p. 392: In the third paragraph, jre/lib/ext/security/java.security should be jre/lib/security/java.security. That is, delete ext/ from the path.
p. 392: In the second to last paragraph, java.policy should be java.security.
p. 399: SSL_RSA_WITH_RC4_128_SHA uses 128-bit keys, not 40-bit keys.
p. 404:
In Example 12-2, I neglected to actually use the
algorithm
constant I defined. The code still works but it should be changed as follows:
First change
public final static String algorithm = "SSLv3";
to
public final static String algorithm = "SSL";
Then change
SSLContext context = SSLContext.getInstance("SSL");
to
SSLContext context = SSLContext.getInstance(algorithm);