- Published on
Java Security - Part 9: Java Secure Socket Extension (JSSE) for secure network communication
- Authors
- Name
- Gary Huynh
- @huynhthienthach
Yarrr, set sail, matey! We be headed for the Java Secure Socket Extension (JSSE)
, a land where we secure the communication between the vessels of our application!
Java Secure Socket Extension (JSSE)
enables secure communication between client
and server
in a network
. It's like having yer own private line in the sea of public networks! Even if the scurvy pirates of the internet intercept yer messages, all they'll get is jumbled jargon without the right decryption
key!
Let's see how to set up an SSLServerSocket
and SSLSocket
for secure communication:
import javax.net.ssl.*;
public class SslSocketCommunication {
public static void main(String[] args) throws Exception {
// Set the key store to use for validating SSL certificates
System.setProperty("javax.net.ssl.keyStore", "keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
SSLServerSocketFactory sslServerSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketFactory.createServerSocket(9999);
// Wait for a connection
SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
// Read data from the client
java.io.InputStream is = sslSocket.getInputStream();
java.io.InputStreamReader isr = new java.io.InputStreamReader(is);
java.io.BufferedReader br = new java.io.BufferedReader(isr);
String string = null;
while ((string = br.readLine()) != null) {
System.out.println(string);
System.out.flush();
}
sslSocket.close();
}
}
This be just the server side
of the story. You'd need a similar setup on the client side
, using an SSLSocket
to connect to the server. And remember to import the server's certificate
into your client's truststore
to create a secure communication channel
. Always keep your certificates safe, like a treasure chest!
To establish a secure connection with our SSL-enabled server, our client needs to use an SSLSocket
. Let's whip up some client-side
code:
import javax.net.ssl.*;
public class SslSocketClient {
public static void main(String[] args) throws Exception {
// Set the trust store to use for validating SSL certificates
System.setProperty("javax.net.ssl.trustStore", "truststore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
SSLSocketFactory sslSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) sslSocketFactory.createSocket("localhost", 9999);
// Send data to the server
java.io.OutputStream os = sslSocket.getOutputStream();
java.io.OutputStreamWriter osr = new java.io.OutputStreamWriter(os);
java.io.BufferedWriter bw = new java.io.BufferedWriter(osr);
bw.write("Ahoy, server! This be secure communication!");
bw.flush();
sslSocket.close();
}
}
Note: Before running the above code, you'll need to have a keystore.jks
file with the server's private key
and public certificate
. You can create this using the keytool
command that comes with the Java Development Kit (JDK)
.
Stay tuned for our next chapter, where we'll sail into the waters of SSL/TLS protocols and secure socket programming in Java
! Yarrr!