Java Secure Socket Extension (JSSE)
This section describes the Java Secure Socket Extension (JSSE) that allows you to write Java programs to communicate with HTTPS Web servers.
If you want to write your own Java program to communicate with an HTTPS Web server,
you should use the Java Secure Socket Extension (JSSE) to help you.
The Java Secure Socket Extension (JSSE) enables secure Internet communications.
It provides a framework and an implementation for a Java version of the SSL and
TLS protocols and includes functionality for data encryption, server authentication,
message integrity, and optional client authentication. Using JSSE, developers
can provide for the secure passage of data between a client and a server running
any application protocol, such as Hypertext Transfer Protocol (HTTP), Telnet, or FTP, over TCP/IP.
JSSE includes the following important features:
- Implemented in 100% Pure Java
- Can be exported to most countries
- Provides API support for SSL versions 2.0 and 3.0, and an implementation of SSL version 3.0
- Provides API support and an implementation for TLS version 1.0
- Includes classes that can be instantiated to create secure channels (SSLSocket, SSLServerSocket, and SSLEngine)
- Provides support for cipher suite negotiation, which is part of the SSL handshaking used to initiate or verify secure communications
- Provides support for client and server authentication, which is part of the normal SSL handshaking
- Provides support for Hypertext Transfer Protocol (HTTP) encapsulated in the SSL protocol (HTTPS), which allows access to data such as web pages using HTTPS
- Provides server session management APIs to manage memory-resident SSL sessions
- Provides support for several cryptographic algorithms commonly used in cipher suites,
including RSA, RC4, DES, Triple DES, AES, Diffie-Hellman, and DSA.
Last update: 2011.
Table of Contents
About This Book
Introduction of PKI (Public Key Infrastructure)
Introduction of HTTPS (Hypertext Transfer Protocol Secure)
Using HTTPS with Google Chrome
Using HTTPS with Mozilla Firefox
HTTPS with IE (Internet Explorer)
Perl Scripts Communicating with HTTPS Servers
PHP Scripts Communicating with HTTPS Servers
►Java Programs Communicating with HTTPS Servers
►Java Secure Socket Extension (JSSE)
Using openStream() Method in java.net.URL Class
javax.net.ssl.trustStore System Property
Default Trusted KeyStore File - cacerts
PKIX Path Building Failed - No CA Certificate
Using openConnection() Method in java.net.URL Class
Windows Certificate Stores and Console
.NET Programs Communicating with HTTPS Servers
CAcert.org - Root CA Offering Free Certificates
PKI CA Administration - Issuing Certificates
Comodo Free Personal Certificate
Digital Signature - Microsoft Word
Digital Signature - OpenOffice.org 3
S/MIME and Email Security
PKI (Public Key Infrastructure) Terminology
Full Version in PDF/EPUB