SSL proxy?

Elias Sinderson elias@cse.ucsc.edu
Mon, 27 Jan 2003 15:44:14 -0800


Good day,

Or perhaps 'Frustrating day' would be more accurate?

Given that:
  (1) Our app server (WebLogic) will not be certified for use with JDK 
1.4 until the next release (hopefully available sometime early this 
summer if we're lucky?).
  (2) Our application requires JDK 1.4 functionality (preferences 
package, regular expressions, XML parsing, etc.) on both the client AND 
server side.
  (3) SSL handshake fails if either the client or server (or both) are 
using JDK 1.4 due to the changes between Java 1.1 and 1.2 related to the 
pluggable security model.
  (4) The app server can run under JDK 1.4 with no apparent negative 
consequences other than (3).

What options are available to provide SSL for client connections? As far 
as I can tell, using a SSL proxy (either in software or hardware) may be 
the only alternative. If anyone has an alternate solution, or can share 
their knowledge gained from similar experience, I would like to hear 
from you.  Further, if anyone is aware of other 'gotchas' that will come 
up due to our running WL 7.x with JDK 1.4, please share your 
experiences. And even further, can anyone recommend a SSL proxy that 
they'll swear by? This isn't rocket science, but the consequences of a 
wrong decision could be disasterous...


How I do love Mondays,
Elias