In this section, we’ll explore how SSL sockets are created and develop a simple server and client that can be used to exchange data over an SSL connection. As we proceed further in this chapter, we’ll modify these simple programs to take advantage of more advanced SSL features.
SSL server sockets are obtained through the
Server-SocketFactory class. The
SSLServerSocketFactory class overrides the
getDefault( ) method to provide a class that
produces SSL server sockets:
Return the default SSL server
socket factory implementation. That
factory can be used to obtain SSL server sockets. The default
implementation is defined in the
$JREHOME/lib/security/java.security file by the
this is not set (by default, it is not), a hardwired, internal
implementation is used (the class
Note that the
property is ignored in the exportable version of
JSSE; you can use a different
implementation of the socket factory only in the version of JSSE
available in the U.S. and Canada. Even though the export restrictions
for JSSE have been relaxed, they still do not permit users in most of
the world to substitute their own SSL implementations.
The default socket factory will handle both SSL 3.0 ...