stackoom
  简体   繁体   中英

Implementing SSL in Java Based Web Applications

 原文  2015-09-22 09:49:52       mysql/ security/ ssl/ amazon-web-services/ amazon-ec2

Question

I have a java based web application developed in Amazon EC2. It is doing transactions of confidential information. I have a MySQL server installed all by my self in the same amazon instance. The web application access the database via localhost . In Security Groups , I have created a custom security where the port 8080 (the Tomcat ) can be accessed only via localhost .

Considering these, do I still need SSL to make sure the transactions are secured?

1 answers

solution1
 1  2015-09-22 17:56:38

It depends. Are you comfortable with plain text inside the datacenter? Don't bother with SSL.

Are you worried about that traffic being sniffed locally (tcpdump) or from a malicious source ( for instance, if data was being rerouted from the switch between EC2 instances )? Use SSL.

There's a trend of large companies making sure to encrypt local traffic.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Caching web applications in Java MySQL is not connecting over SSL in java REST applications Cloud based web service for Web Applications Implementing a quota system to limit requests in a web based app Is Hibernate safer for Web Applications? PHP Web applications Could not includ java library(.jar) in java based web service or Eclipse Two web applications with shared data DateTime (Timezones) in PHP Web Applications How to manage passwords in web applications?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM