What Is SSL (Secure Socket Layer)?
This section provides a quick introduction of the SSL (Secure Socket Layer) protocol, which provides security protection on data being transferred over the Internet.
What is SSL (Secure Socket Layer)?
SSL is a communication protocol created by Netscape
in 1994 to ensure secure transactions between web servers and browsers.
A good description about SSL was given by Franck Martin
in "SSL Certificates HOWTO" at
- A browser requests a secure page (usually https://).
- The web server sends its public key with its certificate.
- The browser checks that the certificate was issued
by a trusted party (usually a trusted root certificate authority),
that the certificate is still valid and that the certificate
is related to the site contacted.
- The browser then uses the public key, to encrypt a random
symmetric encryption key and sends it to the server with the
encrypted URL required as well as other encrypted http data.
- The web server decrypts the symmetric encryption key using
its private key and uses the symmetric key to decrypt the URL
and http data.
- The web server sends back the requested html document and
http data encrypted with the symmetric key.
- The browser decrypts the http data and html document
using the symmetric key and displays the information.
The latest version of SSL is version 3.0 which was defined in 1996.
A new protocol called Transport Layer Security (TLS) has been developed
to replace SSL.
Last update: 2014.
Table of Contents
About This JDK Tutorial Book
JDK (Java Development Kit)
Java Date-Time API
Date, Time and Calendar Classes
Date and Time Object and String Conversion
Number Object and Numeric String Conversion
Locales, Localization Methods and Resource Bundles
Calling and Importing Classes Defined in Unnamed Packages
HashSet, Vector, HashMap and Collection Classes
Character Set Encoding Classes and Methods
Character Set Encoding Maps
Encoding Conversion Programs for Encoded Text Files
Socket Network Communication
Datagram Network Communication
DOM (Document Object Model) - API for XML Files
SAX (Simple API for XML)
DTD (Document Type Definition) - XML Validation
XSD (XML Schema Definition) - XML Validation
XSL (Extensible Stylesheet Language)
Message Digest Algorithm Implementations in JDK
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Digital Signature Algorithm and Sample Program
"keytool" Commands and "keystore" Files
KeyStore and Certificate Classes
Secret Key Generation and Management
Cipher - Encryption and Decryption
►The SSL (Secure Socket Layer) Protocol
►What Is SSL (Secure Socket Layer)?
SSL Specification Overview
JSSE - Java Implementation of SSL and TLS
SslSocketTest.java - Default SSL Socket Factory Test
SslContextTest.java - javax.net.ssl.SSLContext Class Test
Initializing SSLContext with PKCS12 File
SSL Socket Communication Testing Programs
SSL Client Authentication
HTTPS (Hypertext Transfer Protocol Secure)
Full Version in PDF/EPUB