Greetings,
I would like to explain a bit about the various encryption methods available as of JIS 9.1
JIS Server to Mainframe encryption:
JIS supports SSL encryption between the server and Mainframe. SSL has to be configured on the Mainframe first, the setup process requires importing the Mainframe certificate into the JIS key-store. The process is explained in the release notes of JIS 9.0B (all release notes document are now included with the installation in the …\books\ReleaseNotes folder)
XHTML client to JIS server:
Standalone server:
Jetty, the internal JIS web server fully supports Https communication and strong cipher suites. The setup requires creating a key store for Jetty and importing an SSL certificate into it.
J2EE deployment:
Encryption relies on the encryption capabilities of the application server to which the JIS application is deployed.
Java client to JIS server:
Using ports communication, JIS enables the encryption of the communication using SSL. The implementation requires setting up and compiling a Java Socket Factory which requires code extensions on both the client and the server.
Using Http/s communication using the internal Jetty:
Jetty, the internal JIS web server fully supports Https communication and strong cipher suites. The setup requires creating a key store for Jetty and importing an SSL certificate into it.
Using Http/s communication using the JacadaProxyServlet deployed to a 3rd party Servlet engine:
Https encryption between browser and Servlet engine, relies on the encryption capabilities of the application server to which the JacadaProxyServlet is deployed. Encryption between the Servlet engine and the server requires setting up and compiling a Java Socket Factory which requires code extensions on both the Servlet and the server.