I want to get SSL certificate for my webpage that chat with each other. I also using AES 265 hashing algorithm for dealing more secure with my webpage data and using sha512 for password hashing. But i don't know how to get SSL certificate in industrial level. I tried with many of giving free SSL websites but i still haven't got that. What is Server signature? and how i get that? thanks
This is really a server admin question, not a programming issue.
You can either do a self signed certificate, or get one from a certificate authority.
Self signed certificates are secure, BUT many times programming languages don't like them OR when you connect to something using them you need to tell the function that self-signed is OK.
That said, if you want a "real" certificate you may want to look at Let's Encrypt - https://en.wikipedia.org/wiki/Let%27s_Encrypt
You need to create your own keystore for setting up SSL enabled one. After you create your own Keystore it has to be signed by the Certificate Authority for example, Go Daddy or GlobalSign.
But for testing purpose, you need to create self-signed certificate using Keytool which comes with your JDK or JRE (C:\Program Files\Java\jdk1.8.0_60\bin\keystool.exe).
You can create self-signed certificate using below command:
keytool - genkey -dname "CN=SERVER_NAME, OU=ABC, O=company.com, L=Morrisville, S=NC, C=US" -alias myalias -keyalg RSA -validity 365 -keysize 2048 -keystore keystore.jks -storepass password -keypass password
Here, storepass and keypass should be same for avoiding some confusions.
Now, after creating your own keystore.jks, its time for server configuration. I am considering that you are using Apache tomcat or if you are using some other server, you can find server configurations very easily over other tutorials.
You need to edit two files: server.xml and setenv.sh/bat
1) Go to $CATALINA_HOME/conf --> Here you will find server.xml and now you have to edit the port information so that communication will go through SSL enabled port. You need to create one more connector other than default 8080 port like below:
<Connector
port="33380" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="500"
compressableMimeType="application/json,application/atom+xml,application/xml"
compression="on"
maxKeepAliveRequests="-1"
connectionTimeout="20000"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="conf/keystore/keystore.jks" keystorePass="password"
clientAuth="false" sslProtocol="TLS"/>
Here, specify the path of the generated keystore file for keystoreFile attribute and keystorepass equals to the password that you have chosen while creating the keystore file.
2) Go to $CATALINA_HOME/bin --> Here you will find setenv.sh/bat files.
Here, you need to specify the keystore password and path of the keystore file.
Add these server environment variables inside JAVA_OPTS
-Djavax.net.ssl.keyStore=../../../keystore/keystore.jks -Djavax.net.ssl.keyStorePassword=password
I hope this will give some direction to you for configuration purpose.