Geek Answers Handbook

How can I encrypt (using SSL) Akka Remoting messages?

I forked this simple akka server-client project: https://github.com/roclas/akka-irc which is an IRC-like chat, and I'm trying to encode messages.

In my main branch, if I started the server (start sbt, and then select option 2), and then the client (start sbt, and then select option 1), if I write something in the client, the message is sent correctly to the server.

If I run wirehark and listen to messages that meet these conditions: tcp.port == 1099 and tcp.len> 200

I can read messages in plain text.

How can I encode them using SSL? You can see what I'm trying to do by changing the src / main / resources / application.conf file in the development branch What do I need to change? What should the src / main / resources / application.conf file look like?

thank

+4
source share
2 answers

You must include SSL in your user .conffile with:

akka {
  actor {
    provider = "akka.remote.RemoteActorRefProvider"
  }
  remote {
    enabled-transports = ["akka.remote.netty.ssl"]
    netty.ssl{
      enable-ssl = true
      security {
        key-store = "path-to-your-keystore"
        key-store-password = "your-keystore's-password"
        key-password = "your-key's-password"
        trust-store = "path-to-your-truststore"
        trust-store-password = "your-trust-store's-password"
        protocol = "TLSv1"
        random-number-generator = "AES128CounterSecureRNG"
        enabled-algorithms = ["TLS_RSA_WITH_AES_128_CBC_SHA"]
      }
    }
  }
}

And don't forget to change your actor’s path prefix:

akka.ssl.tcp://YourActorSystemName@ip:port:/...
+8
source

In addition to what J. Santos said, I forgot to create these two files:

trust-store = "path-to-your-truststore"
trust-store-password = "your-trust-store's-password"

which I changed to:

key-store = "src/main/resources/keystore"
trust-store = "src/main/resources/truststore"

in my ./src/main/resources/common.conf

as Jans Santos reminded me of watching my project.

Many thanks!

+1
source

More articles:


All Articles