Encryption with the TcpIpConnection class
Posted: Thu Jun 17, 2010 8:31 am
Hi,
I've implemented a straightforward server for HTML5 WebSockets. It turned out to be much easier than anticipated and Jade notifications made the comms between the webSockets server process and the normal http server processes very straightforward.
To pass data between the webSocket server and the browser I use AES encryption or just plaintext, depending on how sensitive the sender considers the data to be. Encrypting and decrypting is fast on the server but starts to get slow on the client for large messages (say around 200K) and can freeze the browser. It work fine for messages around 20K though, and most are less than this.
However, the WebSockets standard supports the equivalent of https (wss) and I was wondering if the TcpIpConnection class on the webSocket server can use the same certificates as the https connection uses. I know very little about this area - just enough to get things working - so it may be a silly question.
In Apache, I supply 3 files to get https working: XXX.ca-bundle, XXX.crt and XXX.key. XXX.ca-bundle contains the well-known root CA certificates, XXX.crt is the public certificate and XXX.key is the private key. I've looked at the JadeSSLContext and JadeX509Certificate classes but I can't see how these three files fit in with these classes.
Does anyone know if I can get encryption via these certificate files going with the TcpIpConnection class and, if so, how? Any pointers would be appreciated.
Thanks in advance,
Brendan
I've implemented a straightforward server for HTML5 WebSockets. It turned out to be much easier than anticipated and Jade notifications made the comms between the webSockets server process and the normal http server processes very straightforward.
To pass data between the webSocket server and the browser I use AES encryption or just plaintext, depending on how sensitive the sender considers the data to be. Encrypting and decrypting is fast on the server but starts to get slow on the client for large messages (say around 200K) and can freeze the browser. It work fine for messages around 20K though, and most are less than this.
However, the WebSockets standard supports the equivalent of https (wss) and I was wondering if the TcpIpConnection class on the webSocket server can use the same certificates as the https connection uses. I know very little about this area - just enough to get things working - so it may be a silly question.
In Apache, I supply 3 files to get https working: XXX.ca-bundle, XXX.crt and XXX.key. XXX.ca-bundle contains the well-known root CA certificates, XXX.crt is the public certificate and XXX.key is the private key. I've looked at the JadeSSLContext and JadeX509Certificate classes but I can't see how these three files fit in with these classes.
Does anyone know if I can get encryption via these certificate files going with the TcpIpConnection class and, if so, how? Any pointers would be appreciated.
Thanks in advance,
Brendan