Secure SPML communications
By Scott Fehrman on Aug 25, 2008
Last week I got an email from a developer that is using Project OpenPTK. They want to use HTTPS/SSL to secure communications between the Sun Identity Manager and an OpenPTK-enabled application.
I was pretty sure this was "do-able" but I have not had a chance/need to configure OpenPTK using HTTPS/SSL. With that said, I did some research, contacted some co-workers, and set-up a little test lab. The process is relatively straight forward, I used two Glassfish domains (SPML-Server / SPML-Client) and self-signed certificates:
- Configure OpenPTK applications to use SSL/HTTPS
- Replace the default certificate on the SPML-Server (Sun Identity Manager)
- Add the certificate to the SPML-Client (OpenPTK-enabled Application)
The complete (detailed) process is documented in the Project OpenPTK Release 1.1 Installation Guide