SSL Client and Server Sockets

In this section, we’ll explore how SSL sockets are created and develop a simple server and client that can be used to exchange data over an SSL connection. As we proceed further in this chapter, we’ll modify these simple programs to take advantage of more advanced SSL features.

SSL Server Sockets

SSL server sockets are obtained through the SSLServerSocketFactory class (javax.net.ssl.SSLServerSocketFactory), which extends the Server-SocketFactory class. The SSLServerSocketFactory class overrides the getDefault( ) method to provide a class that produces SSL server sockets:

public static ServerSocketFactory getDefault( )

Return the default SSL server socket factory implementation. That factory can be used to obtain SSL server sockets. The default implementation is defined in the $JREHOME/lib/security/java.security file by the property ssl.ServerSocketFactory.provider. If this is not set (by default, it is not), a hardwired, internal implementation is used (the class com.sun.net.ssl.internal.ssl.SSLServerSocketFactoryImpl).

Note that the ssl.ServerSocketFactory.provider property is ignored in the exportable version of JSSE; you can use a different implementation of the socket factory only in the version of JSSE available in the U.S. and Canada. Even though the export restrictions for JSSE have been relaxed, they still do not permit users in most of the world to substitute their own SSL implementations.

The default socket factory will handle both SSL 3.0 ...

Get Java Security, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.