to make Calypso secure by implementing SSL. You will also learn different ways of implementing SSL in Calypso using CA Signed or Self-Signed certificates.