![]() |
The Java Developers Almanac 1.4Order this book from Amazon. |
e500. Creating an SSL Server SocketAn SSL server socket requires certificates that it will send to clients for authentication. The certificates must be contained in a keystore whose location must be explicitly specified (there is no default). Following the example we describe how to create and specify a keystore for the SSL server socket to use.try { int port = 443; ServerSocketFactory ssocketFactory = SSLServerSocketFactory.getDefault(); ServerSocket ssocket = ssocketFactory.createServerSocket(port); // Listen for connections Socket socket = ssocket.accept(); // Create streams to securely send and receive data to the client InputStream in = socket.getInputStream(); OutputStream out = socket.getOutputStream(); // Read from in and write to out... // Close the socket in.close(); out.close(); } catch(IOException e) { }Specify the keystore of certificates using the javax.net.ssl.keyStore system property:
> java -Djavax.net.ssl.keyStore=mySrvKeystore -Djavax.net.ssl.keyStorePassword=123456 MyServerFor testing purposes, you can create a keystore with a self-signed certificate, using the keytool command:
> keytool -keystore mySrvKeystore -keypasswd 123456 -genkey -keyalg RSA -alias mycert
e501. Retrieving the Certification Path of an SSL Server e502. Disabling Certificate Validation in an HTTPS Connection © 2002 Addison-Wesley. |