NAME

srmiregistry - a non-jdk (secure?) rmiregistry

SYNOPSIS

srmiregistry itissl-options [<registry-name>]

DESCRIPTION

srmiregistry is an alternative implementation for rmiregistry. It is entirely java, and works well together with the ITISSL secure socket layer.

According to the documentation of Java 2, ( The Scoop on RMI and SSL), RMI with SSL means simply creating RMI objects wich use custom socket factories. The problem is slightly more complicated, since these objects have to register somewhere (at a rmiregistry, for instance). The 'standard' rmiregistry supplied by Sun is hardcoded does not get along very good with the ITISSL sockets. (I wonder if other Java-ssl implementations have the same problem..).

Let's suppose an object successfully registers to a rmiregistry. The registry starts to send control messages to the registered objects (which you are never aware of unless you start RMI logging) using the custom SSL of the server. To use these sockets the rmiregistry has to know something about a certificates..

srmiregistry overcomes these problems in that it uses the 'standard' ITISSL mechanism for finding certificates, namely the sfindcerts utility to locate CA certificates and (eventually) user certificates and private keys. To understand where to put your ca files, or how to set the appropriate environment variables so as for srmiregistry to find them, read the sfindcerts man.

Unlike the classical rmiregistry, srmiregistry is a simple RMI server exporting the Registry interface. It requires a normal rmiregistry on the localhost, to register itself to under the <registry-name> specified on the commandline. Users of the srmiregistry have first to obtain its remote reference from the rmiregistry, and then bind/rebind/ etc. srmiregistry uses an anonymous port. If <registry-name> is not specified, the basename of the command (here: srmiregistry) is used for registration at the local rmiregistry.

OPTIONS

<itissl-options>
See the ITISSL utility options.

ENVIRONMENT

All the environment variables of sfindcerts

SEE ALSO

The ITISSL RMI package



Copyright (C) 1999 Andrei Popovici

Verbatim copying and distribution of this documentation is permitted in any medium, provided this notice is preserved.