RMI over SSL
843793Nov 1 2005 — edited Nov 2 2005I have an RMI application that I'm trying to get running with RMI+SSL. I followed the example here: http://today.java.net/pub/a/today/2005/10/06/the-new-rmi.html, and I seem to be seeing the same behavior in my own application as in the example.
It definitely does an SSL handshake. If I fail to specify a client trust db, the handshake fails with an exception, and if I do specify the trust db, the app works fine. But, it doesn't look to me like the session is actually being encrypted when I look at a packet trace in Ethereal. Maybe this is just from a lack of understanding RMI, but I can see where it does the initial lookup of the service name because it's in plain text in one of the data packets. Later on, when doing RMI method calls, I noticed the text of one of the parameters (a String) also being passed as plain text.
What am I missing here?