Json 安全性
http://www.admin10000.com/document/3694.html
http://pnig0s1992.blog.51cto.com/393390/733007/
http://blog.csdn.net/hengyunabc/article/details/26305203
http://www.kuqin.com/webpagedesign/20090331/43317.html
https
http://baike.baidu.com/link?url=pnvLmeBwI1TgexP_Pg8d6ZVVEuOy8s3g0Ig0D78WIOYS0IGhE2-lvml833D4oJSqM-g5Qtn3dU8gQOUo3O72La
http://wenku.baidu.com/link?url=Jq1FvkbFKuS7vZWAX3bm-XVksdUDJ_yoRGDoUr-TDdh2lOhCyOKCDdOQG5hmxOmwDY7tc8DFm9f2mlyyyc-pBs-0ZT1e15uHBmHBsNeYAzi
http://tldp.org/HOWTO/Apache-WebDAV-LDAP-HOWTO/ssl.html
http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x64.html
http://stackoverflow.com/questions/3968095/how-does-https-provide-security
http://blog.csdn.net/jun55xiu/article/details/8980812
加密算法
http://blog.csdn.net/wgw335363240/article/details/8878584
https://luxsci.com/blog/256-bit-aes-encryption-for-ssl-and-tls-maximal-security.html
http://www.bitscn.com/plus/view.php?aid=46670
http://www.tuicool.com/articles/FfUBbuZ
design api for your app
http://www.slideshare.net/mugunthkumar/designing-your-api-server-for-mobile-apps
双向认证
http://wenku.baidu.com/link?url=JvnHWxxFO27fVf5d0De_mMq6PxyheCs5NYwChA40VNR8iPIVMKlpjO2W4KiCJScK0NnCBG6rcMB1WWVhF4zDb4WX0F0465b3pKJF8QSz7CK
tomcat双向认证证书:*****
http://blog.csdn.net/xxd851116/article/details/18701731
搭建tomcat服务器
http://www.cnblogs.com/pannysp/archive/2012/03/07/2383364.html
Use this configuration, but the “keystore” must
http://www.srccodes.com/p/article/42/configure-ssl-https-support-apache-tomcat-7-server
https://wiki.jasig.org/display/CASUM/HOWTO+Setup+Dual+Authentication+in+CAS+-+SSL+Client+Auth+and+LDAP
two-way-ssl
What’s the difference between keystore and certificates
http://stackoverflow.com/questions/5724631/understanding-keystore-certificates-and-alias
java 证书配置
基于java的https双向认证****
http://my.oschina.net/jjface/blog/339144
双向验证
http://www.blogjava.net/stevenjohn/archive/2012/09/27/388647.html
English×××
http://linuxconfig.org/apache-web-server-ssl-authentication
java code:
http://juliusdavies.ca/commons-ssl/ssl.html
http://www.mkyong.com/java/java-https-client-httpsurlconnection-example/
android code.
http://chariotsolutions.com/blog/post/https-with-client-certificates-on/
http://www.cnblogs.com/montaque/archive/2005/05/17/157095.html
http://docs.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#SupportClasses
http://baike.baidu.com/link?url=NgYJ0ga-W3x9iW1Olp1rTSsBO5iDG-rPgFu07WtRyBESvU5WcvmRMQQxMRxQUn1vNWM9k6n7nM5kZ9tzv02Zfa
http://www.elecfans.com/baike/tongxingjishu/chungshuwang/20110710205779.html
Android 可以成功访问
Troubleshooting.
当Android 下ssl报上面的错误的时候。意味着本地无法信任server的证书,或是本地提供的servertrust 证书与服务器不一致。
http://docs.oracle.com/cd/E11035_01/wls100/security/SSL_client.html
good code ****
http://javasecurity.wikidot.com/example-item-1
生成2048位的keystore
keytool-genkey -alias myalias -keyalg RSA –keysize 2048 -keystore c:\yoursite.keystore
http://www.javamex.com/tutorials/cryptography/rsa_key_length.shtml